Search in sources :

Example 1 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class StandardNiFiServiceFacade method updateUserGroup.

@Override
public UserGroupEntity updateUserGroup(final Revision revision, final UserGroupDTO userGroupDTO) {
    final Authorizable userGroupsAuthorizable = authorizableLookup.getTenant();
    final Set<AccessPolicy> policies = userGroupDAO.getAccessPoliciesForUserGroup(userGroupDTO.getId());
    final RevisionUpdate<UserGroupDTO> snapshot = updateComponent(revision, userGroupsAuthorizable, () -> userGroupDAO.updateUserGroup(userGroupDTO), userGroup -> {
        final Set<TenantEntity> tenantEntities = userGroup.getUsers().stream().map(mapUserIdToTenantEntity()).collect(Collectors.toSet());
        final Set<AccessPolicySummaryEntity> policyEntities = policies.stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet());
        return dtoFactory.createUserGroupDto(userGroup, tenantEntities, policyEntities);
    });
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(userGroupsAuthorizable);
    return entityFactory.createUserGroupEntity(snapshot.getComponent(), dtoFactory.createRevisionDTO(snapshot.getLastModification()), permissions);
}
Also used : EnforcePolicyPermissionsThroughBaseResource(org.apache.nifi.authorization.resource.EnforcePolicyPermissionsThroughBaseResource) ConnectionDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ConnectionDiagnosticsDTO) FlowComparison(org.apache.nifi.registry.flow.diff.FlowComparison) ConnectionDTO(org.apache.nifi.web.api.dto.ConnectionDTO) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) AuthorizeAccess(org.apache.nifi.authorization.AuthorizeAccess) VersionedFlowSnapshotMetadata(org.apache.nifi.registry.flow.VersionedFlowSnapshotMetadata) SnippetEntity(org.apache.nifi.web.api.entity.SnippetEntity) ProcessGroupDTO(org.apache.nifi.web.api.dto.ProcessGroupDTO) NiFiRegistryException(org.apache.nifi.registry.client.NiFiRegistryException) Scope(org.apache.nifi.components.state.Scope) ControllerFacade(org.apache.nifi.web.controller.ControllerFacade) VersionedProcessGroup(org.apache.nifi.registry.flow.VersionedProcessGroup) Map(java.util.Map) UserGroupDAO(org.apache.nifi.web.dao.UserGroupDAO) CurrentUserEntity(org.apache.nifi.web.api.entity.CurrentUserEntity) Connection(org.apache.nifi.connectable.Connection) RevisionUpdate(org.apache.nifi.web.revision.RevisionUpdate) BulletinDTO(org.apache.nifi.web.api.dto.BulletinDTO) FlowDifferenceFilters(org.apache.nifi.util.FlowDifferenceFilters) NodeEvent(org.apache.nifi.cluster.event.NodeEvent) VersionedFlowDTO(org.apache.nifi.web.api.dto.VersionedFlowDTO) RemoteProcessGroupPortDTO(org.apache.nifi.web.api.dto.RemoteProcessGroupPortDTO) ComponentReferenceEntity(org.apache.nifi.web.api.entity.ComponentReferenceEntity) PortDTO(org.apache.nifi.web.api.dto.PortDTO) UserDTO(org.apache.nifi.web.api.dto.UserDTO) Stream(java.util.stream.Stream) RemoteProcessGroup(org.apache.nifi.groups.RemoteProcessGroup) InstantiatedVersionedProcessor(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedProcessor) ProcessGroupDAO(org.apache.nifi.web.dao.ProcessGroupDAO) ProcessorDiagnosticsEntity(org.apache.nifi.web.api.entity.ProcessorDiagnosticsEntity) RegistryDAO(org.apache.nifi.web.dao.RegistryDAO) UserEntity(org.apache.nifi.web.api.entity.UserEntity) CountersSnapshotDTO(org.apache.nifi.web.api.dto.CountersSnapshotDTO) SnippetUtils(org.apache.nifi.web.util.SnippetUtils) RemoteProcessGroupStatusEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupStatusEntity) PreviousValue(org.apache.nifi.history.PreviousValue) StandardComparableDataFlow(org.apache.nifi.registry.flow.diff.StandardComparableDataFlow) ConnectionDAO(org.apache.nifi.web.dao.ConnectionDAO) ProvenanceEventDTO(org.apache.nifi.web.api.dto.provenance.ProvenanceEventDTO) ControllerServiceEntity(org.apache.nifi.web.api.entity.ControllerServiceEntity) ConfigurableComponent(org.apache.nifi.components.ConfigurableComponent) TemplateEntity(org.apache.nifi.web.api.entity.TemplateEntity) RevisionDTO(org.apache.nifi.web.api.dto.RevisionDTO) Supplier(java.util.function.Supplier) CollectionUtils(org.apache.commons.collections4.CollectionUtils) LineageDTO(org.apache.nifi.web.api.dto.provenance.lineage.LineageDTO) LinkedHashMap(java.util.LinkedHashMap) FlowChangeAction(org.apache.nifi.action.FlowChangeAction) ProcessGroupCounts(org.apache.nifi.groups.ProcessGroupCounts) VariableRegistryDTO(org.apache.nifi.web.api.dto.VariableRegistryDTO) FlowDTO(org.apache.nifi.web.api.dto.flow.FlowDTO) RegistryDTO(org.apache.nifi.web.api.dto.RegistryDTO) ProvenanceDTO(org.apache.nifi.web.api.dto.provenance.ProvenanceDTO) ClusterRoles(org.apache.nifi.cluster.coordination.node.ClusterRoles) VersionedFlowState(org.apache.nifi.registry.flow.VersionedFlowState) FlowConfigurationEntity(org.apache.nifi.web.api.entity.FlowConfigurationEntity) ContentDirection(org.apache.nifi.controller.repository.claim.ContentDirection) PortDAO(org.apache.nifi.web.dao.PortDAO) AuthorizableLookup(org.apache.nifi.authorization.AuthorizableLookup) RequestAction(org.apache.nifi.authorization.RequestAction) IOException(java.io.IOException) CountersDTO(org.apache.nifi.web.api.dto.CountersDTO) VersionedFlowSnapshot(org.apache.nifi.registry.flow.VersionedFlowSnapshot) NiFiRegistryFlowMapper(org.apache.nifi.registry.flow.mapping.NiFiRegistryFlowMapper) HistoryDTO(org.apache.nifi.web.api.dto.action.HistoryDTO) SystemDiagnosticsDTO(org.apache.nifi.web.api.dto.SystemDiagnosticsDTO) ControllerServiceDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ControllerServiceDiagnosticsDTO) BulletinFactory(org.apache.nifi.events.BulletinFactory) VersionedFlowSnapshotMetadataEntity(org.apache.nifi.web.api.entity.VersionedFlowSnapshotMetadataEntity) ProcessorStatusEntity(org.apache.nifi.web.api.entity.ProcessorStatusEntity) ComponentStateDTO(org.apache.nifi.web.api.dto.ComponentStateDTO) UserDAO(org.apache.nifi.web.dao.UserDAO) RemoteProcessGroupDAO(org.apache.nifi.web.dao.RemoteProcessGroupDAO) UnknownNodeException(org.apache.nifi.cluster.manager.exception.UnknownNodeException) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity) AffectedComponentEntity(org.apache.nifi.web.api.entity.AffectedComponentEntity) BucketEntity(org.apache.nifi.web.api.entity.BucketEntity) ScheduleComponentsEntity(org.apache.nifi.web.api.entity.ScheduleComponentsEntity) DisconnectionCode(org.apache.nifi.cluster.coordination.node.DisconnectionCode) ProcessGroup(org.apache.nifi.groups.ProcessGroup) BulletinQueryDTO(org.apache.nifi.web.api.dto.BulletinQueryDTO) ListIterator(java.util.ListIterator) Date(java.util.Date) ProcessorStatusDTO(org.apache.nifi.web.api.dto.status.ProcessorStatusDTO) RegistryClientEntity(org.apache.nifi.web.api.entity.RegistryClientEntity) SnippetDAO(org.apache.nifi.web.dao.SnippetDAO) StandardFlowComparator(org.apache.nifi.registry.flow.diff.StandardFlowComparator) ControllerConfigurationEntity(org.apache.nifi.web.api.entity.ControllerConfigurationEntity) LabelDTO(org.apache.nifi.web.api.dto.LabelDTO) ControllerConfigurationDTO(org.apache.nifi.web.api.dto.ControllerConfigurationDTO) InstantiatedVersionedRemoteGroupPort(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteGroupPort) ControllerStatusDTO(org.apache.nifi.web.api.dto.status.ControllerStatusDTO) UpdateRevisionTask(org.apache.nifi.web.revision.UpdateRevisionTask) VersionedComponent(org.apache.nifi.registry.flow.VersionedComponent) Label(org.apache.nifi.controller.label.Label) RevisionClaim(org.apache.nifi.web.revision.RevisionClaim) Authorizable(org.apache.nifi.authorization.resource.Authorizable) ControllerServiceReferencingComponentDTO(org.apache.nifi.web.api.dto.ControllerServiceReferencingComponentDTO) RequiredPermission(org.apache.nifi.components.RequiredPermission) EntityFactory(org.apache.nifi.web.api.dto.EntityFactory) Collection(java.util.Collection) RemoteProcessGroupPortEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupPortEntity) RevisionManager(org.apache.nifi.web.revision.RevisionManager) UUID(java.util.UUID) Snippet(org.apache.nifi.controller.Snippet) PortEntity(org.apache.nifi.web.api.entity.PortEntity) Collectors(java.util.stream.Collectors) ResourceFactory(org.apache.nifi.authorization.resource.ResourceFactory) StateMap(org.apache.nifi.components.state.StateMap) Objects(java.util.Objects) Response(javax.ws.rs.core.Response) ComponentReferenceDTO(org.apache.nifi.web.api.dto.ComponentReferenceDTO) ProcessGroupEntity(org.apache.nifi.web.api.entity.ProcessGroupEntity) ProcessorDTO(org.apache.nifi.web.api.dto.ProcessorDTO) ControllerServiceState(org.apache.nifi.controller.service.ControllerServiceState) ConnectionStatusDTO(org.apache.nifi.web.api.dto.status.ConnectionStatusDTO) ReportingTaskDTO(org.apache.nifi.web.api.dto.ReportingTaskDTO) AuditService(org.apache.nifi.admin.service.AuditService) FlowSnippetDTO(org.apache.nifi.web.api.dto.FlowSnippetDTO) ReportingTaskDAO(org.apache.nifi.web.dao.ReportingTaskDAO) RemoteProcessGroupDTO(org.apache.nifi.web.api.dto.RemoteProcessGroupDTO) ProcessorNode(org.apache.nifi.controller.ProcessorNode) Bucket(org.apache.nifi.registry.bucket.Bucket) NodeHeartbeat(org.apache.nifi.cluster.coordination.heartbeat.NodeHeartbeat) ControllerServiceNode(org.apache.nifi.controller.service.ControllerServiceNode) ProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.ProcessGroupStatusDTO) Group(org.apache.nifi.authorization.Group) Function(java.util.function.Function) FlowRegistry(org.apache.nifi.registry.flow.FlowRegistry) PermissionsDTO(org.apache.nifi.web.api.dto.PermissionsDTO) HashSet(java.util.HashSet) ListingRequestDTO(org.apache.nifi.web.api.dto.ListingRequestDTO) ControllerServiceReferencingComponentEntity(org.apache.nifi.web.api.entity.ControllerServiceReferencingComponentEntity) VersionControlInformationDTO(org.apache.nifi.web.api.dto.VersionControlInformationDTO) ReportingTaskNode(org.apache.nifi.controller.ReportingTaskNode) ValidationResult(org.apache.nifi.components.ValidationResult) ComponentDifferenceDTO(org.apache.nifi.web.api.dto.ComponentDifferenceDTO) Logger(org.slf4j.Logger) RemoteGroupPort(org.apache.nifi.remote.RemoteGroupPort) PropertyHistoryDTO(org.apache.nifi.web.api.dto.PropertyHistoryDTO) FlowFileDTO(org.apache.nifi.web.api.dto.FlowFileDTO) VariableRegistryEntity(org.apache.nifi.web.api.entity.VariableRegistryEntity) VersionedFlow(org.apache.nifi.registry.flow.VersionedFlow) IllegalNodeDeletionException(org.apache.nifi.cluster.manager.exception.IllegalNodeDeletionException) DropRequestDTO(org.apache.nifi.web.api.dto.DropRequestDTO) LabelEntity(org.apache.nifi.web.api.entity.LabelEntity) RemoteProcessGroupEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupEntity) NiFiUserUtils(org.apache.nifi.authorization.user.NiFiUserUtils) BulletinRepository(org.apache.nifi.reporting.BulletinRepository) AccessPolicyEntity(org.apache.nifi.web.api.entity.AccessPolicyEntity) NodeDTO(org.apache.nifi.web.api.dto.NodeDTO) Operation(org.apache.nifi.action.Operation) SnippetDTO(org.apache.nifi.web.api.dto.SnippetDTO) Comparator(java.util.Comparator) CounterDTO(org.apache.nifi.web.api.dto.CounterDTO) InstantiatedVersionedComponent(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedComponent) Arrays(java.util.Arrays) StatusHistoryEntity(org.apache.nifi.web.api.entity.StatusHistoryEntity) FlowChangePurgeDetails(org.apache.nifi.action.details.FlowChangePurgeDetails) PropertyDescriptor(org.apache.nifi.components.PropertyDescriptor) ProcessGroupStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.ProcessGroupStatusSnapshotDTO) ControllerServiceDAO(org.apache.nifi.web.dao.ControllerServiceDAO) AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest) PropertyDescriptorDTO(org.apache.nifi.web.api.dto.PropertyDescriptorDTO) FunnelDAO(org.apache.nifi.web.dao.FunnelDAO) AuthorizationResult(org.apache.nifi.authorization.AuthorizationResult) TenantEntity(org.apache.nifi.web.api.entity.TenantEntity) ProcessGroupFlowEntity(org.apache.nifi.web.api.entity.ProcessGroupFlowEntity) RootGroupPort(org.apache.nifi.remote.RootGroupPort) BulletinQuery(org.apache.nifi.reporting.BulletinQuery) Connectable(org.apache.nifi.connectable.Connectable) Bulletin(org.apache.nifi.reporting.Bulletin) FunnelDTO(org.apache.nifi.web.api.dto.FunnelDTO) ProcessorStatus(org.apache.nifi.controller.status.ProcessorStatus) HistoryQueryDTO(org.apache.nifi.web.api.dto.action.HistoryQueryDTO) ControllerServiceReferencingComponentsEntity(org.apache.nifi.web.api.entity.ControllerServiceReferencingComponentsEntity) FunnelEntity(org.apache.nifi.web.api.entity.FunnelEntity) AccessPolicyDAO(org.apache.nifi.web.dao.AccessPolicyDAO) ProcessGroupStatus(org.apache.nifi.controller.status.ProcessGroupStatus) History(org.apache.nifi.history.History) AccessPolicySummaryEntity(org.apache.nifi.web.api.entity.AccessPolicySummaryEntity) Set(java.util.Set) BulletinBoardDTO(org.apache.nifi.web.api.dto.BulletinBoardDTO) VersionedFlowCoordinates(org.apache.nifi.registry.flow.VersionedFlowCoordinates) FlowController(org.apache.nifi.controller.FlowController) ProcessorDAO(org.apache.nifi.web.dao.ProcessorDAO) StandardCharsets(java.nio.charset.StandardCharsets) FlowComparisonEntity(org.apache.nifi.web.api.entity.FlowComparisonEntity) ScheduledState(org.apache.nifi.controller.ScheduledState) WebApplicationException(javax.ws.rs.WebApplicationException) ActionEntity(org.apache.nifi.web.api.entity.ActionEntity) DtoFactory(org.apache.nifi.web.api.dto.DtoFactory) RemoteProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.RemoteProcessGroupStatusDTO) ControllerBulletinsEntity(org.apache.nifi.web.api.entity.ControllerBulletinsEntity) Resource(org.apache.nifi.authorization.Resource) FlowComparator(org.apache.nifi.registry.flow.diff.FlowComparator) StaticDifferenceDescriptor(org.apache.nifi.registry.flow.diff.StaticDifferenceDescriptor) LeaderElectionManager(org.apache.nifi.controller.leader.election.LeaderElectionManager) Counter(org.apache.nifi.controller.Counter) AccessDeniedException(org.apache.nifi.authorization.AccessDeniedException) InstantiatedVersionedProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedProcessGroup) TemplateDAO(org.apache.nifi.web.dao.TemplateDAO) ArrayList(java.util.ArrayList) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) ComponentType(org.apache.nifi.reporting.ComponentType) ControllerServiceReference(org.apache.nifi.controller.service.ControllerServiceReference) StandardRevisionClaim(org.apache.nifi.web.revision.StandardRevisionClaim) NodeConnectionState(org.apache.nifi.cluster.coordination.node.NodeConnectionState) AccessPolicyDTO(org.apache.nifi.web.api.dto.AccessPolicyDTO) VersionControlComponentMappingEntity(org.apache.nifi.web.api.entity.VersionControlComponentMappingEntity) RequiredPermissionDTO(org.apache.nifi.web.api.dto.RequiredPermissionDTO) NodeConnectionStatus(org.apache.nifi.cluster.coordination.node.NodeConnectionStatus) LinkedHashSet(java.util.LinkedHashSet) DocumentedTypeDTO(org.apache.nifi.web.api.dto.DocumentedTypeDTO) FlowConfigurationDTO(org.apache.nifi.web.api.dto.FlowConfigurationDTO) ConfiguredComponent(org.apache.nifi.controller.ConfiguredComponent) ProvenanceOptionsDTO(org.apache.nifi.web.api.dto.provenance.ProvenanceOptionsDTO) LabelDAO(org.apache.nifi.web.dao.LabelDAO) InstantiatedVersionedControllerService(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedControllerService) StartVersionControlRequestEntity(org.apache.nifi.web.api.entity.StartVersionControlRequestEntity) ComponentDTO(org.apache.nifi.web.api.dto.ComponentDTO) Authorizer(org.apache.nifi.authorization.Authorizer) NiFiProperties(org.apache.nifi.util.NiFiProperties) ComponentHistoryDTO(org.apache.nifi.web.api.dto.ComponentHistoryDTO) BulletinEntity(org.apache.nifi.web.api.entity.BulletinEntity) VersionedFlowEntity(org.apache.nifi.web.api.entity.VersionedFlowEntity) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) Permissions(org.apache.nifi.registry.authorization.Permissions) PreviousValueDTO(org.apache.nifi.web.api.dto.PreviousValueDTO) ProcessorConfigDTO(org.apache.nifi.web.api.dto.ProcessorConfigDTO) LoggerFactory(org.slf4j.LoggerFactory) Port(org.apache.nifi.connectable.Port) ProcessGroupStatusEntity(org.apache.nifi.web.api.entity.ProcessGroupStatusEntity) TemplateDTO(org.apache.nifi.web.api.dto.TemplateDTO) ActivateControllerServicesEntity(org.apache.nifi.web.api.entity.ActivateControllerServicesEntity) UserGroupEntity(org.apache.nifi.web.api.entity.UserGroupEntity) UserGroupDTO(org.apache.nifi.web.api.dto.UserGroupDTO) ConnectionStatusEntity(org.apache.nifi.web.api.entity.ConnectionStatusEntity) JVMDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.JVMDiagnosticsSnapshotDTO) ProcessGroupStatusSnapshotEntity(org.apache.nifi.web.api.entity.ProcessGroupStatusSnapshotEntity) DifferenceType(org.apache.nifi.registry.flow.diff.DifferenceType) AccessPolicySummaryDTO(org.apache.nifi.web.api.dto.AccessPolicySummaryDTO) NodeProcessGroupStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.NodeProcessGroupStatusSnapshotDTO) VersionedConnection(org.apache.nifi.registry.flow.VersionedConnection) Template(org.apache.nifi.controller.Template) FlowRegistryClient(org.apache.nifi.registry.flow.FlowRegistryClient) BucketDTO(org.apache.nifi.web.api.dto.BucketDTO) ControllerServiceDTO(org.apache.nifi.web.api.dto.ControllerServiceDTO) ReportingTaskEntity(org.apache.nifi.web.api.entity.ReportingTaskEntity) Predicate(java.util.function.Predicate) Sets(com.google.common.collect.Sets) User(org.apache.nifi.authorization.User) JVMDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.JVMDiagnosticsDTO) SystemDiagnostics(org.apache.nifi.diagnostics.SystemDiagnostics) List(java.util.List) Result(org.apache.nifi.authorization.AuthorizationResult.Result) VersionControlInformation(org.apache.nifi.registry.flow.VersionControlInformation) StatusHistoryDTO(org.apache.nifi.web.api.dto.status.StatusHistoryDTO) HeartbeatMonitor(org.apache.nifi.cluster.coordination.heartbeat.HeartbeatMonitor) Optional(java.util.Optional) Action(org.apache.nifi.action.Action) Funnel(org.apache.nifi.connectable.Funnel) ClusterDTO(org.apache.nifi.web.api.dto.ClusterDTO) VariableEntity(org.apache.nifi.web.api.entity.VariableEntity) HashMap(java.util.HashMap) ConciseEvolvingDifferenceDescriptor(org.apache.nifi.registry.flow.diff.ConciseEvolvingDifferenceDescriptor) ResourceDTO(org.apache.nifi.web.api.dto.ResourceDTO) AffectedComponentDTO(org.apache.nifi.web.api.dto.AffectedComponentDTO) HistoryQuery(org.apache.nifi.history.HistoryQuery) ExpiredRevisionClaimException(org.apache.nifi.web.revision.ExpiredRevisionClaimException) PortStatusDTO(org.apache.nifi.web.api.dto.status.PortStatusDTO) ComparableDataFlow(org.apache.nifi.registry.flow.diff.ComparableDataFlow) ClusterCoordinator(org.apache.nifi.cluster.coordination.ClusterCoordinator) StandardRevisionUpdate(org.apache.nifi.web.revision.StandardRevisionUpdate) ComponentRestrictionPermissionDTO(org.apache.nifi.web.api.dto.ComponentRestrictionPermissionDTO) Validator(org.apache.nifi.components.Validator) PortStatusEntity(org.apache.nifi.web.api.entity.PortStatusEntity) ControllerDTO(org.apache.nifi.web.api.dto.ControllerDTO) ProcessorDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ProcessorDiagnosticsDTO) ComponentVariableRegistry(org.apache.nifi.registry.ComponentVariableRegistry) FlowDifference(org.apache.nifi.registry.flow.diff.FlowDifference) ConnectionEntity(org.apache.nifi.web.api.entity.ConnectionEntity) UserContextKeys(org.apache.nifi.authorization.UserContextKeys) VersionControlInformationEntity(org.apache.nifi.web.api.entity.VersionControlInformationEntity) DeleteRevisionTask(org.apache.nifi.web.revision.DeleteRevisionTask) Component(org.apache.nifi.action.Component) AccessPolicy(org.apache.nifi.authorization.AccessPolicy) SearchResultsDTO(org.apache.nifi.web.api.dto.search.SearchResultsDTO) RegistryEntity(org.apache.nifi.web.api.entity.RegistryEntity) Collections(java.util.Collections) TenantEntity(org.apache.nifi.web.api.entity.TenantEntity) PermissionsDTO(org.apache.nifi.web.api.dto.PermissionsDTO) UserGroupDTO(org.apache.nifi.web.api.dto.UserGroupDTO) Authorizable(org.apache.nifi.authorization.resource.Authorizable) AccessPolicy(org.apache.nifi.authorization.AccessPolicy) AccessPolicySummaryEntity(org.apache.nifi.web.api.entity.AccessPolicySummaryEntity)

Example 2 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class StandardNiFiServiceFacade method getAccessPolicy.

@Override
public AccessPolicyEntity getAccessPolicy(final RequestAction requestAction, final String resource) {
    Authorizable authorizable;
    try {
        authorizable = authorizableLookup.getAuthorizableFromResource(resource);
    } catch (final ResourceNotFoundException e) {
        // unable to find the underlying authorizable... user authorized based on top level /policies... create
        // an anonymous authorizable to attempt to locate an existing policy for this resource
        authorizable = new Authorizable() {

            @Override
            public Authorizable getParentAuthorizable() {
                return null;
            }

            @Override
            public Resource getResource() {
                return new Resource() {

                    @Override
                    public String getIdentifier() {
                        return resource;
                    }

                    @Override
                    public String getName() {
                        return resource;
                    }

                    @Override
                    public String getSafeDescription() {
                        return "Policy " + resource;
                    }
                };
            }
        };
    }
    final AccessPolicy accessPolicy = accessPolicyDAO.getAccessPolicy(requestAction, authorizable);
    return createAccessPolicyEntity(accessPolicy);
}
Also used : EnforcePolicyPermissionsThroughBaseResource(org.apache.nifi.authorization.resource.EnforcePolicyPermissionsThroughBaseResource) Resource(org.apache.nifi.authorization.Resource) Authorizable(org.apache.nifi.authorization.resource.Authorizable) AccessPolicy(org.apache.nifi.authorization.AccessPolicy)

Example 3 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class DtoFactory method createFlowDto.

public FlowDTO createFlowDto(final ProcessGroup group, final ProcessGroupStatus groupStatus, final FlowSnippetDTO snippet, final RevisionManager revisionManager, final Function<ProcessGroup, List<BulletinEntity>> getProcessGroupBulletins) {
    if (snippet == null) {
        return null;
    }
    final FlowDTO flow = new FlowDTO();
    for (final ConnectionDTO snippetConnection : snippet.getConnections()) {
        final Connection connection = group.getConnection(snippetConnection.getId());
        // marshal the actual connection as the snippet is pruned
        final ConnectionDTO dto = createConnectionDto(connection);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(connection.getIdentifier()));
        final PermissionsDTO accessPolicy = createPermissionsDto(connection);
        final ConnectionStatusDTO status = getComponentStatus(() -> groupStatus.getConnectionStatus().stream().filter(connectionStatus -> connection.getIdentifier().equals(connectionStatus.getId())).findFirst().orElse(null), connectionStatus -> createConnectionStatusDto(connectionStatus));
        flow.getConnections().add(entityFactory.createConnectionEntity(dto, revision, accessPolicy, status));
    }
    for (final FunnelDTO snippetFunnel : snippet.getFunnels()) {
        final Funnel funnel = group.getFunnel(snippetFunnel.getId());
        // marshal the actual funnel as the snippet is pruned
        final FunnelDTO dto = createFunnelDto(funnel);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(funnel.getIdentifier()));
        final PermissionsDTO accessPolicy = createPermissionsDto(funnel);
        flow.getFunnels().add(entityFactory.createFunnelEntity(dto, revision, accessPolicy));
    }
    for (final PortDTO snippetInputPort : snippet.getInputPorts()) {
        final Port inputPort = group.getInputPort(snippetInputPort.getId());
        // marshal the actual port as the snippet is pruned
        final PortDTO dto = createPortDto(inputPort);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(inputPort.getIdentifier()));
        final PermissionsDTO permissions = createPermissionsDto(inputPort);
        final PortStatusDTO status = getComponentStatus(() -> groupStatus.getInputPortStatus().stream().filter(inputPortStatus -> inputPort.getIdentifier().equals(inputPortStatus.getId())).findFirst().orElse(null), inputPortStatus -> createPortStatusDto(inputPortStatus));
        final List<BulletinDTO> bulletins = createBulletinDtos(bulletinRepository.findBulletinsForSource(inputPort.getIdentifier()));
        final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
        flow.getInputPorts().add(entityFactory.createPortEntity(dto, revision, permissions, status, bulletinEntities));
    }
    for (final PortDTO snippetOutputPort : snippet.getOutputPorts()) {
        final Port outputPort = group.getOutputPort(snippetOutputPort.getId());
        // marshal the actual port as the snippet is pruned
        final PortDTO dto = createPortDto(outputPort);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(outputPort.getIdentifier()));
        final PermissionsDTO permissions = createPermissionsDto(outputPort);
        final PortStatusDTO status = getComponentStatus(() -> groupStatus.getOutputPortStatus().stream().filter(outputPortStatus -> outputPort.getIdentifier().equals(outputPortStatus.getId())).findFirst().orElse(null), outputPortStatus -> createPortStatusDto(outputPortStatus));
        final List<BulletinDTO> bulletins = createBulletinDtos(bulletinRepository.findBulletinsForSource(outputPort.getIdentifier()));
        final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
        flow.getOutputPorts().add(entityFactory.createPortEntity(dto, revision, permissions, status, bulletinEntities));
    }
    for (final LabelDTO snippetLabel : snippet.getLabels()) {
        final Label label = group.getLabel(snippetLabel.getId());
        // marshal the actual label as the snippet is pruned
        final LabelDTO dto = createLabelDto(label);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(label.getIdentifier()));
        final PermissionsDTO accessPolicy = createPermissionsDto(label);
        flow.getLabels().add(entityFactory.createLabelEntity(dto, revision, accessPolicy));
    }
    for (final ProcessGroupDTO snippetProcessGroup : snippet.getProcessGroups()) {
        final ProcessGroup processGroup = group.getProcessGroup(snippetProcessGroup.getId());
        // marshal the actual group as the snippet is pruned
        final ProcessGroupDTO dto = createProcessGroupDto(processGroup);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(processGroup.getIdentifier()));
        final PermissionsDTO permissions = createPermissionsDto(processGroup);
        final ProcessGroupStatusDTO status = getComponentStatus(() -> groupStatus.getProcessGroupStatus().stream().filter(processGroupStatus -> processGroup.getIdentifier().equals(processGroupStatus.getId())).findFirst().orElse(null), processGroupStatus -> createConciseProcessGroupStatusDto(processGroupStatus));
        final List<BulletinEntity> bulletins = getProcessGroupBulletins.apply(processGroup);
        flow.getProcessGroups().add(entityFactory.createProcessGroupEntity(dto, revision, permissions, status, bulletins));
    }
    for (final ProcessorDTO snippetProcessor : snippet.getProcessors()) {
        final ProcessorNode processor = group.getProcessor(snippetProcessor.getId());
        // marshal the actual processor as the snippet is pruned
        final ProcessorDTO dto = createProcessorDto(processor);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(processor.getIdentifier()));
        final PermissionsDTO permissions = createPermissionsDto(processor);
        final ProcessorStatusDTO status = getComponentStatus(() -> groupStatus.getProcessorStatus().stream().filter(processorStatus -> processor.getIdentifier().equals(processorStatus.getId())).findFirst().orElse(null), processorStatus -> createProcessorStatusDto(processorStatus));
        final List<BulletinDTO> bulletins = createBulletinDtos(bulletinRepository.findBulletinsForSource(processor.getIdentifier()));
        final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
        flow.getProcessors().add(entityFactory.createProcessorEntity(dto, revision, permissions, status, bulletinEntities));
    }
    for (final RemoteProcessGroupDTO snippetRemoteProcessGroup : snippet.getRemoteProcessGroups()) {
        final RemoteProcessGroup remoteProcessGroup = group.getRemoteProcessGroup(snippetRemoteProcessGroup.getId());
        // marshal the actual rpm as the snippet is pruned
        final RemoteProcessGroupDTO dto = createRemoteProcessGroupDto(remoteProcessGroup);
        final RevisionDTO revision = createRevisionDTO(revisionManager.getRevision(remoteProcessGroup.getIdentifier()));
        final PermissionsDTO permissions = createPermissionsDto(remoteProcessGroup);
        final RemoteProcessGroupStatusDTO status = getComponentStatus(() -> groupStatus.getRemoteProcessGroupStatus().stream().filter(rpgStatus -> remoteProcessGroup.getIdentifier().equals(rpgStatus.getId())).findFirst().orElse(null), remoteProcessGroupStatus -> createRemoteProcessGroupStatusDto(remoteProcessGroupStatus));
        final List<BulletinDTO> bulletins = createBulletinDtos(bulletinRepository.findBulletinsForSource(remoteProcessGroup.getIdentifier()));
        final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
        flow.getRemoteProcessGroups().add(entityFactory.createRemoteProcessGroupEntity(dto, revision, permissions, status, bulletinEntities));
    }
    return flow;
}
Also used : ProcessorStatusSnapshotEntity(org.apache.nifi.web.api.entity.ProcessorStatusSnapshotEntity) ConnectionDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ConnectionDiagnosticsDTO) FlowComparison(org.apache.nifi.registry.flow.diff.FlowComparison) FlowModification(org.apache.nifi.web.FlowModification) StringUtils(org.apache.commons.lang3.StringUtils) DropFlowFileStatus(org.apache.nifi.controller.queue.DropFlowFileStatus) QueueSize(org.apache.nifi.controller.queue.QueueSize) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) VariableRegistryUpdateStep(org.apache.nifi.registry.variable.VariableRegistryUpdateStep) Scope(org.apache.nifi.components.state.Scope) ConnectDetails(org.apache.nifi.action.details.ConnectDetails) ControllerFacade(org.apache.nifi.web.controller.ControllerFacade) Map(java.util.Map) InstantiatedVersionedFunnel(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedFunnel) Connection(org.apache.nifi.connectable.Connection) NarClassLoaders(org.apache.nifi.nar.NarClassLoaders) FlowDifferenceFilters(org.apache.nifi.util.FlowDifferenceFilters) NodeEvent(org.apache.nifi.cluster.event.NodeEvent) VariableRegistryUpdateRequest(org.apache.nifi.registry.variable.VariableRegistryUpdateRequest) VersionedFlowStatus(org.apache.nifi.registry.flow.VersionedFlowStatus) AllowableValue(org.apache.nifi.components.AllowableValue) ComponentReferenceEntity(org.apache.nifi.web.api.entity.ComponentReferenceEntity) PortStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.PortStatusSnapshotDTO) AuthorizerCapabilityDetection(org.apache.nifi.authorization.AuthorizerCapabilityDetection) RemoteProcessGroupDetails(org.apache.nifi.action.component.details.RemoteProcessGroupDetails) ControllerService(org.apache.nifi.controller.ControllerService) RemoteProcessGroup(org.apache.nifi.groups.RemoteProcessGroup) InstantiatedVersionedProcessor(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedProcessor) ExtensionManager(org.apache.nifi.nar.ExtensionManager) Tags(org.apache.nifi.annotation.documentation.Tags) AllowableValueEntity(org.apache.nifi.web.api.entity.AllowableValueEntity) ControllerServiceEntity(org.apache.nifi.web.api.entity.ControllerServiceEntity) RemoteProcessGroupCounts(org.apache.nifi.groups.RemoteProcessGroupCounts) ActionDTO(org.apache.nifi.web.api.dto.action.ActionDTO) Supplier(java.util.function.Supplier) LineageDTO(org.apache.nifi.web.api.dto.provenance.lineage.LineageDTO) LinkedHashMap(java.util.LinkedHashMap) Relationship(org.apache.nifi.processor.Relationship) ResourceClaim(org.apache.nifi.controller.repository.claim.ResourceClaim) ProcessGroupCounts(org.apache.nifi.groups.ProcessGroupCounts) FlowDTO(org.apache.nifi.web.api.dto.flow.FlowDTO) JVMSystemDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.JVMSystemDiagnosticsSnapshotDTO) Collator(java.text.Collator) Restricted(org.apache.nifi.annotation.behavior.Restricted) VersionedFlowState(org.apache.nifi.registry.flow.VersionedFlowState) ConnectionStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.ConnectionStatusSnapshotDTO) ProvenanceNodeDTO(org.apache.nifi.web.api.dto.provenance.lineage.ProvenanceNodeDTO) ComponentDetailsDTO(org.apache.nifi.web.api.dto.action.component.details.ComponentDetailsDTO) RequestAction(org.apache.nifi.authorization.RequestAction) InstantiatedVersionedLabel(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedLabel) HistoryDTO(org.apache.nifi.web.api.dto.action.HistoryDTO) FlowChangeConnectDetails(org.apache.nifi.action.details.FlowChangeConnectDetails) ControllerServiceDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ControllerServiceDiagnosticsDTO) TreeMap(java.util.TreeMap) RemoteProcessGroupDetailsDTO(org.apache.nifi.web.api.dto.action.component.details.RemoteProcessGroupDetailsDTO) ReportingTask(org.apache.nifi.reporting.ReportingTask) AffectedComponentEntity(org.apache.nifi.web.api.entity.AffectedComponentEntity) CoreAttributes(org.apache.nifi.flowfile.attributes.CoreAttributes) FlowFileQueue(org.apache.nifi.controller.queue.FlowFileQueue) FlowChangeConfigureDetails(org.apache.nifi.action.details.FlowChangeConfigureDetails) ProcessGroup(org.apache.nifi.groups.ProcessGroup) Date(java.util.Date) ConnectableType(org.apache.nifi.connectable.ConnectableType) ProcessorStatusDTO(org.apache.nifi.web.api.dto.status.ProcessorStatusDTO) InstantiatedVersionedRemoteGroupPort(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteGroupPort) SchedulingStrategy(org.apache.nifi.scheduling.SchedulingStrategy) RemoteProcessGroupStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.RemoteProcessGroupStatusSnapshotDTO) Locale(java.util.Locale) VersionedComponent(org.apache.nifi.registry.flow.VersionedComponent) ConnectionStatusSnapshotEntity(org.apache.nifi.web.api.entity.ConnectionStatusSnapshotEntity) ActiveThreadInfo(org.apache.nifi.controller.ActiveThreadInfo) Label(org.apache.nifi.controller.label.Label) Authorizable(org.apache.nifi.authorization.resource.Authorizable) TimeZone(java.util.TimeZone) Collection(java.util.Collection) RemoteProcessGroupStatusSnapshotEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupStatusSnapshotEntity) ProcessorStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.ProcessorStatusSnapshotDTO) RevisionManager(org.apache.nifi.web.revision.RevisionManager) Snippet(org.apache.nifi.controller.Snippet) PortEntity(org.apache.nifi.web.api.entity.PortEntity) Collectors(java.util.stream.Collectors) StateMap(org.apache.nifi.components.state.StateMap) Processor(org.apache.nifi.processor.Processor) Entry(java.util.Map.Entry) ConnectionStatusDTO(org.apache.nifi.web.api.dto.status.ConnectionStatusDTO) ProcessorNode(org.apache.nifi.controller.ProcessorNode) NodeHeartbeat(org.apache.nifi.cluster.coordination.heartbeat.NodeHeartbeat) ComputeLineageResult(org.apache.nifi.provenance.lineage.ComputeLineageResult) ControllerServiceNode(org.apache.nifi.controller.service.ControllerServiceNode) ProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.ProcessGroupStatusDTO) Group(org.apache.nifi.authorization.Group) BundleDetails(org.apache.nifi.bundle.BundleDetails) Function(java.util.function.Function) GarbageCollectionStatus(org.apache.nifi.controller.status.history.GarbageCollectionStatus) FlowRegistry(org.apache.nifi.registry.flow.FlowRegistry) HashSet(java.util.HashSet) ActionDetailsDTO(org.apache.nifi.web.api.dto.action.details.ActionDetailsDTO) ThreadDumpDTO(org.apache.nifi.web.api.dto.diagnostics.ThreadDumpDTO) GarbageCollection(org.apache.nifi.diagnostics.GarbageCollection) ReportingTaskNode(org.apache.nifi.controller.ReportingTaskNode) FlowBreadcrumbEntity(org.apache.nifi.web.api.entity.FlowBreadcrumbEntity) ValidationResult(org.apache.nifi.components.ValidationResult) PurgeDetailsDTO(org.apache.nifi.web.api.dto.action.details.PurgeDetailsDTO) JVMControllerDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.JVMControllerDiagnosticsSnapshotDTO) RemoteGroupPort(org.apache.nifi.remote.RemoteGroupPort) FlowBreadcrumbDTO(org.apache.nifi.web.api.dto.flow.FlowBreadcrumbDTO) ProvenanceLinkDTO(org.apache.nifi.web.api.dto.provenance.lineage.ProvenanceLinkDTO) ComputeLineageSubmission(org.apache.nifi.provenance.lineage.ComputeLineageSubmission) RemoteProcessGroupEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupEntity) NiFiUserUtils(org.apache.nifi.authorization.user.NiFiUserUtils) ProvenanceEventLineageNode(org.apache.nifi.provenance.lineage.ProvenanceEventLineageNode) BulletinRepository(org.apache.nifi.reporting.BulletinRepository) AccessPolicyEntity(org.apache.nifi.web.api.entity.AccessPolicyEntity) DigestUtils(org.apache.commons.codec.digest.DigestUtils) Comparator(java.util.Comparator) InstantiatedVersionedComponent(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedComponent) Bundle(org.apache.nifi.bundle.Bundle) StorageUsage(org.apache.nifi.diagnostics.StorageUsage) GCDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.GCDiagnosticsSnapshotDTO) GarbageCollectionDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.GarbageCollectionDiagnosticsDTO) Arrays(java.util.Arrays) FlowChangePurgeDetails(org.apache.nifi.action.details.FlowChangePurgeDetails) PropertyDescriptor(org.apache.nifi.components.PropertyDescriptor) ClassLoaderDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ClassLoaderDiagnosticsDTO) ProcessGroupStatusSnapshotDTO(org.apache.nifi.web.api.dto.status.ProcessGroupStatusSnapshotDTO) ClassUtils(org.apache.commons.lang3.ClassUtils) TenantEntity(org.apache.nifi.web.api.entity.TenantEntity) RootGroupPort(org.apache.nifi.remote.RootGroupPort) Connectable(org.apache.nifi.connectable.Connectable) Bulletin(org.apache.nifi.reporting.Bulletin) ProcessorStatus(org.apache.nifi.controller.status.ProcessorStatus) Restriction(org.apache.nifi.annotation.behavior.Restriction) FlowFilePrioritizer(org.apache.nifi.flowfile.FlowFilePrioritizer) ProcessGroupStatus(org.apache.nifi.controller.status.ProcessGroupStatus) History(org.apache.nifi.history.History) AccessPolicySummaryEntity(org.apache.nifi.web.api.entity.AccessPolicySummaryEntity) Set(java.util.Set) FlowChangeRemoteProcessGroupDetails(org.apache.nifi.action.component.details.FlowChangeRemoteProcessGroupDetails) StatusMerger(org.apache.nifi.cluster.manager.StatusMerger) FlowController(org.apache.nifi.controller.FlowController) ListFlowFileState(org.apache.nifi.controller.queue.ListFlowFileState) Stateful(org.apache.nifi.annotation.behavior.Stateful) ActionDetails(org.apache.nifi.action.details.ActionDetails) Position(org.apache.nifi.connectable.Position) ListFlowFileStatus(org.apache.nifi.controller.queue.ListFlowFileStatus) WebApplicationException(javax.ws.rs.WebApplicationException) ConnectionStatus(org.apache.nifi.controller.status.ConnectionStatus) LineageRequestDTO(org.apache.nifi.web.api.dto.provenance.lineage.LineageRequestDTO) RemoteProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.RemoteProcessGroupStatusDTO) Resource(org.apache.nifi.authorization.Resource) Counter(org.apache.nifi.controller.Counter) FlowFileRecord(org.apache.nifi.controller.repository.FlowFileRecord) InstantiatedVersionedProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedProcessGroup) NumberFormat(java.text.NumberFormat) TreeSet(java.util.TreeSet) ArrayList(java.util.ArrayList) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) ControllerServiceProvider(org.apache.nifi.controller.service.ControllerServiceProvider) LineageEdge(org.apache.nifi.provenance.lineage.LineageEdge) ProcessGroupFlowDTO(org.apache.nifi.web.api.dto.flow.ProcessGroupFlowDTO) ComponentDetails(org.apache.nifi.action.component.details.ComponentDetails) InstantiatedVersionedRemoteProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteProcessGroup) NodeConnectionStatus(org.apache.nifi.cluster.coordination.node.NodeConnectionStatus) LinkedHashSet(java.util.LinkedHashSet) ConfigureDetails(org.apache.nifi.action.details.ConfigureDetails) PurgeDetails(org.apache.nifi.action.details.PurgeDetails) ConfiguredComponent(org.apache.nifi.controller.ConfiguredComponent) MoveDetailsDTO(org.apache.nifi.web.api.dto.action.details.MoveDetailsDTO) InstantiatedVersionedControllerService(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedControllerService) DeprecationNotice(org.apache.nifi.annotation.documentation.DeprecationNotice) DropFlowFileState(org.apache.nifi.controller.queue.DropFlowFileState) Authorizer(org.apache.nifi.authorization.Authorizer) BulletinEntity(org.apache.nifi.web.api.entity.BulletinEntity) JVMFlowDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.JVMFlowDiagnosticsSnapshotDTO) LineageResultsDTO(org.apache.nifi.web.api.dto.provenance.lineage.LineageResultsDTO) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) BundleCoordinate(org.apache.nifi.bundle.BundleCoordinate) Port(org.apache.nifi.connectable.Port) ConfigureDetailsDTO(org.apache.nifi.web.api.dto.action.details.ConfigureDetailsDTO) ComponentAuthorizable(org.apache.nifi.authorization.resource.ComponentAuthorizable) JVMDiagnosticsSnapshotDTO(org.apache.nifi.web.api.dto.diagnostics.JVMDiagnosticsSnapshotDTO) ProcessGroupStatusSnapshotEntity(org.apache.nifi.web.api.entity.ProcessGroupStatusSnapshotEntity) LineageNode(org.apache.nifi.provenance.lineage.LineageNode) DifferenceType(org.apache.nifi.registry.flow.diff.DifferenceType) SortedStateUtils(org.apache.nifi.controller.state.SortedStateUtils) Template(org.apache.nifi.controller.Template) InstantiatedVersionedConnection(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedConnection) GarbageCollectionHistory(org.apache.nifi.controller.status.history.GarbageCollectionHistory) User(org.apache.nifi.authorization.User) JVMDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.JVMDiagnosticsDTO) FlowChangeMoveDetails(org.apache.nifi.action.details.FlowChangeMoveDetails) PortStatusSnapshotEntity(org.apache.nifi.web.api.entity.PortStatusSnapshotEntity) SystemDiagnostics(org.apache.nifi.diagnostics.SystemDiagnostics) List(java.util.List) RepositoryUsageDTO(org.apache.nifi.web.api.dto.diagnostics.RepositoryUsageDTO) VersionControlInformation(org.apache.nifi.registry.flow.VersionControlInformation) MoveDetails(org.apache.nifi.action.details.MoveDetails) Action(org.apache.nifi.action.Action) InstantiatedVersionedPort(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedPort) ContentClaim(org.apache.nifi.controller.repository.claim.ContentClaim) Revision(org.apache.nifi.web.Revision) CapabilityDescription(org.apache.nifi.annotation.documentation.CapabilityDescription) Funnel(org.apache.nifi.connectable.Funnel) FlowFileSummary(org.apache.nifi.controller.queue.FlowFileSummary) VariableEntity(org.apache.nifi.web.api.entity.VariableEntity) FlowChangeExtensionDetails(org.apache.nifi.action.component.details.FlowChangeExtensionDetails) HashMap(java.util.HashMap) PortStatusDTO(org.apache.nifi.web.api.dto.status.PortStatusDTO) Iterator(java.util.Iterator) ProcessorDiagnosticsDTO(org.apache.nifi.web.api.dto.diagnostics.ProcessorDiagnosticsDTO) ExtensionDetails(org.apache.nifi.action.component.details.ExtensionDetails) TimeUnit(java.util.concurrent.TimeUnit) RemoteProcessGroupStatus(org.apache.nifi.controller.status.RemoteProcessGroupStatus) ComponentVariableRegistry(org.apache.nifi.registry.ComponentVariableRegistry) FlowDifference(org.apache.nifi.registry.flow.diff.FlowDifference) FormatUtils(org.apache.nifi.util.FormatUtils) ExtensionDetailsDTO(org.apache.nifi.web.api.dto.action.component.details.ExtensionDetailsDTO) AccessPolicy(org.apache.nifi.authorization.AccessPolicy) PortStatus(org.apache.nifi.controller.status.PortStatus) ConnectDetailsDTO(org.apache.nifi.web.api.dto.action.details.ConnectDetailsDTO) LineageRequestType(org.apache.nifi.web.api.dto.provenance.lineage.LineageRequestDTO.LineageRequestType) Collections(java.util.Collections) InstantiatedVersionedFunnel(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedFunnel) Funnel(org.apache.nifi.connectable.Funnel) InstantiatedVersionedRemoteGroupPort(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteGroupPort) RemoteGroupPort(org.apache.nifi.remote.RemoteGroupPort) RootGroupPort(org.apache.nifi.remote.RootGroupPort) Port(org.apache.nifi.connectable.Port) InstantiatedVersionedPort(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedPort) PortStatusDTO(org.apache.nifi.web.api.dto.status.PortStatusDTO) InstantiatedVersionedLabel(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedLabel) Label(org.apache.nifi.controller.label.Label) BulletinEntity(org.apache.nifi.web.api.entity.BulletinEntity) ProcessorStatusDTO(org.apache.nifi.web.api.dto.status.ProcessorStatusDTO) ProcessorNode(org.apache.nifi.controller.ProcessorNode) RemoteProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.RemoteProcessGroupStatusDTO) RemoteProcessGroup(org.apache.nifi.groups.RemoteProcessGroup) InstantiatedVersionedRemoteProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteProcessGroup) FlowDTO(org.apache.nifi.web.api.dto.flow.FlowDTO) ProcessGroupFlowDTO(org.apache.nifi.web.api.dto.flow.ProcessGroupFlowDTO) ProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.ProcessGroupStatusDTO) RemoteProcessGroupStatusDTO(org.apache.nifi.web.api.dto.status.RemoteProcessGroupStatusDTO) Connection(org.apache.nifi.connectable.Connection) InstantiatedVersionedConnection(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedConnection) ConnectionStatusDTO(org.apache.nifi.web.api.dto.status.ConnectionStatusDTO) RemoteProcessGroup(org.apache.nifi.groups.RemoteProcessGroup) ProcessGroup(org.apache.nifi.groups.ProcessGroup) InstantiatedVersionedProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedProcessGroup) InstantiatedVersionedRemoteProcessGroup(org.apache.nifi.registry.flow.mapping.InstantiatedVersionedRemoteProcessGroup)

Example 4 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class StandardNiFiServiceFacade method createAccessPolicy.

@Override
public AccessPolicyEntity createAccessPolicy(final Revision revision, final AccessPolicyDTO accessPolicyDTO) {
    final Authorizable tenantAuthorizable = authorizableLookup.getTenant();
    final String creator = NiFiUserUtils.getNiFiUserIdentity();
    final AccessPolicy newAccessPolicy = accessPolicyDAO.createAccessPolicy(accessPolicyDTO);
    final ComponentReferenceEntity componentReference = createComponentReferenceEntity(newAccessPolicy.getResource());
    final AccessPolicyDTO newAccessPolicyDto = dtoFactory.createAccessPolicyDto(newAccessPolicy, newAccessPolicy.getGroups().stream().map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()), newAccessPolicy.getUsers().stream().map(userId -> {
        final RevisionDTO userRevision = dtoFactory.createRevisionDTO(revisionManager.getRevision(userId));
        return entityFactory.createTenantEntity(dtoFactory.createTenantDTO(userDAO.getUser(userId)), userRevision, dtoFactory.createPermissionsDto(tenantAuthorizable));
    }).collect(Collectors.toSet()), componentReference);
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getAccessPolicyById(accessPolicyDTO.getId()));
    return entityFactory.createAccessPolicyEntity(newAccessPolicyDto, dtoFactory.createRevisionDTO(new FlowModification(revision, creator)), permissions);
}
Also used : ComponentReferenceEntity(org.apache.nifi.web.api.entity.ComponentReferenceEntity) PermissionsDTO(org.apache.nifi.web.api.dto.PermissionsDTO) Authorizable(org.apache.nifi.authorization.resource.Authorizable) AccessPolicyDTO(org.apache.nifi.web.api.dto.AccessPolicyDTO) AccessPolicy(org.apache.nifi.authorization.AccessPolicy) RevisionDTO(org.apache.nifi.web.api.dto.RevisionDTO)

Example 5 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class StandardPolicyBasedAuthorizerDAO method updateAccessPolicy.

@Override
public AccessPolicy updateAccessPolicy(final AccessPolicyDTO accessPolicyDTO) {
    if (supportsConfigurableAuthorizer()) {
        final ConfigurableAccessPolicyProvider configurableAccessPolicyProvider = (ConfigurableAccessPolicyProvider) accessPolicyProvider;
        final AccessPolicy currentAccessPolicy = getAccessPolicy(accessPolicyDTO.getId());
        return configurableAccessPolicyProvider.updateAccessPolicy(buildAccessPolicy(currentAccessPolicy.getIdentifier(), currentAccessPolicy.getResource(), currentAccessPolicy.getAction(), accessPolicyDTO));
    } else {
        throw new IllegalStateException(MSG_NON_CONFIGURABLE_POLICIES);
    }
}
Also used : ConfigurableAccessPolicyProvider(org.apache.nifi.authorization.ConfigurableAccessPolicyProvider) AccessPolicy(org.apache.nifi.authorization.AccessPolicy)

Aggregations

AccessPolicy (org.apache.nifi.authorization.AccessPolicy)21 HashMap (java.util.HashMap)9 ArrayList (java.util.ArrayList)8 Group (org.apache.nifi.authorization.Group)8 Resource (org.apache.nifi.authorization.Resource)8 User (org.apache.nifi.authorization.User)8 RequestAction (org.apache.nifi.authorization.RequestAction)7 LinkedHashSet (java.util.LinkedHashSet)6 Action (org.apache.nifi.action.Action)6 HashSet (java.util.HashSet)5 FlowChangeAction (org.apache.nifi.action.FlowChangeAction)5 Authorizable (org.apache.nifi.authorization.resource.Authorizable)5 EnforcePolicyPermissionsThroughBaseResource (org.apache.nifi.authorization.resource.EnforcePolicyPermissionsThroughBaseResource)5 BulletinRepository (org.apache.nifi.reporting.BulletinRepository)5 ComponentReferenceEntity (org.apache.nifi.web.api.entity.ComponentReferenceEntity)5 Collections (java.util.Collections)4 Date (java.util.Date)4 LinkedHashMap (java.util.LinkedHashMap)4 WebApplicationException (javax.ws.rs.WebApplicationException)4 AuditService (org.apache.nifi.admin.service.AuditService)4