use of org.apache.nifi.authorization.resource.ResourceType in project nifi by apache.
the class StandardAuthorizableLookup method getAuthorizableFromResource.
@Override
public Authorizable getAuthorizableFromResource(String resource) {
// parse the resource type
ResourceType resourceType = null;
for (ResourceType type : ResourceType.values()) {
if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
resourceType = type;
}
}
if (resourceType == null) {
throw new ResourceNotFoundException("Unrecognized resource: " + resource);
}
// if this is a policy or a provenance event resource, there should be another resource type
if (ResourceType.Policy.equals(resourceType) || ResourceType.Data.equals(resourceType) || ResourceType.DataTransfer.equals(resourceType)) {
final ResourceType primaryResourceType = resourceType;
// get the resource type
resource = StringUtils.substringAfter(resource, resourceType.getValue());
for (ResourceType type : ResourceType.values()) {
if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
resourceType = type;
}
}
if (resourceType == null) {
throw new ResourceNotFoundException("Unrecognized resource: " + resource);
}
// must either be a policy, event, or data transfer
if (ResourceType.Policy.equals(primaryResourceType)) {
return new AccessPolicyAuthorizable(getAccessPolicy(resourceType, resource));
} else if (ResourceType.Data.equals(primaryResourceType)) {
return new DataAuthorizable(getAccessPolicy(resourceType, resource));
} else {
return new DataTransferAuthorizable(getAccessPolicy(resourceType, resource));
}
} else if (ResourceType.RestrictedComponents.equals(resourceType)) {
final String slashRequiredPermission = StringUtils.substringAfter(resource, resourceType.getValue());
if (slashRequiredPermission.startsWith("/")) {
final RequiredPermission requiredPermission = RequiredPermission.valueOfPermissionIdentifier(slashRequiredPermission.substring(1));
if (requiredPermission == null) {
throw new ResourceNotFoundException("Unrecognized resource: " + resource);
}
return getRestrictedComponents(requiredPermission);
} else {
return getRestrictedComponents();
}
} else {
return getAccessPolicy(resourceType, resource);
}
}
use of org.apache.nifi.authorization.resource.ResourceType in project nifi by apache.
the class TestDataTransferResource method getDataTransferResource.
private DataTransferResource getDataTransferResource() {
final NiFiServiceFacade serviceFacade = mock(NiFiServiceFacade.class);
final HttpFlowFileServerProtocol serverProtocol = mock(HttpFlowFileServerProtocol.class);
final DataTransferResource resource = new DataTransferResource(NiFiProperties.createBasicNiFiProperties(null, null)) {
@Override
protected void authorizeDataTransfer(AuthorizableLookup lookup, ResourceType resourceType, String identifier) {
}
@Override
HttpFlowFileServerProtocol getHttpFlowFileServerProtocol(VersionNegotiator versionNegotiator) {
return serverProtocol;
}
};
resource.setProperties(NiFiProperties.createBasicNiFiProperties(null, null));
resource.setServiceFacade(serviceFacade);
return resource;
}
Aggregations