Examples with NiFiUser org.apache.nifi.authorization.user.NiFiUser used on opensource projects

Example 96 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiServiceFacade method updateRegistryClient.

@Override
public RegistryClientEntity updateRegistryClient(Revision revision, RegistryDTO registryDTO) {
    final RevisionClaim revisionClaim = new StandardRevisionClaim(revision);
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    final FlowRegistry registry = registryDAO.getFlowRegistry(registryDTO.getId());
    final RevisionUpdate<FlowRegistry> revisionUpdate = revisionManager.updateRevision(revisionClaim, user, () -> {
        final boolean duplicateName = registryDAO.getFlowRegistries().stream().anyMatch(reg -> reg.getName().equals(registryDTO.getName()) && !reg.getIdentifier().equals(registryDTO.getId()));
        if (duplicateName) {
            throw new IllegalStateException("Cannot update Flow Registry because a Flow Registry already exists with the name " + registryDTO.getName());
        }
        registry.setDescription(registryDTO.getDescription());
        registry.setName(registryDTO.getName());
        registry.setURL(registryDTO.getUri());
        controllerFacade.save();
        final Revision updatedRevision = revisionManager.getRevision(revision.getComponentId()).incrementRevision(revision.getClientId());
        final FlowModification lastModification = new FlowModification(updatedRevision, user.getIdentity());
        return new StandardRevisionUpdate<>(registry, lastModification);
    });
    final FlowRegistry updatedReg = revisionUpdate.getComponent();
    return createRegistryClientEntity(updatedReg);
}

Example 97 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiServiceFacade method updateSnippet.

@Override
public SnippetEntity updateSnippet(final Set<Revision> revisions, final SnippetDTO snippetDto) {
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    final RevisionClaim revisionClaim = new StandardRevisionClaim(revisions);
    final RevisionUpdate<SnippetDTO> snapshot;
    try {
        snapshot = revisionManager.updateRevision(revisionClaim, user, new UpdateRevisionTask<SnippetDTO>() {

            @Override
            public RevisionUpdate<SnippetDTO> update() {
                // get the updated component
                final Snippet snippet = snippetDAO.updateSnippetComponents(snippetDto);
                // drop the snippet
                snippetDAO.dropSnippet(snippet.getId());
                // save updated controller
                controllerFacade.save();
                // increment the revisions
                final Set<Revision> updatedRevisions = revisions.stream().map(revision -> {
                    final Revision currentRevision = revisionManager.getRevision(revision.getComponentId());
                    return currentRevision.incrementRevision(revision.getClientId());
                }).collect(Collectors.toSet());
                final SnippetDTO dto = dtoFactory.createSnippetDto(snippet);
                return new StandardRevisionUpdate<>(dto, null, updatedRevisions);
            }
        });
    } catch (final ExpiredRevisionClaimException e) {
        throw new InvalidRevisionException("Failed to update Snippet", e);
    }
    return entityFactory.createSnippetEntity(snapshot.getComponent());
}

Example 98 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiWebConfigurationContext method getControllerService.

@Override
public ControllerService getControllerService(final String serviceIdentifier, final String componentId) {
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    authorizeFlowAccess(user);
    return controllerServiceProvider.getControllerServiceForComponent(serviceIdentifier, componentId);
}

Example 99 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class StandardNiFiWebConfigurationContext method getCurrentUserIdentity.

@Override
public String getCurrentUserIdentity() {
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    authorizeFlowAccess(user);
    return user.getIdentity();
}

Example 100 with NiFiUser

use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.

the class AccessResource method createDownloadToken.

/**
 * Creates a single use access token for downloading FlowFile content.
 *
 * @param httpServletRequest the servlet request
 * @return A token (string)
 */
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.TEXT_PLAIN)
@Path("/download-token")
@ApiOperation(value = "Creates a single use access token for downloading FlowFile content.", notes = "The token returned is a base64 encoded string. It is valid for a single request up to five minutes from being issued. " + "It is used as a query parameter name 'access_token'.", response = String.class)
@ApiResponses(value = { @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 409, message = "Unable to create the download token because NiFi is not in the appropriate state. " + "(i.e. may not have any tokens to grant or be configured to support username/password login)"), @ApiResponse(code = 500, message = "Unable to create download token because an unexpected error occurred.") })
public Response createDownloadToken(@Context HttpServletRequest httpServletRequest) {
    // only support access tokens when communicating over HTTPS
    if (!httpServletRequest.isSecure()) {
        throw new IllegalStateException("Download tokens are only issued over HTTPS.");
    }
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    if (user == null) {
        throw new AccessDeniedException("No user authenticated in the request.");
    }
    final OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(user.getIdentity());
    // generate otp for response
    final String token = otpService.generateDownloadToken(authenticationToken);
    // build the response
    final URI uri = URI.create(generateResourceUri("access", "download-token"));
    return generateCreatedResponse(uri, token).build();
}