Examples with ConnectionAuthorizable org.apache.nifi.authorization.ConnectionAuthorizable used on opensource projects

Example 6 with ConnectionAuthorizable

use of org.apache.nifi.authorization.ConnectionAuthorizable in project nifi by apache.

the class FlowFileQueueResource method getDropRequest.

/**
 * Checks the status of an outstanding drop request.
 *
 * @param connectionId  The id of the connection
 * @param dropRequestId The id of the drop request
 * @return A dropRequestEntity
 */
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}/drop-requests/{drop-request-id}")
@ApiOperation(value = "Gets the current status of a drop request for the specified connection.", response = DropRequestEntity.class, authorizations = { @Authorization(value = "Write Source Data - /data/{component-type}/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getDropRequest(@ApiParam(value = "The connection id.", required = true) @PathParam("id") final String connectionId, @ApiParam(value = "The drop request id.", required = true) @PathParam("drop-request-id") final String dropRequestId) {
    if (isReplicateRequest()) {
        return replicate(HttpMethod.GET);
    }
    // authorize access
    serviceFacade.authorizeAccess(lookup -> {
        final ConnectionAuthorizable connAuth = lookup.getConnection(connectionId);
        final Authorizable dataAuthorizable = connAuth.getSourceData();
        dataAuthorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
    });
    // get the drop request
    final DropRequestDTO dropRequest = serviceFacade.getFlowFileDropRequest(connectionId, dropRequestId);
    dropRequest.setUri(generateResourceUri("flowfile-queues", connectionId, "drop-requests", dropRequestId));
    // create the response entity
    final DropRequestEntity entity = new DropRequestEntity();
    entity.setDropRequest(dropRequest);
    return generateOkResponse(entity).build();
}

Example 7 with ConnectionAuthorizable

use of org.apache.nifi.authorization.ConnectionAuthorizable in project nifi by apache.

the class FlowFileQueueResource method createDropRequest.

/**
 * Creates a request to delete the flowfiles in the queue of the specified connection.
 *
 * @param httpServletRequest request
 * @param id                 The id of the connection
 * @return A dropRequestEntity
 */
@POST
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}/drop-requests")
@ApiOperation(value = "Creates a request to drop the contents of the queue in this connection.", response = DropRequestEntity.class, authorizations = { @Authorization(value = "Write Source Data - /data/{component-type}/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 202, message = "The request has been accepted. A HTTP response header will contain the URI where the response can be polled."), @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response createDropRequest(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The connection id.", required = true) @PathParam("id") final String id) {
    if (isReplicateRequest()) {
        return replicate(HttpMethod.POST);
    }
    final ConnectionEntity requestConnectionEntity = new ConnectionEntity();
    requestConnectionEntity.setId(id);
    return withWriteLock(serviceFacade, requestConnectionEntity, lookup -> {
        final ConnectionAuthorizable connAuth = lookup.getConnection(id);
        final Authorizable dataAuthorizable = connAuth.getSourceData();
        dataAuthorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
    }, null, (connectionEntity) -> {
        // ensure the id is the same across the cluster
        final String dropRequestId = generateUuid();
        // submit the drop request
        final DropRequestDTO dropRequest = serviceFacade.createFlowFileDropRequest(connectionEntity.getId(), dropRequestId);
        dropRequest.setUri(generateResourceUri("flowfile-queues", connectionEntity.getId(), "drop-requests", dropRequest.getId()));
        // create the response entity
        final DropRequestEntity entity = new DropRequestEntity();
        entity.setDropRequest(dropRequest);
        // generate the URI where the response will be
        final URI location = URI.create(dropRequest.getUri());
        return Response.status(Status.ACCEPTED).location(location).entity(entity).build();
    });
}