use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.
the class StandardNiFiServiceFacade method deleteProcessor.
@Override
public ProcessorEntity deleteProcessor(final Revision revision, final String processorId) {
final ProcessorNode processor = processorDAO.getProcessor(processorId);
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(processor);
final ProcessorDTO snapshot = deleteComponent(revision, processor.getResource(), () -> processorDAO.deleteProcessor(processorId), true, dtoFactory.createProcessorDto(processor));
return entityFactory.createProcessorEntity(snapshot, null, permissions, null, null);
}
use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.
the class StandardNiFiServiceFacade method createAccessPolicyEntity.
private AccessPolicyEntity createAccessPolicyEntity(final AccessPolicy accessPolicy) {
final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(accessPolicy.getIdentifier()));
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getAccessPolicyById(accessPolicy.getIdentifier()));
final ComponentReferenceEntity componentReference = createComponentReferenceEntity(accessPolicy.getResource());
return entityFactory.createAccessPolicyEntity(dtoFactory.createAccessPolicyDto(accessPolicy, accessPolicy.getGroups().stream().map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()), accessPolicy.getUsers().stream().map(mapUserIdToTenantEntity()).collect(Collectors.toSet()), componentReference), revision, permissions);
}
use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.
the class StandardNiFiServiceFacade method getProcessorDiagnostics.
@Override
public ProcessorDiagnosticsEntity getProcessorDiagnostics(final String id) {
final ProcessorNode processor = processorDAO.getProcessor(id);
final ProcessorStatus processorStatus = controllerFacade.getProcessorStatus(id);
// Generate Processor Diagnostics
final NiFiUser user = NiFiUserUtils.getNiFiUser();
final ProcessorDiagnosticsDTO dto = controllerFacade.getProcessorDiagnostics(processor, processorStatus, bulletinRepository, serviceId -> createControllerServiceEntity(serviceId, user));
// Filter anything out of diagnostics that the user is not authorized to see.
final List<JVMDiagnosticsSnapshotDTO> jvmDiagnosticsSnaphots = new ArrayList<>();
final JVMDiagnosticsDTO jvmDiagnostics = dto.getJvmDiagnostics();
jvmDiagnosticsSnaphots.add(jvmDiagnostics.getAggregateSnapshot());
// filter controller-related information
final boolean canReadController = authorizableLookup.getController().isAuthorized(authorizer, RequestAction.READ, user);
if (!canReadController) {
for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
snapshot.setControllerDiagnostics(null);
}
}
// filter system diagnostics information
final boolean canReadSystem = authorizableLookup.getSystem().isAuthorized(authorizer, RequestAction.READ, user);
if (!canReadSystem) {
for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
snapshot.setSystemDiagnosticsDto(null);
}
}
final boolean canReadFlow = authorizableLookup.getFlow().isAuthorized(authorizer, RequestAction.READ, user);
if (!canReadFlow) {
for (final JVMDiagnosticsSnapshotDTO snapshot : jvmDiagnosticsSnaphots) {
snapshot.setFlowDiagnosticsDto(null);
}
}
// filter connections
final Predicate<ConnectionDiagnosticsDTO> connectionAuthorized = connectionDiagnostics -> {
final String connectionId = connectionDiagnostics.getConnection().getId();
return authorizableLookup.getConnection(connectionId).getAuthorizable().isAuthorized(authorizer, RequestAction.READ, user);
};
// Filter incoming connections by what user is authorized to READ
final Set<ConnectionDiagnosticsDTO> incoming = dto.getIncomingConnections();
final Set<ConnectionDiagnosticsDTO> filteredIncoming = incoming.stream().filter(connectionAuthorized).collect(Collectors.toSet());
dto.setIncomingConnections(filteredIncoming);
// Filter outgoing connections by what user is authorized to READ
final Set<ConnectionDiagnosticsDTO> outgoing = dto.getOutgoingConnections();
final Set<ConnectionDiagnosticsDTO> filteredOutgoing = outgoing.stream().filter(connectionAuthorized).collect(Collectors.toSet());
dto.setOutgoingConnections(filteredOutgoing);
// Filter out any controller services that are referenced by the Processor
final Set<ControllerServiceDiagnosticsDTO> referencedServices = dto.getReferencedControllerServices();
final Set<ControllerServiceDiagnosticsDTO> filteredReferencedServices = referencedServices.stream().filter(csDiagnostics -> {
final String csId = csDiagnostics.getControllerService().getId();
return authorizableLookup.getControllerService(csId).getAuthorizable().isAuthorized(authorizer, RequestAction.READ, user);
}).map(csDiagnostics -> {
// Filter out any referencing components because those are generally not relevant from this context.
final ControllerServiceDTO serviceDto = csDiagnostics.getControllerService().getComponent();
if (serviceDto != null) {
serviceDto.setReferencingComponents(null);
}
return csDiagnostics;
}).collect(Collectors.toSet());
dto.setReferencedControllerServices(filteredReferencedServices);
final Revision revision = revisionManager.getRevision(id);
final RevisionDTO revisionDto = dtoFactory.createRevisionDTO(revision);
final PermissionsDTO permissionsDto = dtoFactory.createPermissionsDto(processor);
final List<BulletinEntity> bulletins = bulletinRepository.findBulletinsForSource(id).stream().map(bulletin -> dtoFactory.createBulletinDto(bulletin)).map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissionsDto.getCanRead())).collect(Collectors.toList());
final ProcessorStatusDTO processorStatusDto = dtoFactory.createProcessorStatusDto(controllerFacade.getProcessorStatus(processor.getIdentifier()));
return entityFactory.createProcessorDiagnosticsEntity(dto, revisionDto, permissionsDto, processorStatusDto, bulletins);
}
use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.
the class StandardNiFiServiceFacade method createOutputPortEntity.
private PortEntity createOutputPortEntity(final Port port, final NiFiUser user) {
final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(port.getIdentifier()));
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(port, user);
final PortStatusDTO status = dtoFactory.createPortStatusDto(controllerFacade.getOutputPortStatus(port.getIdentifier()));
final List<BulletinDTO> bulletins = dtoFactory.createBulletinDtos(bulletinRepository.findBulletinsForSource(port.getIdentifier()));
final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList());
return entityFactory.createPortEntity(dtoFactory.createPortDto(port), revision, permissions, status, bulletinEntities);
}
use of org.apache.nifi.web.api.dto.PermissionsDTO in project nifi by apache.
the class StandardNiFiServiceFacade method deleteUser.
@Override
public UserEntity deleteUser(final Revision revision, final String userId) {
final User user = userDAO.getUser(userId);
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getTenant());
final Set<TenantEntity> userGroups = user != null ? userGroupDAO.getUserGroupsForUser(userId).stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()) : null;
final Set<AccessPolicySummaryEntity> policyEntities = user != null ? userGroupDAO.getAccessPoliciesForUser(userId).stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet()) : null;
final String resourceIdentifier = ResourceFactory.getTenantResource().getIdentifier() + "/" + userId;
final UserDTO snapshot = deleteComponent(revision, new Resource() {
@Override
public String getIdentifier() {
return resourceIdentifier;
}
@Override
public String getName() {
return resourceIdentifier;
}
@Override
public String getSafeDescription() {
return "User " + userId;
}
}, () -> userDAO.deleteUser(userId), // no user specific policies to remove
false, dtoFactory.createUserDto(user, userGroups, policyEntities));
return entityFactory.createUserEntity(snapshot, null, permissions);
}
Aggregations