Example 36 with Authorizable
use of org.apache.nifi.authorization.resource.Authorizable in project nifi by apache.
the class LabelResource method removeLabel.
/**
* Removes the specified label.
*
* @param httpServletRequest request
* @param version The revision is used to verify the client is working with the latest version of the flow.
* @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response.
* @param id The id of the label to remove.
* @return A entity containing the client id and an updated revision.
*/
@DELETE
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}")
@ApiOperation(value = "Deletes a label", response = LabelEntity.class, authorizations = { @Authorization(value = "Write - /labels/{uuid}"), @Authorization(value = "Write - Parent Process Group - /process-groups/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response removeLabel(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The revision is used to verify the client is working with the latest version of the flow.", required = false) @QueryParam(VERSION) final LongParameter version, @ApiParam(value = "If the client id is not specified, new one will be generated. This value (whether specified or generated) is included in the response.", required = false) @QueryParam(CLIENT_ID) @DefaultValue(StringUtils.EMPTY) final ClientIdParameter clientId, @ApiParam(value = "The label id.", required = true) @PathParam("id") final String id) {
if (isReplicateRequest()) {
return replicate(HttpMethod.DELETE);
}
final LabelEntity requestLabelEntity = new LabelEntity();
requestLabelEntity.setId(id);
// handle expects request (usually from the cluster manager)
final Revision requestRevision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id);
return withWriteLock(serviceFacade, requestLabelEntity, requestRevision, lookup -> {
final Authorizable label = lookup.getLabel(id);
// ensure write permission to the label
label.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
// ensure write permission to the parent process group
label.getParentAuthorizable().authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
}, null, (revision, labelEntity) -> {
// delete the specified label
final LabelEntity entity = serviceFacade.deleteLabel(revision, labelEntity.getId());
return generateOkResponse(entity).build();
});
}
Also used :
LabelEntity(org.apache.nifi.web.api.entity.LabelEntity)
Revision(org.apache.nifi.web.Revision)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 37 with Authorizable
use of org.apache.nifi.authorization.resource.Authorizable in project nifi by apache.
the class LabelResource method getLabel.
/**
* Retrieves the specified label.
*
* @param id The id of the label to retrieve
* @return A labelEntity.
*/
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}")
@ApiOperation(value = "Gets a label", response = LabelEntity.class, authorizations = { @Authorization(value = "Read - /labels/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getLabel(@ApiParam(value = "The label id.", required = true) @PathParam("id") final String id) {
if (isReplicateRequest()) {
return replicate(HttpMethod.GET);
}
// authorize access
serviceFacade.authorizeAccess(lookup -> {
final Authorizable label = lookup.getLabel(id);
label.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
});
// get the label
final LabelEntity entity = serviceFacade.getLabel(id);
populateRemainingLabelEntityContent(entity);
return generateOkResponse(entity).build();
}
Also used :
LabelEntity(org.apache.nifi.web.api.entity.LabelEntity)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 38 with Authorizable
use of org.apache.nifi.authorization.resource.Authorizable in project nifi by apache.
the class LabelResource method updateLabel.
/**
* Updates the specified label.
*
* @param httpServletRequest request
* @param id The id of the label to update.
* @param requestLabelEntity A labelEntity.
* @return A labelEntity.
*/
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}")
@ApiOperation(value = "Updates a label", response = LabelEntity.class, authorizations = { @Authorization(value = "Write - /labels/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response updateLabel(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The label id.", required = true) @PathParam("id") final String id, @ApiParam(value = "The label configuration details.", required = true) final LabelEntity requestLabelEntity) {
if (requestLabelEntity == null || requestLabelEntity.getComponent() == null) {
throw new IllegalArgumentException("Label details must be specified.");
}
if (requestLabelEntity.getRevision() == null) {
throw new IllegalArgumentException("Revision must be specified.");
}
// ensure the ids are the same
final LabelDTO requestLabelDTO = requestLabelEntity.getComponent();
if (!id.equals(requestLabelDTO.getId())) {
throw new IllegalArgumentException(String.format("The label id (%s) in the request body does not equal the " + "label id of the requested resource (%s).", requestLabelDTO.getId(), id));
}
final PositionDTO proposedPosition = requestLabelDTO.getPosition();
if (proposedPosition != null) {
if (proposedPosition.getX() == null || proposedPosition.getY() == null) {
throw new IllegalArgumentException("The x and y coordinate of the proposed position must be specified.");
}
}
if (isReplicateRequest()) {
return replicate(HttpMethod.PUT, requestLabelEntity);
}
// handle expects request (usually from the cluster manager)
final Revision requestRevision = getRevision(requestLabelEntity, id);
return withWriteLock(serviceFacade, requestLabelEntity, requestRevision, lookup -> {
Authorizable authorizable = lookup.getLabel(id);
authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
}, null, (revision, labelEntity) -> {
final LabelDTO labelDTO = labelEntity.getComponent();
// update the label
final LabelEntity entity = serviceFacade.updateLabel(revision, labelDTO);
populateRemainingLabelEntityContent(entity);
return generateOkResponse(entity).build();
});
}
Also used :
LabelEntity(org.apache.nifi.web.api.entity.LabelEntity)
Revision(org.apache.nifi.web.Revision)
LabelDTO(org.apache.nifi.web.api.dto.LabelDTO)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
PositionDTO(org.apache.nifi.web.api.dto.PositionDTO)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
ApiOperation(io.swagger.annotations.ApiOperation)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 39 with Authorizable
use of org.apache.nifi.authorization.resource.Authorizable in project nifi by apache.
the class OutputPortResource method getOutputPort.
/**
* Retrieves the specified output port.
*
* @param id The id of the output port to retrieve
* @return A outputPortEntity.
*/
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}")
@ApiOperation(value = "Gets an output port", response = PortEntity.class, authorizations = { @Authorization(value = "Read - /output-ports/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getOutputPort(@ApiParam(value = "The output port id.", required = true) @PathParam("id") final String id) {
if (isReplicateRequest()) {
return replicate(HttpMethod.GET);
}
// authorize access
serviceFacade.authorizeAccess(lookup -> {
final Authorizable outputPort = lookup.getOutputPort(id);
outputPort.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
});
// get the port
final PortEntity entity = serviceFacade.getOutputPort(id);
populateRemainingOutputPortEntityContent(entity);
return generateOkResponse(entity).build();
}
Also used :
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
PortEntity(org.apache.nifi.web.api.entity.PortEntity)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 40 with Authorizable
use of org.apache.nifi.authorization.resource.Authorizable in project nifi by apache.
the class OutputPortResource method updateOutputPort.
/**
* Updates the specified output port.
*
* @param httpServletRequest request
* @param id The id of the output port to update.
* @param requestPortEntity A outputPortEntity.
* @return A outputPortEntity.
*/
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}")
@ApiOperation(value = "Updates an output port", response = PortEntity.class, authorizations = { @Authorization(value = "Write - /output-ports/{uuid}") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response updateOutputPort(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The output port id.", required = true) @PathParam("id") final String id, @ApiParam(value = "The output port configuration details.", required = true) final PortEntity requestPortEntity) {
if (requestPortEntity == null || requestPortEntity.getComponent() == null) {
throw new IllegalArgumentException("Output port details must be specified.");
}
if (requestPortEntity.getRevision() == null) {
throw new IllegalArgumentException("Revision must be specified.");
}
// ensure the ids are the same
PortDTO requestPortDTO = requestPortEntity.getComponent();
if (!id.equals(requestPortDTO.getId())) {
throw new IllegalArgumentException(String.format("The output port id (%s) in the request body does not equal the " + "output port id of the requested resource (%s).", requestPortDTO.getId(), id));
}
final PositionDTO proposedPosition = requestPortDTO.getPosition();
if (proposedPosition != null) {
if (proposedPosition.getX() == null || proposedPosition.getY() == null) {
throw new IllegalArgumentException("The x and y coordinate of the proposed position must be specified.");
}
}
if (isReplicateRequest()) {
return replicate(HttpMethod.PUT, requestPortEntity);
}
// handle expects request (usually from the cluster manager)
final Revision requestRevision = getRevision(requestPortEntity, id);
return withWriteLock(serviceFacade, requestPortEntity, requestRevision, lookup -> {
Authorizable authorizable = lookup.getOutputPort(id);
authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
}, () -> serviceFacade.verifyUpdateOutputPort(requestPortDTO), (revision, portEntity) -> {
final PortDTO portDTO = portEntity.getComponent();
// update the output port
final PortEntity entity = serviceFacade.updateOutputPort(revision, portDTO);
populateRemainingOutputPortEntityContent(entity);
return generateOkResponse(entity).build();
});
}
Also used :
Revision(org.apache.nifi.web.Revision)
PortDTO(org.apache.nifi.web.api.dto.PortDTO)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
PositionDTO(org.apache.nifi.web.api.dto.PositionDTO)
PortEntity(org.apache.nifi.web.api.entity.PortEntity)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
ApiOperation(io.swagger.annotations.ApiOperation)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
Authorizable (org.apache.nifi.authorization.resource.Authorizable)140
ApiOperation (io.swagger.annotations.ApiOperation)96
ApiResponses (io.swagger.annotations.ApiResponses)96
Consumes (javax.ws.rs.Consumes)96
Produces (javax.ws.rs.Produces)96
Path (javax.ws.rs.Path)95
ComponentAuthorizable (org.apache.nifi.authorization.ComponentAuthorizable)53
GET (javax.ws.rs.GET)46
Revision (org.apache.nifi.web.Revision)44
ProcessGroupAuthorizable (org.apache.nifi.authorization.ProcessGroupAuthorizable)33
SnippetAuthorizable (org.apache.nifi.authorization.SnippetAuthorizable)28
TemplateContentsAuthorizable (org.apache.nifi.authorization.TemplateContentsAuthorizable)28
POST (javax.ws.rs.POST)24
NiFiUser (org.apache.nifi.authorization.user.NiFiUser)21
ResourceNotFoundException (org.apache.nifi.web.ResourceNotFoundException)21
DELETE (javax.ws.rs.DELETE)20
PUT (javax.ws.rs.PUT)20
RevisionDTO (org.apache.nifi.web.api.dto.RevisionDTO)19
PositionDTO (org.apache.nifi.web.api.dto.PositionDTO)18
PortEntity (org.apache.nifi.web.api.entity.PortEntity)15
