Example 1 with Tenant
use of org.apache.nifi.registry.authorization.Tenant in project nifi-registry by apache.
the class AuthorizationService method tenantToDTO.
private Tenant tenantToDTO(org.apache.nifi.registry.security.authorization.Group group) {
if (group == null) {
return null;
}
Tenant tenantDTO = new Tenant(group.getIdentifier(), group.getName());
tenantDTO.setConfigurable(AuthorizerCapabilityDetection.isGroupConfigurable(authorizer, group));
return tenantDTO;
}
Also used :
Tenant(org.apache.nifi.registry.authorization.Tenant)
Example 2 with Tenant
use of org.apache.nifi.registry.authorization.Tenant in project nifi-registry by apache.
the class AuthorizationService method userToDTO.
private User userToDTO(final org.apache.nifi.registry.security.authorization.User user) {
if (user == null) {
return null;
}
String userIdentifier = user.getIdentifier();
Collection<Tenant> groupsContainingUser = userGroupProvider.getGroups().stream().filter(group -> group.getUsers().contains(userIdentifier)).map(this::tenantToDTO).collect(Collectors.toList());
Collection<AccessPolicySummary> accessPolicySummaries = getAccessPolicySummariesForUser(userIdentifier);
User userDTO = new User(user.getIdentifier(), user.getIdentity());
userDTO.setConfigurable(AuthorizerCapabilityDetection.isUserConfigurable(authorizer, user));
userDTO.setResourcePermissions(getTopLevelPermissions(userDTO.getIdentifier()));
userDTO.addUserGroups(groupsContainingUser);
userDTO.addAccessPolicies(accessPolicySummaries);
return userDTO;
}
Also used :
Tenant(org.apache.nifi.registry.authorization.Tenant)
User(org.apache.nifi.registry.authorization.User)
NiFiUser(org.apache.nifi.registry.security.authorization.user.NiFiUser)
CurrentUser(org.apache.nifi.registry.authorization.CurrentUser)
AccessPolicySummary(org.apache.nifi.registry.authorization.AccessPolicySummary)
Example 3 with Tenant
use of org.apache.nifi.registry.authorization.Tenant in project nifi-registry by apache.
the class AuthorizationService method tenantToDTO.
private Tenant tenantToDTO(org.apache.nifi.registry.security.authorization.User user) {
if (user == null) {
return null;
}
Tenant tenantDTO = new Tenant(user.getIdentifier(), user.getIdentity());
tenantDTO.setConfigurable(AuthorizerCapabilityDetection.isUserConfigurable(authorizer, user));
return tenantDTO;
}
Also used :
Tenant(org.apache.nifi.registry.authorization.Tenant)
Example 4 with Tenant
use of org.apache.nifi.registry.authorization.Tenant in project nifi-registry by apache.
the class SecureFileIT method testCreateUserGroup.
@Test
public void testCreateUserGroup() throws Exception {
// Given: the server has been configured with FileUserGroupProvider, which is configurable,
// and: the initial admin client wants to create a tenant
Tenant tenant = new Tenant();
tenant.setIdentity("New Group");
// When: the POST /tenants/user-groups endpoint is used
final Response createUserGroupResponse = client.target(createURL("tenants/user-groups")).request().post(Entity.entity(tenant, MediaType.APPLICATION_JSON_TYPE), Response.class);
// Then: 201 created is returned with the expected group
assertEquals(201, createUserGroupResponse.getStatus());
UserGroup actualUserGroup = createUserGroupResponse.readEntity(UserGroup.class);
assertNotNull(actualUserGroup.getIdentifier());
try {
assertEquals(tenant.getIdentity(), actualUserGroup.getIdentity());
assertEquals(true, actualUserGroup.getConfigurable());
assertEquals(0, actualUserGroup.getUsers().size());
assertEquals(0, actualUserGroup.getAccessPolicies().size());
assertEquals(new ResourcePermissions(), actualUserGroup.getResourcePermissions());
} finally {
// cleanup user for other tests
client.target(createURL("tenants/user-groups/" + actualUserGroup.getIdentifier())).request().delete();
}
}
Also used :
Response(javax.ws.rs.core.Response)
Tenant(org.apache.nifi.registry.authorization.Tenant)
UserGroup(org.apache.nifi.registry.authorization.UserGroup)
ResourcePermissions(org.apache.nifi.registry.authorization.ResourcePermissions)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 5 with Tenant
use of org.apache.nifi.registry.authorization.Tenant in project nifi-registry by apache.
the class SecureLdapIT method getTenantIdentifierByIdentity.
/**
* A helper method to lookup identifiers for tenant identities using the REST API
*
* @param tenantIdentity - the identity to lookup
* @return A string containing the identifier of the tenant, or null if the tenant identity is not found.
*/
private String getTenantIdentifierByIdentity(String tenantIdentity) {
final Tenant[] users = client.target(createURL("tenants/users")).request().header("Authorization", "Bearer " + adminAuthToken).get(Tenant[].class);
final Tenant[] groups = client.target(createURL("tenants/user-groups")).request().header("Authorization", "Bearer " + adminAuthToken).get(Tenant[].class);
final Tenant matchedTenant = Stream.concat(Arrays.stream(users), Arrays.stream(groups)).filter(tenant -> tenant.getIdentity().equalsIgnoreCase(tenantIdentity)).findFirst().orElse(null);
return matchedTenant != null ? matchedTenant.getIdentifier() : null;
}
Also used :
Tenant(org.apache.nifi.registry.authorization.Tenant)
Aggregations
Tenant (org.apache.nifi.registry.authorization.Tenant)9
Response (javax.ws.rs.core.Response)4
Test (org.junit.Test)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
AccessPolicySummary (org.apache.nifi.registry.authorization.AccessPolicySummary)2
CurrentUser (org.apache.nifi.registry.authorization.CurrentUser)2
ResourcePermissions (org.apache.nifi.registry.authorization.ResourcePermissions)2
User (org.apache.nifi.registry.authorization.User)2
UserGroup (org.apache.nifi.registry.authorization.UserGroup)2
AccessPolicy (org.apache.nifi.registry.authorization.AccessPolicy)1
Permissions (org.apache.nifi.registry.authorization.Permissions)1
Bucket (org.apache.nifi.registry.bucket.Bucket)1
NiFiUser (org.apache.nifi.registry.security.authorization.user.NiFiUser)1
