Search in sources :

Example 11 with ConfigurableUserGroupProvider

use of org.apache.nifi.authorization.ConfigurableUserGroupProvider in project nifi by apache.

the class StandardPolicyBasedAuthorizerDAO method deleteUserGroup.

@Override
public Group deleteUserGroup(final String userGroupId) {
    if (userGroupProvider instanceof ConfigurableUserGroupProvider) {
        final ConfigurableUserGroupProvider configurableUserGroupProvider = (ConfigurableUserGroupProvider) userGroupProvider;
        final Group group = getUserGroup(userGroupId);
        final Group removedGroup = configurableUserGroupProvider.deleteGroup(group);
        // ensure the user was removed
        if (removedGroup == null) {
            throw new ResourceNotFoundException(String.format("Unable to find user group with id '%s'.", removedGroup));
        }
        // remove any references to the user group being deleted from policies if possible
        if (accessPolicyProvider instanceof ConfigurableAccessPolicyProvider) {
            for (AccessPolicy policy : accessPolicyProvider.getAccessPolicies()) {
                final ConfigurableAccessPolicyProvider configurableAccessPolicyProvider = (ConfigurableAccessPolicyProvider) accessPolicyProvider;
                // ensure this policy contains a reference to the user group and this policy is configurable (check proactively to prevent an exception)
                if (policy.getGroups().contains(removedGroup.getIdentifier()) && configurableAccessPolicyProvider.isConfigurable(policy)) {
                    final AccessPolicy.Builder builder = new AccessPolicy.Builder(policy).removeGroup(removedGroup.getIdentifier());
                    configurableAccessPolicyProvider.updateAccessPolicy(builder.build());
                }
            }
        }
        return removedGroup;
    } else {
        throw new IllegalStateException(MSG_NON_CONFIGURABLE_USERS);
    }
}
Also used : Group(org.apache.nifi.authorization.Group) ConfigurableUserGroupProvider(org.apache.nifi.authorization.ConfigurableUserGroupProvider) ConfigurableAccessPolicyProvider(org.apache.nifi.authorization.ConfigurableAccessPolicyProvider) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException) AccessPolicy(org.apache.nifi.authorization.AccessPolicy)

Aggregations

ConfigurableUserGroupProvider (org.apache.nifi.authorization.ConfigurableUserGroupProvider)11 Test (org.junit.Test)8 AccessPolicy (org.apache.nifi.authorization.AccessPolicy)2 ConfigurableAccessPolicyProvider (org.apache.nifi.authorization.ConfigurableAccessPolicyProvider)2 ResourceNotFoundException (org.apache.nifi.web.ResourceNotFoundException)2 StringWriter (java.io.StringWriter)1 DocumentBuilder (javax.xml.parsers.DocumentBuilder)1 ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1 Transformer (javax.xml.transform.Transformer)1 TransformerException (javax.xml.transform.TransformerException)1 DOMSource (javax.xml.transform.dom.DOMSource)1 StreamResult (javax.xml.transform.stream.StreamResult)1 Group (org.apache.nifi.authorization.Group)1 User (org.apache.nifi.authorization.User)1 AuthorizationAccessException (org.apache.nifi.authorization.exception.AuthorizationAccessException)1 Document (org.w3c.dom.Document)1 Element (org.w3c.dom.Element)1