Example 1 with AuthorizerInitializationContext
use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.
the class TestRangerNiFiAuthorizer method testIntegration.
@Test
@Ignore
public void testIntegration() {
final AuthorizerInitializationContext initializationContext = Mockito.mock(AuthorizerInitializationContext.class);
final AuthorizerConfigurationContext configurationContext = Mockito.mock(AuthorizerConfigurationContext.class);
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
Authorizer authorizer = new RangerNiFiAuthorizer();
try {
authorizer.initialize(initializationContext);
authorizer.onConfigured(configurationContext);
final AuthorizationRequest request = new AuthorizationRequest.Builder().resource(new Resource() {
@Override
public String getIdentifier() {
return "/system";
}
@Override
public String getName() {
return "/system";
}
@Override
public String getSafeDescription() {
return "system";
}
}).action(RequestAction.WRITE).identity("admin").resourceContext(new HashMap<>()).accessAttempt(true).anonymous(false).build();
final AuthorizationResult result = authorizer.authorize(request);
Assert.assertEquals(AuthorizationResult.denied().getResult(), result.getResult());
} finally {
authorizer.preDestruction();
}
}
Also used :
AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest)
HashMap(java.util.HashMap)
Authorizer(org.apache.nifi.authorization.Authorizer)
Resource(org.apache.nifi.authorization.Resource)
MockPropertyValue(org.apache.nifi.util.MockPropertyValue)
AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext)
AuthorizationResult(org.apache.nifi.authorization.AuthorizationResult)
AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 2 with AuthorizerInitializationContext
use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.
the class ManagedRangerAuthorizerTest method getStandardManagedAuthorizer.
private ManagedRangerAuthorizer getStandardManagedAuthorizer(final UserGroupProvider userGroupProvider) {
final ManagedRangerAuthorizer managedAuthorizer = new ManagedRangerAuthorizer();
final AuthorizerConfigurationContext configurationContext = mock(AuthorizerConfigurationContext.class);
when(configurationContext.getProperty(eq("User Group Provider"))).thenReturn(new MockPropertyValue("user-group-provider", null));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_APP_ID_PROP))).thenReturn(new MockPropertyValue(appId));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SERVICE_TYPE_PROP))).thenReturn(new MockPropertyValue(serviceType));
final UserGroupProviderLookup userGroupProviderLookup = mock(UserGroupProviderLookup.class);
when(userGroupProviderLookup.getUserGroupProvider("user-group-provider")).thenReturn(userGroupProvider);
final AuthorizerInitializationContext initializationContext = mock(AuthorizerInitializationContext.class);
when(initializationContext.getUserGroupProviderLookup()).thenReturn(userGroupProviderLookup);
managedAuthorizer.initialize(initializationContext);
managedAuthorizer.onConfigured(configurationContext);
return managedAuthorizer;
}
Also used :
UserGroupProviderLookup(org.apache.nifi.authorization.UserGroupProviderLookup)
MockPropertyValue(org.apache.nifi.util.MockPropertyValue)
AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext)
AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)
Example 3 with AuthorizerInitializationContext
use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi-minifi by apache.
the class MiNiFiServer method start.
public void start() {
try {
logger.info("Loading Flow...");
FlowFileEventRepository flowFileEventRepository = new RingBufferEventRepository(5);
AuditService auditService = new StandardAuditService();
Authorizer authorizer = new Authorizer() {
@Override
public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException {
return AuthorizationResult.approved();
}
@Override
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
// do nothing
}
@Override
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
// do nothing
}
@Override
public void preDestruction() throws AuthorizerDestructionException {
// do nothing
}
};
final String sensitivePropAlgorithmVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_ALGORITHM);
final String sensitivePropProviderVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_PROVIDER);
final String sensitivePropValueNifiPropVar = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_KEY, DEFAULT_SENSITIVE_PROPS_KEY);
StringEncryptor encryptor = StringEncryptor.createEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar);
VariableRegistry variableRegistry = new FileBasedVariableRegistry(props.getVariableRegistryPropertiesPaths());
BulletinRepository bulletinRepository = new VolatileBulletinRepository();
FlowController flowController = FlowController.createStandaloneInstance(flowFileEventRepository, props, authorizer, auditService, encryptor, bulletinRepository, variableRegistry, new StandardFlowRegistryClient());
flowService = StandardFlowService.createStandaloneInstance(flowController, props, encryptor, // revision manager
null, authorizer);
// start and load the flow
flowService.start();
flowService.load(null);
flowController.onFlowInitialized(true);
flowController.getGroup(flowController.getRootGroupId()).startProcessing();
this.flowController = flowController;
logger.info("Flow loaded successfully.");
} catch (Exception e) {
// ensure the flow service is terminated
if (flowService != null && flowService.isRunning()) {
flowService.stop(false);
}
startUpFailure(new Exception("Unable to load flow due to: " + e, e));
}
}
Also used :
VolatileBulletinRepository(org.apache.nifi.events.VolatileBulletinRepository)
VolatileBulletinRepository(org.apache.nifi.events.VolatileBulletinRepository)
BulletinRepository(org.apache.nifi.reporting.BulletinRepository)
AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest)
FileBasedVariableRegistry(org.apache.nifi.util.FileBasedVariableRegistry)
VariableRegistry(org.apache.nifi.registry.VariableRegistry)
StatusRequestException(org.apache.nifi.minifi.status.StatusRequestException)
AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException)
AuthorizerDestructionException(org.apache.nifi.authorization.exception.AuthorizerDestructionException)
AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException)
RingBufferEventRepository(org.apache.nifi.controller.repository.metrics.RingBufferEventRepository)
FlowFileEventRepository(org.apache.nifi.controller.repository.FlowFileEventRepository)
Authorizer(org.apache.nifi.authorization.Authorizer)
StringEncryptor(org.apache.nifi.encrypt.StringEncryptor)
FlowController(org.apache.nifi.controller.FlowController)
AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext)
StandardFlowRegistryClient(org.apache.nifi.registry.flow.StandardFlowRegistryClient)
StandardAuditService(org.apache.nifi.admin.service.impl.StandardAuditService)
AuditService(org.apache.nifi.admin.service.AuditService)
StandardAuditService(org.apache.nifi.admin.service.impl.StandardAuditService)
AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)
FileBasedVariableRegistry(org.apache.nifi.util.FileBasedVariableRegistry)
Aggregations
AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)3
AuthorizerInitializationContext (org.apache.nifi.authorization.AuthorizerInitializationContext)3
AuthorizationRequest (org.apache.nifi.authorization.AuthorizationRequest)2
Authorizer (org.apache.nifi.authorization.Authorizer)2
MockPropertyValue (org.apache.nifi.util.MockPropertyValue)2
HashMap (java.util.HashMap)1
AuditService (org.apache.nifi.admin.service.AuditService)1
StandardAuditService (org.apache.nifi.admin.service.impl.StandardAuditService)1
AuthorizationResult (org.apache.nifi.authorization.AuthorizationResult)1
Resource (org.apache.nifi.authorization.Resource)1
UserGroupProviderLookup (org.apache.nifi.authorization.UserGroupProviderLookup)1
AuthorizationAccessException (org.apache.nifi.authorization.exception.AuthorizationAccessException)1
AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)1
AuthorizerDestructionException (org.apache.nifi.authorization.exception.AuthorizerDestructionException)1
FlowController (org.apache.nifi.controller.FlowController)1
FlowFileEventRepository (org.apache.nifi.controller.repository.FlowFileEventRepository)1
RingBufferEventRepository (org.apache.nifi.controller.repository.metrics.RingBufferEventRepository)1
StringEncryptor (org.apache.nifi.encrypt.StringEncryptor)1
VolatileBulletinRepository (org.apache.nifi.events.VolatileBulletinRepository)1
StatusRequestException (org.apache.nifi.minifi.status.StatusRequestException)1
