use of org.apache.nifi.registry.authorization.UserGroup in project nifi-registry by apache.
the class AuthorizationService method userGroupToDTO.
private UserGroup userGroupToDTO(final org.apache.nifi.registry.security.authorization.Group userGroup) {
if (userGroup == null) {
return null;
}
Collection<Tenant> userTenants = userGroup.getUsers() != null ? userGroup.getUsers().stream().map(this::tenantIdToDTO).collect(Collectors.toSet()) : null;
Collection<AccessPolicySummary> accessPolicySummaries = getAccessPolicySummariesForUserGroup(userGroup.getIdentifier());
UserGroup userGroupDTO = new UserGroup(userGroup.getIdentifier(), userGroup.getName());
userGroupDTO.setConfigurable(AuthorizerCapabilityDetection.isGroupConfigurable(authorizer, userGroup));
userGroupDTO.setResourcePermissions(getTopLevelPermissions(userGroupDTO.getIdentifier()));
userGroupDTO.addUsers(userTenants);
userGroupDTO.addAccessPolicies(accessPolicySummaries);
return userGroupDTO;
}
use of org.apache.nifi.registry.authorization.UserGroup in project nifi-registry by apache.
the class TenantResource method getUserGroup.
/**
* Retrieves the specified user group.
*
* @param identifier The id of the user group to retrieve
* @return An userGroupEntity.
*/
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("user-groups/{id}")
@ApiOperation(value = "Gets a user group", notes = NON_GUARANTEED_ENDPOINT, response = UserGroup.class, extensions = { @Extension(name = "access-policy", properties = { @ExtensionProperty(name = "action", value = "read"), @ExtensionProperty(name = "resource", value = "/tenants") }) })
@ApiResponses({ @ApiResponse(code = 400, message = HttpStatusMessages.MESSAGE_400), @ApiResponse(code = 401, message = HttpStatusMessages.MESSAGE_401), @ApiResponse(code = 403, message = HttpStatusMessages.MESSAGE_403), @ApiResponse(code = 404, message = HttpStatusMessages.MESSAGE_404), @ApiResponse(code = 409, message = HttpStatusMessages.MESSAGE_409) })
public Response getUserGroup(@ApiParam(value = "The user group id.", required = true) @PathParam("id") final String identifier) {
verifyAuthorizerIsManaged();
authorizeAccess(RequestAction.READ);
final UserGroup userGroup = authorizationService.getUserGroup(identifier);
if (userGroup == null) {
logger.warn("The specified user group id [{}] does not exist.", identifier);
throw new ResourceNotFoundException("The specified user group ID does not exist in this registry.");
}
return generateOkResponse(userGroup).build();
}
Aggregations