Examples with UserEntity org.apache.nifi.web.api.entity.UserEntity used on opensource projects

Example 1 with UserEntity

use of org.apache.nifi.web.api.entity.UserEntity in project nifi by apache.

the class StandardNiFiServiceFacade method deleteUser.

@Override
public UserEntity deleteUser(final Revision revision, final String userId) {
    final User user = userDAO.getUser(userId);
    final PermissionsDTO permissions = dtoFactory.createPermissionsDto(authorizableLookup.getTenant());
    final Set<TenantEntity> userGroups = user != null ? userGroupDAO.getUserGroupsForUser(userId).stream().map(g -> g.getIdentifier()).map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()) : null;
    final Set<AccessPolicySummaryEntity> policyEntities = user != null ? userGroupDAO.getAccessPoliciesForUser(userId).stream().map(ap -> createAccessPolicySummaryEntity(ap)).collect(Collectors.toSet()) : null;
    final String resourceIdentifier = ResourceFactory.getTenantResource().getIdentifier() + "/" + userId;
    final UserDTO snapshot = deleteComponent(revision, new Resource() {

        @Override
        public String getIdentifier() {
            return resourceIdentifier;
        }

        @Override
        public String getName() {
            return resourceIdentifier;
        }

        @Override
        public String getSafeDescription() {
            return "User " + userId;
        }
    }, () -> userDAO.deleteUser(userId), // no user specific policies to remove
    false, dtoFactory.createUserDto(user, userGroups, policyEntities));
    return entityFactory.createUserEntity(snapshot, null, permissions);
}

Example 2 with UserEntity

use of org.apache.nifi.web.api.entity.UserEntity in project nifi by apache.

the class TenantsResource method removeUser.

/**
 * Removes the specified user.
 *
 * @param httpServletRequest request
 * @param version            The revision is used to verify the client is working with
 *                           the latest version of the flow.
 * @param clientId           Optional client id. If the client id is not specified, a
 *                           new one will be generated. This value (whether specified or generated) is
 *                           included in the response.
 * @param id                 The id of the user to remove.
 * @return A entity containing the client id and an updated revision.
 */
@DELETE
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("users/{id}")
@ApiOperation(value = "Deletes a user", notes = NON_GUARANTEED_ENDPOINT, response = UserEntity.class, authorizations = { @Authorization(value = "Write - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response removeUser(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The revision is used to verify the client is working with the latest version of the flow.", required = false) @QueryParam(VERSION) final LongParameter version, @ApiParam(value = "If the client id is not specified, new one will be generated. This value (whether specified or generated) is included in the response.", required = false) @QueryParam(CLIENT_ID) @DefaultValue(StringUtils.EMPTY) final ClientIdParameter clientId, @ApiParam(value = "The user id.", required = true) @PathParam("id") final String id) {
    // ensure we're running with a configurable authorizer
    if (!AuthorizerCapabilityDetection.isConfigurableUserGroupProvider(authorizer)) {
        throw new IllegalStateException(AccessPolicyDAO.MSG_NON_CONFIGURABLE_USERS);
    }
    if (isReplicateRequest()) {
        return replicate(HttpMethod.DELETE);
    }
    final UserEntity requestUserEntity = new UserEntity();
    requestUserEntity.setId(id);
    // handle expects request (usually from the cluster manager)
    final Revision requestRevision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id);
    return withWriteLock(serviceFacade, requestUserEntity, requestRevision, lookup -> {
        final Authorizable tenants = lookup.getTenant();
        tenants.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
    }, null, (revision, userEntity) -> {
        // delete the specified user
        final UserEntity entity = serviceFacade.deleteUser(revision, userEntity.getId());
        return generateOkResponse(entity).build();
    });
}

Example 3 with UserEntity

use of org.apache.nifi.web.api.entity.UserEntity in project nifi by apache.

the class TenantsResource method getUser.

/**
 * Retrieves the specified user.
 *
 * @param id The id of the user to retrieve
 * @return An userEntity.
 */
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("users/{id}")
@ApiOperation(value = "Gets a user", notes = NON_GUARANTEED_ENDPOINT, response = UserEntity.class, authorizations = { @Authorization(value = "Read - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getUser(@ApiParam(value = "The user id.", required = true) @PathParam("id") final String id) {
    // ensure we're running with a configurable authorizer
    if (!AuthorizerCapabilityDetection.isManagedAuthorizer(authorizer)) {
        throw new IllegalStateException(AccessPolicyDAO.MSG_NON_MANAGED_AUTHORIZER);
    }
    if (isReplicateRequest()) {
        return replicate(HttpMethod.GET);
    }
    // authorize access
    serviceFacade.authorizeAccess(lookup -> {
        final Authorizable tenants = lookup.getTenant();
        tenants.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
    });
    // get the user
    final UserEntity entity = serviceFacade.getUser(id);
    populateRemainingUserEntityContent(entity);
    return generateOkResponse(entity).build();
}

Example 4 with UserEntity

use of org.apache.nifi.web.api.entity.UserEntity in project nifi by apache.

the class TenantsResource method createUser.

/**
 * Creates a new user.
 *
 * @param httpServletRequest request
 * @param requestUserEntity         An userEntity.
 * @return An userEntity.
 */
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("users")
@ApiOperation(value = "Creates a user", notes = NON_GUARANTEED_ENDPOINT, response = UserEntity.class, authorizations = { @Authorization(value = "Write - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response createUser(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The user configuration details.", required = true) final UserEntity requestUserEntity) {
    // ensure we're running with a configurable authorizer
    if (!AuthorizerCapabilityDetection.isConfigurableUserGroupProvider(authorizer)) {
        throw new IllegalStateException(AccessPolicyDAO.MSG_NON_CONFIGURABLE_USERS);
    }
    if (requestUserEntity == null || requestUserEntity.getComponent() == null) {
        throw new IllegalArgumentException("User details must be specified.");
    }
    if (requestUserEntity.getRevision() == null || (requestUserEntity.getRevision().getVersion() == null || requestUserEntity.getRevision().getVersion() != 0)) {
        throw new IllegalArgumentException("A revision of 0 must be specified when creating a new User.");
    }
    if (requestUserEntity.getComponent().getId() != null) {
        throw new IllegalArgumentException("User ID cannot be specified.");
    }
    if (StringUtils.isBlank(requestUserEntity.getComponent().getIdentity())) {
        throw new IllegalArgumentException("User identity must be specified.");
    }
    if (isReplicateRequest()) {
        return replicate(HttpMethod.POST, requestUserEntity);
    }
    return withWriteLock(serviceFacade, requestUserEntity, lookup -> {
        final Authorizable tenants = lookup.getTenant();
        tenants.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
    }, null, userEntity -> {
        // set the user id as appropriate
        userEntity.getComponent().setId(generateUuid());
        // get revision from the config
        final RevisionDTO revisionDTO = userEntity.getRevision();
        Revision revision = new Revision(revisionDTO.getVersion(), revisionDTO.getClientId(), userEntity.getComponent().getId());
        // create the user and generate the json
        final UserEntity entity = serviceFacade.createUser(revision, userEntity.getComponent());
        populateRemainingUserEntityContent(entity);
        // build the response
        return generateCreatedResponse(URI.create(entity.getUri()), entity).build();
    });
}

Example 5 with UserEntity

use of org.apache.nifi.web.api.entity.UserEntity in project nifi by apache.

the class TenantsResource method getUsers.

/**
 * Retrieves all the of users in this NiFi.
 *
 * @return A UsersEntity.
 */
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("users")
@ApiOperation(value = "Gets all users", notes = NON_GUARANTEED_ENDPOINT, response = UsersEntity.class, authorizations = { @Authorization(value = "Read - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getUsers() {
    // ensure we're running with a configurable authorizer
    if (!AuthorizerCapabilityDetection.isManagedAuthorizer(authorizer)) {
        throw new IllegalStateException(AccessPolicyDAO.MSG_NON_MANAGED_AUTHORIZER);
    }
    if (isReplicateRequest()) {
        return replicate(HttpMethod.GET);
    }
    // authorize access
    serviceFacade.authorizeAccess(lookup -> {
        final Authorizable tenants = lookup.getTenant();
        tenants.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
    });
    // get all the users
    final Set<UserEntity> users = serviceFacade.getUsers();
    // create the response entity
    final UsersEntity entity = new UsersEntity();
    entity.setGenerated(new Date());
    entity.setUsers(populateRemainingUserEntitiesContent(users));
    // generate the response
    return generateOkResponse(entity).build();
}