Search in sources :

Example 6 with AdministrationException

use of org.apache.nifi.admin.service.AdministrationException in project nifi by apache.

the class StandardKeyService method deleteKey.

@Override
public void deleteKey(String identity) {
    Transaction transaction = null;
    writeLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // delete the keys
        DeleteKeysAction deleteKeys = new DeleteKeysAction(identity);
        transaction.execute(deleteKeys);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        writeLock.unlock();
    }
}
Also used : TransactionException(org.apache.nifi.admin.service.transaction.TransactionException) Transaction(org.apache.nifi.admin.service.transaction.Transaction) DeleteKeysAction(org.apache.nifi.admin.service.action.DeleteKeysAction) AdministrationException(org.apache.nifi.admin.service.AdministrationException) DataAccessException(org.apache.nifi.admin.dao.DataAccessException)

Example 7 with AdministrationException

use of org.apache.nifi.admin.service.AdministrationException in project nifi by apache.

the class StandardAuditService method addActions.

@Override
public void addActions(Collection<Action> actions) {
    Transaction transaction = null;
    writeLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // seed the accounts
        AddActionsAction addActions = new AddActionsAction(actions);
        transaction.execute(addActions);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        writeLock.unlock();
    }
}
Also used : TransactionException(org.apache.nifi.admin.service.transaction.TransactionException) Transaction(org.apache.nifi.admin.service.transaction.Transaction) AddActionsAction(org.apache.nifi.admin.service.action.AddActionsAction) AdministrationException(org.apache.nifi.admin.service.AdministrationException) DataAccessException(org.apache.nifi.admin.dao.DataAccessException)

Example 8 with AdministrationException

use of org.apache.nifi.admin.service.AdministrationException in project nifi by apache.

the class StandardAuditService method getAction.

@Override
public Action getAction(Integer actionId) {
    Transaction transaction = null;
    Action action = null;
    readLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // seed the accounts
        GetActionAction getAction = new GetActionAction(actionId);
        action = transaction.execute(getAction);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        readLock.unlock();
    }
    return action;
}
Also used : GetActionAction(org.apache.nifi.admin.service.action.GetActionAction) GetActionsAction(org.apache.nifi.admin.service.action.GetActionsAction) PurgeActionsAction(org.apache.nifi.admin.service.action.PurgeActionsAction) GetActionAction(org.apache.nifi.admin.service.action.GetActionAction) AddActionsAction(org.apache.nifi.admin.service.action.AddActionsAction) Action(org.apache.nifi.action.Action) TransactionException(org.apache.nifi.admin.service.transaction.TransactionException) Transaction(org.apache.nifi.admin.service.transaction.Transaction) AdministrationException(org.apache.nifi.admin.service.AdministrationException) DataAccessException(org.apache.nifi.admin.dao.DataAccessException)

Example 9 with AdministrationException

use of org.apache.nifi.admin.service.AdministrationException in project nifi by apache.

the class StandardAuditService method getPreviousValues.

@Override
public Map<String, List<PreviousValue>> getPreviousValues(String componentId) {
    Transaction transaction = null;
    Map<String, List<PreviousValue>> previousValues = null;
    readLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // seed the accounts
        GetPreviousValues getActions = new GetPreviousValues(componentId);
        previousValues = transaction.execute(getActions);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        readLock.unlock();
    }
    return previousValues;
}
Also used : TransactionException(org.apache.nifi.admin.service.transaction.TransactionException) Transaction(org.apache.nifi.admin.service.transaction.Transaction) GetPreviousValues(org.apache.nifi.admin.service.action.GetPreviousValues) List(java.util.List) AdministrationException(org.apache.nifi.admin.service.AdministrationException) DataAccessException(org.apache.nifi.admin.dao.DataAccessException)

Example 10 with AdministrationException

use of org.apache.nifi.admin.service.AdministrationException in project nifi by apache.

the class AccessResource method getAccessStatus.

/**
 * Gets the status the client's access.
 *
 * @param httpServletRequest the servlet request
 * @return A accessStatusEntity
 */
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("")
@ApiOperation(value = "Gets the status the client's access", notes = NON_GUARANTEED_ENDPOINT, response = AccessStatusEntity.class)
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Unable to determine access status because the client could not be authenticated."), @ApiResponse(code = 403, message = "Unable to determine access status because the client is not authorized to make this request."), @ApiResponse(code = 409, message = "Unable to determine access status because NiFi is not in the appropriate state."), @ApiResponse(code = 500, message = "Unable to determine access status because an unexpected error occurred.") })
public Response getAccessStatus(@Context HttpServletRequest httpServletRequest) {
    // only consider user specific access over https
    if (!httpServletRequest.isSecure()) {
        throw new IllegalStateException("User authentication/authorization is only supported when running over HTTPS.");
    }
    final AccessStatusDTO accessStatus = new AccessStatusDTO();
    try {
        final X509Certificate[] certificates = certificateExtractor.extractClientCertificate(httpServletRequest);
        // if there is not certificate, consider a token
        if (certificates == null) {
            // look for an authorization token
            final String authorization = httpServletRequest.getHeader(JwtAuthenticationFilter.AUTHORIZATION);
            // if there is no authorization header, we don't know the user
            if (authorization == null) {
                accessStatus.setStatus(AccessStatusDTO.Status.UNKNOWN.name());
                accessStatus.setMessage("No credentials supplied, unknown user.");
            } else {
                try {
                    // Extract the Base64 encoded token from the Authorization header
                    final String token = StringUtils.substringAfterLast(authorization, " ");
                    final JwtAuthenticationRequestToken jwtRequest = new JwtAuthenticationRequestToken(token, httpServletRequest.getRemoteAddr());
                    final NiFiAuthenticationToken authenticationResponse = (NiFiAuthenticationToken) jwtAuthenticationProvider.authenticate(jwtRequest);
                    final NiFiUser nifiUser = ((NiFiUserDetails) authenticationResponse.getDetails()).getNiFiUser();
                    // set the user identity
                    accessStatus.setIdentity(nifiUser.getIdentity());
                    // attempt authorize to /flow
                    accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
                    accessStatus.setMessage("You are already logged in.");
                } catch (JwtException e) {
                    throw new InvalidAuthenticationException(e.getMessage(), e);
                }
            }
        } else {
            try {
                final X509AuthenticationRequestToken x509Request = new X509AuthenticationRequestToken(httpServletRequest.getHeader(ProxiedEntitiesUtils.PROXY_ENTITIES_CHAIN), principalExtractor, certificates, httpServletRequest.getRemoteAddr());
                final NiFiAuthenticationToken authenticationResponse = (NiFiAuthenticationToken) x509AuthenticationProvider.authenticate(x509Request);
                final NiFiUser nifiUser = ((NiFiUserDetails) authenticationResponse.getDetails()).getNiFiUser();
                // set the user identity
                accessStatus.setIdentity(nifiUser.getIdentity());
                // attempt authorize to /flow
                accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
                accessStatus.setMessage("You are already logged in.");
            } catch (final IllegalArgumentException iae) {
                throw new InvalidAuthenticationException(iae.getMessage(), iae);
            }
        }
    } catch (final UntrustedProxyException upe) {
        throw new AccessDeniedException(upe.getMessage(), upe);
    } catch (final AuthenticationServiceException ase) {
        throw new AdministrationException(ase.getMessage(), ase);
    }
    // create the entity
    final AccessStatusEntity entity = new AccessStatusEntity();
    entity.setAccessStatus(accessStatus);
    return generateOkResponse(entity).build();
}
Also used : AccessDeniedException(org.apache.nifi.authorization.AccessDeniedException) AccessStatusEntity(org.apache.nifi.web.api.entity.AccessStatusEntity) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) JwtAuthenticationRequestToken(org.apache.nifi.web.security.jwt.JwtAuthenticationRequestToken) AccessStatusDTO(org.apache.nifi.web.api.dto.AccessStatusDTO) AdministrationException(org.apache.nifi.admin.service.AdministrationException) X509AuthenticationRequestToken(org.apache.nifi.web.security.x509.X509AuthenticationRequestToken) X509Certificate(java.security.cert.X509Certificate) InvalidAuthenticationException(org.apache.nifi.web.security.InvalidAuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) UntrustedProxyException(org.apache.nifi.web.security.UntrustedProxyException) JwtException(io.jsonwebtoken.JwtException) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

AdministrationException (org.apache.nifi.admin.service.AdministrationException)13 DataAccessException (org.apache.nifi.admin.dao.DataAccessException)8 Transaction (org.apache.nifi.admin.service.transaction.Transaction)8 TransactionException (org.apache.nifi.admin.service.transaction.TransactionException)8 Key (org.apache.nifi.key.Key)4 JwtException (io.jsonwebtoken.JwtException)3 ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)2 MalformedJwtException (io.jsonwebtoken.MalformedJwtException)2 UnsupportedJwtException (io.jsonwebtoken.UnsupportedJwtException)2 ApiOperation (io.swagger.annotations.ApiOperation)2 ApiResponses (io.swagger.annotations.ApiResponses)2 Consumes (javax.ws.rs.Consumes)2 Path (javax.ws.rs.Path)2 Produces (javax.ws.rs.Produces)2 AddActionsAction (org.apache.nifi.admin.service.action.AddActionsAction)2 GetActionsAction (org.apache.nifi.admin.service.action.GetActionsAction)2 PurgeActionsAction (org.apache.nifi.admin.service.action.PurgeActionsAction)2 LoginAuthenticationToken (org.apache.nifi.web.security.token.LoginAuthenticationToken)2 Claims (io.jsonwebtoken.Claims)1 JwsHeader (io.jsonwebtoken.JwsHeader)1