use of org.apache.nifi.authorization.Group in project nifi by apache.
the class StandardNiFiServiceFacade method postProcessNewFlowSnippet.
/**
* Post processes a new flow snippet including validation, removing the snippet, and DTO conversion.
*
* @param groupId group id
* @param snippet snippet
* @return flow dto
*/
private FlowDTO postProcessNewFlowSnippet(final String groupId, final FlowSnippetDTO snippet) {
// validate the new snippet
validateSnippetContents(snippet);
// identify all components added
final Set<String> identifiers = new HashSet<>();
snippet.getProcessors().stream().map(proc -> proc.getId()).forEach(id -> identifiers.add(id));
snippet.getConnections().stream().map(conn -> conn.getId()).forEach(id -> identifiers.add(id));
snippet.getInputPorts().stream().map(port -> port.getId()).forEach(id -> identifiers.add(id));
snippet.getOutputPorts().stream().map(port -> port.getId()).forEach(id -> identifiers.add(id));
snippet.getProcessGroups().stream().map(group -> group.getId()).forEach(id -> identifiers.add(id));
snippet.getRemoteProcessGroups().stream().map(remoteGroup -> remoteGroup.getId()).forEach(id -> identifiers.add(id));
snippet.getRemoteProcessGroups().stream().filter(remoteGroup -> remoteGroup.getContents() != null && remoteGroup.getContents().getInputPorts() != null).flatMap(remoteGroup -> remoteGroup.getContents().getInputPorts().stream()).map(remoteInputPort -> remoteInputPort.getId()).forEach(id -> identifiers.add(id));
snippet.getRemoteProcessGroups().stream().filter(remoteGroup -> remoteGroup.getContents() != null && remoteGroup.getContents().getOutputPorts() != null).flatMap(remoteGroup -> remoteGroup.getContents().getOutputPorts().stream()).map(remoteOutputPort -> remoteOutputPort.getId()).forEach(id -> identifiers.add(id));
snippet.getLabels().stream().map(label -> label.getId()).forEach(id -> identifiers.add(id));
final ProcessGroup group = processGroupDAO.getProcessGroup(groupId);
final ProcessGroupStatus groupStatus = controllerFacade.getProcessGroupStatus(groupId);
return dtoFactory.createFlowDto(group, groupStatus, snippet, revisionManager, this::getProcessGroupBulletins);
}
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class StandardNiFiServiceFacade method updateUser.
@Override
public UserEntity updateUser(final Revision revision, final UserDTO userDTO) {
final Authorizable usersAuthorizable = authorizableLookup.getTenant();
final Set<Group> groups = userGroupDAO.getUserGroupsForUser(userDTO.getId());
final Set<AccessPolicy> policies = userGroupDAO.getAccessPoliciesForUser(userDTO.getId());
final RevisionUpdate<UserDTO> snapshot = updateComponent(revision, usersAuthorizable, () -> userDAO.updateUser(userDTO), user -> {
final Set<TenantEntity> tenantEntities = groups.stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet());
final Set<AccessPolicySummaryEntity> policyEntities = policies.stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet());
return dtoFactory.createUserDto(user, tenantEntities, policyEntities);
});
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(usersAuthorizable);
return entityFactory.createUserEntity(snapshot.getComponent(), dtoFactory.createRevisionDTO(snapshot.getLastModification()), permissions);
}
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class DtoFactory method createConciseProcessGroupDto.
/**
* Creates a ProcessGroupDTO from the specified ProcessGroup.
*
* @param group group
* @return dto
*/
private ProcessGroupDTO createConciseProcessGroupDto(final ProcessGroup group) {
if (group == null) {
return null;
}
final ProcessGroupDTO dto = new ProcessGroupDTO();
dto.setId(group.getIdentifier());
dto.setPosition(createPositionDto(group.getPosition()));
dto.setComments(group.getComments());
dto.setName(group.getName());
dto.setVersionedComponentId(group.getVersionedComponentId().orElse(null));
dto.setVersionControlInformation(createVersionControlInformationDto(group));
final Map<String, String> variables = group.getVariableRegistry().getVariableMap().entrySet().stream().collect(Collectors.toMap(entry -> entry.getKey().getName(), entry -> entry.getValue()));
dto.setVariables(variables);
final ProcessGroup parentGroup = group.getParent();
if (parentGroup != null) {
dto.setParentGroupId(parentGroup.getIdentifier());
}
final ProcessGroupCounts counts = group.getCounts();
dto.setRunningCount(counts.getRunningCount());
dto.setStoppedCount(counts.getStoppedCount());
dto.setInvalidCount(counts.getInvalidCount());
dto.setDisabledCount(counts.getDisabledCount());
dto.setInputPortCount(counts.getInputPortCount());
dto.setOutputPortCount(counts.getOutputPortCount());
dto.setActiveRemotePortCount(counts.getActiveRemotePortCount());
dto.setInactiveRemotePortCount(counts.getInactiveRemotePortCount());
dto.setUpToDateCount(counts.getUpToDateCount());
dto.setLocallyModifiedCount(counts.getLocallyModifiedCount());
dto.setStaleCount(counts.getStaleCount());
dto.setLocallyModifiedAndStaleCount(counts.getLocallyModifiedAndStaleCount());
dto.setSyncFailureCount(counts.getSyncFailureCount());
return dto;
}
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class StandardPolicyBasedAuthorizerDAO method deleteUserGroup.
@Override
public Group deleteUserGroup(final String userGroupId) {
if (userGroupProvider instanceof ConfigurableUserGroupProvider) {
final ConfigurableUserGroupProvider configurableUserGroupProvider = (ConfigurableUserGroupProvider) userGroupProvider;
final Group group = getUserGroup(userGroupId);
final Group removedGroup = configurableUserGroupProvider.deleteGroup(group);
// ensure the user was removed
if (removedGroup == null) {
throw new ResourceNotFoundException(String.format("Unable to find user group with id '%s'.", removedGroup));
}
// remove any references to the user group being deleted from policies if possible
if (accessPolicyProvider instanceof ConfigurableAccessPolicyProvider) {
for (AccessPolicy policy : accessPolicyProvider.getAccessPolicies()) {
final ConfigurableAccessPolicyProvider configurableAccessPolicyProvider = (ConfigurableAccessPolicyProvider) accessPolicyProvider;
// ensure this policy contains a reference to the user group and this policy is configurable (check proactively to prevent an exception)
if (policy.getGroups().contains(removedGroup.getIdentifier()) && configurableAccessPolicyProvider.isConfigurable(policy)) {
final AccessPolicy.Builder builder = new AccessPolicy.Builder(policy).removeGroup(removedGroup.getIdentifier());
configurableAccessPolicyProvider.updateAccessPolicy(builder.build());
}
}
}
return removedGroup;
} else {
throw new IllegalStateException(MSG_NON_CONFIGURABLE_USERS);
}
}
Aggregations