Search in sources :

Example 1 with AuthorizableLookup

use of org.apache.nifi.authorization.AuthorizableLookup in project nifi by apache.

the class StandardNiFiServiceFacadeTest method setUp.

@Before
public void setUp() throws Exception {
    // audit service
    final AuditService auditService = mock(AuditService.class);
    when(auditService.getAction(anyInt())).then(invocation -> {
        final Integer actionId = invocation.getArgumentAt(0, Integer.class);
        FlowChangeAction action = null;
        if (ACTION_ID_1.equals(actionId)) {
            action = getAction(actionId, PROCESSOR_ID_1);
        } else if (ACTION_ID_2.equals(actionId)) {
            action = getAction(actionId, PROCESSOR_ID_2);
        }
        return action;
    });
    when(auditService.getActions(any(HistoryQuery.class))).then(invocation -> {
        final History history = new History();
        history.setActions(Arrays.asList(getAction(ACTION_ID_1, PROCESSOR_ID_1), getAction(ACTION_ID_2, PROCESSOR_ID_2)));
        return history;
    });
    // authorizable lookup
    final AuthorizableLookup authorizableLookup = mock(AuthorizableLookup.class);
    when(authorizableLookup.getProcessor(Mockito.anyString())).then(getProcessorInvocation -> {
        final String processorId = getProcessorInvocation.getArgumentAt(0, String.class);
        // processor-2 is no longer part of the flow
        if (processorId.equals(PROCESSOR_ID_2)) {
            throw new ResourceNotFoundException("");
        }
        // component authorizable
        final ComponentAuthorizable componentAuthorizable = mock(ComponentAuthorizable.class);
        when(componentAuthorizable.getAuthorizable()).then(getAuthorizableInvocation -> {
            // authorizable
            final Authorizable authorizable = new Authorizable() {

                @Override
                public Authorizable getParentAuthorizable() {
                    return null;
                }

                @Override
                public Resource getResource() {
                    return ResourceFactory.getComponentResource(ResourceType.Processor, processorId, processorId);
                }
            };
            return authorizable;
        });
        return componentAuthorizable;
    });
    // authorizer
    authorizer = mock(Authorizer.class);
    when(authorizer.authorize(any(AuthorizationRequest.class))).then(invocation -> {
        final AuthorizationRequest request = invocation.getArgumentAt(0, AuthorizationRequest.class);
        AuthorizationResult result = AuthorizationResult.denied();
        if (request.getResource().getIdentifier().endsWith(PROCESSOR_ID_1)) {
            if (USER_1.equals(request.getIdentity())) {
                result = AuthorizationResult.approved();
            }
        } else if (request.getResource().equals(ResourceFactory.getControllerResource())) {
            if (USER_2.equals(request.getIdentity())) {
                result = AuthorizationResult.approved();
            }
        }
        return result;
    });
    // flow controller
    final FlowController controller = mock(FlowController.class);
    when(controller.getResource()).thenCallRealMethod();
    when(controller.getParentAuthorizable()).thenCallRealMethod();
    // controller facade
    final ControllerFacade controllerFacade = new ControllerFacade();
    controllerFacade.setFlowController(controller);
    serviceFacade = new StandardNiFiServiceFacade();
    serviceFacade.setAuditService(auditService);
    serviceFacade.setAuthorizableLookup(authorizableLookup);
    serviceFacade.setAuthorizer(authorizer);
    serviceFacade.setEntityFactory(new EntityFactory());
    serviceFacade.setDtoFactory(new DtoFactory());
    serviceFacade.setControllerFacade(controllerFacade);
}
Also used : ComponentAuthorizable(org.apache.nifi.authorization.ComponentAuthorizable) DtoFactory(org.apache.nifi.web.api.dto.DtoFactory) AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest) HistoryQuery(org.apache.nifi.history.HistoryQuery) ControllerFacade(org.apache.nifi.web.controller.ControllerFacade) History(org.apache.nifi.history.History) AuthorizationResult(org.apache.nifi.authorization.AuthorizationResult) AuthorizableLookup(org.apache.nifi.authorization.AuthorizableLookup) Authorizer(org.apache.nifi.authorization.Authorizer) ComponentAuthorizable(org.apache.nifi.authorization.ComponentAuthorizable) Authorizable(org.apache.nifi.authorization.resource.Authorizable) FlowController(org.apache.nifi.controller.FlowController) AuditService(org.apache.nifi.admin.service.AuditService) EntityFactory(org.apache.nifi.web.api.dto.EntityFactory) FlowChangeAction(org.apache.nifi.action.FlowChangeAction) Before(org.junit.Before)

Example 2 with AuthorizableLookup

use of org.apache.nifi.authorization.AuthorizableLookup in project nifi by apache.

the class TestDataTransferResource method getDataTransferResource.

private DataTransferResource getDataTransferResource() {
    final NiFiServiceFacade serviceFacade = mock(NiFiServiceFacade.class);
    final HttpFlowFileServerProtocol serverProtocol = mock(HttpFlowFileServerProtocol.class);
    final DataTransferResource resource = new DataTransferResource(NiFiProperties.createBasicNiFiProperties(null, null)) {

        @Override
        protected void authorizeDataTransfer(AuthorizableLookup lookup, ResourceType resourceType, String identifier) {
        }

        @Override
        HttpFlowFileServerProtocol getHttpFlowFileServerProtocol(VersionNegotiator versionNegotiator) {
            return serverProtocol;
        }
    };
    resource.setProperties(NiFiProperties.createBasicNiFiProperties(null, null));
    resource.setServiceFacade(serviceFacade);
    return resource;
}
Also used : AuthorizableLookup(org.apache.nifi.authorization.AuthorizableLookup) NiFiServiceFacade(org.apache.nifi.web.NiFiServiceFacade) VersionNegotiator(org.apache.nifi.remote.VersionNegotiator) HttpFlowFileServerProtocol(org.apache.nifi.remote.protocol.http.HttpFlowFileServerProtocol) ResourceType(org.apache.nifi.authorization.resource.ResourceType)

Aggregations

AuthorizableLookup (org.apache.nifi.authorization.AuthorizableLookup)2 FlowChangeAction (org.apache.nifi.action.FlowChangeAction)1 AuditService (org.apache.nifi.admin.service.AuditService)1 AuthorizationRequest (org.apache.nifi.authorization.AuthorizationRequest)1 AuthorizationResult (org.apache.nifi.authorization.AuthorizationResult)1 Authorizer (org.apache.nifi.authorization.Authorizer)1 ComponentAuthorizable (org.apache.nifi.authorization.ComponentAuthorizable)1 Authorizable (org.apache.nifi.authorization.resource.Authorizable)1 ResourceType (org.apache.nifi.authorization.resource.ResourceType)1 FlowController (org.apache.nifi.controller.FlowController)1 History (org.apache.nifi.history.History)1 HistoryQuery (org.apache.nifi.history.HistoryQuery)1 VersionNegotiator (org.apache.nifi.remote.VersionNegotiator)1 HttpFlowFileServerProtocol (org.apache.nifi.remote.protocol.http.HttpFlowFileServerProtocol)1 NiFiServiceFacade (org.apache.nifi.web.NiFiServiceFacade)1 DtoFactory (org.apache.nifi.web.api.dto.DtoFactory)1 EntityFactory (org.apache.nifi.web.api.dto.EntityFactory)1 ControllerFacade (org.apache.nifi.web.controller.ControllerFacade)1 Before (org.junit.Before)1