use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.
the class SnippetUtils method cloneComponentSpecificPolicies.
/**
* Clones all the component specified policies for the specified original component. This will include the component resource, data resource
* for the component, data transfer resource for the component, and policy resource for the component.
*
* @param originalComponentResource original component resource
* @param clonedComponentResource cloned component resource
* @param idGenerationSeed id generation seed
*/
private void cloneComponentSpecificPolicies(final Resource originalComponentResource, final Resource clonedComponentResource, final String idGenerationSeed) {
if (!accessPolicyDAO.supportsConfigurableAuthorizer()) {
return;
}
final Map<Resource, Resource> resources = new HashMap<>();
resources.put(originalComponentResource, clonedComponentResource);
resources.put(ResourceFactory.getDataResource(originalComponentResource), ResourceFactory.getDataResource(clonedComponentResource));
resources.put(ResourceFactory.getDataTransferResource(originalComponentResource), ResourceFactory.getDataTransferResource(clonedComponentResource));
resources.put(ResourceFactory.getPolicyResource(originalComponentResource), ResourceFactory.getPolicyResource(clonedComponentResource));
for (final Entry<Resource, Resource> entry : resources.entrySet()) {
final Resource originalResource = entry.getKey();
final Resource cloneResource = entry.getValue();
for (final RequestAction action : RequestAction.values()) {
final AccessPolicy accessPolicy = accessPolicyDAO.getAccessPolicy(action, originalResource.getIdentifier());
// if there is a component specific policy we want to clone it for the new component
if (accessPolicy != null) {
final AccessPolicyDTO cloneAccessPolicy = new AccessPolicyDTO();
cloneAccessPolicy.setId(generateId(accessPolicy.getIdentifier(), idGenerationSeed, true));
cloneAccessPolicy.setAction(accessPolicy.getAction().toString());
cloneAccessPolicy.setResource(cloneResource.getIdentifier());
final Set<TenantEntity> users = new HashSet<>();
accessPolicy.getUsers().forEach(userId -> {
final TenantEntity entity = new TenantEntity();
entity.setId(userId);
users.add(entity);
});
cloneAccessPolicy.setUsers(users);
final Set<TenantEntity> groups = new HashSet<>();
accessPolicy.getGroups().forEach(groupId -> {
final TenantEntity entity = new TenantEntity();
entity.setId(groupId);
groups.add(entity);
});
cloneAccessPolicy.setUserGroups(groups);
// create the access policy for the cloned policy
accessPolicyDAO.createAccessPolicy(cloneAccessPolicy);
}
}
}
}
Aggregations