Example 31 with StandardPropertyValue
use of org.apache.nifi.attribute.expression.language.StandardPropertyValue in project nifi by apache.
the class FileAccessPolicyProviderTest method testOnConfiguredWhenInitialAdminProvidedWithIdentityMapping.
@Test
public void testOnConfiguredWhenInitialAdminProvidedWithIdentityMapping() throws Exception {
final Properties props = new Properties();
props.setProperty("nifi.security.identity.mapping.pattern.dn1", "^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$");
props.setProperty("nifi.security.identity.mapping.value.dn1", "$1_$2_$3");
properties = getNiFiProperties(props);
when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
when(properties.getFlowConfigurationFile()).thenReturn(flow);
userGroupProvider.setNiFiProperties(properties);
accessPolicyProvider.setNiFiProperties(properties);
final String adminIdentity = "CN=localhost, OU=Apache NiFi, O=Apache, L=Santa Monica, ST=CA, C=US";
when(configurationContext.getProperty(eq(FileAccessPolicyProvider.PROP_INITIAL_ADMIN_IDENTITY))).thenReturn(new StandardPropertyValue(adminIdentity, null));
writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
userGroupProvider.onConfigured(configurationContext);
accessPolicyProvider.onConfigured(configurationContext);
final Set<User> users = userGroupProvider.getUsers();
final User adminUser = users.iterator().next();
assertEquals("localhost_Apache NiFi_Apache", adminUser.getIdentity());
}
Also used :
StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue)
Matchers.anyString(org.mockito.Matchers.anyString)
Properties(java.util.Properties)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
Test(org.junit.Test)
Example 32 with StandardPropertyValue
use of org.apache.nifi.attribute.expression.language.StandardPropertyValue in project nifi by apache.
the class FileAccessPolicyProviderTest method testOnConfiguredWhenLegacyUsersFileProvidedWithIdentityMappings.
@Test
public void testOnConfiguredWhenLegacyUsersFileProvidedWithIdentityMappings() throws Exception {
final Properties props = new Properties();
props.setProperty("nifi.security.identity.mapping.pattern.dn1", "^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$");
props.setProperty("nifi.security.identity.mapping.value.dn1", "$1");
properties = getNiFiProperties(props);
when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
when(properties.getFlowConfigurationFile()).thenReturn(flowWithDns);
userGroupProvider.setNiFiProperties(properties);
accessPolicyProvider.setNiFiProperties(properties);
when(configurationContext.getProperty(eq(FileAuthorizer.PROP_LEGACY_AUTHORIZED_USERS_FILE))).thenReturn(new StandardPropertyValue("src/test/resources/authorized-users-with-dns.xml", null));
writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
userGroupProvider.onConfigured(configurationContext);
accessPolicyProvider.onConfigured(configurationContext);
final User user4 = userGroupProvider.getUserByIdentity("user4");
final User user6 = userGroupProvider.getUserByIdentity("user6");
// verify one group got created
final Set<Group> groups = userGroupProvider.getGroups();
final Group group1 = groups.iterator().next();
final Resource inputPortResource = ResourceFactory.getDataTransferResource(ResourceFactory.getComponentResource(ResourceType.InputPort, "2f7d1606-b090-4be7-a592-a5b70fb55531", "TCP Input"));
final AccessPolicy inputPortPolicy = accessPolicyProvider.getAccessPolicy(inputPortResource.getIdentifier(), RequestAction.WRITE);
assertNotNull(inputPortPolicy);
assertEquals(1, inputPortPolicy.getUsers().size());
assertTrue(inputPortPolicy.getUsers().contains(user6.getIdentifier()));
assertEquals(1, inputPortPolicy.getGroups().size());
assertTrue(inputPortPolicy.getGroups().contains(group1.getIdentifier()));
final Resource outputPortResource = ResourceFactory.getDataTransferResource(ResourceFactory.getComponentResource(ResourceType.OutputPort, "2f7d1606-b090-4be7-a592-a5b70fb55532", "TCP Output"));
final AccessPolicy outputPortPolicy = accessPolicyProvider.getAccessPolicy(outputPortResource.getIdentifier(), RequestAction.WRITE);
assertNotNull(outputPortPolicy);
assertEquals(1, outputPortPolicy.getUsers().size());
assertTrue(outputPortPolicy.getUsers().contains(user4.getIdentifier()));
}
Also used :
StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue)
Properties(java.util.Properties)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
Test(org.junit.Test)
Example 33 with StandardPropertyValue
use of org.apache.nifi.attribute.expression.language.StandardPropertyValue in project nifi by apache.
the class FileAccessPolicyProviderTest method testOnConfiguredWhenInitialAdminProvidedAndNoFlowExists.
@Test
public void testOnConfiguredWhenInitialAdminProvidedAndNoFlowExists() throws Exception {
// setup NiFi properties to return a file that does not exist
properties = mock(NiFiProperties.class);
when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
when(properties.getFlowConfigurationFile()).thenReturn(new File("src/test/resources/does-not-exist.xml.gz"));
userGroupProvider.setNiFiProperties(properties);
accessPolicyProvider.setNiFiProperties(properties);
final String adminIdentity = "admin-user";
when(configurationContext.getProperty(eq(FileAccessPolicyProvider.PROP_INITIAL_ADMIN_IDENTITY))).thenReturn(new StandardPropertyValue(adminIdentity, null));
writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
userGroupProvider.onConfigured(configurationContext);
accessPolicyProvider.onConfigured(configurationContext);
final Set<User> users = userGroupProvider.getUsers();
final User adminUser = users.iterator().next();
assertEquals(adminIdentity, adminUser.getIdentity());
final Set<AccessPolicy> policies = accessPolicyProvider.getAccessPolicies();
assertEquals(8, policies.size());
final String rootGroupResource = ResourceType.ProcessGroup.getValue() + "/" + ROOT_GROUP_ID;
boolean foundRootGroupPolicy = false;
for (AccessPolicy policy : policies) {
if (policy.getResource().equals(rootGroupResource)) {
foundRootGroupPolicy = true;
break;
}
}
assertFalse(foundRootGroupPolicy);
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue)
Matchers.anyString(org.mockito.Matchers.anyString)
File(java.io.File)
Test(org.junit.Test)
Example 34 with StandardPropertyValue
use of org.apache.nifi.attribute.expression.language.StandardPropertyValue in project nifi by apache.
the class FileAccessPolicyProviderTest method testOnConfiguredWhenNodeIdentitiesProvidedAndUsersAlreadyExist.
@Test
public void testOnConfiguredWhenNodeIdentitiesProvidedAndUsersAlreadyExist() throws Exception {
final String adminIdentity = "admin-user";
final String nodeIdentity1 = "node1";
final String nodeIdentity2 = "node2";
when(configurationContext.getProperty(Mockito.eq(FileAccessPolicyProvider.PROP_INITIAL_ADMIN_IDENTITY))).thenReturn(new StandardPropertyValue(adminIdentity, null));
when(configurationContext.getProperty(Mockito.eq(FileAccessPolicyProvider.PROP_NODE_IDENTITY_PREFIX + "1"))).thenReturn(new StandardPropertyValue(nodeIdentity1, null));
when(configurationContext.getProperty(Mockito.eq(FileAccessPolicyProvider.PROP_NODE_IDENTITY_PREFIX + "2"))).thenReturn(new StandardPropertyValue(nodeIdentity2, null));
when(configurationContext.getProperty(eq(FileUserGroupProvider.PROP_INITIAL_USER_IDENTITY_PREFIX + "1"))).thenReturn(new StandardPropertyValue(adminIdentity, null));
when(configurationContext.getProperty(eq(FileUserGroupProvider.PROP_INITIAL_USER_IDENTITY_PREFIX + "2"))).thenReturn(new StandardPropertyValue(nodeIdentity1, null));
when(configurationContext.getProperty(eq(FileUserGroupProvider.PROP_INITIAL_USER_IDENTITY_PREFIX + "3"))).thenReturn(new StandardPropertyValue(nodeIdentity2, null));
writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
writeFile(primaryTenants, TENANTS_FOR_ADMIN_AND_NODES);
userGroupProvider.onConfigured(configurationContext);
accessPolicyProvider.onConfigured(configurationContext);
User nodeUser1 = userGroupProvider.getUserByIdentity(nodeIdentity1);
User nodeUser2 = userGroupProvider.getUserByIdentity(nodeIdentity2);
AccessPolicy proxyWritePolicy = accessPolicyProvider.getAccessPolicy(ResourceType.Proxy.getValue(), RequestAction.WRITE);
assertNotNull(proxyWritePolicy);
assertTrue(proxyWritePolicy.getUsers().contains(nodeUser1.getIdentifier()));
assertTrue(proxyWritePolicy.getUsers().contains(nodeUser2.getIdentifier()));
}
Also used :
StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 35 with StandardPropertyValue
use of org.apache.nifi.attribute.expression.language.StandardPropertyValue in project nifi by apache.
the class FileAccessPolicyProviderTest method testOnConfiguredWhenLegacyUsersFileProvidedAndFlowHasNoPorts.
@Test
public void testOnConfiguredWhenLegacyUsersFileProvidedAndFlowHasNoPorts() throws Exception {
properties = mock(NiFiProperties.class);
when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
when(properties.getFlowConfigurationFile()).thenReturn(flowNoPorts);
when(configurationContext.getProperty(eq(FileAuthorizer.PROP_LEGACY_AUTHORIZED_USERS_FILE))).thenReturn(new StandardPropertyValue("src/test/resources/authorized-users.xml", null));
writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
userGroupProvider.onConfigured(configurationContext);
accessPolicyProvider.onConfigured(configurationContext);
boolean foundDataTransferPolicy = false;
for (AccessPolicy policy : accessPolicyProvider.getAccessPolicies()) {
if (policy.getResource().contains(ResourceType.DataTransfer.name())) {
foundDataTransferPolicy = true;
break;
}
}
assertFalse(foundDataTransferPolicy);
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue)
Test(org.junit.Test)
Aggregations
StandardPropertyValue (org.apache.nifi.attribute.expression.language.StandardPropertyValue)91
Test (org.junit.Test)78
AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)33
Matchers.anyString (org.mockito.Matchers.anyString)30
NiFiProperties (org.apache.nifi.util.NiFiProperties)24
PropertyValue (org.apache.nifi.components.PropertyValue)17
HashMap (java.util.HashMap)16
Properties (java.util.Properties)15
Group (org.apache.nifi.authorization.Group)12
Before (org.junit.Before)12
Set (java.util.Set)10
UserAndGroups (org.apache.nifi.authorization.UserAndGroups)10
AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)9
CreateLdapServer (org.apache.directory.server.annotations.CreateLdapServer)8
CreateTransport (org.apache.directory.server.annotations.CreateTransport)8
ApplyLdifFiles (org.apache.directory.server.core.annotations.ApplyLdifFiles)8
CreateDS (org.apache.directory.server.core.annotations.CreateDS)8
CreatePartition (org.apache.directory.server.core.annotations.CreatePartition)8
AbstractLdapTestUnit (org.apache.directory.server.core.integ.AbstractLdapTestUnit)8
FrameworkRunner (org.apache.directory.server.core.integ.FrameworkRunner)8
