Search in sources :

Example 16 with ProcessorEntity

use of org.apache.nifi.web.api.entity.ProcessorEntity in project nifi by apache.

the class ITProcessorAccessControl method testReadWriteUserPutProcessorThroughInheritedPolicy.

/**
 * Ensures the READ_WRITE user can put a processor.
 *
 * @throws Exception ex
 */
@Test
public void testReadWriteUserPutProcessorThroughInheritedPolicy() throws Exception {
    final ProcessorEntity entity = createProcessor(helper, NiFiTestAuthorizer.NO_POLICY_COMPONENT_NAME);
    final String updatedName = "Updated name";
    // attempt to update the name
    final long version = entity.getRevision().getVersion();
    entity.getRevision().setClientId(READ_WRITE_CLIENT_ID);
    entity.getComponent().setName(updatedName);
    // perform the request
    final Response response = updateProcessor(helper.getReadWriteUser(), entity);
    // ensure successful response
    assertEquals(200, response.getStatus());
    // get the response
    final ProcessorEntity responseEntity = response.readEntity(ProcessorEntity.class);
    // verify
    assertEquals(AccessControlHelper.READ_WRITE_CLIENT_ID, responseEntity.getRevision().getClientId());
    assertEquals(version + 1, responseEntity.getRevision().getVersion().longValue());
    assertEquals(updatedName, responseEntity.getComponent().getName());
}
Also used : Response(javax.ws.rs.core.Response) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Test(org.junit.Test)

Example 17 with ProcessorEntity

use of org.apache.nifi.web.api.entity.ProcessorEntity in project nifi by apache.

the class ITProcessorAccessControl method createExecuteCodeRestrictedProcessor.

private void createExecuteCodeRestrictedProcessor(final NiFiTestUser user) throws Exception {
    String url = helper.getBaseUrl() + "/process-groups/root/processors";
    // create the processor
    ProcessorDTO processor = new ProcessorDTO();
    processor.setName("execute code restricted");
    processor.setType(ExecuteCodeRestrictedProcessor.class.getName());
    // create the revision
    final RevisionDTO revision = new RevisionDTO();
    revision.setClientId(READ_WRITE_CLIENT_ID);
    revision.setVersion(0L);
    // create the entity body
    ProcessorEntity entity = new ProcessorEntity();
    entity.setRevision(revision);
    entity.setComponent(processor);
    // perform the request as a user with read/write but no restricted access
    Response response = helper.getReadWriteUser().testPost(url, entity);
    // ensure the request is successful
    assertEquals(403, response.getStatus());
    // perform the request as a user with read/write and restricted access
    response = user.testPost(url, entity);
    // ensure the request is successful
    assertEquals(201, response.getStatus());
    final ProcessorEntity responseEntity = response.readEntity(ProcessorEntity.class);
    // remove the restricted component
    deleteRestrictedComponent(responseEntity, user);
}
Also used : Response(javax.ws.rs.core.Response) ProcessorDTO(org.apache.nifi.web.api.dto.ProcessorDTO) ExecuteCodeRestrictedProcessor(org.apache.nifi.integration.util.ExecuteCodeRestrictedProcessor) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) RevisionDTO(org.apache.nifi.web.api.dto.RevisionDTO)

Example 18 with ProcessorEntity

use of org.apache.nifi.web.api.entity.ProcessorEntity in project nifi by apache.

the class ITProcessorAccessControl method testReadWriteUserGetProcessor.

/**
 * Ensures the READ WRITE user can get a processor.
 *
 * @throws Exception ex
 */
@Test
public void testReadWriteUserGetProcessor() throws Exception {
    final ProcessorEntity entity = getRandomProcessor(helper.getReadWriteUser());
    assertTrue(entity.getPermissions().getCanRead());
    assertTrue(entity.getPermissions().getCanWrite());
    assertNotNull(entity.getComponent());
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Test(org.junit.Test)

Example 19 with ProcessorEntity

use of org.apache.nifi.web.api.entity.ProcessorEntity in project nifi by apache.

the class ITProcessorAccessControl method testReadUserGetProcessor.

/**
 * Ensures the READ user can get a processor.
 *
 * @throws Exception ex
 */
@Test
public void testReadUserGetProcessor() throws Exception {
    final ProcessorEntity entity = getRandomProcessor(helper.getReadUser());
    assertTrue(entity.getPermissions().getCanRead());
    assertFalse(entity.getPermissions().getCanWrite());
    assertNotNull(entity.getComponent());
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Test(org.junit.Test)

Example 20 with ProcessorEntity

use of org.apache.nifi.web.api.entity.ProcessorEntity in project nifi by apache.

the class ITProcessorAccessControl method testNoneUserClearState.

/**
 * Ensures the NONE user cannot clear state.
 *
 * @throws Exception ex
 */
@Test
public void testNoneUserClearState() throws Exception {
    final ProcessorEntity entity = getRandomProcessor(helper.getReadUser());
    assertTrue(entity.getPermissions().getCanRead());
    assertFalse(entity.getPermissions().getCanWrite());
    assertNotNull(entity.getComponent());
    final String url = helper.getBaseUrl() + "/processors/" + entity.getId() + "/state/clear-requests";
    // perform the request
    final Response response = helper.getNoneUser().testPost(url);
    // ensure forbidden response
    assertEquals(403, response.getStatus());
}
Also used : Response(javax.ws.rs.core.Response) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Test(org.junit.Test)

Aggregations

ProcessorEntity (org.apache.nifi.web.api.entity.ProcessorEntity)60 Response (javax.ws.rs.core.Response)29 Test (org.junit.Test)26 HashMap (java.util.HashMap)20 NodeIdentifier (org.apache.nifi.cluster.protocol.NodeIdentifier)19 HashSet (java.util.HashSet)17 ProcessorDTO (org.apache.nifi.web.api.dto.ProcessorDTO)17 URI (java.net.URI)16 RevisionDTO (org.apache.nifi.web.api.dto.RevisionDTO)16 Map (java.util.Map)15 NodeResponse (org.apache.nifi.cluster.manager.NodeResponse)12 NiFiUserDetails (org.apache.nifi.authorization.user.NiFiUserDetails)11 NiFiAuthenticationToken (org.apache.nifi.web.security.token.NiFiAuthenticationToken)11 Authentication (org.springframework.security.core.Authentication)11 Set (java.util.Set)10 Authorizable (org.apache.nifi.authorization.resource.Authorizable)10 NiFiUser (org.apache.nifi.authorization.user.NiFiUser)10 List (java.util.List)8 Collectors (java.util.stream.Collectors)8 ClusterCoordinator (org.apache.nifi.cluster.coordination.ClusterCoordinator)8