Search in sources :

Example 1 with ResourceType

use of org.apache.nifi.authorization.resource.ResourceType in project nifi by apache.

the class StandardAuthorizableLookup method getAuthorizableFromResource.

@Override
public Authorizable getAuthorizableFromResource(String resource) {
    // parse the resource type
    ResourceType resourceType = null;
    for (ResourceType type : ResourceType.values()) {
        if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
            resourceType = type;
        }
    }
    if (resourceType == null) {
        throw new ResourceNotFoundException("Unrecognized resource: " + resource);
    }
    // if this is a policy or a provenance event resource, there should be another resource type
    if (ResourceType.Policy.equals(resourceType) || ResourceType.Data.equals(resourceType) || ResourceType.DataTransfer.equals(resourceType)) {
        final ResourceType primaryResourceType = resourceType;
        // get the resource type
        resource = StringUtils.substringAfter(resource, resourceType.getValue());
        for (ResourceType type : ResourceType.values()) {
            if (resource.equals(type.getValue()) || resource.startsWith(type.getValue() + "/")) {
                resourceType = type;
            }
        }
        if (resourceType == null) {
            throw new ResourceNotFoundException("Unrecognized resource: " + resource);
        }
        // must either be a policy, event, or data transfer
        if (ResourceType.Policy.equals(primaryResourceType)) {
            return new AccessPolicyAuthorizable(getAccessPolicy(resourceType, resource));
        } else if (ResourceType.Data.equals(primaryResourceType)) {
            return new DataAuthorizable(getAccessPolicy(resourceType, resource));
        } else {
            return new DataTransferAuthorizable(getAccessPolicy(resourceType, resource));
        }
    } else if (ResourceType.RestrictedComponents.equals(resourceType)) {
        final String slashRequiredPermission = StringUtils.substringAfter(resource, resourceType.getValue());
        if (slashRequiredPermission.startsWith("/")) {
            final RequiredPermission requiredPermission = RequiredPermission.valueOfPermissionIdentifier(slashRequiredPermission.substring(1));
            if (requiredPermission == null) {
                throw new ResourceNotFoundException("Unrecognized resource: " + resource);
            }
            return getRestrictedComponents(requiredPermission);
        } else {
            return getRestrictedComponents();
        }
    } else {
        return getAccessPolicy(resourceType, resource);
    }
}
Also used : RequiredPermission(org.apache.nifi.components.RequiredPermission) AccessPolicyAuthorizable(org.apache.nifi.authorization.resource.AccessPolicyAuthorizable) DataAuthorizable(org.apache.nifi.authorization.resource.DataAuthorizable) DataTransferAuthorizable(org.apache.nifi.authorization.resource.DataTransferAuthorizable) ResourceType(org.apache.nifi.authorization.resource.ResourceType) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException)

Example 2 with ResourceType

use of org.apache.nifi.authorization.resource.ResourceType in project nifi by apache.

the class TestDataTransferResource method getDataTransferResource.

private DataTransferResource getDataTransferResource() {
    final NiFiServiceFacade serviceFacade = mock(NiFiServiceFacade.class);
    final HttpFlowFileServerProtocol serverProtocol = mock(HttpFlowFileServerProtocol.class);
    final DataTransferResource resource = new DataTransferResource(NiFiProperties.createBasicNiFiProperties(null, null)) {

        @Override
        protected void authorizeDataTransfer(AuthorizableLookup lookup, ResourceType resourceType, String identifier) {
        }

        @Override
        HttpFlowFileServerProtocol getHttpFlowFileServerProtocol(VersionNegotiator versionNegotiator) {
            return serverProtocol;
        }
    };
    resource.setProperties(NiFiProperties.createBasicNiFiProperties(null, null));
    resource.setServiceFacade(serviceFacade);
    return resource;
}
Also used : AuthorizableLookup(org.apache.nifi.authorization.AuthorizableLookup) NiFiServiceFacade(org.apache.nifi.web.NiFiServiceFacade) VersionNegotiator(org.apache.nifi.remote.VersionNegotiator) HttpFlowFileServerProtocol(org.apache.nifi.remote.protocol.http.HttpFlowFileServerProtocol) ResourceType(org.apache.nifi.authorization.resource.ResourceType)

Aggregations

ResourceType (org.apache.nifi.authorization.resource.ResourceType)2 AuthorizableLookup (org.apache.nifi.authorization.AuthorizableLookup)1 AccessPolicyAuthorizable (org.apache.nifi.authorization.resource.AccessPolicyAuthorizable)1 DataAuthorizable (org.apache.nifi.authorization.resource.DataAuthorizable)1 DataTransferAuthorizable (org.apache.nifi.authorization.resource.DataTransferAuthorizable)1 RequiredPermission (org.apache.nifi.components.RequiredPermission)1 VersionNegotiator (org.apache.nifi.remote.VersionNegotiator)1 HttpFlowFileServerProtocol (org.apache.nifi.remote.protocol.http.HttpFlowFileServerProtocol)1 NiFiServiceFacade (org.apache.nifi.web.NiFiServiceFacade)1 ResourceNotFoundException (org.apache.nifi.web.ResourceNotFoundException)1