Examples with DataAuthorizable org.apache.nifi.authorization.resource.DataAuthorizable used on opensource projects

Search in sources :

Example 1 with DataAuthorizable

use of org.apache.nifi.authorization.resource.DataAuthorizable in project nifi by apache.

the class StandardConnectionDAO method getContent.

@Override
public DownloadableContent getContent(String id, String flowFileUuid, String requestUri) {
    try {
        final NiFiUser user = NiFiUserUtils.getNiFiUser();
        final Connection connection = locateConnection(id);
        final FlowFileQueue queue = connection.getFlowFileQueue();
        final FlowFileRecord flowFile = queue.getFlowFile(flowFileUuid);
        if (flowFile == null) {
            throw new ResourceNotFoundException(String.format("The FlowFile with UUID %s is no longer in the active queue.", flowFileUuid));
        }
        // get the attributes and ensure appropriate access
        final Map<String, String> attributes = flowFile.getAttributes();
        final Authorizable dataAuthorizable = new DataAuthorizable(connection.getSourceAuthorizable());
        dataAuthorizable.authorize(authorizer, RequestAction.READ, user, attributes);
        // get the filename and fall back to the identifier (should never happen)
        String filename = attributes.get(CoreAttributes.FILENAME.key());
        if (filename == null) {
            filename = flowFileUuid;
        }
        // get the mime-type
        final String type = attributes.get(CoreAttributes.MIME_TYPE.key());
        // get the content
        final InputStream content = flowController.getContent(flowFile, user.getIdentity(), requestUri);
        return new DownloadableContent(filename, type, content);
    } catch (final ContentNotFoundException cnfe) {
        throw new ResourceNotFoundException("Unable to find the specified content.");
    } catch (final IOException ioe) {
        logger.error(String.format("Unable to get the content for flowfile (%s) at this time.", flowFileUuid), ioe);
        throw new IllegalStateException("Unable to get the content at this time.");
    }
}
Also used : DownloadableContent(org.apache.nifi.web.DownloadableContent) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) ContentNotFoundException(org.apache.nifi.controller.repository.ContentNotFoundException) InputStream(java.io.InputStream) Connection(org.apache.nifi.connectable.Connection) IOException(java.io.IOException) FlowFileQueue(org.apache.nifi.controller.queue.FlowFileQueue) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) Authorizable(org.apache.nifi.authorization.resource.Authorizable) FlowFileRecord(org.apache.nifi.controller.repository.FlowFileRecord) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Example 2 with DataAuthorizable

use of org.apache.nifi.authorization.resource.DataAuthorizable in project nifi by apache.

the class StandardAuthorizableLookup method getAuthorizableFromResource.

@Override
public Authorizable getAuthorizableFromResource(String resource) {
    // parse the resource type
    ResourceType resourceType = null;
    for (ResourceType type : ResourceType.values()) {
        if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
            resourceType = type;
        }
    }
    if (resourceType == null) {
        throw new ResourceNotFoundException("Unrecognized resource: " + resource);
    }
    // if this is a policy or a provenance event resource, there should be another resource type
    if (ResourceType.Policy.equals(resourceType) || ResourceType.Data.equals(resourceType) || ResourceType.DataTransfer.equals(resourceType)) {
        final ResourceType primaryResourceType = resourceType;
        // get the resource type
        resource = StringUtils.substringAfter(resource, resourceType.getValue());
        for (ResourceType type : ResourceType.values()) {
            if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
                resourceType = type;
            }
        }
        if (resourceType == null) {
            throw new ResourceNotFoundException("Unrecognized resource: " + resource);
        }
        // must either be a policy, event, or data transfer
        if (ResourceType.Policy.equals(primaryResourceType)) {
            return new AccessPolicyAuthorizable(getAccessPolicy(resourceType, resource));
        } else if (ResourceType.Data.equals(primaryResourceType)) {
            return new DataAuthorizable(getAccessPolicy(resourceType, resource));
        } else {
            return new DataTransferAuthorizable(getAccessPolicy(resourceType, resource));
        }
    } else if (ResourceType.RestrictedComponents.equals(resourceType)) {
        final String slashRequiredPermission = StringUtils.substringAfter(resource, resourceType.getValue());
        if (slashRequiredPermission.startsWith("/")) {
            final RequiredPermission requiredPermission = RequiredPermission.valueOfPermissionIdentifier(slashRequiredPermission.substring(1));
            if (requiredPermission == null) {
                throw new ResourceNotFoundException("Unrecognized resource: " + resource);
            }
            return getRestrictedComponents(requiredPermission);
        } else {
            return getRestrictedComponents();
        }
    } else {
        return getAccessPolicy(resourceType, resource);
    }
}
Also used : RequiredPermission(org.apache.nifi.components.RequiredPermission) AccessPolicyAuthorizable(org.apache.nifi.authorization.resource.AccessPolicyAuthorizable) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) DataTransferAuthorizable(org.apache.nifi.authorization.resource.DataTransferAuthorizable) ResourceType(org.apache.nifi.authorization.resource.ResourceType) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Example 3 with DataAuthorizable

use of org.apache.nifi.authorization.resource.DataAuthorizable in project nifi by apache.

the class FlowController method createLocalDataAuthorizable.

@Override
public Authorizable createLocalDataAuthorizable(final String componentId) {
    final String rootGroupId = getRootGroupId();
    // Provenance Events are generated only by connectable components, with the exception of DOWNLOAD events,
    // which have the root process group's identifier assigned as the component ID, and DROP events, which
    // could have the connection identifier assigned as the component ID. So, we check if the component ID
    // is set to the root group and otherwise assume that the ID is that of a connectable or connection.
    final DataAuthorizable authorizable;
    if (rootGroupId.equals(componentId)) {
        authorizable = new DataAuthorizable(getRootGroup());
    } else {
        // check if the component is a connectable, this should be the case most often
        final Connectable connectable = getRootGroup().findLocalConnectable(componentId);
        if (connectable == null) {
            // if the component id is not a connectable then consider a connection
            final Connection connection = getRootGroup().findConnection(componentId);
            if (connection == null) {
                throw new ResourceNotFoundException("The component that generated this event is no longer part of the data flow.");
            } else {
                // authorizable for connection data is associated with the source connectable
                authorizable = new DataAuthorizable(connection.getSource());
            }
        } else {
            authorizable = new DataAuthorizable(connectable);
        }
    }
    return authorizable;
}
Also used : Connectable(org.apache.nifi.connectable.Connectable) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) Connection(org.apache.nifi.connectable.Connection) VersionedConnection(org.apache.nifi.registry.flow.VersionedConnection) StandardConnection(org.apache.nifi.connectable.StandardConnection) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Example 4 with DataAuthorizable

use of org.apache.nifi.authorization.resource.DataAuthorizable in project nifi by apache.

the class FlowController method createRemoteDataAuthorizable.

@Override
public Authorizable createRemoteDataAuthorizable(String remoteGroupPortId) {
    final DataAuthorizable authorizable;
    final RemoteGroupPort remoteGroupPort = getRootGroup().findRemoteGroupPort(remoteGroupPortId);
    if (remoteGroupPort == null) {
        throw new ResourceNotFoundException("The component that generated this event is no longer part of the data flow.");
    } else {
        // authorizable for remote group ports should be the remote process group
        authorizable = new DataAuthorizable(remoteGroupPort.getRemoteProcessGroup());
    }
    return authorizable;
}
Also used : RemoteGroupPort(org.apache.nifi.remote.RemoteGroupPort) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Example 5 with DataAuthorizable

use of org.apache.nifi.authorization.resource.DataAuthorizable in project nifi by apache.

the class StandardConnectionDAO method getFlowFile.

@Override
public FlowFileRecord getFlowFile(String id, String flowFileUuid) {
    try {
        final Connection connection = locateConnection(id);
        final FlowFileQueue queue = connection.getFlowFileQueue();
        final FlowFileRecord flowFile = queue.getFlowFile(flowFileUuid);
        if (flowFile == null) {
            throw new ResourceNotFoundException(String.format("The FlowFile with UUID %s is no longer in the active queue.", flowFileUuid));
        }
        // get the attributes and ensure appropriate access
        final Map<String, String> attributes = flowFile.getAttributes();
        final Authorizable dataAuthorizable = new DataAuthorizable(connection.getSourceAuthorizable());
        dataAuthorizable.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser(), attributes);
        return flowFile;
    } catch (final IOException ioe) {
        logger.error(String.format("Unable to get the flowfile (%s) at this time.", flowFileUuid), ioe);
        throw new IllegalStateException("Unable to get the FlowFile at this time.");
    }
}
Also used : DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) Connection(org.apache.nifi.connectable.Connection) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) Authorizable(org.apache.nifi.authorization.resource.Authorizable) IOException(java.io.IOException) FlowFileQueue(org.apache.nifi.controller.queue.FlowFileQueue) FlowFileRecord(org.apache.nifi.controller.repository.FlowFileRecord) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Aggregations

DataAuthorizable (org.apache.nifi.authorization.resource.DataAuthorizable)5 ResourceNotFoundException (org.apache.nifi.web.ResourceNotFoundException)5 Connection (org.apache.nifi.connectable.Connection)3 IOException (java.io.IOException)2 Authorizable (org.apache.nifi.authorization.resource.Authorizable)2 FlowFileQueue (org.apache.nifi.controller.queue.FlowFileQueue)2 FlowFileRecord (org.apache.nifi.controller.repository.FlowFileRecord)2 InputStream (java.io.InputStream)1 AccessPolicyAuthorizable (org.apache.nifi.authorization.resource.AccessPolicyAuthorizable)1 DataTransferAuthorizable (org.apache.nifi.authorization.resource.DataTransferAuthorizable)1 ResourceType (org.apache.nifi.authorization.resource.ResourceType)1 NiFiUser (org.apache.nifi.authorization.user.NiFiUser)1 RequiredPermission (org.apache.nifi.components.RequiredPermission)1 Connectable (org.apache.nifi.connectable.Connectable)1 StandardConnection (org.apache.nifi.connectable.StandardConnection)1 ContentNotFoundException (org.apache.nifi.controller.repository.ContentNotFoundException)1 VersionedConnection (org.apache.nifi.registry.flow.VersionedConnection)1 RemoteGroupPort (org.apache.nifi.remote.RemoteGroupPort)1 DownloadableContent (org.apache.nifi.web.DownloadableContent)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial