use of org.apache.nifi.registry.authorization.ResourcePermissions in project nifi-registry by apache.
the class AuthorizationService method getTopLevelPermissions.
private ResourcePermissions getTopLevelPermissions(String tenantIdentifier) {
ResourcePermissions resourcePermissions = new ResourcePermissions();
final Permissions bucketsPermissions = getPermissionsForResource(tenantIdentifier, ResourceFactory.getBucketsResource());
resourcePermissions.setBuckets(bucketsPermissions);
final Permissions policiesPermissions = getPermissionsForResource(tenantIdentifier, ResourceFactory.getPoliciesResource());
resourcePermissions.setPolicies(policiesPermissions);
final Permissions tenantsPermissions = getPermissionsForResource(tenantIdentifier, ResourceFactory.getTenantsResource());
resourcePermissions.setTenants(tenantsPermissions);
final Permissions proxyPermissions = getPermissionsForResource(tenantIdentifier, ResourceFactory.getProxyResource());
resourcePermissions.setProxy(proxyPermissions);
return resourcePermissions;
}
use of org.apache.nifi.registry.authorization.ResourcePermissions in project nifi-registry by apache.
the class AuthorizationService method getTopLevelPermissions.
private ResourcePermissions getTopLevelPermissions() {
NiFiUser user = NiFiUserUtils.getNiFiUser();
ResourcePermissions resourcePermissions = new ResourcePermissions();
final Permissions bucketsPermissions = getPermissionsForResource(authorizableLookup.getBucketsAuthorizable());
resourcePermissions.setBuckets(bucketsPermissions);
final Permissions policiesPermissions = getPermissionsForResource(authorizableLookup.getPoliciesAuthorizable());
resourcePermissions.setPolicies(policiesPermissions);
final Permissions tenantsPermissions = getPermissionsForResource(authorizableLookup.getTenantsAuthorizable());
resourcePermissions.setTenants(tenantsPermissions);
final Permissions proxyPermissions = getPermissionsForResource(authorizableLookup.getProxyAuthorizable());
resourcePermissions.setProxy(proxyPermissions);
return resourcePermissions;
}
use of org.apache.nifi.registry.authorization.ResourcePermissions in project nifi-registry by apache.
the class SecureFileIT method testCreateUserGroup.
@Test
public void testCreateUserGroup() throws Exception {
// Given: the server has been configured with FileUserGroupProvider, which is configurable,
// and: the initial admin client wants to create a tenant
Tenant tenant = new Tenant();
tenant.setIdentity("New Group");
// When: the POST /tenants/user-groups endpoint is used
final Response createUserGroupResponse = client.target(createURL("tenants/user-groups")).request().post(Entity.entity(tenant, MediaType.APPLICATION_JSON_TYPE), Response.class);
// Then: 201 created is returned with the expected group
assertEquals(201, createUserGroupResponse.getStatus());
UserGroup actualUserGroup = createUserGroupResponse.readEntity(UserGroup.class);
assertNotNull(actualUserGroup.getIdentifier());
try {
assertEquals(tenant.getIdentity(), actualUserGroup.getIdentity());
assertEquals(true, actualUserGroup.getConfigurable());
assertEquals(0, actualUserGroup.getUsers().size());
assertEquals(0, actualUserGroup.getAccessPolicies().size());
assertEquals(new ResourcePermissions(), actualUserGroup.getResourcePermissions());
} finally {
// cleanup user for other tests
client.target(createURL("tenants/user-groups/" + actualUserGroup.getIdentifier())).request().delete();
}
}
use of org.apache.nifi.registry.authorization.ResourcePermissions in project nifi-registry by apache.
the class SecureFileIT method testCreateUser.
@Test
public void testCreateUser() throws Exception {
// Given: the server has been configured with FileUserGroupProvider, which is configurable,
// and: the initial admin client wants to create a tenant
Tenant tenant = new Tenant();
tenant.setIdentity("New User");
// When: the POST /tenants/users endpoint is accessed
final Response createUserResponse = client.target(createURL("tenants/users")).request().post(Entity.entity(tenant, MediaType.APPLICATION_JSON_TYPE), Response.class);
// Then: "201 created" is returned with the expected user
assertEquals(201, createUserResponse.getStatus());
User actualUser = createUserResponse.readEntity(User.class);
assertNotNull(actualUser.getIdentifier());
try {
assertEquals(tenant.getIdentity(), actualUser.getIdentity());
assertEquals(true, actualUser.getConfigurable());
assertEquals(0, actualUser.getUserGroups().size());
assertEquals(0, actualUser.getAccessPolicies().size());
assertEquals(new ResourcePermissions(), actualUser.getResourcePermissions());
} finally {
// cleanup user for other tests
client.target(createURL("tenants/users/" + actualUser.getIdentifier())).request().delete();
}
}
Aggregations