use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.
the class TestRangerNiFiAuthorizer method testIntegration.
@Test
@Ignore
public void testIntegration() {
final AuthorizerInitializationContext initializationContext = Mockito.mock(AuthorizerInitializationContext.class);
final AuthorizerConfigurationContext configurationContext = Mockito.mock(AuthorizerConfigurationContext.class);
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
Authorizer authorizer = new RangerNiFiAuthorizer();
try {
authorizer.initialize(initializationContext);
authorizer.onConfigured(configurationContext);
final AuthorizationRequest request = new AuthorizationRequest.Builder().resource(new Resource() {
@Override
public String getIdentifier() {
return "/system";
}
@Override
public String getName() {
return "/system";
}
@Override
public String getSafeDescription() {
return "system";
}
}).action(RequestAction.WRITE).identity("admin").resourceContext(new HashMap<>()).accessAttempt(true).anonymous(false).build();
final AuthorizationResult result = authorizer.authorize(request);
Assert.assertEquals(AuthorizationResult.denied().getResult(), result.getResult());
} finally {
authorizer.preDestruction();
}
}
use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.
the class ManagedRangerAuthorizerTest method getStandardManagedAuthorizer.
private ManagedRangerAuthorizer getStandardManagedAuthorizer(final UserGroupProvider userGroupProvider) {
final ManagedRangerAuthorizer managedAuthorizer = new ManagedRangerAuthorizer();
final AuthorizerConfigurationContext configurationContext = mock(AuthorizerConfigurationContext.class);
when(configurationContext.getProperty(eq("User Group Provider"))).thenReturn(new MockPropertyValue("user-group-provider", null));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_APP_ID_PROP))).thenReturn(new MockPropertyValue(appId));
when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SERVICE_TYPE_PROP))).thenReturn(new MockPropertyValue(serviceType));
final UserGroupProviderLookup userGroupProviderLookup = mock(UserGroupProviderLookup.class);
when(userGroupProviderLookup.getUserGroupProvider("user-group-provider")).thenReturn(userGroupProvider);
final AuthorizerInitializationContext initializationContext = mock(AuthorizerInitializationContext.class);
when(initializationContext.getUserGroupProviderLookup()).thenReturn(userGroupProviderLookup);
managedAuthorizer.initialize(initializationContext);
managedAuthorizer.onConfigured(configurationContext);
return managedAuthorizer;
}
use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi-minifi by apache.
the class MiNiFiServer method start.
public void start() {
try {
logger.info("Loading Flow...");
FlowFileEventRepository flowFileEventRepository = new RingBufferEventRepository(5);
AuditService auditService = new StandardAuditService();
Authorizer authorizer = new Authorizer() {
@Override
public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException {
return AuthorizationResult.approved();
}
@Override
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
// do nothing
}
@Override
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
// do nothing
}
@Override
public void preDestruction() throws AuthorizerDestructionException {
// do nothing
}
};
final String sensitivePropAlgorithmVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_ALGORITHM);
final String sensitivePropProviderVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_PROVIDER);
final String sensitivePropValueNifiPropVar = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_KEY, DEFAULT_SENSITIVE_PROPS_KEY);
StringEncryptor encryptor = StringEncryptor.createEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar);
VariableRegistry variableRegistry = new FileBasedVariableRegistry(props.getVariableRegistryPropertiesPaths());
BulletinRepository bulletinRepository = new VolatileBulletinRepository();
FlowController flowController = FlowController.createStandaloneInstance(flowFileEventRepository, props, authorizer, auditService, encryptor, bulletinRepository, variableRegistry, new StandardFlowRegistryClient());
flowService = StandardFlowService.createStandaloneInstance(flowController, props, encryptor, // revision manager
null, authorizer);
// start and load the flow
flowService.start();
flowService.load(null);
flowController.onFlowInitialized(true);
flowController.getGroup(flowController.getRootGroupId()).startProcessing();
this.flowController = flowController;
logger.info("Flow loaded successfully.");
} catch (Exception e) {
// ensure the flow service is terminated
if (flowService != null && flowService.isRunning()) {
flowService.stop(false);
}
startUpFailure(new Exception("Unable to load flow due to: " + e, e));
}
}
Aggregations