Examples with EventAuthorizer org.apache.nifi.provenance.authorization.EventAuthorizer used on opensource projects

Example 6 with EventAuthorizer

use of org.apache.nifi.provenance.authorization.EventAuthorizer in project nifi by apache.

the class TestPartitionedWriteAheadEventStore method testGetSpecificEventIds.

@Test
public void testGetSpecificEventIds() throws IOException {
    final RepositoryConfiguration config = createConfig();
    final PartitionedWriteAheadEventStore store = new PartitionedWriteAheadEventStore(config, writerFactory, readerFactory, EventReporter.NO_OP, new EventFileManager());
    store.initialize();
    final int numEvents = 20;
    final List<ProvenanceEventRecord> events = new ArrayList<>(numEvents);
    for (int i = 0; i < numEvents; i++) {
        final ProvenanceEventRecord event = createEvent();
        store.addEvents(Collections.singleton(event));
        events.add(event);
    }
    final EventAuthorizer allowEvenNumberedEventIds = new EventAuthorizer() {

        @Override
        public boolean isAuthorized(final ProvenanceEventRecord event) {
            return event.getEventId() % 2 == 0L;
        }

        @Override
        public void authorize(ProvenanceEventRecord event) throws AccessDeniedException {
            if (!isAuthorized(event)) {
                throw new AccessDeniedException();
            }
        }
    };
    final List<Long> evenEventIds = new ArrayList<>();
    final List<Long> oddEventIds = new ArrayList<>();
    final List<Long> allEventIds = new ArrayList<>();
    for (int i = 0; i < 20; i++) {
        final Long id = Long.valueOf(i);
        allEventIds.add(id);
        if (i % 2 == 0) {
            evenEventIds.add(id);
        } else {
            oddEventIds.add(id);
        }
    }
    final List<ProvenanceEventRecord> storedEvents = store.getEvents(evenEventIds, allowEvenNumberedEventIds, EventTransformer.EMPTY_TRANSFORMER);
    assertEquals(numEvents / 2, storedEvents.size());
    for (int i = 0; i < storedEvents.size(); i++) {
        assertEquals(events.get(i * 2), storedEvents.get(i));
    }
    assertTrue(store.getEvents(oddEventIds, allowEvenNumberedEventIds, EventTransformer.EMPTY_TRANSFORMER).isEmpty());
    final List<ProvenanceEventRecord> allStoredEvents = store.getEvents(allEventIds, EventAuthorizer.GRANT_ALL, EventTransformer.EMPTY_TRANSFORMER);
    assertEquals(events, allStoredEvents);
}

Example 7 with EventAuthorizer

use of org.apache.nifi.provenance.authorization.EventAuthorizer in project nifi by apache.

the class TestPartitionedWriteAheadEventStore method testGetEventsWithMinIdAndCountWithAuthorizer.

@Test
public void testGetEventsWithMinIdAndCountWithAuthorizer() throws IOException {
    final RepositoryConfiguration config = createConfig();
    final PartitionedWriteAheadEventStore store = new PartitionedWriteAheadEventStore(config, writerFactory, readerFactory, EventReporter.NO_OP, new EventFileManager());
    store.initialize();
    final int numEvents = 20;
    final List<ProvenanceEventRecord> events = new ArrayList<>(numEvents);
    for (int i = 0; i < numEvents; i++) {
        final ProvenanceEventRecord event = createEvent();
        store.addEvents(Collections.singleton(event));
        events.add(event);
    }
    final EventAuthorizer allowEventNumberedEventIds = new EventAuthorizer() {

        @Override
        public boolean isAuthorized(final ProvenanceEventRecord event) {
            return event.getEventId() % 2 == 0L;
        }

        @Override
        public void authorize(ProvenanceEventRecord event) throws AccessDeniedException {
            if (!isAuthorized(event)) {
                throw new AccessDeniedException();
            }
        }
    };
    final List<ProvenanceEventRecord> storedEvents = store.getEvents(0, 20, allowEventNumberedEventIds, EventTransformer.EMPTY_TRANSFORMER);
    assertEquals(numEvents / 2, storedEvents.size());
    for (int i = 0; i < storedEvents.size(); i++) {
        assertEquals(events.get(i * 2), storedEvents.get(i));
    }
}

Example 8 with EventAuthorizer

use of org.apache.nifi.provenance.authorization.EventAuthorizer in project nifi by apache.

the class PartitionedEventStore method getEvents.

private List<ProvenanceEventRecord> getEvents(final int maxRecords, final EventAuthorizer authorizer, final Function<EventStorePartition, EventIterator> eventIteratorFactory, final EventTransformer transformer) throws IOException {
    if (maxRecords < 1) {
        return Collections.emptyList();
    }
    final List<ProvenanceEventRecord> selectedEvents = new ArrayList<>();
    // Create a Map so that the key is the next record available from a partition and the value is the EventIterator from which
    // the record came. This sorted map is then used so that we are able to always get the first entry, which is the next
    // lowest record id among all partitions.
    final SortedMap<ProvenanceEventRecord, EventIterator> recordToIteratorMap = new TreeMap<>((o1, o2) -> Long.compare(o1.getEventId(), o2.getEventId()));
    try {
        // Seed our map with the first event in each Partition.
        for (final EventStorePartition partition : getPartitions()) {
            final EventAuthorizer nonNullAuthorizer = authorizer == null ? EventAuthorizer.GRANT_ALL : authorizer;
            final EventIterator partitionIterator = eventIteratorFactory.apply(partition);
            final EventIterator iterator = new AuthorizingEventIterator(partitionIterator, nonNullAuthorizer, transformer);
            final Optional<ProvenanceEventRecord> option = iterator.nextEvent();
            if (option.isPresent()) {
                recordToIteratorMap.put(option.get(), iterator);
            }
        }
        // If no records found, just return the empty list.
        if (recordToIteratorMap.isEmpty()) {
            return selectedEvents;
        }
        // Get the event with the next-lowest ID. Add it to the list of selected events,
        // then read the next event from the same EventIterator that this event came from.
        // This ensures that our map is always populated with the next event for each
        // EventIterator, which also ensures that the first key in our map is the event
        // with the lowest ID (since all events from a given EventIterator have monotonically
        // increasing Event ID's).
        ProvenanceEventRecord nextEvent = recordToIteratorMap.firstKey();
        while (nextEvent != null && selectedEvents.size() < maxRecords) {
            selectedEvents.add(nextEvent);
            final EventIterator iterator = recordToIteratorMap.remove(nextEvent);
            final Optional<ProvenanceEventRecord> nextRecordFromIterator = iterator.nextEvent();
            if (nextRecordFromIterator.isPresent()) {
                recordToIteratorMap.put(nextRecordFromIterator.get(), iterator);
            }
            nextEvent = recordToIteratorMap.isEmpty() ? null : recordToIteratorMap.firstKey();
        }
        return selectedEvents;
    } finally {
        // Ensure that we close all record readers that have been created
        for (final EventIterator iterator : recordToIteratorMap.values()) {
            try {
                iterator.close();
            } catch (final Exception e) {
                if (logger.isDebugEnabled()) {
                    logger.warn("Failed to close Record Reader {}", iterator, e);
                } else {
                    logger.warn("Failed to close Record Reader {}", iterator);
                }
            }
        }
    }
}