Examples with NiFiUser org.apache.nifi.authorization.user.NiFiUser used on opensource projects

Example 61 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class DataAuthorizableTest method testCheckAuthorizationUser.

@Test
public void testCheckAuthorizationUser() {
    final NiFiUser user = new Builder().identity(IDENTITY_1).build();
    final AuthorizationResult result = testDataAuthorizable.checkAuthorization(testAuthorizer, RequestAction.READ, user, null);
    assertEquals(Result.Approved, result.getResult());
    verify(testAuthorizer, times(1)).authorize(argThat(new ArgumentMatcher<AuthorizationRequest>() {

        @Override
        public boolean matches(Object o) {
            return IDENTITY_1.equals(((AuthorizationRequest) o).getIdentity());
        }
    }));
}

Example 62 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class DataAuthorizableTest method testAuthorizedUserChain.

@Test
public void testAuthorizedUserChain() {
    final NiFiUser proxy2 = new Builder().identity(PROXY_2).build();
    final NiFiUser proxy1 = new Builder().identity(PROXY_1).chain(proxy2).build();
    final NiFiUser user = new Builder().identity(IDENTITY_1).chain(proxy1).build();
    testDataAuthorizable.authorize(testAuthorizer, RequestAction.READ, user, null);
    verify(testAuthorizer, times(3)).authorize(any(AuthorizationRequest.class));
    verifyAuthorizeForUser(IDENTITY_1);
    verifyAuthorizeForUser(PROXY_1);
    verifyAuthorizeForUser(PROXY_2);
}

Example 63 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class DataAuthorizable method checkAuthorization.

@Override
public AuthorizationResult checkAuthorization(Authorizer authorizer, RequestAction action, NiFiUser user, Map<String, String> resourceContext) {
    if (user == null) {
        return AuthorizationResult.denied("Unknown user.");
    }
    AuthorizationResult result = null;
    // authorize each element in the chain
    NiFiUser chainedUser = user;
    do {
        try {
            // perform the current user authorization
            result = Authorizable.super.checkAuthorization(authorizer, action, chainedUser, resourceContext);
            // if authorization is not approved, reject
            if (!Result.Approved.equals(result.getResult())) {
                return result;
            }
            // go to the next user in the chain
            chainedUser = chainedUser.getChain();
        } catch (final ResourceNotFoundException e) {
            result = AuthorizationResult.denied("Unknown source component.");
        }
    } while (chainedUser != null);
    if (result == null) {
        result = AuthorizationResult.denied();
    }
    return result;
}

Example 64 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiServiceFacade method getProcessors.

@Override
public Set<ProcessorEntity> getProcessors(final String groupId, final boolean includeDescendants) {
    final Set<ProcessorNode> processors = processorDAO.getProcessors(groupId, includeDescendants);
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    return processors.stream().map(processor -> createProcessorEntity(processor, user)).collect(Collectors.toSet());
}

Example 65 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiServiceFacade method createControllerServiceEntity.

private ControllerServiceEntity createControllerServiceEntity(final ControllerServiceNode serviceNode, final Set<String> serviceIds, final NiFiUser user) {
    final ControllerServiceDTO dto = dtoFactory.createControllerServiceDto(serviceNode);
    final ControllerServiceReference ref = serviceNode.getReferences();
    final ControllerServiceReferencingComponentsEntity referencingComponentsEntity = createControllerServiceReferencingComponentsEntity(ref, serviceIds);
    dto.setReferencingComponents(referencingComponentsEntity.getControllerServiceReferencingComponents());
    final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(serviceNode.getIdentifier()));
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(serviceNode, user);
    final List<BulletinDTO> bulletins = dtoFactory.createBulletinDtos(bulletinRepository.findBulletinsForSource(serviceNode.getIdentifier()));
    final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
    return entityFactory.createControllerServiceEntity(dto, revision, permissions, bulletinEntities);
}