Search in sources :

Example 1 with AuthorizerInitializationContext

use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.

the class TestRangerNiFiAuthorizer method testIntegration.

@Test
@Ignore
public void testIntegration() {
    final AuthorizerInitializationContext initializationContext = Mockito.mock(AuthorizerInitializationContext.class);
    final AuthorizerConfigurationContext configurationContext = Mockito.mock(AuthorizerConfigurationContext.class);
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
    Authorizer authorizer = new RangerNiFiAuthorizer();
    try {
        authorizer.initialize(initializationContext);
        authorizer.onConfigured(configurationContext);
        final AuthorizationRequest request = new AuthorizationRequest.Builder().resource(new Resource() {

            @Override
            public String getIdentifier() {
                return "/system";
            }

            @Override
            public String getName() {
                return "/system";
            }

            @Override
            public String getSafeDescription() {
                return "system";
            }
        }).action(RequestAction.WRITE).identity("admin").resourceContext(new HashMap<>()).accessAttempt(true).anonymous(false).build();
        final AuthorizationResult result = authorizer.authorize(request);
        Assert.assertEquals(AuthorizationResult.denied().getResult(), result.getResult());
    } finally {
        authorizer.preDestruction();
    }
}
Also used : AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest) HashMap(java.util.HashMap) Authorizer(org.apache.nifi.authorization.Authorizer) Resource(org.apache.nifi.authorization.Resource) MockPropertyValue(org.apache.nifi.util.MockPropertyValue) AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext) AuthorizationResult(org.apache.nifi.authorization.AuthorizationResult) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 2 with AuthorizerInitializationContext

use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi by apache.

the class ManagedRangerAuthorizerTest method getStandardManagedAuthorizer.

private ManagedRangerAuthorizer getStandardManagedAuthorizer(final UserGroupProvider userGroupProvider) {
    final ManagedRangerAuthorizer managedAuthorizer = new ManagedRangerAuthorizer();
    final AuthorizerConfigurationContext configurationContext = mock(AuthorizerConfigurationContext.class);
    when(configurationContext.getProperty(eq("User Group Provider"))).thenReturn(new MockPropertyValue("user-group-provider", null));
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SECURITY_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-security.xml"));
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_AUDIT_PATH_PROP))).thenReturn(new MockPropertyValue("src/test/resources/ranger/ranger-nifi-audit.xml"));
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_APP_ID_PROP))).thenReturn(new MockPropertyValue(appId));
    when(configurationContext.getProperty(eq(RangerNiFiAuthorizer.RANGER_SERVICE_TYPE_PROP))).thenReturn(new MockPropertyValue(serviceType));
    final UserGroupProviderLookup userGroupProviderLookup = mock(UserGroupProviderLookup.class);
    when(userGroupProviderLookup.getUserGroupProvider("user-group-provider")).thenReturn(userGroupProvider);
    final AuthorizerInitializationContext initializationContext = mock(AuthorizerInitializationContext.class);
    when(initializationContext.getUserGroupProviderLookup()).thenReturn(userGroupProviderLookup);
    managedAuthorizer.initialize(initializationContext);
    managedAuthorizer.onConfigured(configurationContext);
    return managedAuthorizer;
}
Also used : UserGroupProviderLookup(org.apache.nifi.authorization.UserGroupProviderLookup) MockPropertyValue(org.apache.nifi.util.MockPropertyValue) AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)

Example 3 with AuthorizerInitializationContext

use of org.apache.nifi.authorization.AuthorizerInitializationContext in project nifi-minifi by apache.

the class MiNiFiServer method start.

public void start() {
    try {
        logger.info("Loading Flow...");
        FlowFileEventRepository flowFileEventRepository = new RingBufferEventRepository(5);
        AuditService auditService = new StandardAuditService();
        Authorizer authorizer = new Authorizer() {

            @Override
            public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException {
                return AuthorizationResult.approved();
            }

            @Override
            public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
            // do nothing
            }

            @Override
            public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
            // do nothing
            }

            @Override
            public void preDestruction() throws AuthorizerDestructionException {
            // do nothing
            }
        };
        final String sensitivePropAlgorithmVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_ALGORITHM);
        final String sensitivePropProviderVal = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_PROVIDER);
        final String sensitivePropValueNifiPropVar = props.getProperty(StringEncryptor.NF_SENSITIVE_PROPS_KEY, DEFAULT_SENSITIVE_PROPS_KEY);
        StringEncryptor encryptor = StringEncryptor.createEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar);
        VariableRegistry variableRegistry = new FileBasedVariableRegistry(props.getVariableRegistryPropertiesPaths());
        BulletinRepository bulletinRepository = new VolatileBulletinRepository();
        FlowController flowController = FlowController.createStandaloneInstance(flowFileEventRepository, props, authorizer, auditService, encryptor, bulletinRepository, variableRegistry, new StandardFlowRegistryClient());
        flowService = StandardFlowService.createStandaloneInstance(flowController, props, encryptor, // revision manager
        null, authorizer);
        // start and load the flow
        flowService.start();
        flowService.load(null);
        flowController.onFlowInitialized(true);
        flowController.getGroup(flowController.getRootGroupId()).startProcessing();
        this.flowController = flowController;
        logger.info("Flow loaded successfully.");
    } catch (Exception e) {
        // ensure the flow service is terminated
        if (flowService != null && flowService.isRunning()) {
            flowService.stop(false);
        }
        startUpFailure(new Exception("Unable to load flow due to: " + e, e));
    }
}
Also used : VolatileBulletinRepository(org.apache.nifi.events.VolatileBulletinRepository) VolatileBulletinRepository(org.apache.nifi.events.VolatileBulletinRepository) BulletinRepository(org.apache.nifi.reporting.BulletinRepository) AuthorizationRequest(org.apache.nifi.authorization.AuthorizationRequest) FileBasedVariableRegistry(org.apache.nifi.util.FileBasedVariableRegistry) VariableRegistry(org.apache.nifi.registry.VariableRegistry) StatusRequestException(org.apache.nifi.minifi.status.StatusRequestException) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException) AuthorizerDestructionException(org.apache.nifi.authorization.exception.AuthorizerDestructionException) AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException) RingBufferEventRepository(org.apache.nifi.controller.repository.metrics.RingBufferEventRepository) FlowFileEventRepository(org.apache.nifi.controller.repository.FlowFileEventRepository) Authorizer(org.apache.nifi.authorization.Authorizer) StringEncryptor(org.apache.nifi.encrypt.StringEncryptor) FlowController(org.apache.nifi.controller.FlowController) AuthorizerInitializationContext(org.apache.nifi.authorization.AuthorizerInitializationContext) StandardFlowRegistryClient(org.apache.nifi.registry.flow.StandardFlowRegistryClient) StandardAuditService(org.apache.nifi.admin.service.impl.StandardAuditService) AuditService(org.apache.nifi.admin.service.AuditService) StandardAuditService(org.apache.nifi.admin.service.impl.StandardAuditService) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) FileBasedVariableRegistry(org.apache.nifi.util.FileBasedVariableRegistry)

Aggregations

AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)3 AuthorizerInitializationContext (org.apache.nifi.authorization.AuthorizerInitializationContext)3 AuthorizationRequest (org.apache.nifi.authorization.AuthorizationRequest)2 Authorizer (org.apache.nifi.authorization.Authorizer)2 MockPropertyValue (org.apache.nifi.util.MockPropertyValue)2 HashMap (java.util.HashMap)1 AuditService (org.apache.nifi.admin.service.AuditService)1 StandardAuditService (org.apache.nifi.admin.service.impl.StandardAuditService)1 AuthorizationResult (org.apache.nifi.authorization.AuthorizationResult)1 Resource (org.apache.nifi.authorization.Resource)1 UserGroupProviderLookup (org.apache.nifi.authorization.UserGroupProviderLookup)1 AuthorizationAccessException (org.apache.nifi.authorization.exception.AuthorizationAccessException)1 AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)1 AuthorizerDestructionException (org.apache.nifi.authorization.exception.AuthorizerDestructionException)1 FlowController (org.apache.nifi.controller.FlowController)1 FlowFileEventRepository (org.apache.nifi.controller.repository.FlowFileEventRepository)1 RingBufferEventRepository (org.apache.nifi.controller.repository.metrics.RingBufferEventRepository)1 StringEncryptor (org.apache.nifi.encrypt.StringEncryptor)1 VolatileBulletinRepository (org.apache.nifi.events.VolatileBulletinRepository)1 StatusRequestException (org.apache.nifi.minifi.status.StatusRequestException)1