Examples with PermissionsDTO org.apache.nifi.web.api.dto.PermissionsDTO used on opensource projects

Example 6 with PermissionsDTO

use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.

the class StandardNiFiServiceFacade method deleteProcessor.

@Override
public ProcessorEntity deleteProcessor(final Revision revision, final String processorId) {
    final ProcessorNode processor = processorDAO.getProcessor(processorId);
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(processor);
    final ProcessorDTO snapshot = deleteComponent(revision, processor.getResource(), () -> processorDAO.deleteProcessor(processorId), true, dtoFactory.createProcessorDto(processor));
    return entityFactory.createProcessorEntity(snapshot, null, permissions, null, null);
}

Example 7 with PermissionsDTO

use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.

the class StandardNiFiServiceFacade method createAccessPolicyEntity.

private AccessPolicyEntity createAccessPolicyEntity(final AccessPolicy accessPolicy) {
    final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(accessPolicy.getIdentifier()));
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getAccessPolicyById(accessPolicy.getIdentifier()));
    final ComponentReferenceEntity componentReference = createComponentReferenceEntity(accessPolicy.getResource());
    return entityFactory.createAccessPolicyEntity(dtoFactory.createAccessPolicyDto(accessPolicy, accessPolicy.getGroups().stream().map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()), accessPolicy.getUsers().stream().map(mapUserIdToTenantEntity()).collect(Collectors.toSet()), componentReference), revision, permissions);
}

Example 8 with PermissionsDTO

use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.

the class StandardNiFiServiceFacade method getProcessorDiagnostics.

@Override
public ProcessorDiagnosticsEntity getProcessorDiagnostics(final String id) {
    final ProcessorNode processor = processorDAO.getProcessor(id);
    final ProcessorStatus processorStatus = controllerFacade.getProcessorStatus(id);
    // Generate Processor Diagnostics
    final NiFiUser user = NiFiUserUtils.getNiFiUser();
    final ProcessorDiagnosticsDTO dto = controllerFacade.getProcessorDiagnostics(processor, processorStatus, bulletinRepository, serviceId -> createControllerServiceEntity(serviceId, user));
    // Filter anything out of diagnostics that the user is not authorized to see.
    final List<JVMDiagnosticsSnapshotDTO> jvmDiagnosticsSnaphots = new ArrayList<>();
    final JVMDiagnosticsDTO jvmDiagnostics = dto.getJvmDiagnostics();
    jvmDiagnosticsSnaphots.add(jvmDiagnostics.getAggregateSnapshot());
    // filter controller-related information
    final boolean canReadController = authorizableLookup.getController().isAuthorized(authorizer, RequestAction.READ, user);
    if (!canReadController) {
        for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
            snapshot.setControllerDiagnostics(null);
        }
    }
    // filter system diagnostics information
    final boolean canReadSystem = authorizableLookup.getSystem().isAuthorized(authorizer, RequestAction.READ, user);
    if (!canReadSystem) {
        for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
            snapshot.setSystemDiagnosticsDto(null);
        }
    }
    final boolean canReadFlow = authorizableLookup.getFlow().isAuthorized(authorizer, RequestAction.READ, user);
    if (!canReadFlow) {
        for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
            snapshot.setFlowDiagnosticsDto(null);
        }
    }
    // filter connections
    final Predicate<ConnectionDiagnosticsDTO> connectionAuthorized = connectionDiagnostics -> {
        final String connectionId = connectionDiagnostics.getConnection().getId();
        return authorizableLookup.getConnection(connectionId).getAuthorizable().isAuthorized(authorizer, RequestAction.READ, user);
    };
    // Filter incoming connections by what user is authorized to READ
    final Set<ConnectionDiagnosticsDTO> incoming = dto.getIncomingConnections();
    final Set<ConnectionDiagnosticsDTO> filteredIncoming = incoming.stream().filter(connectionAuthorized).collect(Collectors.toSet());
    dto.setIncomingConnections(filteredIncoming);
    // Filter outgoing connections by what user is authorized to READ
    final Set<ConnectionDiagnosticsDTO> outgoing = dto.getOutgoingConnections();
    final Set<ConnectionDiagnosticsDTO> filteredOutgoing = outgoing.stream().filter(connectionAuthorized).collect(Collectors.toSet());
    dto.setOutgoingConnections(filteredOutgoing);
    // Filter out any controller services that are referenced by the Processor
    final Set<ControllerServiceDiagnosticsDTO> referencedServices = dto.getReferencedControllerServices();
    final Set<ControllerServiceDiagnosticsDTO> filteredReferencedServices = referencedServices.stream().filter(csDiagnostics -> {
        final String csId = csDiagnostics.getControllerService().getId();
        return authorizableLookup.getControllerService(csId).getAuthorizable().isAuthorized(authorizer, RequestAction.READ, user);
    }).map(csDiagnostics -> {
        // Filter out any referencing components because those are generally not relevant from this context.
        final ControllerServiceDTO serviceDto = csDiagnostics.getControllerService().getComponent();
        if (serviceDto != null) {
            serviceDto.setReferencingComponents(null);
        }
        return csDiagnostics;
    }).collect(Collectors.toSet());
    dto.setReferencedControllerServices(filteredReferencedServices);
    final Revision revision = revisionManager.getRevision(id);
    final RevisionDTO revisionDto = dtoFactory.createRevisionDTO(revision);
    final PermissionsDTO permissionsDto = dtoFactory.createPermissionsDto(processor);
    final List<BulletinEntity> bulletins = bulletinRepository.findBulletinsForSource(id).stream().map(bulletin -> dtoFactory.createBulletinDto(bulletin)).map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissionsDto.getCanRead())).collect(Collectors.toList());
    final ProcessorStatusDTO processorStatusDto = dtoFactory.createProcessorStatusDto(controllerFacade.getProcessorStatus(processor.getIdentifier()));
    return entityFactory.createProcessorDiagnosticsEntity(dto, revisionDto, permissionsDto, processorStatusDto, bulletins);
}

Example 9 with PermissionsDTO

use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.

the class StandardNiFiServiceFacade method createOutputPortEntity.

private PortEntity createOutputPortEntity(final Port port, final NiFiUser user) {
    final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(port.getIdentifier()));
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(port, user);
    final PortStatusDTO status = dtoFactory.createPortStatusDto(controllerFacade.getOutputPortStatus(port.getIdentifier()));
    final List<BulletinDTO> bulletins = dtoFactory.createBulletinDtos(bulletinRepository.findBulletinsForSource(port.getIdentifier()));
    final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
    return entityFactory.createPortEntity(dtoFactory.createPortDto(port), revision, permissions, status, bulletinEntities);
}

Example 10 with PermissionsDTO

use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.

the class StandardNiFiServiceFacade method deleteUser.

@Override
public UserEntity deleteUser(final Revision revision, final String userId) {
    final User user = userDAO.getUser(userId);
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getTenant());
    final Set<TenantEntity> userGroups = user != null ? userGroupDAO.getUserGroupsForUser(userId).stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()) : null;
    final Set<AccessPolicySummaryEntity> policyEntities = user != null ? userGroupDAO.getAccessPoliciesForUser(userId).stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet()) : null;
    final String resourceIdentifier = ResourceFactory.getTenantResource().getIdentifier() + "/" + userId;
    final UserDTO snapshot = deleteComponent(revision, new Resource() {

        @Override
        public String getIdentifier() {
            return resourceIdentifier;
        }

        @Override
        public String getName() {
            return resourceIdentifier;
        }

        @Override
        public String getSafeDescription() {
            return "User " + userId;
        }
    }, () -> userDAO.deleteUser(userId), // no user specific policies to remove
    false, dtoFactory.createUserDto(user, userGroups, policyEntities));
    return entityFactory.createUserEntity(snapshot, null, permissions);
}