Example 11 with UserGroupEntity
use of org.apache.nifi.web.api.entity.UserGroupEntity in project nifi by apache.
the class TenantsResource method getUserGroups.
/**
* Retrieves all the of user groups in this NiFi.
*
* @return A UserGroupsEntity.
*/
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("user-groups")
@ApiOperation(value = "Gets all user groups", notes = NON_GUARANTEED_ENDPOINT, response = UserGroupsEntity.class, authorizations = { @Authorization(value = "Read - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response getUserGroups() {
// ensure we're running with a configurable authorizer
if (!AuthorizerCapabilityDetection.isManagedAuthorizer(authorizer)) {
throw new IllegalStateException(AccessPolicyDAO.MSG_NON_MANAGED_AUTHORIZER);
}
if (isReplicateRequest()) {
return replicate(HttpMethod.GET);
}
// authorize access
serviceFacade.authorizeAccess(lookup -> {
final Authorizable tenants = lookup.getTenant();
tenants.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
});
// get all the user groups
final Set<UserGroupEntity> users = serviceFacade.getUserGroups();
// create the response entity
final UserGroupsEntity entity = new UserGroupsEntity();
entity.setUserGroups(populateRemainingUserGroupEntitiesContent(users));
// generate the response
return generateOkResponse(entity).build();
}
Also used :
UserGroupsEntity(org.apache.nifi.web.api.entity.UserGroupsEntity)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
UserGroupEntity(org.apache.nifi.web.api.entity.UserGroupEntity)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 12 with UserGroupEntity
use of org.apache.nifi.web.api.entity.UserGroupEntity in project nifi by apache.
the class TenantsResource method searchTenants.
// ------------
// search users
// ------------
/**
* Searches for a tenant with a given identity.
*
* @param value Search value that will be matched against a user/group identity
* @return Tenants match the specified criteria
*/
@GET
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.APPLICATION_JSON)
@Path("search-results")
@ApiOperation(value = "Searches for a tenant with the specified identity", notes = NON_GUARANTEED_ENDPOINT, response = TenantsEntity.class, authorizations = { @Authorization(value = "Read - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response searchTenants(@ApiParam(value = "Identity to search for.", required = true) @QueryParam("q") @DefaultValue(StringUtils.EMPTY) String value) {
// ensure we're running with a configurable authorizer
if (!AuthorizerCapabilityDetection.isManagedAuthorizer(authorizer)) {
throw new IllegalStateException(AccessPolicyDAO.MSG_NON_MANAGED_AUTHORIZER);
}
if (isReplicateRequest()) {
return replicate(HttpMethod.GET);
}
// authorize access
serviceFacade.authorizeAccess(lookup -> {
final Authorizable tenants = lookup.getTenant();
tenants.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser());
});
final List<TenantEntity> userMatches = new ArrayList<>();
final List<TenantEntity> userGroupMatches = new ArrayList<>();
// get the users
for (final UserEntity userEntity : serviceFacade.getUsers()) {
final UserDTO user = userEntity.getComponent();
if (StringUtils.isBlank(value) || StringUtils.containsIgnoreCase(user.getIdentity(), value)) {
final TenantDTO tenant = new TenantDTO();
tenant.setId(user.getId());
tenant.setIdentity(user.getIdentity());
tenant.setConfigurable(user.getConfigurable());
final TenantEntity entity = new TenantEntity();
entity.setPermissions(userEntity.getPermissions());
entity.setRevision(userEntity.getRevision());
entity.setId(userEntity.getId());
entity.setComponent(tenant);
userMatches.add(entity);
}
}
// get the user groups
for (final UserGroupEntity userGroupEntity : serviceFacade.getUserGroups()) {
final UserGroupDTO userGroup = userGroupEntity.getComponent();
if (StringUtils.isBlank(value) || StringUtils.containsIgnoreCase(userGroup.getIdentity(), value)) {
final TenantDTO tenant = new TenantDTO();
tenant.setId(userGroup.getId());
tenant.setIdentity(userGroup.getIdentity());
tenant.setConfigurable(userGroup.getConfigurable());
final TenantEntity entity = new TenantEntity();
entity.setPermissions(userGroupEntity.getPermissions());
entity.setRevision(userGroupEntity.getRevision());
entity.setId(userGroupEntity.getId());
entity.setComponent(tenant);
userGroupMatches.add(entity);
}
}
// build the response
final TenantsEntity results = new TenantsEntity();
results.setUsers(userMatches);
results.setUserGroups(userGroupMatches);
// generate an 200 - OK response
return noCache(Response.ok(results)).build();
}
Also used :
TenantsEntity(org.apache.nifi.web.api.entity.TenantsEntity)
TenantEntity(org.apache.nifi.web.api.entity.TenantEntity)
UserDTO(org.apache.nifi.web.api.dto.UserDTO)
TenantDTO(org.apache.nifi.web.api.dto.TenantDTO)
ArrayList(java.util.ArrayList)
UserGroupDTO(org.apache.nifi.web.api.dto.UserGroupDTO)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
UserGroupEntity(org.apache.nifi.web.api.entity.UserGroupEntity)
UserEntity(org.apache.nifi.web.api.entity.UserEntity)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 13 with UserGroupEntity
use of org.apache.nifi.web.api.entity.UserGroupEntity in project nifi by apache.
the class TenantsResource method createUserGroup.
/**
* Creates a new user group.
*
* @param httpServletRequest request
* @param requestUserGroupEntity An userGroupEntity.
* @return An userGroupEntity.
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("user-groups")
@ApiOperation(value = "Creates a user group", notes = NON_GUARANTEED_ENDPOINT, response = UserGroupEntity.class, authorizations = { @Authorization(value = "Write - /tenants") })
@ApiResponses(value = { @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") })
public Response createUserGroup(@Context final HttpServletRequest httpServletRequest, @ApiParam(value = "The user group configuration details.", required = true) final UserGroupEntity requestUserGroupEntity) {
// ensure we're running with a configurable authorizer
if (!AuthorizerCapabilityDetection.isConfigurableUserGroupProvider(authorizer)) {
throw new IllegalStateException(AccessPolicyDAO.MSG_NON_CONFIGURABLE_USERS);
}
if (requestUserGroupEntity == null || requestUserGroupEntity.getComponent() == null) {
throw new IllegalArgumentException("User group details must be specified.");
}
if (requestUserGroupEntity.getRevision() == null || (requestUserGroupEntity.getRevision().getVersion() == null || requestUserGroupEntity.getRevision().getVersion() != 0)) {
throw new IllegalArgumentException("A revision of 0 must be specified when creating a new User Group.");
}
if (requestUserGroupEntity.getComponent().getId() != null) {
throw new IllegalArgumentException("User group ID cannot be specified.");
}
if (StringUtils.isBlank(requestUserGroupEntity.getComponent().getIdentity())) {
throw new IllegalArgumentException("User group identity must be specified.");
}
if (isReplicateRequest()) {
return replicate(HttpMethod.POST, requestUserGroupEntity);
}
return withWriteLock(serviceFacade, requestUserGroupEntity, lookup -> {
final Authorizable tenants = lookup.getTenant();
tenants.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
}, null, userGroupEntity -> {
// set the user group id as appropriate
userGroupEntity.getComponent().setId(generateUuid());
// get revision from the config
final RevisionDTO revisionDTO = userGroupEntity.getRevision();
Revision revision = new Revision(revisionDTO.getVersion(), revisionDTO.getClientId(), userGroupEntity.getComponent().getId());
// create the user group and generate the json
final UserGroupEntity entity = serviceFacade.createUserGroup(revision, userGroupEntity.getComponent());
populateRemainingUserGroupEntityContent(entity);
// build the response
return generateCreatedResponse(URI.create(entity.getUri()), entity).build();
});
}
Also used :
Revision(org.apache.nifi.web.Revision)
Authorizable(org.apache.nifi.authorization.resource.Authorizable)
UserGroupEntity(org.apache.nifi.web.api.entity.UserGroupEntity)
RevisionDTO(org.apache.nifi.web.api.dto.RevisionDTO)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 14 with UserGroupEntity
use of org.apache.nifi.web.api.entity.UserGroupEntity in project nifi by apache.
the class EntityFactory method createUserGroupEntity.
public UserGroupEntity createUserGroupEntity(final UserGroupDTO dto, final RevisionDTO revision, final PermissionsDTO permissions) {
final UserGroupEntity entity = new UserGroupEntity();
entity.setRevision(revision);
if (dto != null) {
entity.setPermissions(permissions);
entity.setId(dto.getId());
if (permissions != null && permissions.getCanRead()) {
entity.setComponent(dto);
}
}
return entity;
}
Also used :
UserGroupEntity(org.apache.nifi.web.api.entity.UserGroupEntity)
Aggregations
UserGroupEntity (org.apache.nifi.web.api.entity.UserGroupEntity)14
Authorizable (org.apache.nifi.authorization.resource.Authorizable)10
UserGroupDTO (org.apache.nifi.web.api.dto.UserGroupDTO)8
HashMap (java.util.HashMap)7
NodeIdentifier (org.apache.nifi.cluster.protocol.NodeIdentifier)7
ApiOperation (io.swagger.annotations.ApiOperation)6
ApiResponses (io.swagger.annotations.ApiResponses)6
Map (java.util.Map)6
Consumes (javax.ws.rs.Consumes)6
Path (javax.ws.rs.Path)6
Produces (javax.ws.rs.Produces)6
TenantEntity (org.apache.nifi.web.api.entity.TenantEntity)6
ArrayList (java.util.ArrayList)5
Sets (com.google.common.collect.Sets)4
IOException (java.io.IOException)4
StandardCharsets (java.nio.charset.StandardCharsets)4
Arrays (java.util.Arrays)4
Collection (java.util.Collection)4
Collections (java.util.Collections)4
Comparator (java.util.Comparator)4
