Example 46 with StringUtils.isBlank
use of org.apache.commons.lang3.StringUtils.isBlank in project kylo by Teradata.
the class DefaultTemplateExporter method export.
private ExportTemplate export(String templateId) {
RegisteredTemplate template = registeredTemplateService.findRegisteredTemplate(new RegisteredTemplateRequest.Builder().templateId(templateId).nifiTemplateId(templateId).includeSensitiveProperties(true).build());
if (template != null) {
List<String> connectingReusableTemplates = new ArrayList<>();
Set<String> connectedTemplateIds = new HashSet<>();
Set<ReusableTemplateConnectionInfo> outputPortConnectionMetadata = new HashSet<>();
Set<RemoteProcessGroupInputPort> templateRemoteInputPorts = new HashSet<>();
if (template.usesReusableTemplate()) {
ProcessGroupFlowDTO reusableTemplateFlow = templateConnectionUtil.getReusableTemplateCategoryProcessGroupFlow();
List<ReusableTemplateConnectionInfo> reusableTemplateConnectionInfos = template.getReusableTemplateConnections();
Map<String, PortDTOWithGroupInfo> reusableTemplatePorts = templateConnectionUtil.getReusableFeedInputPorts(reusableTemplateFlow).stream().collect(Collectors.toMap(port -> port.getName(), port -> port));
reusableTemplateConnectionInfos.stream().filter(connectionInfo -> StringUtils.isBlank(connectionInfo.getReusableTemplateProcessGroupName())).forEach(connectionInfo -> {
PortDTOWithGroupInfo port = reusableTemplatePorts.get(connectionInfo.getReusableTemplateInputPortName());
if (port != null) {
connectionInfo.setReusableTemplateProcessGroupName(port.getDestinationProcessGroupName());
}
});
// Get flow information for the 'reusable_templates' process group in NiFi
if (reusableTemplateFlow != null) {
gatherConnectedReusableTemplates(connectingReusableTemplates, connectedTemplateIds, outputPortConnectionMetadata, reusableTemplateConnectionInfos, reusableTemplateFlow);
}
// Only gather remote input ports on the reusable templates if we are clustered
NiFiClusterSummary clusterSummary = nifiRestClient.getNiFiRestClient().clusterSummary();
if (clusterSummary.getClustered()) {
// for all the reusable templates used gather any that have remote input ports
reusableTemplateConnectionInfos.stream().forEach(connectionInfo -> {
Set<RemoteProcessGroupInputPort> remoteProcessGroupInputPorts = findReusableTemplateRemoteInputPorts(reusableTemplateFlow, connectionInfo.getReusableTemplateProcessGroupName());
templateRemoteInputPorts.addAll(remoteProcessGroupInputPorts);
});
}
}
String templateXml = null;
try {
if (template != null) {
try {
templateXml = nifiRestClient.getTemplateXml(template.getNifiTemplateId());
} catch (NifiClientRuntimeException e) {
TemplateDTO templateDTO = nifiRestClient.getTemplateByName(template.getTemplateName());
if (templateDTO != null) {
templateXml = nifiRestClient.getTemplateXml(templateDTO.getId());
}
}
}
} catch (Exception e) {
throw new UnsupportedOperationException("Unable to find Nifi Template for " + templateId);
}
// create a zip file with the template and xml
byte[] zipFile = zip(template, templateXml, connectingReusableTemplates, outputPortConnectionMetadata, templateRemoteInputPorts);
return new ExportTemplate(SystemNamingService.generateSystemName(template.getTemplateName()) + ".template.zip", zipFile);
} else {
throw new UnsupportedOperationException("Unable to find Template for " + templateId);
}
}
Also used :
ZipOutputStream(java.util.zip.ZipOutputStream)
RegisteredTemplateService(com.thinkbiganalytics.feedmgr.service.template.RegisteredTemplateService)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PortDTOWithGroupInfo(com.thinkbiganalytics.feedmgr.rest.model.PortDTOWithGroupInfo)
ReusableTemplateConnectionInfo(com.thinkbiganalytics.feedmgr.rest.model.ReusableTemplateConnectionInfo)
ConnectionDTO(org.apache.nifi.web.api.dto.ConnectionDTO)
HashMap(java.util.HashMap)
StringUtils(org.apache.commons.lang3.StringUtils)
RegisteredTemplateRequest(com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplateRequest)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Inject(javax.inject.Inject)
ObjectMapperSerializer(com.thinkbiganalytics.json.ObjectMapperSerializer)
NifiClientRuntimeException(com.thinkbiganalytics.nifi.rest.client.NifiClientRuntimeException)
ProcessGroupDTO(org.apache.nifi.web.api.dto.ProcessGroupDTO)
TemplateDTO(org.apache.nifi.web.api.dto.TemplateDTO)
TemplateAccessControl(com.thinkbiganalytics.metadata.api.template.security.TemplateAccessControl)
Map(java.util.Map)
AccessController(com.thinkbiganalytics.security.AccessController)
ProcessGroupFlowDTO(org.apache.nifi.web.api.dto.flow.ProcessGroupFlowDTO)
FeedServicesAccessControl(com.thinkbiganalytics.feedmgr.security.FeedServicesAccessControl)
RegisteredTemplate(com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplate)
ZipEntry(java.util.zip.ZipEntry)
NifiConstants(com.thinkbiganalytics.nifi.rest.support.NifiConstants)
RemoteProcessGroupInputPort(com.thinkbiganalytics.feedmgr.rest.model.RemoteProcessGroupInputPort)
NiFiClusterSummary(com.thinkbiganalytics.nifi.rest.model.NiFiClusterSummary)
ImportTemplate(com.thinkbiganalytics.feedmgr.service.template.importing.model.ImportTemplate)
TemplateExporter(com.thinkbiganalytics.metadata.api.template.export.TemplateExporter)
Set(java.util.Set)
IOException(java.io.IOException)
SystemNamingService(com.thinkbiganalytics.feedmgr.rest.support.SystemNamingService)
Collectors(java.util.stream.Collectors)
ExportTemplate(com.thinkbiganalytics.metadata.api.template.export.ExportTemplate)
List(java.util.List)
Optional(java.util.Optional)
TemplateConnectionUtil(com.thinkbiganalytics.feedmgr.nifi.TemplateConnectionUtil)
TemplateRemoteInputPortConnections(com.thinkbiganalytics.feedmgr.rest.model.TemplateRemoteInputPortConnections)
Collections(java.util.Collections)
LegacyNifiRestClient(com.thinkbiganalytics.nifi.rest.client.LegacyNifiRestClient)
NiFiClusterSummary(com.thinkbiganalytics.nifi.rest.model.NiFiClusterSummary)
ProcessGroupFlowDTO(org.apache.nifi.web.api.dto.flow.ProcessGroupFlowDTO)
TemplateDTO(org.apache.nifi.web.api.dto.TemplateDTO)
ArrayList(java.util.ArrayList)
NifiClientRuntimeException(com.thinkbiganalytics.nifi.rest.client.NifiClientRuntimeException)
NifiClientRuntimeException(com.thinkbiganalytics.nifi.rest.client.NifiClientRuntimeException)
IOException(java.io.IOException)
ExportTemplate(com.thinkbiganalytics.metadata.api.template.export.ExportTemplate)
RemoteProcessGroupInputPort(com.thinkbiganalytics.feedmgr.rest.model.RemoteProcessGroupInputPort)
RegisteredTemplate(com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplate)
RegisteredTemplateRequest(com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplateRequest)
ReusableTemplateConnectionInfo(com.thinkbiganalytics.feedmgr.rest.model.ReusableTemplateConnectionInfo)
PortDTOWithGroupInfo(com.thinkbiganalytics.feedmgr.rest.model.PortDTOWithGroupInfo)
HashSet(java.util.HashSet)
Example 47 with StringUtils.isBlank
use of org.apache.commons.lang3.StringUtils.isBlank in project kylo by Teradata.
the class ImportUtil method applyImportPropertiesToFeed.
public static boolean applyImportPropertiesToFeed(FeedMetadata metadata, ImportFeed importFeed, ImportComponent component) {
ImportComponentOption option = importFeed.getImportOptions().findImportComponentOption(component);
if (!option.getProperties().isEmpty() && option.getProperties().stream().anyMatch(importProperty -> StringUtils.isBlank(importProperty.getPropertyValue()))) {
importFeed.setSuccess(false);
if (importFeed.getTemplate() == null) {
ImportTemplate importTemplate = new ImportTemplate(importFeed.getFileName());
importFeed.setTemplate(importTemplate);
}
String feedCategory = importFeed.getImportOptions().getCategorySystemName() != null ? importFeed.getImportOptions().getCategorySystemName() : metadata.getSystemCategoryName();
String msg = "The feed " + FeedNameUtil.fullName(feedCategory, metadata.getSystemFeedName()) + " needs additional properties to be supplied before importing.";
importFeed.addErrorMessage(metadata, msg);
option.getErrorMessages().add(msg);
return false;
} else {
metadata.getSensitiveProperties().forEach(nifiProperty -> {
ImportProperty userSuppliedValue = importFeed.getImportOptions().getProperties(ImportComponent.FEED_DATA).stream().filter(importFeedProperty -> {
return nifiProperty.getProcessorId().equalsIgnoreCase(importFeedProperty.getProcessorId()) && nifiProperty.getKey().equalsIgnoreCase(importFeedProperty.getPropertyKey());
}).findFirst().orElse(null);
// deal with nulls?
if (userSuppliedValue != null) {
nifiProperty.setValue(userSuppliedValue.getPropertyValue());
}
});
return true;
}
}
Also used :
FeedDataTransformation(com.thinkbiganalytics.feedmgr.rest.model.FeedDataTransformation)
ZipInputStream(java.util.zip.ZipInputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
NifiError(com.thinkbiganalytics.nifi.rest.model.NifiError)
ReusableTemplateConnectionInfo(com.thinkbiganalytics.feedmgr.rest.model.ReusableTemplateConnectionInfo)
FeedMetadata(com.thinkbiganalytics.feedmgr.rest.model.FeedMetadata)
StringUtils(org.apache.commons.lang3.StringUtils)
ImportOptions(com.thinkbiganalytics.feedmgr.rest.model.ImportOptions)
HashSet(java.util.HashSet)
ObjectMapperSerializer(com.thinkbiganalytics.json.ObjectMapperSerializer)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ImportProperty(com.thinkbiganalytics.feedmgr.rest.model.ImportProperty)
Map(java.util.Map)
TypeReference(com.fasterxml.jackson.core.type.TypeReference)
ImportType(com.thinkbiganalytics.feedmgr.rest.ImportType)
RegisteredTemplate(com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplate)
ZipEntry(java.util.zip.ZipEntry)
Nonnull(javax.annotation.Nonnull)
RemoteProcessGroupInputPort(com.thinkbiganalytics.feedmgr.rest.model.RemoteProcessGroupInputPort)
ImportTemplate(com.thinkbiganalytics.feedmgr.service.template.importing.model.ImportTemplate)
NifiProperty(com.thinkbiganalytics.nifi.rest.model.NifiProperty)
FeedNameUtil(com.thinkbiganalytics.support.FeedNameUtil)
StringWriter(java.io.StringWriter)
Set(java.util.Set)
IOException(java.io.IOException)
Collectors(java.util.stream.Collectors)
ZipFileUtil(com.thinkbiganalytics.feedmgr.support.ZipFileUtil)
IOUtils(org.apache.commons.io.IOUtils)
List(java.util.List)
ImportFeed(com.thinkbiganalytics.feedmgr.service.feed.importing.model.ImportFeed)
Optional(java.util.Optional)
ImportComponent(com.thinkbiganalytics.feedmgr.rest.ImportComponent)
ImportComponentOption(com.thinkbiganalytics.feedmgr.rest.model.ImportComponentOption)
NifiProcessGroup(com.thinkbiganalytics.nifi.rest.model.NifiProcessGroup)
InputStream(java.io.InputStream)
ImportProperty(com.thinkbiganalytics.feedmgr.rest.model.ImportProperty)
ImportComponentOption(com.thinkbiganalytics.feedmgr.rest.model.ImportComponentOption)
ImportTemplate(com.thinkbiganalytics.feedmgr.service.template.importing.model.ImportTemplate)
Example 48 with StringUtils.isBlank
use of org.apache.commons.lang3.StringUtils.isBlank in project nifi by apache.
the class NiFiPropertiesLoader method extractKeyFromBootstrapFile.
/**
* Returns the key (if any) used to encrypt sensitive properties, extracted from {@code $NIFI_HOME/conf/bootstrap.conf}.
*
* @param bootstrapPath the path to the bootstrap file
* @return the key in hexadecimal format
* @throws IOException if the file is not readable
*/
public static String extractKeyFromBootstrapFile(String bootstrapPath) throws IOException {
File expectedBootstrapFile;
if (StringUtils.isBlank(bootstrapPath)) {
// Guess at location of bootstrap.conf file from nifi.properties file
String defaultNiFiPropertiesPath = getDefaultFilePath();
File propertiesFile = new File(defaultNiFiPropertiesPath);
File confDir = new File(propertiesFile.getParent());
if (confDir.exists() && confDir.canRead()) {
expectedBootstrapFile = new File(confDir, "bootstrap.conf");
} else {
logger.error("Cannot read from bootstrap.conf file at {} to extract encryption key -- conf/ directory is missing or permissions are incorrect", confDir.getAbsolutePath());
throw new IOException("Cannot read from bootstrap.conf");
}
} else {
expectedBootstrapFile = new File(bootstrapPath);
}
if (expectedBootstrapFile.exists() && expectedBootstrapFile.canRead()) {
try (Stream<String> stream = Files.lines(Paths.get(expectedBootstrapFile.getAbsolutePath()))) {
Optional<String> keyLine = stream.filter(l -> l.startsWith(BOOTSTRAP_KEY_PREFIX)).findFirst();
if (keyLine.isPresent()) {
return keyLine.get().split("=", 2)[1];
} else {
logger.warn("No encryption key present in the bootstrap.conf file at {}", expectedBootstrapFile.getAbsolutePath());
return "";
}
} catch (IOException e) {
logger.error("Cannot read from bootstrap.conf file at {} to extract encryption key", expectedBootstrapFile.getAbsolutePath());
throw new IOException("Cannot read from bootstrap.conf", e);
}
} else {
logger.error("Cannot read from bootstrap.conf file at {} to extract encryption key -- file is missing or permissions are incorrect", expectedBootstrapFile.getAbsolutePath());
throw new IOException("Cannot read from bootstrap.conf");
}
}
Also used :
BufferedInputStream(java.io.BufferedInputStream)
Properties(java.util.Properties)
Logger(org.slf4j.Logger)
Files(java.nio.file.Files)
LoggerFactory(org.slf4j.LoggerFactory)
Security(java.security.Security)
IOException(java.io.IOException)
FileInputStream(java.io.FileInputStream)
Cipher(javax.crypto.Cipher)
StringUtils(org.apache.commons.lang3.StringUtils)
File(java.io.File)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Stream(java.util.stream.Stream)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
Paths(java.nio.file.Paths)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Optional(java.util.Optional)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
File(java.io.File)
Example 49 with StringUtils.isBlank
use of org.apache.commons.lang3.StringUtils.isBlank in project nifi by apache.
the class LogAttribute method getAttributesToLog.
private Set<String> getAttributesToLog(final Set<String> flowFileAttrKeys, final ProcessContext context) {
// collect properties
final String attrsToLogValue = context.getProperty(ATTRIBUTES_TO_LOG_CSV).getValue();
final String attrsToRemoveValue = context.getProperty(ATTRIBUTES_TO_IGNORE_CSV).getValue();
final Set<String> attrsToLog = StringUtils.isBlank(attrsToLogValue) ? Sets.newHashSet(flowFileAttrKeys) : Sets.newHashSet(attrsToLogValue.split("\\s*,\\s*"));
final Set<String> attrsToRemove = StringUtils.isBlank(attrsToRemoveValue) ? Sets.newHashSet() : Sets.newHashSet(attrsToRemoveValue.split("\\s*,\\s*"));
final Pattern attrsToLogRegex = Pattern.compile(context.getProperty(ATTRIBUTES_TO_LOG_REGEX).getValue());
final String attrsToRemoveRegexValue = context.getProperty(ATTRIBUTES_TO_IGNORE_REGEX).getValue();
final Pattern attrsToRemoveRegex = attrsToRemoveRegexValue == null ? null : Pattern.compile(context.getProperty(ATTRIBUTES_TO_IGNORE_REGEX).getValue());
return flowFileAttrKeys.stream().filter(candidate -> {
// if this property was configured to be logged, or if the regular expression of properties to log matches
if ((attrsToLog.isEmpty() || attrsToLog.contains(candidate)) && attrsToLogRegex.matcher(candidate).matches()) {
// log properties we've _not_ configured either explicitly or by regular expression to be ignored.
if ((attrsToRemove.isEmpty() || !attrsToRemove.contains(candidate)) && (attrsToRemoveRegex == null || !attrsToRemoveRegex.matcher(candidate).matches())) {
return true;
}
}
return false;
}).collect(Collectors.toCollection(TreeSet::new));
}
Also used :
StandardValidators(org.apache.nifi.processor.util.StandardValidators)
Date(java.util.Date)
EventDriven(org.apache.nifi.annotation.behavior.EventDriven)
ComponentLog(org.apache.nifi.logging.ComponentLog)
StringUtils(org.apache.commons.lang3.StringUtils)
SideEffectFree(org.apache.nifi.annotation.behavior.SideEffectFree)
TreeSet(java.util.TreeSet)
PropertyDescriptor(org.apache.nifi.components.PropertyDescriptor)
ProcessException(org.apache.nifi.processor.exception.ProcessException)
StringUtil(org.eclipse.jetty.util.StringUtil)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Charset(java.nio.charset.Charset)
Relationship(org.apache.nifi.processor.Relationship)
Requirement(org.apache.nifi.annotation.behavior.InputRequirement.Requirement)
InputStreamCallback(org.apache.nifi.processor.io.InputStreamCallback)
FlowFile(org.apache.nifi.flowfile.FlowFile)
ProcessContext(org.apache.nifi.processor.ProcessContext)
Set(java.util.Set)
IOException(java.io.IOException)
ProcessSession(org.apache.nifi.processor.ProcessSession)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IOUtils(org.apache.commons.io.IOUtils)
List(java.util.List)
InputRequirement(org.apache.nifi.annotation.behavior.InputRequirement)
SupportsBatching(org.apache.nifi.annotation.behavior.SupportsBatching)
AbstractProcessor(org.apache.nifi.processor.AbstractProcessor)
Pattern(java.util.regex.Pattern)
Tags(org.apache.nifi.annotation.documentation.Tags)
Collections(java.util.Collections)
ProcessorInitializationContext(org.apache.nifi.processor.ProcessorInitializationContext)
InputStream(java.io.InputStream)
Pattern(java.util.regex.Pattern)
Example 50 with StringUtils.isBlank
use of org.apache.commons.lang3.StringUtils.isBlank in project nifi by apache.
the class LdapUserGroupProvider method load.
/**
* Reloads the tenants.
*/
private void load(final ContextSource contextSource) {
// create the ldapTemplate based on the context source. use a single source context to use the same connection
// to support paging when configured
final SingleContextSource singleContextSource = new SingleContextSource(contextSource.getReadOnlyContext());
final LdapTemplate ldapTemplate = new LdapTemplate(singleContextSource);
try {
final List<User> userList = new ArrayList<>();
final List<Group> groupList = new ArrayList<>();
// group dn -> user identifiers lookup
final Map<String, Set<String>> groupToUserIdentifierMappings = new HashMap<>();
// user dn -> user lookup
final Map<String, User> userLookup = new HashMap<>();
if (performUserSearch) {
// search controls
final SearchControls userControls = new SearchControls();
userControls.setSearchScope(userSearchScope.ordinal());
// consider paging support for users
final DirContextProcessor userProcessor;
if (pageSize == null) {
userProcessor = new NullDirContextProcessor();
} else {
userProcessor = new PagedResultsDirContextProcessor(pageSize);
}
// looking for objects matching the user object class
final AndFilter userFilter = new AndFilter();
userFilter.and(new EqualsFilter("objectClass", userObjectClass));
// if a filter has been provided by the user, we add it to the filter
if (StringUtils.isNotBlank(userSearchFilter)) {
userFilter.and(new HardcodedFilter(userSearchFilter));
}
do {
userList.addAll(ldapTemplate.search(userSearchBase, userFilter.encode(), userControls, new AbstractContextMapper<User>() {
@Override
protected User doMapFromContext(DirContextOperations ctx) {
// get the user identity
final String identity = getUserIdentity(ctx);
// build the user
final User user = new User.Builder().identifierGenerateFromSeed(identity).identity(identity).build();
// store the user for group member later
userLookup.put(getReferencedUserValue(ctx), user);
if (StringUtils.isNotBlank(userGroupNameAttribute)) {
final Attribute attributeGroups = ctx.getAttributes().get(userGroupNameAttribute);
if (attributeGroups == null) {
logger.warn("User group name attribute [" + userGroupNameAttribute + "] does not exist. Ignoring group membership.");
} else {
try {
final NamingEnumeration<String> groupValues = (NamingEnumeration<String>) attributeGroups.getAll();
while (groupValues.hasMoreElements()) {
// store the group -> user identifier mapping
groupToUserIdentifierMappings.computeIfAbsent(groupValues.next(), g -> new HashSet<>()).add(user.getIdentifier());
}
} catch (NamingException e) {
throw new AuthorizationAccessException("Error while retrieving user group name attribute [" + userIdentityAttribute + "].");
}
}
}
return user;
}
}, userProcessor));
} while (hasMorePages(userProcessor));
}
if (performGroupSearch) {
final SearchControls groupControls = new SearchControls();
groupControls.setSearchScope(groupSearchScope.ordinal());
// consider paging support for groups
final DirContextProcessor groupProcessor;
if (pageSize == null) {
groupProcessor = new NullDirContextProcessor();
} else {
groupProcessor = new PagedResultsDirContextProcessor(pageSize);
}
// looking for objects matching the group object class
AndFilter groupFilter = new AndFilter();
groupFilter.and(new EqualsFilter("objectClass", groupObjectClass));
// if a filter has been provided by the user, we add it to the filter
if (StringUtils.isNotBlank(groupSearchFilter)) {
groupFilter.and(new HardcodedFilter(groupSearchFilter));
}
do {
groupList.addAll(ldapTemplate.search(groupSearchBase, groupFilter.encode(), groupControls, new AbstractContextMapper<Group>() {
@Override
protected Group doMapFromContext(DirContextOperations ctx) {
final String dn = ctx.getDn().toString();
// get the group identity
final String name = getGroupName(ctx);
// get the value of this group that may associate it to users
final String referencedGroupValue = getReferencedGroupValue(ctx);
if (!StringUtils.isBlank(groupMemberAttribute)) {
Attribute attributeUsers = ctx.getAttributes().get(groupMemberAttribute);
if (attributeUsers == null) {
logger.warn("Group member attribute [" + groupMemberAttribute + "] does not exist. Ignoring group membership.");
} else {
try {
final NamingEnumeration<String> userValues = (NamingEnumeration<String>) attributeUsers.getAll();
while (userValues.hasMoreElements()) {
final String userValue = userValues.next();
if (performUserSearch) {
// find the user by it's referenced attribute and add the identifier to this group
final User user = userLookup.get(userValue);
// ensure the user is known
if (user != null) {
groupToUserIdentifierMappings.computeIfAbsent(referencedGroupValue, g -> new HashSet<>()).add(user.getIdentifier());
} else {
logger.warn(String.format("%s contains member %s but that user was not found while searching users. Ignoring group membership.", name, userValue));
}
} else {
// since performUserSearch is false, then the referenced group attribute must be blank... the user value must be the dn
final String userDn = userValue;
final String userIdentity;
if (useDnForUserIdentity) {
// use the user value to avoid the unnecessary look up
userIdentity = userDn;
} else {
// lookup the user to extract the user identity
userIdentity = getUserIdentity((DirContextAdapter) ldapTemplate.lookup(userDn));
}
// build the user
final User user = new User.Builder().identifierGenerateFromSeed(userIdentity).identity(userIdentity).build();
// add this user
userList.add(user);
groupToUserIdentifierMappings.computeIfAbsent(referencedGroupValue, g -> new HashSet<>()).add(user.getIdentifier());
}
}
} catch (NamingException e) {
throw new AuthorizationAccessException("Error while retrieving group name attribute [" + groupNameAttribute + "].");
}
}
}
// build this group
final Group.Builder groupBuilder = new Group.Builder().identifierGenerateFromSeed(name).name(name);
// add all users that were associated with this referenced group attribute
if (groupToUserIdentifierMappings.containsKey(referencedGroupValue)) {
groupToUserIdentifierMappings.remove(referencedGroupValue).forEach(userIdentifier -> groupBuilder.addUser(userIdentifier));
}
return groupBuilder.build();
}
}, groupProcessor));
} while (hasMorePages(groupProcessor));
// any remaining groupDn's were referenced by a user but not found while searching groups
groupToUserIdentifierMappings.forEach((referencedGroupValue, userIdentifiers) -> {
logger.warn(String.format("[%s] are members of %s but that group was not found while searching users. Ignoring group membership.", StringUtils.join(userIdentifiers, ", "), referencedGroupValue));
});
} else {
// since performGroupSearch is false, then the referenced user attribute must be blank... the group value must be the dn
// groups are not being searched so lookup any groups identified while searching users
groupToUserIdentifierMappings.forEach((groupDn, userIdentifiers) -> {
final String groupName;
if (useDnForGroupName) {
// use the dn to avoid the unnecessary look up
groupName = groupDn;
} else {
groupName = getGroupName((DirContextAdapter) ldapTemplate.lookup(groupDn));
}
// define the group
final Group.Builder groupBuilder = new Group.Builder().identifierGenerateFromSeed(groupName).name(groupName);
// add each user
userIdentifiers.forEach(userIdentifier -> groupBuilder.addUser(userIdentifier));
// build the group
groupList.add(groupBuilder.build());
});
}
// record the updated tenants
tenants.set(new TenantHolder(new HashSet<>(userList), new HashSet<>(groupList)));
} finally {
singleContextSource.destroy();
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
AbstractContextMapper(org.springframework.ldap.core.support.AbstractContextMapper)
AndFilter(org.springframework.ldap.filter.AndFilter)
LoggerFactory(org.slf4j.LoggerFactory)
LdapTemplate(org.springframework.ldap.core.LdapTemplate)
NamingException(javax.naming.NamingException)
KeyStoreException(java.security.KeyStoreException)
StringUtils(org.apache.commons.lang3.StringUtils)
PropertyValue(org.apache.nifi.components.PropertyValue)
UserGroupProvider(org.apache.nifi.authorization.UserGroupProvider)
Attribute(javax.naming.directory.Attribute)
Map(java.util.Map)
AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException)
DirContextAdapter(org.springframework.ldap.core.DirContextAdapter)
ThreadFactory(java.util.concurrent.ThreadFactory)
LdapContextSource(org.springframework.ldap.core.support.LdapContextSource)
Set(java.util.Set)
AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)
KeyManagementException(java.security.KeyManagementException)
HardcodedFilter(org.springframework.ldap.filter.HardcodedFilter)
Executors(java.util.concurrent.Executors)
User(org.apache.nifi.authorization.User)
UserAndGroups(org.apache.nifi.authorization.UserAndGroups)
List(java.util.List)
ClientAuth(org.apache.nifi.security.util.SslContextFactory.ClientAuth)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NamingEnumeration(javax.naming.NamingEnumeration)
SingleContextSource(org.springframework.ldap.core.support.SingleContextSource)
UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
LdapsSocketFactory(org.apache.nifi.ldap.LdapsSocketFactory)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
DirContextProcessor(org.springframework.ldap.core.DirContextProcessor)
HashMap(java.util.HashMap)
Group(org.apache.nifi.authorization.Group)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
SearchControls(javax.naming.directory.SearchControls)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
SimpleDirContextAuthenticationStrategy(org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy)
AuthorizerContext(org.apache.nifi.authorization.annotation.AuthorizerContext)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService)
AbstractTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy)
DefaultTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)
Context(javax.naming.Context)
IdentityMapping(org.apache.nifi.authorization.util.IdentityMapping)
ProviderDestructionException(org.apache.nifi.authentication.exception.ProviderDestructionException)
IdentityMappingUtil(org.apache.nifi.authorization.util.IdentityMappingUtil)
Logger(org.slf4j.Logger)
ContextSource(org.springframework.ldap.core.ContextSource)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
TimeUnit(java.util.concurrent.TimeUnit)
EqualsFilter(org.springframework.ldap.filter.EqualsFilter)
ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy)
FormatUtils(org.apache.nifi.util.FormatUtils)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
SslContextFactory(org.apache.nifi.security.util.SslContextFactory)
AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException)
LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy)
Collections(java.util.Collections)
Group(org.apache.nifi.authorization.Group)
User(org.apache.nifi.authorization.User)
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
Attribute(javax.naming.directory.Attribute)
ArrayList(java.util.ArrayList)
NamingEnumeration(javax.naming.NamingEnumeration)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
DirContextProcessor(org.springframework.ldap.core.DirContextProcessor)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
LdapTemplate(org.springframework.ldap.core.LdapTemplate)
AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException)
DirContextAdapter(org.springframework.ldap.core.DirContextAdapter)
SearchControls(javax.naming.directory.SearchControls)
NamingException(javax.naming.NamingException)
EqualsFilter(org.springframework.ldap.filter.EqualsFilter)
HashSet(java.util.HashSet)
SingleContextSource(org.springframework.ldap.core.support.SingleContextSource)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
HardcodedFilter(org.springframework.ldap.filter.HardcodedFilter)
AndFilter(org.springframework.ldap.filter.AndFilter)
AbstractContextMapper(org.springframework.ldap.core.support.AbstractContextMapper)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
Aggregations
StringUtils (org.apache.commons.lang3.StringUtils)54
List (java.util.List)33
Collectors (java.util.stream.Collectors)29
Map (java.util.Map)28
Set (java.util.Set)27
ArrayList (java.util.ArrayList)23
Optional (java.util.Optional)22
Collections (java.util.Collections)19
Logger (org.slf4j.Logger)19
LoggerFactory (org.slf4j.LoggerFactory)19
IOException (java.io.IOException)18
HashSet (java.util.HashSet)18
Collection (java.util.Collection)16
HashMap (java.util.HashMap)16
StopWatch (org.apache.commons.lang3.time.StopWatch)13
Autowired (org.springframework.beans.factory.annotation.Autowired)11
Slf4j (lombok.extern.slf4j.Slf4j)10
InputStream (java.io.InputStream)9
Inject (javax.inject.Inject)8
RegisteredTemplate (com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplate)7
