use of org.apache.nifi.web.api.entity.AccessPolicySummaryEntity in project nifi by apache.
the class UserEntityMerger method mergeDtos.
private static void mergeDtos(final UserDTO clientDto, final Map<NodeIdentifier, UserDTO> dtoMap) {
// if unauthorized for the client dto, simple return
if (clientDto == null) {
return;
}
final Set<AccessPolicySummaryEntity> accessPolicyEntities = new HashSet<>(clientDto.getAccessPolicies());
final Set<TenantEntity> tenantEntities = new HashSet<>(clientDto.getUserGroups());
for (final Map.Entry<NodeIdentifier, UserDTO> nodeEntry : dtoMap.entrySet()) {
final UserDTO nodeUser = nodeEntry.getValue();
if (nodeUser != null) {
accessPolicyEntities.retainAll(nodeUser.getAccessPolicies());
tenantEntities.retainAll(nodeUser.getUserGroups());
}
}
clientDto.setAccessPolicies(accessPolicyEntities);
clientDto.setUserGroups(tenantEntities);
}
use of org.apache.nifi.web.api.entity.AccessPolicySummaryEntity in project nifi by apache.
the class UserEntityMergerTest method testMergeAccessPolicy.
@Test
public void testMergeAccessPolicy() throws Exception {
final NodeIdentifier node1 = new NodeIdentifier("node-1", "host-1", 8080, "host-1", 19998, null, null, null, false);
final NodeIdentifier node2 = new NodeIdentifier("node-2", "host-2", 8081, "host-2", 19999, null, null, null, false);
final PermissionsDTO permissed = new PermissionsDTO();
permissed.setCanRead(true);
permissed.setCanWrite(true);
final TenantDTO userGroup1DTO = new TenantDTO();
userGroup1DTO.setId("user-group-1");
final TenantEntity userGroup1Entity = new TenantEntity();
userGroup1Entity.setPermissions(permissed);
userGroup1Entity.setId(userGroup1DTO.getId());
userGroup1Entity.setComponent(userGroup1DTO);
final TenantDTO userGroup2DTO = new TenantDTO();
userGroup1DTO.setId("user-group-2");
final TenantEntity userGroup2Entity = new TenantEntity();
userGroup2Entity.setPermissions(permissed);
userGroup2Entity.setId(userGroup2DTO.getId());
userGroup2Entity.setComponent(userGroup2DTO);
final AccessPolicySummaryDTO policy1DTO = new AccessPolicySummaryDTO();
policy1DTO.setId("policy-1");
final AccessPolicySummaryEntity policy1Entity = new AccessPolicySummaryEntity();
policy1Entity.setPermissions(permissed);
policy1Entity.setId(policy1DTO.getId());
policy1Entity.setComponent(policy1DTO);
final AccessPolicySummaryDTO policy2DTO = new AccessPolicySummaryDTO();
policy2DTO.setId("policy-2");
final AccessPolicySummaryEntity policy2Entity = new AccessPolicySummaryEntity();
policy2Entity.setPermissions(permissed);
policy2Entity.setId(policy2DTO.getId());
policy2Entity.setComponent(policy2DTO);
final UserDTO user1DTO = new UserDTO();
user1DTO.setId("user-1");
user1DTO.setAccessPolicies(Stream.of(policy1Entity, policy2Entity).collect(Collectors.toSet()));
user1DTO.setUserGroups(Stream.of(userGroup2Entity).collect(Collectors.toSet()));
final UserEntity user1Entity = new UserEntity();
user1Entity.setPermissions(permissed);
user1Entity.setId(user1DTO.getId());
user1Entity.setComponent(user1DTO);
final UserDTO user2DTO = new UserDTO();
user2DTO.setId("user-2");
user2DTO.setAccessPolicies(Stream.of(policy1Entity).collect(Collectors.toSet()));
user2DTO.setUserGroups(Stream.of(userGroup1Entity, userGroup2Entity).collect(Collectors.toSet()));
final UserEntity user2Entity = new UserEntity();
user2Entity.setPermissions(permissed);
user2Entity.setId(user2DTO.getId());
user2Entity.setComponent(user2DTO);
final Map<NodeIdentifier, UserEntity> nodeMap = new HashMap<>();
nodeMap.put(node1, user1Entity);
nodeMap.put(node2, user2Entity);
final UserEntityMerger merger = new UserEntityMerger();
merger.merge(user1Entity, nodeMap);
assertEquals(1, user1DTO.getUserGroups().size());
assertTrue(user1DTO.getAccessPolicies().contains(policy1Entity));
assertEquals(1, user1DTO.getUserGroups().size());
assertTrue(user1DTO.getUserGroups().contains(userGroup2Entity));
}
use of org.apache.nifi.web.api.entity.AccessPolicySummaryEntity in project nifi by apache.
the class StandardNiFiServiceFacade method deleteUserGroup.
@Override
public UserGroupEntity deleteUserGroup(final Revision revision, final String userGroupId) {
final Group userGroup = userGroupDAO.getUserGroup(userGroupId);
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getTenant());
final Set<TenantEntity> users = userGroup != null ? userGroup.getUsers().stream().map(mapUserIdToTenantEntity()).collect(Collectors.toSet()) : null;
final Set<AccessPolicySummaryEntity> policyEntities = userGroupDAO.getAccessPoliciesForUserGroup(userGroup.getIdentifier()).stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet());
final String resourceIdentifier = ResourceFactory.getTenantResource().getIdentifier() + "/" + userGroupId;
final UserGroupDTO snapshot = deleteComponent(revision, new Resource() {
@Override
public String getIdentifier() {
return resourceIdentifier;
}
@Override
public String getName() {
return resourceIdentifier;
}
@Override
public String getSafeDescription() {
return "User Group " + userGroupId;
}
}, () -> userGroupDAO.deleteUserGroup(userGroupId), // no user group specific policies to remove
false, dtoFactory.createUserGroupDto(userGroup, users, policyEntities));
return entityFactory.createUserGroupEntity(snapshot, null, permissions);
}
use of org.apache.nifi.web.api.entity.AccessPolicySummaryEntity in project nifi by apache.
the class StandardNiFiServiceFacade method updateUser.
@Override
public UserEntity updateUser(final Revision revision, final UserDTO userDTO) {
final Authorizable usersAuthorizable = authorizableLookup.getTenant();
final Set<Group> groups = userGroupDAO.getUserGroupsForUser(userDTO.getId());
final Set<AccessPolicy> policies = userGroupDAO.getAccessPoliciesForUser(userDTO.getId());
final RevisionUpdate<UserDTO> snapshot = updateComponent(revision, usersAuthorizable, () -> userDAO.updateUser(userDTO), user -> {
final Set<TenantEntity> tenantEntities = groups.stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet());
final Set<AccessPolicySummaryEntity> policyEntities = policies.stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet());
return dtoFactory.createUserDto(user, tenantEntities, policyEntities);
});
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(usersAuthorizable);
return entityFactory.createUserEntity(snapshot.getComponent(), dtoFactory.createRevisionDTO(snapshot.getLastModification()), permissions);
}
use of org.apache.nifi.web.api.entity.AccessPolicySummaryEntity in project nifi by apache.
the class StandardNiFiServiceFacade method createUserEntity.
private UserEntity createUserEntity(final User user) {
final RevisionDTO userRevision = dtoFactory.createRevisionDTO(revisionManager.getRevision(user.getIdentifier()));
final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getTenant());
final Set<TenantEntity> userGroups = userGroupDAO.getUserGroupsForUser(user.getIdentifier()).stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet());
final Set<AccessPolicySummaryEntity> policyEntities = userGroupDAO.getAccessPoliciesForUser(user.getIdentifier()).stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet());
return entityFactory.createUserEntity(dtoFactory.createUserDto(user, userGroups, policyEntities), userRevision, permissions);
}
Aggregations