Examples with Group org.apache.nifi.registry.security.authorization.Group used on opensource projects

Search in sources :

Example 16 with Group

use of org.apache.nifi.registry.security.authorization.Group in project nifi-registry by apache.

the class FileUserGroupProvider method getFingerprint.

@Override
public String getFingerprint() throws AuthorizationAccessException {
    final UserGroupHolder usersAndGroups = userGroupHolder.get();
    final List<User> users = new ArrayList<>(usersAndGroups.getAllUsers());
    Collections.sort(users, Comparator.comparing(User::getIdentifier));
    final List<Group> groups = new ArrayList<>(usersAndGroups.getAllGroups());
    Collections.sort(groups, Comparator.comparing(Group::getIdentifier));
    XMLStreamWriter writer = null;
    final StringWriter out = new StringWriter();
    try {
        writer = XML_OUTPUT_FACTORY.createXMLStreamWriter(out);
        writer.writeStartDocument();
        writer.writeStartElement("tenants");
        for (User user : users) {
            writeUser(writer, user);
        }
        for (Group group : groups) {
            writeGroup(writer, group);
        }
        writer.writeEndElement();
        writer.writeEndDocument();
        writer.flush();
    } catch (XMLStreamException e) {
        throw new AuthorizationAccessException("Unable to generate fingerprint", e);
    } finally {
        if (writer != null) {
            try {
                writer.close();
            } catch (XMLStreamException e) {
            // nothing to do here
            }
        }
    }
    return out.toString();
}
Also used : Group(org.apache.nifi.registry.security.authorization.Group) AuthorizationAccessException(org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException) User(org.apache.nifi.registry.security.authorization.User) StringWriter(java.io.StringWriter) XMLStreamException(javax.xml.stream.XMLStreamException) XMLStreamWriter(javax.xml.stream.XMLStreamWriter) ArrayList(java.util.ArrayList)

Example 17 with Group

use of org.apache.nifi.registry.security.authorization.Group in project nifi-registry by apache.

the class FileUserGroupProvider method deleteUser.

@Override
public synchronized User deleteUser(String userIdentifier) throws AuthorizationAccessException {
    if (userIdentifier == null) {
        throw new IllegalArgumentException("User identifier cannot be null");
    }
    final UserGroupHolder holder = userGroupHolder.get();
    final User deletedUser = holder.getUsersById().get(userIdentifier);
    if (deletedUser == null) {
        return null;
    }
    // for each group iterate over the user references and remove the user reference if it matches the user being deleted
    final Tenants tenants = holder.getTenants();
    for (org.apache.nifi.registry.security.authorization.file.tenants.generated.Group group : tenants.getGroups().getGroup()) {
        Iterator<org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User> groupUserIter = group.getUser().iterator();
        while (groupUserIter.hasNext()) {
            org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User groupUser = groupUserIter.next();
            if (groupUser.getIdentifier().equals(userIdentifier)) {
                groupUserIter.remove();
                break;
            }
        }
    }
    // remove the actual user
    Iterator<org.apache.nifi.registry.security.authorization.file.tenants.generated.User> iter = tenants.getUsers().getUser().iterator();
    while (iter.hasNext()) {
        org.apache.nifi.registry.security.authorization.file.tenants.generated.User jaxbUser = iter.next();
        if (userIdentifier.equals(jaxbUser.getIdentifier())) {
            iter.remove();
            break;
        }
    }
    saveAndRefreshHolder(tenants);
    return deletedUser;
}
Also used : Group(org.apache.nifi.registry.security.authorization.Group) User(org.apache.nifi.registry.security.authorization.User) Tenants(org.apache.nifi.registry.security.authorization.file.tenants.generated.Tenants)

Example 18 with Group

use of org.apache.nifi.registry.security.authorization.Group in project nifi-registry by apache.

the class FileUserGroupProvider method addGroup.

@Override
public synchronized Group addGroup(Group group) throws AuthorizationAccessException {
    if (group == null) {
        throw new IllegalArgumentException("Group cannot be null");
    }
    final UserGroupHolder holder = userGroupHolder.get();
    final Tenants tenants = holder.getTenants();
    // create a new JAXB Group based on the incoming Group
    final org.apache.nifi.registry.security.authorization.file.tenants.generated.Group jaxbGroup = new org.apache.nifi.registry.security.authorization.file.tenants.generated.Group();
    jaxbGroup.setIdentifier(group.getIdentifier());
    jaxbGroup.setName(group.getName());
    // add each user to the group
    for (String groupUser : group.getUsers()) {
        org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User jaxbGroupUser = new org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User();
        jaxbGroupUser.setIdentifier(groupUser);
        jaxbGroup.getUser().add(jaxbGroupUser);
    }
    tenants.getGroups().getGroup().add(jaxbGroup);
    saveAndRefreshHolder(tenants);
    return userGroupHolder.get().getGroupsById().get(group.getIdentifier());
}
Also used : Group(org.apache.nifi.registry.security.authorization.Group) User(org.apache.nifi.registry.security.authorization.User) Tenants(org.apache.nifi.registry.security.authorization.file.tenants.generated.Tenants)

Example 19 with Group

use of org.apache.nifi.registry.security.authorization.Group in project nifi-registry by apache.

the class AuthorizationService method createUserGroup.

// ---------------------- User Group methods --------------------------------------
public UserGroup createUserGroup(UserGroup userGroup) {
    verifyUserGroupProviderIsConfigurable();
    writeLock.lock();
    try {
        final org.apache.nifi.registry.security.authorization.Group createdGroup = ((ConfigurableUserGroupProvider) userGroupProvider).addGroup(userGroupFromDTO(userGroup));
        return userGroupToDTO(createdGroup);
    } finally {
        writeLock.unlock();
    }
}
Also used : Group(org.apache.nifi.registry.security.authorization.Group) ConfigurableUserGroupProvider(org.apache.nifi.registry.security.authorization.ConfigurableUserGroupProvider)

Example 20 with Group

use of org.apache.nifi.registry.security.authorization.Group in project nifi-registry by apache.

the class LdapUserGroupProviderTest method testReferencedGroupUsingReferencedAttribute.

@Test
public void testReferencedGroupUsingReferencedAttribute() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration("ou=users-2,o=nifi", "ou=groups-2,o=nifi");
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid"));
    // using description in lieu of member
    when(configurationContext.getProperty(PROP_USER_GROUP_ATTRIBUTE)).thenReturn(new StandardPropertyValue("description"));
    when(configurationContext.getProperty(PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn"));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue("cn"));
    // using room because groupOfNames requires a member
    when(configurationContext.getProperty(PROP_GROUP_OBJECT_CLASS)).thenReturn(new StandardPropertyValue("room"));
    ldapUserGroupProvider.onConfigured(configurationContext);
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(1, groups.size());
    final Group team3 = groups.stream().filter(group -> "team3".equals(group.getName())).findFirst().orElse(null);
    assertNotNull(team3);
    assertEquals(1, team3.getUsers().size());
    assertEquals(1, team3.getUsers().stream().map(userIdentifier -> ldapUserGroupProvider.getUser(userIdentifier)).filter(user -> "user9".equals(user.getIdentity())).count());
}
Also used : CreateTransport(org.apache.directory.server.annotations.CreateTransport) PROP_URL(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_URL) PROP_USER_GROUP_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_ATTRIBUTE) PROP_USER_IDENTITY_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_IDENTITY_ATTRIBUTE) PROP_CONNECT_TIMEOUT(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT) PROP_USER_SEARCH_FILTER(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_FILTER) CreateLdapServer(org.apache.directory.server.annotations.CreateLdapServer) CreatePartition(org.apache.directory.server.core.annotations.CreatePartition) Set(java.util.Set) PROP_PAGE_SIZE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_PAGE_SIZE) LdapAuthenticationStrategy(org.apache.nifi.registry.security.ldap.LdapAuthenticationStrategy) PROP_GROUP_SEARCH_SCOPE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_SCOPE) PROP_GROUP_OBJECT_CLASS(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_OBJECT_CLASS) Assert.assertFalse(org.junit.Assert.assertFalse) PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE) PROP_SYNC_INTERVAL(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_SYNC_INTERVAL) Mockito.mock(org.mockito.Mockito.mock) ReferralStrategy(org.apache.nifi.registry.security.ldap.ReferralStrategy) PROP_GROUP_SEARCH_FILTER(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_FILTER) PROP_USER_SEARCH_SCOPE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_SCOPE) RunWith(org.junit.runner.RunWith) CreateDS(org.apache.directory.server.core.annotations.CreateDS) Matchers.anyString(org.mockito.Matchers.anyString) PROP_GROUP_MEMBER_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_MEMBER_ATTRIBUTE) ApplyLdifFiles(org.apache.directory.server.core.annotations.ApplyLdifFiles) Group(org.apache.nifi.registry.security.authorization.Group) PROP_GROUP_NAME_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_NAME_ATTRIBUTE) PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE) PROP_USER_SEARCH_BASE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_SEARCH_BASE) UserGroupProviderInitializationContext(org.apache.nifi.registry.security.authorization.UserGroupProviderInitializationContext) NiFiRegistryProperties(org.apache.nifi.registry.properties.NiFiRegistryProperties) UserAndGroups(org.apache.nifi.registry.security.authorization.UserAndGroups) FrameworkRunner(org.apache.directory.server.core.integ.FrameworkRunner) Before(org.junit.Before) PROP_AUTHENTICATION_STRATEGY(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY) Properties(java.util.Properties) PROP_USER_OBJECT_CLASS(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_USER_OBJECT_CLASS) SecurityProviderCreationException(org.apache.nifi.registry.security.exception.SecurityProviderCreationException) Assert.assertNotNull(org.junit.Assert.assertNotNull) PROP_MANAGER_DN(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_DN) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) StandardPropertyValue(org.apache.nifi.registry.util.StandardPropertyValue) PROP_MANAGER_PASSWORD(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_MANAGER_PASSWORD) Mockito(org.mockito.Mockito) AuthorizerConfigurationContext(org.apache.nifi.registry.security.authorization.AuthorizerConfigurationContext) PROP_REFERRAL_STRATEGY(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_REFERRAL_STRATEGY) PROP_READ_TIMEOUT(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_READ_TIMEOUT) AbstractLdapTestUnit(org.apache.directory.server.core.integ.AbstractLdapTestUnit) PROP_GROUP_SEARCH_BASE(org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider.PROP_GROUP_SEARCH_BASE) Assert.assertEquals(org.junit.Assert.assertEquals) Group(org.apache.nifi.registry.security.authorization.Group) StandardPropertyValue(org.apache.nifi.registry.util.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.registry.security.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Aggregations

Group (org.apache.nifi.registry.security.authorization.Group)26 AuthorizerConfigurationContext (org.apache.nifi.registry.security.authorization.AuthorizerConfigurationContext)14 Test (org.junit.Test)13 StandardPropertyValue (org.apache.nifi.registry.util.StandardPropertyValue)12 Set (java.util.Set)11 UserAndGroups (org.apache.nifi.registry.security.authorization.UserAndGroups)11 NiFiRegistryProperties (org.apache.nifi.registry.properties.NiFiRegistryProperties)9 User (org.apache.nifi.registry.security.authorization.User)9 UserGroupProviderInitializationContext (org.apache.nifi.registry.security.authorization.UserGroupProviderInitializationContext)9 SecurityProviderCreationException (org.apache.nifi.registry.security.exception.SecurityProviderCreationException)9 LdapAuthenticationStrategy (org.apache.nifi.registry.security.ldap.LdapAuthenticationStrategy)9 ReferralStrategy (org.apache.nifi.registry.security.ldap.ReferralStrategy)9 Properties (java.util.Properties)8 CreateLdapServer (org.apache.directory.server.annotations.CreateLdapServer)8 CreateTransport (org.apache.directory.server.annotations.CreateTransport)8 ApplyLdifFiles (org.apache.directory.server.core.annotations.ApplyLdifFiles)8 CreateDS (org.apache.directory.server.core.annotations.CreateDS)8 CreatePartition (org.apache.directory.server.core.annotations.CreatePartition)8 AbstractLdapTestUnit (org.apache.directory.server.core.integ.AbstractLdapTestUnit)8 FrameworkRunner (org.apache.directory.server.core.integ.FrameworkRunner)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial