@Override public AsyncClusterResponse replicate(Set<NodeIdentifier> nodeIds, String method, URI uri, Object entity, Map<String, String> headers, final boolean indicateReplicated, final boolean performVerification) { return replicate(nodeIds, NiFiUserUtils.getNiFiUser(), method, uri, entity, headers, indicateReplicated, performVerification); }
/** * Creates the PermissionsDTO based on the specified Authorizable. * * @param authorizable authorizable * @return dto */ public PermissionsDTO createPermissionsDto(final Authorizable authorizable) { return createPermissionsDto(authorizable, NiFiUserUtils.getNiFiUser()); }
@Override public Set<RemoteProcessGroupEntity> getRemoteProcessGroups(final String groupId) { final NiFiUser user = NiFiUserUtils.getNiFiUser(); final Set<RemoteProcessGroup> rpgs = remoteProcessGroupDAO.getRemoteProcessGroups(groupId); return rpgs.stream() .map(rpg -> createRemoteGroupEntity(rpg, user)) .collect(Collectors.toSet()); }
@Override public Set<ProcessorEntity> getProcessors(final String groupId, final boolean includeDescendants) { final Set<ProcessorNode> processors = processorDAO.getProcessors(groupId, includeDescendants); final NiFiUser user = NiFiUserUtils.getNiFiUser(); return processors.stream() .map(processor -> createProcessorEntity(processor, user)) .collect(Collectors.toSet()); }
/** * Authorize any restrictions for the specified ComponentAuthorizable. * * @param authorizer authorizer * @param authorizable component authorizable */ protected void authorizeRestrictions(final Authorizer authorizer, final ComponentAuthorizable authorizable) { authorizable.getRestrictedAuthorizables().forEach(restrictionAuthorizable -> restrictionAuthorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser())); }
@Override public RemoteProcessGroupEntity getRemoteProcessGroup(final String remoteProcessGroupId) { final RemoteProcessGroup rpg = remoteProcessGroupDAO.getRemoteProcessGroup(remoteProcessGroupId); return createRemoteGroupEntity(rpg, NiFiUserUtils.getNiFiUser()); }
@Override public String getCurrentUserIdentity() { final NiFiUser user = NiFiUserUtils.getNiFiUser(); authorizeFlowAccess(user); return user.getIdentity(); }
@Override public VersionedFlow deleteVersionedFlow(final String registryId, final String bucketId, final String flowId) { final FlowRegistry registry = flowRegistryClient.getFlowRegistry(registryId); if (registry == null) { throw new IllegalArgumentException("No Flow Registry exists with ID " + registryId); } try { return registry.deleteVersionedFlow(bucketId, flowId, NiFiUserUtils.getNiFiUser()); } catch (final IOException | NiFiRegistryException e) { throw new NiFiCoreException("Failed to remove flow from Flow Registry due to " + e.getMessage(), e); } }
@Override public ProcessorEntity getProcessor(final String id) { final ProcessorNode processor = processorDAO.getProcessor(id); return createProcessorEntity(processor, NiFiUserUtils.getNiFiUser()); }
/** * Authorizes access to the flow. */ private void authorizeCounters(final RequestAction action) { serviceFacade.authorizeAccess(lookup -> { final Authorizable counters = lookup.getCounters(); counters.authorize(authorizer, action, NiFiUserUtils.getNiFiUser()); }); }
@Override public VersionedFlow registerVersionedFlow(final String registryId, final VersionedFlow flow) { final FlowRegistry registry = flowRegistryClient.getFlowRegistry(registryId); if (registry == null) { throw new ResourceNotFoundException("No Flow Registry exists with ID " + registryId); } try { return registry.registerVersionedFlow(flow, NiFiUserUtils.getNiFiUser()); } catch (final IOException | NiFiRegistryException e) { throw new NiFiCoreException("Failed to register flow with Flow Registry due to " + e.getMessage(), e); } }
private void authorizeResource() { serviceFacade.authorizeAccess(lookup -> { final Authorizable resource = lookup.getResource(); resource.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser()); }); }
/** * Authorizes access to the flow. */ private void authorizeFlow() { serviceFacade.authorizeAccess(lookup -> { final Authorizable flow = lookup.getFlow(); flow.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser()); }); }
/** * Authorizes access to Site To Site details. * <p> * Note: Protected for testing purposes */ protected void authorizeSiteToSite() { serviceFacade.authorizeAccess(lookup -> { final Authorizable siteToSite = lookup.getSiteToSite(); siteToSite.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser()); }); }
private void authorizeProvenanceRequest() { serviceFacade.authorizeAccess(lookup -> { final Authorizable provenance = lookup.getProvenance(); provenance.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser()); }); }
private VersionedFlow getVersionedFlow(final String registryId, final String bucketId, final String flowId) throws IOException, NiFiRegistryException { final FlowRegistry registry = flowRegistryClient.getFlowRegistry(registryId); if (registry == null) { throw new ResourceNotFoundException("No Flow Registry exists with ID " + registryId); } return registry.getVersionedFlow(bucketId, flowId, NiFiUserUtils.getNiFiUser()); }
private PortEntity createInputPortEntity(final Port port) { final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(port.getIdentifier())); final PermissionsDTO permissions = dtoFactory.createPermissionsDto(port, NiFiUserUtils.getNiFiUser()); final PermissionsDTO operatePermissions = dtoFactory.createPermissionsDto(new OperationAuthorizable(port), NiFiUserUtils.getNiFiUser()); final PortStatusDTO status = dtoFactory.createPortStatusDto(controllerFacade.getInputPortStatus(port.getIdentifier())); final List<BulletinDTO> bulletins = dtoFactory.createBulletinDtos(bulletinRepository.findBulletinsForSource(port.getIdentifier())); final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList()); return entityFactory.createPortEntity(dtoFactory.createPortDto(port), revision, permissions, operatePermissions, status, bulletinEntities); }
private ControllerServiceEntity createControllerServiceEntity(final ControllerServiceNode serviceNode, final Set<String> serviceIds) { final ControllerServiceDTO dto = dtoFactory.createControllerServiceDto(serviceNode); final ControllerServiceReference ref = serviceNode.getReferences(); final ControllerServiceReferencingComponentsEntity referencingComponentsEntity = createControllerServiceReferencingComponentsEntity(ref, serviceIds); dto.setReferencingComponents(referencingComponentsEntity.getControllerServiceReferencingComponents()); final RevisionDTO revision = dtoFactory.createRevisionDTO(revisionManager.getRevision(serviceNode.getIdentifier())); final PermissionsDTO permissions = dtoFactory.createPermissionsDto(serviceNode, NiFiUserUtils.getNiFiUser()); final PermissionsDTO operatePermissions = dtoFactory.createPermissionsDto(new OperationAuthorizable(serviceNode), NiFiUserUtils.getNiFiUser()); final List<BulletinDTO> bulletins = dtoFactory.createBulletinDtos(bulletinRepository.findBulletinsForSource(serviceNode.getIdentifier())); final List<BulletinEntity> bulletinEntities = bulletins.stream().map(bulletin -> entityFactory.createBulletinEntity(bulletin, permissions.getCanRead())).collect(Collectors.toList()); return entityFactory.createControllerServiceEntity(dto, revision, permissions, operatePermissions, bulletinEntities); }
@Override public RegistryClientEntity deleteRegistryClient(final Revision revision, final String registryId) { final RevisionClaim claim = new StandardRevisionClaim(revision); final NiFiUser user = NiFiUserUtils.getNiFiUser(); final FlowRegistry registry = revisionManager.deleteRevision(claim, user, () -> { final FlowRegistry reg = registryDAO.removeFlowRegistry(registryId); controllerFacade.save(); return reg; }); return createRegistryClientEntity(registry); }
private SnippetAuthorizable authorizeSnippetUsage(final AuthorizableLookup lookup, final String groupId, final String snippetId, final boolean authorizeTransitiveServices) { final NiFiUser user = NiFiUserUtils.getNiFiUser(); // ensure write access to the target process group lookup.getProcessGroup(groupId).getAuthorizable().authorize(authorizer, RequestAction.WRITE, user); // ensure read permission to every component in the snippet including referenced services final SnippetAuthorizable snippet = lookup.getSnippet(snippetId); authorizeSnippet(snippet, authorizer, lookup, RequestAction.READ, true, authorizeTransitiveServices); return snippet; }