Example 6 with User
use of org.apache.nifi.registry.security.authorization.User in project nifi-registry by apache.
the class FileUserGroupProvider method parseUsersAndGroups.
private UsersAndGroups parseUsersAndGroups(final String fingerprint) {
final List<User> users = new ArrayList<>();
final List<Group> groups = new ArrayList<>();
final byte[] fingerprintBytes = fingerprint.getBytes(StandardCharsets.UTF_8);
try (final ByteArrayInputStream in = new ByteArrayInputStream(fingerprintBytes)) {
final DocumentBuilder docBuilder = DOCUMENT_BUILDER_FACTORY.newDocumentBuilder();
final Document document = docBuilder.parse(in);
final Element rootElement = document.getDocumentElement();
// parse all the users and add them to the current user group provider
NodeList userNodes = rootElement.getElementsByTagName(USER_ELEMENT);
for (int i = 0; i < userNodes.getLength(); i++) {
Node userNode = userNodes.item(i);
users.add(parseUser((Element) userNode));
}
// parse all the groups and add them to the current user group provider
NodeList groupNodes = rootElement.getElementsByTagName(GROUP_ELEMENT);
for (int i = 0; i < groupNodes.getLength(); i++) {
Node groupNode = groupNodes.item(i);
groups.add(parseGroup((Element) groupNode));
}
} catch (SAXException | ParserConfigurationException | IOException e) {
throw new AuthorizationAccessException("Unable to parse fingerprint", e);
}
return new UsersAndGroups(users, groups);
}
Also used :
Group(org.apache.nifi.registry.security.authorization.Group)
User(org.apache.nifi.registry.security.authorization.User)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
Document(org.w3c.dom.Document)
SAXException(org.xml.sax.SAXException)
AuthorizationAccessException(org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Example 7 with User
use of org.apache.nifi.registry.security.authorization.User in project nifi-registry by apache.
the class FileUserGroupProvider method getUserAndGroups.
@Override
public UserAndGroups getUserAndGroups(final String identity) throws AuthorizationAccessException {
final UserGroupHolder holder = userGroupHolder.get();
final User user = holder.getUser(identity);
final Set<Group> groups = holder.getGroups(identity);
return new UserAndGroups() {
@Override
public User getUser() {
return user;
}
@Override
public Set<Group> getGroups() {
return groups;
}
};
}
Also used :
UserAndGroups(org.apache.nifi.registry.security.authorization.UserAndGroups)
Group(org.apache.nifi.registry.security.authorization.Group)
User(org.apache.nifi.registry.security.authorization.User)
Example 8 with User
use of org.apache.nifi.registry.security.authorization.User in project nifi-registry by apache.
the class FileUserGroupProvider method getFingerprint.
@Override
public String getFingerprint() throws AuthorizationAccessException {
final UserGroupHolder usersAndGroups = userGroupHolder.get();
final List<User> users = new ArrayList<>(usersAndGroups.getAllUsers());
Collections.sort(users, Comparator.comparing(User::getIdentifier));
final List<Group> groups = new ArrayList<>(usersAndGroups.getAllGroups());
Collections.sort(groups, Comparator.comparing(Group::getIdentifier));
XMLStreamWriter writer = null;
final StringWriter out = new StringWriter();
try {
writer = XML_OUTPUT_FACTORY.createXMLStreamWriter(out);
writer.writeStartDocument();
writer.writeStartElement("tenants");
for (User user : users) {
writeUser(writer, user);
}
for (Group group : groups) {
writeGroup(writer, group);
}
writer.writeEndElement();
writer.writeEndDocument();
writer.flush();
} catch (XMLStreamException e) {
throw new AuthorizationAccessException("Unable to generate fingerprint", e);
} finally {
if (writer != null) {
try {
writer.close();
} catch (XMLStreamException e) {
// nothing to do here
}
}
}
return out.toString();
}
Also used :
Group(org.apache.nifi.registry.security.authorization.Group)
AuthorizationAccessException(org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException)
User(org.apache.nifi.registry.security.authorization.User)
StringWriter(java.io.StringWriter)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
ArrayList(java.util.ArrayList)
Example 9 with User
use of org.apache.nifi.registry.security.authorization.User in project nifi-registry by apache.
the class FileUserGroupProvider method deleteUser.
@Override
public synchronized User deleteUser(String userIdentifier) throws AuthorizationAccessException {
if (userIdentifier == null) {
throw new IllegalArgumentException("User identifier cannot be null");
}
final UserGroupHolder holder = userGroupHolder.get();
final User deletedUser = holder.getUsersById().get(userIdentifier);
if (deletedUser == null) {
return null;
}
// for each group iterate over the user references and remove the user reference if it matches the user being deleted
final Tenants tenants = holder.getTenants();
for (org.apache.nifi.registry.security.authorization.file.tenants.generated.Group group : tenants.getGroups().getGroup()) {
Iterator<org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User> groupUserIter = group.getUser().iterator();
while (groupUserIter.hasNext()) {
org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User groupUser = groupUserIter.next();
if (groupUser.getIdentifier().equals(userIdentifier)) {
groupUserIter.remove();
break;
}
}
}
// remove the actual user
Iterator<org.apache.nifi.registry.security.authorization.file.tenants.generated.User> iter = tenants.getUsers().getUser().iterator();
while (iter.hasNext()) {
org.apache.nifi.registry.security.authorization.file.tenants.generated.User jaxbUser = iter.next();
if (userIdentifier.equals(jaxbUser.getIdentifier())) {
iter.remove();
break;
}
}
saveAndRefreshHolder(tenants);
return deletedUser;
}Example 10 with User
use of org.apache.nifi.registry.security.authorization.User in project nifi-registry by apache.
the class FileUserGroupProvider method addGroup.
@Override
public synchronized Group addGroup(Group group) throws AuthorizationAccessException {
if (group == null) {
throw new IllegalArgumentException("Group cannot be null");
}
final UserGroupHolder holder = userGroupHolder.get();
final Tenants tenants = holder.getTenants();
// create a new JAXB Group based on the incoming Group
final org.apache.nifi.registry.security.authorization.file.tenants.generated.Group jaxbGroup = new org.apache.nifi.registry.security.authorization.file.tenants.generated.Group();
jaxbGroup.setIdentifier(group.getIdentifier());
jaxbGroup.setName(group.getName());
// add each user to the group
for (String groupUser : group.getUsers()) {
org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User jaxbGroupUser = new org.apache.nifi.registry.security.authorization.file.tenants.generated.Group.User();
jaxbGroupUser.setIdentifier(groupUser);
jaxbGroup.getUser().add(jaxbGroupUser);
}
tenants.getGroups().getGroup().add(jaxbGroup);
saveAndRefreshHolder(tenants);
return userGroupHolder.get().getGroupsById().get(group.getIdentifier());
}Aggregations
User (org.apache.nifi.registry.security.authorization.User)11
Group (org.apache.nifi.registry.security.authorization.Group)9
Tenants (org.apache.nifi.registry.security.authorization.file.tenants.generated.Tenants)4
ArrayList (java.util.ArrayList)3
HashMap (java.util.HashMap)3
HashSet (java.util.HashSet)3
Set (java.util.Set)3
AuthorizationAccessException (org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException)3
IOException (java.io.IOException)2
UserAndGroups (org.apache.nifi.registry.security.authorization.UserAndGroups)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
StringWriter (java.io.StringWriter)1
KeyManagementException (java.security.KeyManagementException)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
UnrecoverableKeyException (java.security.UnrecoverableKeyException)1
CertificateException (java.security.cert.CertificateException)1
Collections (java.util.Collections)1
List (java.util.List)1
Map (java.util.Map)1
