Search in sources :

Example 6 with FlowEntity

use of org.apache.nifi.web.api.entity.FlowEntity in project nifi by apache.

the class ProcessGroupResource method copySnippet.

// ----------------
// snippet instance
// ----------------
/**
 * Copies the specified snippet within this ProcessGroup. The snippet instance that is instantiated cannot be referenced at a later time, therefore there is no
 * corresponding URI. Instead the request URI is returned.
 * <p>
 * Alternatively, we could have performed a PUT request. However, PUT requests are supposed to be idempotent and this endpoint is certainly not.
 *
 * @param httpServletRequest request
 * @param groupId            The group id
 * @param requestCopySnippetEntity  The copy snippet request
 * @return A flowSnippetEntity.
 */
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("{id}/snippet-instance")
@ApiOperation(value = "Copies a snippet and discards it.", response = FlowEntity.class, authorizations = { @Authorization(value = "Write - /process-groups/{uuid}"), @Authorization(value = "Read - /{component-type}/{uuid} - For each component in the snippet and their descendant components"), @Authorization(value = "Write - if the snippet contains any restricted Processors - /restricted-components") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response copySnippet(@Context HttpServletRequest httpServletRequest, @ApiParam(value = "The process group id.", required = true) @PathParam("id") String groupId, @ApiParam(value = "The copy snippet request.", required = true) CopySnippetRequestEntity requestCopySnippetEntity) {
    // ensure the position has been specified
    if (requestCopySnippetEntity == null || requestCopySnippetEntity.getOriginX() == null || requestCopySnippetEntity.getOriginY() == null) {
        throw new IllegalArgumentException("The  origin position (x, y) must be specified");
    }
    if (requestCopySnippetEntity.getSnippetId() == null) {
        throw new IllegalArgumentException("The snippet id must be specified.");
    }
    if (isReplicateRequest()) {
        return replicate(HttpMethod.POST, requestCopySnippetEntity);
    }
    return withWriteLock(serviceFacade, requestCopySnippetEntity, lookup -> {
        final NiFiUser user = NiFiUserUtils.getNiFiUser();
        final SnippetAuthorizable snippet = authorizeSnippetUsage(lookup, groupId, requestCopySnippetEntity.getSnippetId(), false);
        final Consumer<ComponentAuthorizable> authorizeRestricted = authorizable -> {
            if (authorizable.isRestricted()) {
                authorizeRestrictions(authorizer, authorizable);
            }
        };
        // consider each processor. note - this request will not create new controller services so we do not need to check
        // for if there are not restricted controller services. it will however, need to authorize the user has access
        // to any referenced services and this is done within authorizeSnippetUsage above.
        snippet.getSelectedProcessors().stream().forEach(authorizeRestricted);
        snippet.getSelectedProcessGroups().stream().forEach(processGroup -> {
            processGroup.getEncapsulatedProcessors().forEach(authorizeRestricted);
        });
    }, null, copySnippetRequestEntity -> {
        // copy the specified snippet
        final FlowEntity flowEntity = serviceFacade.copySnippet(groupId, copySnippetRequestEntity.getSnippetId(), copySnippetRequestEntity.getOriginX(), copySnippetRequestEntity.getOriginY(), getIdGenerationSeed().orElse(null));
        // get the snippet
        final FlowDTO flow = flowEntity.getFlow();
        // prune response as necessary
        for (ProcessGroupEntity childGroupEntity : flow.getProcessGroups()) {
            childGroupEntity.getComponent().setContents(null);
        }
        // create the response entity
        populateRemainingSnippetContent(flow);
        // generate the response
        return generateCreatedResponse(getAbsolutePath(), flowEntity).build();
    });
}
Also used : ComponentAuthorizable(org.apache.nifi.authorization.ComponentAuthorizable) FunnelsEntity(org.apache.nifi.web.api.entity.FunnelsEntity) Produces(javax.ws.rs.Produces) InstantiateTemplateRequestEntity(org.apache.nifi.web.api.entity.InstantiateTemplateRequestEntity) ApiParam(io.swagger.annotations.ApiParam) SiteToSiteRestApiClient(org.apache.nifi.remote.util.SiteToSiteRestApiClient) ConnectionDTO(org.apache.nifi.web.api.dto.ConnectionDTO) ComponentAuthorizable(org.apache.nifi.authorization.ComponentAuthorizable) StringUtils(org.apache.commons.lang3.StringUtils) ClientIdParameter(org.apache.nifi.web.api.request.ClientIdParameter) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) AuthorizeAccess(org.apache.nifi.authorization.AuthorizeAccess) VariableRegistryUpdateStep(org.apache.nifi.registry.variable.VariableRegistryUpdateStep) PositionDTO(org.apache.nifi.web.api.dto.PositionDTO) MediaType(javax.ws.rs.core.MediaType) ProcessGroupDTO(org.apache.nifi.web.api.dto.ProcessGroupDTO) NiFiRegistryException(org.apache.nifi.registry.client.NiFiRegistryException) Map(java.util.Map) ResourceNotFoundException(org.apache.nifi.web.ResourceNotFoundException) UriBuilder(javax.ws.rs.core.UriBuilder) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) ConnectionsEntity(org.apache.nifi.web.api.entity.ConnectionsEntity) FunnelEntity(org.apache.nifi.web.api.entity.FunnelEntity) VariableRegistryUpdateRequest(org.apache.nifi.registry.variable.VariableRegistryUpdateRequest) ControllerServicesEntity(org.apache.nifi.web.api.entity.ControllerServicesEntity) Set(java.util.Set) InputPortsEntity(org.apache.nifi.web.api.entity.InputPortsEntity) Executors(java.util.concurrent.Executors) ArrayBlockingQueue(java.util.concurrent.ArrayBlockingQueue) FormDataParam(org.glassfish.jersey.media.multipart.FormDataParam) ProcessGroupsEntity(org.apache.nifi.web.api.entity.ProcessGroupsEntity) FlowComparisonEntity(org.apache.nifi.web.api.entity.FlowComparisonEntity) ScheduledState(org.apache.nifi.controller.ScheduledState) LabelsEntity(org.apache.nifi.web.api.entity.LabelsEntity) UriInfo(javax.ws.rs.core.UriInfo) ApiImplicitParams(io.swagger.annotations.ApiImplicitParams) DtoFactory(org.apache.nifi.web.api.dto.DtoFactory) Entity(org.apache.nifi.web.api.entity.Entity) GET(javax.ws.rs.GET) ControllerServiceEntity(org.apache.nifi.web.api.entity.ControllerServiceEntity) ConfigurableComponent(org.apache.nifi.components.ConfigurableComponent) TemplateEntity(org.apache.nifi.web.api.entity.TemplateEntity) RevisionDTO(org.apache.nifi.web.api.dto.RevisionDTO) HttpMethod(javax.ws.rs.HttpMethod) HttpServletRequest(javax.servlet.http.HttpServletRequest) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) Api(io.swagger.annotations.Api) VariableRegistryDTO(org.apache.nifi.web.api.dto.VariableRegistryDTO) FlowDTO(org.apache.nifi.web.api.dto.flow.FlowDTO) VersionedFlowState(org.apache.nifi.registry.flow.VersionedFlowState) NiFiServiceFacade(org.apache.nifi.web.NiFiServiceFacade) AuthorizableLookup(org.apache.nifi.authorization.AuthorizableLookup) RequestAction(org.apache.nifi.authorization.RequestAction) FlowEncodingVersion(org.apache.nifi.controller.serialization.FlowEncodingVersion) JAXBElement(javax.xml.bind.JAXBElement) RemoteProcessGroupsEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupsEntity) IOException(java.io.IOException) VersionedFlowSnapshot(org.apache.nifi.registry.flow.VersionedFlowSnapshot) Authorizer(org.apache.nifi.authorization.Authorizer) ApiResponse(io.swagger.annotations.ApiResponse) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity) AffectedComponentEntity(org.apache.nifi.web.api.entity.AffectedComponentEntity) OutputPortsEntity(org.apache.nifi.web.api.entity.OutputPortsEntity) ScheduleComponentsEntity(org.apache.nifi.web.api.entity.ScheduleComponentsEntity) XmlUtils(org.apache.nifi.security.xml.XmlUtils) BundleCoordinate(org.apache.nifi.bundle.BundleCoordinate) ProcessorConfigDTO(org.apache.nifi.web.api.dto.ProcessorConfigDTO) Date(java.util.Date) ConnectableType(org.apache.nifi.connectable.ConnectableType) ProcessorStatusDTO(org.apache.nifi.web.api.dto.status.ProcessorStatusDTO) URISyntaxException(java.net.URISyntaxException) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) BundleDTO(org.apache.nifi.web.api.dto.BundleDTO) ApiOperation(io.swagger.annotations.ApiOperation) AuthorizeControllerServiceReference(org.apache.nifi.authorization.AuthorizeControllerServiceReference) QueryParam(javax.ws.rs.QueryParam) Consumes(javax.ws.rs.Consumes) TemplateDTO(org.apache.nifi.web.api.dto.TemplateDTO) ActivateControllerServicesEntity(org.apache.nifi.web.api.entity.ActivateControllerServicesEntity) XMLStreamReader(javax.xml.stream.XMLStreamReader) DefaultValue(javax.ws.rs.DefaultValue) URI(java.net.URI) ThreadFactory(java.util.concurrent.ThreadFactory) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) DELETE(javax.ws.rs.DELETE) Context(javax.ws.rs.core.Context) Authorizable(org.apache.nifi.authorization.resource.Authorizable) ControllerServiceDTO(org.apache.nifi.web.api.dto.ControllerServiceDTO) ApiImplicitParam(io.swagger.annotations.ApiImplicitParam) Collection(java.util.Collection) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) SnippetAuthorizable(org.apache.nifi.authorization.SnippetAuthorizable) UUID(java.util.UUID) BundleUtils(org.apache.nifi.util.BundleUtils) PortEntity(org.apache.nifi.web.api.entity.PortEntity) LongParameter(org.apache.nifi.web.api.request.LongParameter) JAXBException(javax.xml.bind.JAXBException) Collectors(java.util.stream.Collectors) List(java.util.List) Response(javax.ws.rs.core.Response) ProcessGroupEntity(org.apache.nifi.web.api.entity.ProcessGroupEntity) ProcessorDTO(org.apache.nifi.web.api.dto.ProcessorDTO) ControllerServiceState(org.apache.nifi.controller.service.ControllerServiceState) CopySnippetRequestEntity(org.apache.nifi.web.api.entity.CopySnippetRequestEntity) Authentication(org.springframework.security.core.Authentication) Pause(org.apache.nifi.web.util.Pause) FlowSnippetDTO(org.apache.nifi.web.api.dto.FlowSnippetDTO) RemoteProcessGroupDTO(org.apache.nifi.web.api.dto.RemoteProcessGroupDTO) PathParam(javax.ws.rs.PathParam) Bucket(org.apache.nifi.registry.bucket.Bucket) Revision(org.apache.nifi.web.Revision) ThreadPoolExecutor(java.util.concurrent.ThreadPoolExecutor) HashMap(java.util.HashMap) ApiResponses(io.swagger.annotations.ApiResponses) Function(java.util.function.Function) AffectedComponentDTO(org.apache.nifi.web.api.dto.AffectedComponentDTO) ConcurrentMap(java.util.concurrent.ConcurrentMap) FlowRegistryUtils(org.apache.nifi.registry.flow.FlowRegistryUtils) CreateTemplateRequestEntity(org.apache.nifi.web.api.entity.CreateTemplateRequestEntity) VersionControlInformationDTO(org.apache.nifi.web.api.dto.VersionControlInformationDTO) VariableRegistryUpdateRequestEntity(org.apache.nifi.web.api.entity.VariableRegistryUpdateRequestEntity) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Status(javax.ws.rs.core.Response.Status) JAXBContext(javax.xml.bind.JAXBContext) ExecutorService(java.util.concurrent.ExecutorService) Unmarshaller(javax.xml.bind.Unmarshaller) TemplateContentsAuthorizable(org.apache.nifi.authorization.TemplateContentsAuthorizable) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) ProcessorsEntity(org.apache.nifi.web.api.entity.ProcessorsEntity) VariableRegistryEntity(org.apache.nifi.web.api.entity.VariableRegistryEntity) VersionedFlow(org.apache.nifi.registry.flow.VersionedFlow) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) TimeUnit(java.util.concurrent.TimeUnit) Consumer(java.util.function.Consumer) LabelEntity(org.apache.nifi.web.api.entity.LabelEntity) ConnectionEntity(org.apache.nifi.web.api.entity.ConnectionEntity) ProcessGroupAuthorizable(org.apache.nifi.authorization.ProcessGroupAuthorizable) RemoteProcessGroupEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupEntity) NiFiUserUtils(org.apache.nifi.authorization.user.NiFiUserUtils) PUT(javax.ws.rs.PUT) Authorization(io.swagger.annotations.Authorization) Collections(java.util.Collections) InputStream(java.io.InputStream) ProcessGroupEntity(org.apache.nifi.web.api.entity.ProcessGroupEntity) RemoteProcessGroupEntity(org.apache.nifi.web.api.entity.RemoteProcessGroupEntity) FlowDTO(org.apache.nifi.web.api.dto.flow.FlowDTO) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) SnippetAuthorizable(org.apache.nifi.authorization.SnippetAuthorizable) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 7 with FlowEntity

use of org.apache.nifi.web.api.entity.FlowEntity in project nifi by apache.

the class ITProcessorAccessControl method testCopyPasteRestrictedProcessor.

/**
 * Tests attempting to copy/paste a restricted processor.
 *
 * @throws Exception ex
 */
@Test
public void testCopyPasteRestrictedProcessor() throws Exception {
    final String copyUrl = helper.getBaseUrl() + "/process-groups/root/snippet-instance";
    final Tuple<ProcessorEntity, SnippetEntity> tuple = createSnippetWithRestrictedComponent(RestrictedProcessor.class.getName(), helper.getPrivilegedUser());
    final SnippetEntity snippetEntity = tuple.getValue();
    // build the copy/paste request
    final CopySnippetRequestEntity copyRequest = new CopySnippetRequestEntity();
    copyRequest.setSnippetId(snippetEntity.getSnippet().getId());
    copyRequest.setOriginX(0.0);
    copyRequest.setOriginY(0.0);
    // create the snippet
    Response response = helper.getReadWriteUser().testPost(copyUrl, copyRequest);
    // ensure the request failed... need privileged users since snippet comprised of the restricted components
    assertEquals(403, response.getStatus());
    // perform the request as a user with read/write and only execute code restricted access
    response = helper.getExecuteCodeUser().testPost(copyUrl, copyRequest);
    // ensure the request is successful
    assertEquals(403, response.getStatus());
    // create the snippet
    response = helper.getPrivilegedUser().testPost(copyUrl, copyRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final FlowEntity flowEntity = response.readEntity(FlowEntity.class);
    // remove the restricted processors
    deleteRestrictedComponent(tuple.getKey(), helper.getPrivilegedUser());
    deleteRestrictedComponent(flowEntity.getFlow().getProcessors().stream().findFirst().orElse(null), helper.getPrivilegedUser());
}
Also used : Response(javax.ws.rs.core.Response) CopySnippetRequestEntity(org.apache.nifi.web.api.entity.CopySnippetRequestEntity) SnippetEntity(org.apache.nifi.web.api.entity.SnippetEntity) ExecuteCodeRestrictedProcessor(org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor) RestrictedProcessor(org.apache.nifi.integration.util.RestrictedProcessor) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) ProcessGroupFlowEntity(org.apache.nifi.web.api.entity.ProcessGroupFlowEntity) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity) Test(org.junit.Test)

Example 8 with FlowEntity

use of org.apache.nifi.web.api.entity.FlowEntity in project nifi by apache.

the class ITProcessorAccessControl method testTemplateWithRestrictedProcessor.

/**
 * Tests attempting to use a template with a restricted processor.
 *
 * @throws Exception ex
 */
@Test
public void testTemplateWithRestrictedProcessor() throws Exception {
    final String createTemplateUrl = helper.getBaseUrl() + "/process-groups/root/templates";
    final String instantiateTemplateUrl = helper.getBaseUrl() + "/process-groups/root/template-instance";
    final Tuple<ProcessorEntity, SnippetEntity> tuple = createSnippetWithRestrictedComponent(RestrictedProcessor.class.getName(), helper.getPrivilegedUser());
    final SnippetEntity snippetEntity = tuple.getValue();
    // create the template
    final CreateTemplateRequestEntity createTemplateRequest = new CreateTemplateRequestEntity();
    createTemplateRequest.setSnippetId(snippetEntity.getSnippet().getId());
    createTemplateRequest.setName("test");
    // create the snippet
    Response response = helper.getWriteUser().testPost(createTemplateUrl, createTemplateRequest);
    // ensure the request failed... need read perms to the components in the snippet
    assertEquals(403, response.getStatus());
    response = helper.getReadWriteUser().testPost(createTemplateUrl, createTemplateRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final TemplateEntity templateEntity = response.readEntity(TemplateEntity.class);
    // build the template request
    final InstantiateTemplateRequestEntity instantiateTemplateRequest = new InstantiateTemplateRequestEntity();
    instantiateTemplateRequest.setTemplateId(templateEntity.getTemplate().getId());
    instantiateTemplateRequest.setOriginX(0.0);
    instantiateTemplateRequest.setOriginY(0.0);
    // create the snippet
    response = helper.getReadWriteUser().testPost(instantiateTemplateUrl, instantiateTemplateRequest);
    // ensure the request failed... need privileged user since the template is comprised of restricted components
    assertEquals(403, response.getStatus());
    // create the snippet
    response = helper.getExecuteCodeUser().testPost(instantiateTemplateUrl, instantiateTemplateRequest);
    // ensure the request failed... need privileged user since the template is comprised of restricted components
    assertEquals(403, response.getStatus());
    // create the snippet
    response = helper.getPrivilegedUser().testPost(instantiateTemplateUrl, instantiateTemplateRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final FlowEntity flowEntity = response.readEntity(FlowEntity.class);
    // clean up the resources created during this test
    deleteTemplate(templateEntity);
    deleteRestrictedComponent(tuple.getKey(), helper.getPrivilegedUser());
    deleteRestrictedComponent(flowEntity.getFlow().getProcessors().stream().findFirst().orElse(null), helper.getPrivilegedUser());
}
Also used : Response(javax.ws.rs.core.Response) InstantiateTemplateRequestEntity(org.apache.nifi.web.api.entity.InstantiateTemplateRequestEntity) SnippetEntity(org.apache.nifi.web.api.entity.SnippetEntity) ExecuteCodeRestrictedProcessor(org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor) RestrictedProcessor(org.apache.nifi.integration.util.RestrictedProcessor) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) CreateTemplateRequestEntity(org.apache.nifi.web.api.entity.CreateTemplateRequestEntity) TemplateEntity(org.apache.nifi.web.api.entity.TemplateEntity) ProcessGroupFlowEntity(org.apache.nifi.web.api.entity.ProcessGroupFlowEntity) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity) Test(org.junit.Test)

Example 9 with FlowEntity

use of org.apache.nifi.web.api.entity.FlowEntity in project nifi by apache.

the class ITProcessorAccessControl method templateWithExecuteCodeRestrictedProcessor.

private void templateWithExecuteCodeRestrictedProcessor(final NiFiTestUser user) throws Exception {
    final String createTemplateUrl = helper.getBaseUrl() + "/process-groups/root/templates";
    final String instantiateTemplateUrl = helper.getBaseUrl() + "/process-groups/root/template-instance";
    final Tuple<ProcessorEntity, SnippetEntity> tuple = createSnippetWithRestrictedComponent(ExecuteCodeRestrictedProcessor.class.getName(), helper.getPrivilegedUser());
    final SnippetEntity snippetEntity = tuple.getValue();
    // create the template
    final CreateTemplateRequestEntity createTemplateRequest = new CreateTemplateRequestEntity();
    createTemplateRequest.setSnippetId(snippetEntity.getSnippet().getId());
    createTemplateRequest.setName("test");
    // create the snippet
    Response response = helper.getWriteUser().testPost(createTemplateUrl, createTemplateRequest);
    // ensure the request failed... need read perms to the components in the snippet
    assertEquals(403, response.getStatus());
    response = helper.getReadWriteUser().testPost(createTemplateUrl, createTemplateRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final TemplateEntity templateEntity = response.readEntity(TemplateEntity.class);
    // build the template request
    final InstantiateTemplateRequestEntity instantiateTemplateRequest = new InstantiateTemplateRequestEntity();
    instantiateTemplateRequest.setTemplateId(templateEntity.getTemplate().getId());
    instantiateTemplateRequest.setOriginX(0.0);
    instantiateTemplateRequest.setOriginY(0.0);
    // create the snippet
    response = helper.getReadWriteUser().testPost(instantiateTemplateUrl, instantiateTemplateRequest);
    // ensure the request failed... need privileged user since the template is comprised of restricted components
    assertEquals(403, response.getStatus());
    // create the snippet
    response = user.testPost(instantiateTemplateUrl, instantiateTemplateRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final FlowEntity flowEntity = response.readEntity(FlowEntity.class);
    // clean up the resources created during this test
    deleteTemplate(templateEntity);
    deleteRestrictedComponent(tuple.getKey(), user);
    deleteRestrictedComponent(flowEntity.getFlow().getProcessors().stream().findFirst().orElse(null), user);
}
Also used : Response(javax.ws.rs.core.Response) InstantiateTemplateRequestEntity(org.apache.nifi.web.api.entity.InstantiateTemplateRequestEntity) SnippetEntity(org.apache.nifi.web.api.entity.SnippetEntity) ExecuteCodeRestrictedProcessor(org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) CreateTemplateRequestEntity(org.apache.nifi.web.api.entity.CreateTemplateRequestEntity) TemplateEntity(org.apache.nifi.web.api.entity.TemplateEntity) ProcessGroupFlowEntity(org.apache.nifi.web.api.entity.ProcessGroupFlowEntity) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity)

Example 10 with FlowEntity

use of org.apache.nifi.web.api.entity.FlowEntity in project nifi by apache.

the class ITProcessorAccessControl method copyPasteExecuteCodeRestrictedProcessor.

private void copyPasteExecuteCodeRestrictedProcessor(final NiFiTestUser user) throws Exception {
    final String copyUrl = helper.getBaseUrl() + "/process-groups/root/snippet-instance";
    final Tuple<ProcessorEntity, SnippetEntity> tuple = createSnippetWithRestrictedComponent(ExecuteCodeRestrictedProcessor.class.getName(), user);
    final SnippetEntity snippetEntity = tuple.getValue();
    // build the copy/paste request
    final CopySnippetRequestEntity copyRequest = new CopySnippetRequestEntity();
    copyRequest.setSnippetId(snippetEntity.getSnippet().getId());
    copyRequest.setOriginX(0.0);
    copyRequest.setOriginY(0.0);
    // create the snippet
    Response response = helper.getReadWriteUser().testPost(copyUrl, copyRequest);
    // ensure the request failed... need privileged users since snippet comprised of the restricted components
    assertEquals(403, response.getStatus());
    // perform the request as a user with read/write and only execute code restricted access
    response = user.testPost(copyUrl, copyRequest);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final FlowEntity flowEntity = response.readEntity(FlowEntity.class);
    // remove the restricted processors
    deleteRestrictedComponent(tuple.getKey(), user);
    deleteRestrictedComponent(flowEntity.getFlow().getProcessors().stream().findFirst().orElse(null), user);
}
Also used : Response(javax.ws.rs.core.Response) CopySnippetRequestEntity(org.apache.nifi.web.api.entity.CopySnippetRequestEntity) SnippetEntity(org.apache.nifi.web.api.entity.SnippetEntity) ExecuteCodeRestrictedProcessor(org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) ProcessGroupFlowEntity(org.apache.nifi.web.api.entity.ProcessGroupFlowEntity) FlowEntity(org.apache.nifi.web.api.entity.FlowEntity)

Aggregations

FlowEntity (org.apache.nifi.web.api.entity.FlowEntity)10 ProcessGroupFlowEntity (org.apache.nifi.web.api.entity.ProcessGroupFlowEntity)7 ProcessorEntity (org.apache.nifi.web.api.entity.ProcessorEntity)7 Response (javax.ws.rs.core.Response)5 FlowDTO (org.apache.nifi.web.api.dto.flow.FlowDTO)5 InstantiateTemplateRequestEntity (org.apache.nifi.web.api.entity.InstantiateTemplateRequestEntity)5 ExecuteCodeRestrictedProcessor (org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor)4 FlowSnippetDTO (org.apache.nifi.web.api.dto.FlowSnippetDTO)4 SnippetEntity (org.apache.nifi.web.api.entity.SnippetEntity)4 HashMap (java.util.HashMap)3 Map (java.util.Map)3 CopySnippetRequestEntity (org.apache.nifi.web.api.entity.CopySnippetRequestEntity)3 CreateTemplateRequestEntity (org.apache.nifi.web.api.entity.CreateTemplateRequestEntity)3 TemplateEntity (org.apache.nifi.web.api.entity.TemplateEntity)3 Api (io.swagger.annotations.Api)2 ApiImplicitParam (io.swagger.annotations.ApiImplicitParam)2 ApiImplicitParams (io.swagger.annotations.ApiImplicitParams)2 ApiOperation (io.swagger.annotations.ApiOperation)2 ApiParam (io.swagger.annotations.ApiParam)2 ApiResponse (io.swagger.annotations.ApiResponse)2