Example 1 with RootGroupPortAuthorizable
use of org.apache.nifi.authorization.RootGroupPortAuthorizable in project nifi by apache.
the class DataTransferResource method authorizeDataTransfer.
/**
* Authorizes access to data transfers.
* <p>
* Note: Protected for testing purposes
*/
protected void authorizeDataTransfer(final AuthorizableLookup lookup, final ResourceType resourceType, final String identifier) {
final NiFiUser user = NiFiUserUtils.getNiFiUser();
// ensure the resource type is correct
if (!ResourceType.InputPort.equals(resourceType) && !ResourceType.OutputPort.equals(resourceType)) {
throw new IllegalArgumentException("The resource must be an Input or Output Port.");
}
// get the authorizable
final RootGroupPortAuthorizable authorizable;
if (ResourceType.InputPort.equals(resourceType)) {
authorizable = lookup.getRootGroupInputPort(identifier);
} else {
authorizable = lookup.getRootGroupOutputPort(identifier);
}
// perform the authorization
final AuthorizationResult authorizationResult = authorizable.checkAuthorization(user);
if (!Result.Approved.equals(authorizationResult.getResult())) {
throw new AccessDeniedException(authorizationResult.getExplanation());
}
}
Also used :
RootGroupPortAuthorizable(org.apache.nifi.authorization.RootGroupPortAuthorizable)
AccessDeniedException(org.apache.nifi.authorization.AccessDeniedException)
NiFiUser(org.apache.nifi.authorization.user.NiFiUser)
AuthorizationResult(org.apache.nifi.authorization.AuthorizationResult)
Aggregations
AccessDeniedException (org.apache.nifi.authorization.AccessDeniedException)1
AuthorizationResult (org.apache.nifi.authorization.AuthorizationResult)1
RootGroupPortAuthorizable (org.apache.nifi.authorization.RootGroupPortAuthorizable)1
NiFiUser (org.apache.nifi.authorization.user.NiFiUser)1
