use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.
the class ProcessorAuditor method generateAuditRecord.
/**
* Generates an audit record for the creation of a processor.
*
* @param processor processor
* @param operation operation
* @param actionDetails details
* @return action
*/
public Action generateAuditRecord(ProcessorNode processor, Operation operation, ActionDetails actionDetails) {
FlowChangeAction action = null;
// get the current user
NiFiUser user = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (user != null) {
// create the processor details
FlowChangeExtensionDetails processorDetails = new FlowChangeExtensionDetails();
processorDetails.setType(processor.getComponentType());
// create the processor action for adding this processor
action = new FlowChangeAction();
action.setUserIdentity(user.getIdentity());
action.setOperation(operation);
action.setTimestamp(new Date());
action.setSourceId(processor.getIdentifier());
action.setSourceName(processor.getName());
action.setSourceType(Component.Processor);
action.setComponentDetails(processorDetails);
if (actionDetails != null) {
action.setActionDetails(actionDetails);
}
}
return action;
}
use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.
the class RemoteProcessGroupAuditor method generateAuditRecord.
/**
* Generates an audit record for the specified remote process group.
*
* @param remoteProcessGroup group
* @param operation operation
* @param actionDetails details
* @return action
*/
public Action generateAuditRecord(RemoteProcessGroup remoteProcessGroup, Operation operation, ActionDetails actionDetails) {
FlowChangeAction action = null;
// get the current user
NiFiUser user = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (user != null) {
// create the remote process group details
FlowChangeRemoteProcessGroupDetails remoteProcessGroupDetails = createFlowChangeDetails(remoteProcessGroup);
// create the remote process group action
action = new FlowChangeAction();
action.setUserIdentity(user.getIdentity());
action.setOperation(operation);
action.setTimestamp(new Date());
action.setSourceId(remoteProcessGroup.getIdentifier());
action.setSourceName(remoteProcessGroup.getName());
action.setSourceType(Component.RemoteProcessGroup);
action.setComponentDetails(remoteProcessGroupDetails);
if (actionDetails != null) {
action.setActionDetails(actionDetails);
}
}
return action;
}
use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.
the class RemoteProcessGroupAuditor method auditUpdateProcessGroupConfiguration.
/**
* Audits the update of remote process group configuration.
*
* @param proceedingJoinPoint join point
* @param remoteProcessGroupDTO dto
* @param remoteProcessGroupDAO dao
* @return group
* @throws Throwable ex
*/
@Around("within(org.apache.nifi.web.dao.RemoteProcessGroupDAO+) && " + "execution(org.apache.nifi.groups.RemoteProcessGroup updateRemoteProcessGroup(org.apache.nifi.web.api.dto.RemoteProcessGroupDTO)) && " + "args(remoteProcessGroupDTO) && " + "target(remoteProcessGroupDAO)")
public RemoteProcessGroup auditUpdateProcessGroupConfiguration(ProceedingJoinPoint proceedingJoinPoint, RemoteProcessGroupDTO remoteProcessGroupDTO, RemoteProcessGroupDAO remoteProcessGroupDAO) throws Throwable {
final RemoteProcessGroup remoteProcessGroup = remoteProcessGroupDAO.getRemoteProcessGroup(remoteProcessGroupDTO.getId());
// record the current value of this remoteProcessGroups configuration for comparisons later
final boolean transmissionState = remoteProcessGroup.isTransmitting();
final Map<String, Object> previousValues = ConfigurationRecorder.capturePreviousValues(CONFIG_RECORDERS, remoteProcessGroup);
// perform the underlying operation
final RemoteProcessGroup updatedRemoteProcessGroup = (RemoteProcessGroup) proceedingJoinPoint.proceed();
// get the current user
NiFiUser user = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (user != null) {
final Collection<ActionDetails> details = new ArrayList<>();
// see if any property has changed
ConfigurationRecorder.checkConfigured(CONFIG_RECORDERS, remoteProcessGroupDTO, updatedRemoteProcessGroup, previousValues, details);
final Date timestamp = new Date();
final Collection<Action> actions = new ArrayList<>();
// create the remote process group details
final FlowChangeRemoteProcessGroupDetails remoteProcessGroupDetails = createFlowChangeDetails(remoteProcessGroup);
// save the actions if necessary
if (!details.isEmpty()) {
// create the actions
for (ActionDetails detail : details) {
// create a configure action for each updated property
FlowChangeAction remoteProcessGroupAction = createFlowChangeAction(user, timestamp, updatedRemoteProcessGroup, remoteProcessGroupDetails);
remoteProcessGroupAction.setOperation(Operation.Configure);
remoteProcessGroupAction.setActionDetails(detail);
actions.add(remoteProcessGroupAction);
}
}
// determine the new executing state
boolean updatedTransmissionState = updatedRemoteProcessGroup.isTransmitting();
// determine if the running state has changed
if (transmissionState != updatedTransmissionState) {
// create a remote process group action
FlowChangeAction remoteProcessGroupAction = createFlowChangeAction(user, timestamp, updatedRemoteProcessGroup, remoteProcessGroupDetails);
// set the operation accordingly
if (updatedTransmissionState) {
remoteProcessGroupAction.setOperation(Operation.Start);
} else {
remoteProcessGroupAction.setOperation(Operation.Stop);
}
actions.add(remoteProcessGroupAction);
}
// ensure there are actions to record
if (!actions.isEmpty()) {
// save the actions
saveActions(actions, logger);
}
}
return updatedRemoteProcessGroup;
}
use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.
the class ReportingTaskAuditor method updateReportingTaskAdvice.
/**
* Audits the configuration of a reporting task.
*
* @param proceedingJoinPoint joinpoint
* @param reportingTaskDTO dto
* @param reportingTaskDAO dao
* @return object
* @throws Throwable ex
*/
@Around("within(org.apache.nifi.web.dao.ReportingTaskDAO+) && " + "execution(org.apache.nifi.controller.ReportingTaskNode updateReportingTask(org.apache.nifi.web.api.dto.ReportingTaskDTO)) && " + "args(reportingTaskDTO) && " + "target(reportingTaskDAO)")
public Object updateReportingTaskAdvice(ProceedingJoinPoint proceedingJoinPoint, ReportingTaskDTO reportingTaskDTO, ReportingTaskDAO reportingTaskDAO) throws Throwable {
// determine the initial values for each property/setting thats changing
ReportingTaskNode reportingTask = reportingTaskDAO.getReportingTask(reportingTaskDTO.getId());
final Map<String, String> values = extractConfiguredPropertyValues(reportingTask, reportingTaskDTO);
final ScheduledState scheduledState = reportingTask.getScheduledState();
// update the reporting task state
final ReportingTaskNode updatedReportingTask = (ReportingTaskNode) proceedingJoinPoint.proceed();
// if no exceptions were thrown, add the reporting task action...
reportingTask = reportingTaskDAO.getReportingTask(updatedReportingTask.getIdentifier());
// get the current user
final NiFiUser user = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (user != null) {
// determine the updated values
Map<String, String> updatedValues = extractConfiguredPropertyValues(reportingTask, reportingTaskDTO);
// create the reporting task details
FlowChangeExtensionDetails taskDetails = new FlowChangeExtensionDetails();
taskDetails.setType(reportingTask.getComponentType());
// create a reporting task action
Date actionTimestamp = new Date();
Collection<Action> actions = new ArrayList<>();
// go through each updated value
for (String property : updatedValues.keySet()) {
String newValue = updatedValues.get(property);
String oldValue = values.get(property);
Operation operation = null;
// determine the type of operation
if (oldValue == null || newValue == null || !newValue.equals(oldValue)) {
operation = Operation.Configure;
}
// create a configuration action accordingly
if (operation != null) {
// clear the value if this property is sensitive
final PropertyDescriptor propertyDescriptor = reportingTask.getReportingTask().getPropertyDescriptor(property);
if (propertyDescriptor != null && propertyDescriptor.isSensitive()) {
if (newValue != null) {
newValue = "********";
}
if (oldValue != null) {
oldValue = "********";
}
} else if (ANNOTATION_DATA.equals(property)) {
if (newValue != null) {
newValue = "<annotation data not shown>";
}
if (oldValue != null) {
oldValue = "<annotation data not shown>";
}
}
final FlowChangeConfigureDetails actionDetails = new FlowChangeConfigureDetails();
actionDetails.setName(property);
actionDetails.setValue(newValue);
actionDetails.setPreviousValue(oldValue);
// create a configuration action
FlowChangeAction configurationAction = new FlowChangeAction();
configurationAction.setUserIdentity(user.getIdentity());
configurationAction.setOperation(operation);
configurationAction.setTimestamp(actionTimestamp);
configurationAction.setSourceId(reportingTask.getIdentifier());
configurationAction.setSourceName(reportingTask.getName());
configurationAction.setSourceType(Component.ReportingTask);
configurationAction.setComponentDetails(taskDetails);
configurationAction.setActionDetails(actionDetails);
actions.add(configurationAction);
}
}
// determine the new executing state
final ScheduledState updatedScheduledState = reportingTask.getScheduledState();
// determine if the running state has changed and its not disabled
if (scheduledState != updatedScheduledState) {
// create a reporting task action
FlowChangeAction taskAction = new FlowChangeAction();
taskAction.setUserIdentity(user.getIdentity());
taskAction.setTimestamp(new Date());
taskAction.setSourceId(reportingTask.getIdentifier());
taskAction.setSourceName(reportingTask.getName());
taskAction.setSourceType(Component.ReportingTask);
taskAction.setComponentDetails(taskDetails);
// set the operation accordingly
if (ScheduledState.RUNNING.equals(updatedScheduledState)) {
taskAction.setOperation(Operation.Start);
} else if (ScheduledState.DISABLED.equals(updatedScheduledState)) {
taskAction.setOperation(Operation.Disable);
} else {
// state is now stopped... consider the previous state
if (ScheduledState.RUNNING.equals(scheduledState)) {
taskAction.setOperation(Operation.Stop);
} else if (ScheduledState.DISABLED.equals(scheduledState)) {
taskAction.setOperation(Operation.Enable);
}
}
actions.add(taskAction);
}
// ensure there are actions to record
if (!actions.isEmpty()) {
// save the actions
saveActions(actions, logger);
}
}
return updatedReportingTask;
}
use of org.apache.nifi.authorization.user.NiFiUser in project nifi by apache.
the class UserAuditor method updateUserAdvice.
/**
* Audits the configuration of a single user.
*
* @param proceedingJoinPoint join point
* @param userDTO dto
* @param userDAO dao
* @return node
* @throws Throwable ex
*/
@Around("within(org.apache.nifi.web.dao.UserDAO+) && " + "execution(org.apache.nifi.authorization.User updateUser(org.apache.nifi.web.api.dto.UserDTO)) && " + "args(userDTO) && " + "target(userDAO)")
public User updateUserAdvice(ProceedingJoinPoint proceedingJoinPoint, UserDTO userDTO, UserDAO userDAO) throws Throwable {
// determine the initial values for each property/setting that's changing
User user = userDAO.getUser(userDTO.getId());
final Map<String, String> values = extractConfiguredPropertyValues(user, userDTO);
// update the user state
final User updatedUser = (User) proceedingJoinPoint.proceed();
// if no exceptions were thrown, add the user action...
user = userDAO.getUser(updatedUser.getIdentifier());
// get the current user
NiFiUser niFiUser = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (niFiUser != null) {
// determine the updated values
Map<String, String> updatedValues = extractConfiguredPropertyValues(user, userDTO);
// create a user action
Date actionTimestamp = new Date();
Collection<Action> actions = new ArrayList<>();
// go through each updated value
for (String property : updatedValues.keySet()) {
String newValue = updatedValues.get(property);
String oldValue = values.get(property);
Operation operation = null;
// determine the type of operation
if (oldValue == null || newValue == null || !newValue.equals(oldValue)) {
operation = Operation.Configure;
}
// create a configuration action accordingly
if (operation != null) {
final FlowChangeConfigureDetails actionDetails = new FlowChangeConfigureDetails();
actionDetails.setName(property);
actionDetails.setValue(newValue);
actionDetails.setPreviousValue(oldValue);
// create a configuration action
FlowChangeAction configurationAction = new FlowChangeAction();
configurationAction.setUserIdentity(niFiUser.getIdentity());
configurationAction.setOperation(operation);
configurationAction.setTimestamp(actionTimestamp);
configurationAction.setSourceId(user.getIdentifier());
configurationAction.setSourceName(user.getIdentity());
configurationAction.setSourceType(Component.User);
configurationAction.setActionDetails(actionDetails);
actions.add(configurationAction);
}
}
// ensure there are actions to record
if (!actions.isEmpty()) {
// save the actions
saveActions(actions, logger);
}
}
return updatedUser;
}
Aggregations