Search in sources :

Example 1 with Policies

use of org.apache.nifi.authorization.file.generated.Policies in project nifi by apache.

the class FileAccessPolicyProvider method load.

/**
 * Loads the authorizations file and populates the AuthorizationsHolder, only called during start-up.
 *
 * @throws JAXBException            Unable to reload the authorized users file
 * @throws IOException              Unable to sync file with restore
 * @throws IllegalStateException    Unable to sync file with restore
 */
private synchronized void load() throws JAXBException, IOException, IllegalStateException, SAXException {
    // attempt to unmarshal
    final Authorizations authorizations = unmarshallAuthorizations();
    if (authorizations.getPolicies() == null) {
        authorizations.setPolicies(new Policies());
    }
    final AuthorizationsHolder authorizationsHolder = new AuthorizationsHolder(authorizations);
    final boolean emptyAuthorizations = authorizationsHolder.getAllPolicies().isEmpty();
    final boolean hasInitialAdminIdentity = (initialAdminIdentity != null && !StringUtils.isBlank(initialAdminIdentity));
    final boolean hasLegacyAuthorizedUsers = (legacyAuthorizedUsersFile != null && !StringUtils.isBlank(legacyAuthorizedUsersFile));
    // if we are starting fresh then we might need to populate an initial admin or convert legacy users
    if (emptyAuthorizations) {
        parseFlow();
        if (hasInitialAdminIdentity && hasLegacyAuthorizedUsers) {
            throw new AuthorizerCreationException("Cannot provide an Initial Admin Identity and a Legacy Authorized Users File");
        } else if (hasInitialAdminIdentity) {
            logger.info("Populating authorizations for Initial Admin: " + initialAdminIdentity);
            populateInitialAdmin(authorizations);
        } else if (hasLegacyAuthorizedUsers) {
            logger.info("Converting " + legacyAuthorizedUsersFile + " to new authorizations model");
            convertLegacyAuthorizedUsers(authorizations);
        }
        populateNodes(authorizations);
        // save any changes that were made and repopulate the holder
        saveAndRefreshHolder(authorizations);
    } else {
        this.authorizationsHolder.set(authorizationsHolder);
    }
}
Also used : Authorizations(org.apache.nifi.authorization.file.generated.Authorizations) Policies(org.apache.nifi.authorization.file.generated.Policies) AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException)

Aggregations

AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)1 Authorizations (org.apache.nifi.authorization.file.generated.Authorizations)1 Policies (org.apache.nifi.authorization.file.generated.Policies)1