use of org.apache.nifi.web.api.dto.RevisionDTO in project nifi by apache.
the class ITOutputPortAccessControl method testNoneUserPutOutputPort.
/**
* Ensures the NONE user cannot put an output port.
*
* @throws Exception ex
*/
@Test
public void testNoneUserPutOutputPort() throws Exception {
final PortEntity entity = getRandomOutputPort(helper.getNoneUser());
assertFalse(entity.getPermissions().getCanRead());
assertFalse(entity.getPermissions().getCanWrite());
assertNull(entity.getComponent());
final String updatedName = "Updated Name" + count++;
// attempt to update the name
final PortDTO requestDto = new PortDTO();
requestDto.setId(entity.getId());
requestDto.setName(updatedName);
final long version = entity.getRevision().getVersion();
final RevisionDTO requestRevision = new RevisionDTO();
requestRevision.setVersion(version);
requestRevision.setClientId(AccessControlHelper.NONE_CLIENT_ID);
final PortEntity requestEntity = new PortEntity();
requestEntity.setId(entity.getId());
requestEntity.setRevision(requestRevision);
requestEntity.setComponent(requestDto);
// perform the request
final Response response = updateOutputPort(helper.getNoneUser(), requestEntity);
// ensure forbidden response
assertEquals(403, response.getStatus());
}
use of org.apache.nifi.web.api.dto.RevisionDTO in project nifi by apache.
the class ITProcessGroupAccessControl method testNoneUserPutProcessGroup.
/**
* Ensures the NONE user cannot put a process group.
*
* @throws Exception ex
*/
@Test
public void testNoneUserPutProcessGroup() throws Exception {
final ProcessGroupEntity entity = getRandomProcessGroup(helper.getNoneUser());
assertFalse(entity.getPermissions().getCanRead());
assertFalse(entity.getPermissions().getCanWrite());
assertNull(entity.getComponent());
final String updatedName = "Updated Name" + count++;
// attempt to update the name
final ProcessGroupDTO requestDto = new ProcessGroupDTO();
requestDto.setId(entity.getId());
requestDto.setName(updatedName);
final long version = entity.getRevision().getVersion();
final RevisionDTO requestRevision = new RevisionDTO();
requestRevision.setVersion(version);
requestRevision.setClientId(AccessControlHelper.NONE_CLIENT_ID);
final ProcessGroupEntity requestEntity = new ProcessGroupEntity();
requestEntity.setId(entity.getId());
requestEntity.setRevision(requestRevision);
requestEntity.setComponent(requestDto);
// perform the request
final Response response = updateProcessGroup(helper.getNoneUser(), requestEntity);
// ensure forbidden response
assertEquals(403, response.getStatus());
}
use of org.apache.nifi.web.api.dto.RevisionDTO in project nifi by apache.
the class ITProcessGroupAccessControl method testWriteUserPutProcessGroup.
/**
* Ensures the WRITE user can put a process group.
*
* @throws Exception ex
*/
@Test
public void testWriteUserPutProcessGroup() throws Exception {
final ProcessGroupEntity entity = getRandomProcessGroup(helper.getWriteUser());
assertFalse(entity.getPermissions().getCanRead());
assertTrue(entity.getPermissions().getCanWrite());
assertNull(entity.getComponent());
final String updatedName = "Updated Name" + count++;
// attempt to update the name
final ProcessGroupDTO requestDto = new ProcessGroupDTO();
requestDto.setId(entity.getId());
requestDto.setName(updatedName);
final long version = entity.getRevision().getVersion();
final RevisionDTO requestRevision = new RevisionDTO();
requestRevision.setVersion(version);
requestRevision.setClientId(AccessControlHelper.WRITE_CLIENT_ID);
final ProcessGroupEntity requestEntity = new ProcessGroupEntity();
requestEntity.setId(entity.getId());
requestEntity.setRevision(requestRevision);
requestEntity.setComponent(requestDto);
// perform the request
final Response response = updateProcessGroup(helper.getWriteUser(), requestEntity);
// ensure successful response
assertEquals(200, response.getStatus());
// get the response
final ProcessGroupEntity responseEntity = response.readEntity(ProcessGroupEntity.class);
// verify
assertEquals(WRITE_CLIENT_ID, responseEntity.getRevision().getClientId());
assertEquals(version + 1, responseEntity.getRevision().getVersion().longValue());
}
use of org.apache.nifi.web.api.dto.RevisionDTO in project nifi by apache.
the class ITProcessorAccessControl method testNoneUserPutProcessor.
/**
* Ensures the NONE user cannot put a processor.
*
* @throws Exception ex
*/
@Test
public void testNoneUserPutProcessor() throws Exception {
final ProcessorEntity entity = getRandomProcessor(helper.getNoneUser());
assertFalse(entity.getPermissions().getCanRead());
assertFalse(entity.getPermissions().getCanWrite());
assertNull(entity.getComponent());
final String updatedName = "Updated Name";
// attempt to update the name
final ProcessorDTO requestDto = new ProcessorDTO();
requestDto.setId(entity.getId());
requestDto.setName(updatedName);
final long version = entity.getRevision().getVersion();
final RevisionDTO requestRevision = new RevisionDTO();
requestRevision.setVersion(version);
requestRevision.setClientId(AccessControlHelper.NONE_CLIENT_ID);
final ProcessorEntity requestEntity = new ProcessorEntity();
requestEntity.setId(entity.getId());
requestEntity.setRevision(requestRevision);
requestEntity.setComponent(requestDto);
// perform the request
final Response response = updateProcessor(helper.getNoneUser(), requestEntity);
// ensure forbidden response
assertEquals(403, response.getStatus());
}
use of org.apache.nifi.web.api.dto.RevisionDTO in project nifi by apache.
the class ITProcessorAccessControl method testCreateRestrictedProcessor.
/**
* Tests attempt to create a restricted processor.
*
* @throws Exception if there is an error creating this processor
*/
@Test
public void testCreateRestrictedProcessor() throws Exception {
String url = helper.getBaseUrl() + "/process-groups/root/processors";
// create the processor
ProcessorDTO processor = new ProcessorDTO();
processor.setName("restricted");
processor.setType(RestrictedProcessor.class.getName());
// create the revision
final RevisionDTO revision = new RevisionDTO();
revision.setClientId(READ_WRITE_CLIENT_ID);
revision.setVersion(0L);
// create the entity body
ProcessorEntity entity = new ProcessorEntity();
entity.setRevision(revision);
entity.setComponent(processor);
// perform the request as a user with read/write but no restricted access
Response response = helper.getReadWriteUser().testPost(url, entity);
// ensure the request is successful
assertEquals(403, response.getStatus());
// perform the request as a user with read/write and only execute code restricted access
response = helper.getExecuteCodeUser().testPost(url, entity);
// ensure the request is successful
assertEquals(403, response.getStatus());
// perform the request as a user with read/write and restricted access
response = helper.getPrivilegedUser().testPost(url, entity);
// ensure the request is successful
assertEquals(201, response.getStatus());
final ProcessorEntity responseEntity = response.readEntity(ProcessorEntity.class);
// remove the restricted component
deleteRestrictedComponent(responseEntity, helper.getPrivilegedUser());
}
Aggregations