private void addRootGroupPort(final Element parentElement, final RootGroupPort port, final String elementName, final ScheduledStateLookup scheduledStateLookup) { final Document doc = parentElement.getOwnerDocument(); final Element element = doc.createElement(elementName); parentElement.appendChild(element); addTextElement(element, "id", port.getIdentifier()); addTextElement(element, "versionedComponentId", port.getVersionedComponentId()); addTextElement(element, "name", port.getName()); addPosition(element, port.getPosition()); addTextElement(element, "comments", port.getComments()); addTextElement(element, "scheduledState", scheduledStateLookup.getScheduledState(port).name()); addTextElement(element, "maxConcurrentTasks", String.valueOf(port.getMaxConcurrentTasks())); for (final String user : port.getUserAccessControl()) { addTextElement(element, "userAccessControl", user); } for (final String group : port.getGroupAccessControl()) { addTextElement(element, "groupAccessControl", group); } parentElement.appendChild(element); }
final PortAuthorizationResult portAuthResult = this.port.checkUserAuthorization(peer.getCommunicationsSession().getUserDn()); if (!portAuthResult.isAuthorized()) { logger.debug("Responding with ResponseCode UNAUTHORIZED: ", portAuthResult.getExplanation()); for (final Connection connection : port.getConnections()) { if (connection.getFlowFileQueue().isFull()) { logger.debug("Responding with ResponseCode PORTS_DESTINATION_FULL for {}", port);
case RECEIVE_FLOWFILES: protocol.getPort().transferFlowFiles(peer, protocol); break; case SEND_FLOWFILES: protocol.getPort().receiveFlowFiles(peer, protocol); break; case REQUEST_PEER_LIST:
if (isUserAuthorized(user, inputPort)) { final PortDTO dto = new PortDTO(); dto.setId(inputPort.getIdentifier()); dto.setName(inputPort.getName()); dto.setComments(inputPort.getComments()); dto.setState(inputPort.getScheduledState().toString()); inputPortDtos.add(dto); if (isUserAuthorized(user, outputPort)) { final PortDTO dto = new PortDTO(); dto.setId(outputPort.getIdentifier()); dto.setName(outputPort.getName()); dto.setComments(outputPort.getComments()); dto.setState(outputPort.getScheduledState().toString()); outputPortDtos.add(dto);
final RootGroupPort rootPort = (RootGroupPort) outputPort; if (isNotNull(portDTO.getGroupAccessControl())) { rootPort.setGroupAccessControl(portDTO.getGroupAccessControl()); rootPort.setUserAccessControl(portDTO.getUserAccessControl());
dto.setTransmitting(rootGroupPort.isTransmitting()); dto.setGroupAccessControl(rootGroupPort.getGroupAccessControl()); dto.setUserAccessControl(rootGroupPort.getUserAccessControl());
for (final String userAccessControl : rootGroupPort.getUserAccessControl()) { addIfAppropriate(searchStr, userAccessControl, "User access control", matches); for (final String groupAccessControl : rootGroupPort.getGroupAccessControl()) { addIfAppropriate(searchStr, groupAccessControl, "Group access control", matches);
peer.penalize(port.getIdentifier(), port.getYieldPeriod(TimeUnit.MILLISECONDS)); } else if (transactionResponse.getCode() != ResponseCode.TRANSACTION_FINISHED) { throw new ProtocolException("After sending data, expected TRANSACTION_FINISHED response but got " + transactionResponse);
@Override public AuthorizationResult checkAuthorization(NiFiUser user) { // perform the authorization of the user by using the underlying component, ensures consistent authorization with raw s2s final PortAuthorizationResult authorizationResult = ((RootGroupPort) inputPort).checkUserAuthorization(user); if (authorizationResult.isAuthorized()) { return AuthorizationResult.approved(); } else { return AuthorizationResult.denied(authorizationResult.getExplanation()); } } };
int numOfFlowFiles = serverProtocol.getPort().receiveFlowFiles(peer, serverProtocol); logger.debug("finished receiving flow files, numOfFlowFiles={}", numOfFlowFiles); if (numOfFlowFiles < 1) {
portStatus.setTransmitting(rootGroupPort.isTransmitting()); portStatus.setTransmitting(rootGroupPort.isTransmitting());
final RootGroupPort rootPort = (RootGroupPort) inputPort; if (isNotNull(portDTO.getGroupAccessControl())) { rootPort.setGroupAccessControl(portDTO.getGroupAccessControl()); rootPort.setUserAccessControl(portDTO.getUserAccessControl());
if (port instanceof RootGroupPort) { isRootGroupPort = true; existingUsers.addAll(((RootGroupPort) port).getUserAccessControl()); existingGroups.addAll(((RootGroupPort) port).getGroupAccessControl());
peer.penalize(port.getIdentifier(), port.getYieldPeriod(TimeUnit.MILLISECONDS)); } else if (transactionResponse.getCode() != ResponseCode.TRANSACTION_FINISHED) { throw new ProtocolException("After sending data, expected TRANSACTION_FINISHED response but got " + transactionResponse);
@Override public AuthorizationResult checkAuthorization(NiFiUser user) { // perform the authorization of the user by using the underlying component, ensures consistent authorization with raw s2s final PortAuthorizationResult authorizationResult = ((RootGroupPort) outputPort).checkUserAuthorization(user); if (authorizationResult.isAuthorized()) { return AuthorizationResult.approved(); } else { return AuthorizationResult.denied(authorizationResult.getExplanation()); } } };
throw new IllegalStateException("Attempting to add User Access Controls to " + port.getIdentifier() + ", but it is not a RootGroupPort"); ((RootGroupPort) port).setUserAccessControl(userControls); throw new IllegalStateException("Attempting to add Group Access Controls to " + port.getIdentifier() + ", but it is not a RootGroupPort"); ((RootGroupPort) port).setGroupAccessControl(groupControls); throw new IllegalStateException("Attempting to add User Access Controls to " + port.getIdentifier() + ", but it is not a RootGroupPort"); ((RootGroupPort) port).setUserAccessControl(userControls); throw new IllegalStateException("Attempting to add Group Access Controls to " + port.getIdentifier() + ", but it is not a RootGroupPort"); ((RootGroupPort) port).setGroupAccessControl(groupControls);
case RECEIVE_FLOWFILES: protocol.getPort().transferFlowFiles(peer, protocol); break; case SEND_FLOWFILES: protocol.getPort().receiveFlowFiles(peer, protocol); break; case REQUEST_PEER_LIST:
final PortAuthorizationResult portAuthResult = this.port.checkUserAuthorization(peer.getCommunicationsSession().getUserDn()); if (!portAuthResult.isAuthorized()) { logger.debug("Responding with ResponseCode UNAUTHORIZED: ", portAuthResult.getExplanation()); for (final Connection connection : port.getConnections()) { if (connection.getFlowFileQueue().isFull()) { logger.debug("Responding with ResponseCode PORTS_DESTINATION_FULL for {}", port);
inputPort.setMaxConcurrentTasks(portDTO.getConcurrentlySchedulableTaskCount()); if (portDTO.getGroupAccessControl() != null) { ((RootGroupPort) inputPort).setGroupAccessControl(portDTO.getGroupAccessControl()); ((RootGroupPort) inputPort).setUserAccessControl(portDTO.getUserAccessControl()); outputPort.setMaxConcurrentTasks(portDTO.getConcurrentlySchedulableTaskCount()); if (portDTO.getGroupAccessControl() != null) { ((RootGroupPort) outputPort).setGroupAccessControl(portDTO.getGroupAccessControl()); ((RootGroupPort) outputPort).setUserAccessControl(portDTO.getUserAccessControl());