Search in sources :

Example 21 with AccessPolicy

use of org.apache.nifi.authorization.AccessPolicy in project nifi by apache.

the class SnippetUtils method cloneComponentSpecificPolicies.

/**
 * Clones all the component specified policies for the specified original component. This will include the component resource, data resource
 * for the component, data transfer resource for the component, and policy resource for the component.
 *
 * @param originalComponentResource original component resource
 * @param clonedComponentResource cloned component resource
 * @param idGenerationSeed id generation seed
 */
private void cloneComponentSpecificPolicies(final Resource originalComponentResource, final Resource clonedComponentResource, final String idGenerationSeed) {
    if (!accessPolicyDAO.supportsConfigurableAuthorizer()) {
        return;
    }
    final Map<Resource, Resource> resources = new HashMap<>();
    resources.put(originalComponentResource, clonedComponentResource);
    resources.put(ResourceFactory.getDataResource(originalComponentResource), ResourceFactory.getDataResource(clonedComponentResource));
    resources.put(ResourceFactory.getDataTransferResource(originalComponentResource), ResourceFactory.getDataTransferResource(clonedComponentResource));
    resources.put(ResourceFactory.getPolicyResource(originalComponentResource), ResourceFactory.getPolicyResource(clonedComponentResource));
    for (final Entry<Resource, Resource> entry : resources.entrySet()) {
        final Resource originalResource = entry.getKey();
        final Resource cloneResource = entry.getValue();
        for (final RequestAction action : RequestAction.values()) {
            final AccessPolicy accessPolicy = accessPolicyDAO.getAccessPolicy(action, originalResource.getIdentifier());
            // if there is a component specific policy we want to clone it for the new component
            if (accessPolicy != null) {
                final AccessPolicyDTO cloneAccessPolicy = new AccessPolicyDTO();
                cloneAccessPolicy.setId(generateId(accessPolicy.getIdentifier(), idGenerationSeed, true));
                cloneAccessPolicy.setAction(accessPolicy.getAction().toString());
                cloneAccessPolicy.setResource(cloneResource.getIdentifier());
                final Set<TenantEntity> users = new HashSet<>();
                accessPolicy.getUsers().forEach(userId -> {
                    final TenantEntity entity = new TenantEntity();
                    entity.setId(userId);
                    users.add(entity);
                });
                cloneAccessPolicy.setUsers(users);
                final Set<TenantEntity> groups = new HashSet<>();
                accessPolicy.getGroups().forEach(groupId -> {
                    final TenantEntity entity = new TenantEntity();
                    entity.setId(groupId);
                    groups.add(entity);
                });
                cloneAccessPolicy.setUserGroups(groups);
                // create the access policy for the cloned policy
                accessPolicyDAO.createAccessPolicy(cloneAccessPolicy);
            }
        }
    }
}
Also used : HashMap(java.util.HashMap) RequestAction(org.apache.nifi.authorization.RequestAction) TenantEntity(org.apache.nifi.web.api.entity.TenantEntity) Resource(org.apache.nifi.authorization.Resource) AccessPolicyDTO(org.apache.nifi.web.api.dto.AccessPolicyDTO) AccessPolicy(org.apache.nifi.authorization.AccessPolicy) HashSet(java.util.HashSet) LinkedHashSet(java.util.LinkedHashSet)

Aggregations

AccessPolicy (org.apache.nifi.authorization.AccessPolicy)21 HashMap (java.util.HashMap)9 ArrayList (java.util.ArrayList)8 Group (org.apache.nifi.authorization.Group)8 Resource (org.apache.nifi.authorization.Resource)8 User (org.apache.nifi.authorization.User)8 RequestAction (org.apache.nifi.authorization.RequestAction)7 LinkedHashSet (java.util.LinkedHashSet)6 Action (org.apache.nifi.action.Action)6 HashSet (java.util.HashSet)5 FlowChangeAction (org.apache.nifi.action.FlowChangeAction)5 Authorizable (org.apache.nifi.authorization.resource.Authorizable)5 EnforcePolicyPermissionsThroughBaseResource (org.apache.nifi.authorization.resource.EnforcePolicyPermissionsThroughBaseResource)5 BulletinRepository (org.apache.nifi.reporting.BulletinRepository)5 ComponentReferenceEntity (org.apache.nifi.web.api.entity.ComponentReferenceEntity)5 Collections (java.util.Collections)4 Date (java.util.Date)4 LinkedHashMap (java.util.LinkedHashMap)4 WebApplicationException (javax.ws.rs.WebApplicationException)4 AuditService (org.apache.nifi.admin.service.AuditService)4