http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerAuditor.java index d8c2736..01f6d70 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerAuditor.java @@ -80,7 +80,6 @@ public class ControllerAuditor extends NiFiAuditor { // create the config action FlowChangeAction configAction = new FlowChangeAction(); configAction.setUserIdentity(user.getIdentity()); - configAction.setUserName(user.getUserName()); configAction.setOperation(Operation.Configure); configAction.setTimestamp(new Date()); configAction.setSourceId("Flow Controller"); @@ -133,7 +132,6 @@ public class ControllerAuditor extends NiFiAuditor { // create the config action FlowChangeAction configAction = new FlowChangeAction(); configAction.setUserIdentity(user.getIdentity()); - configAction.setUserName(user.getUserName()); configAction.setOperation(Operation.Configure); configAction.setTimestamp(new Date()); configAction.setSourceId("Flow Controller");
http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerServiceAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerServiceAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerServiceAuditor.java index ded90f8..a122983 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerServiceAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ControllerServiceAuditor.java @@ -16,13 +16,6 @@ */ package org.apache.nifi.audit; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; -import java.util.Set; - import org.apache.nifi.action.Action; import org.apache.nifi.action.Component; import org.apache.nifi.action.FlowChangeAction; @@ -30,13 +23,13 @@ import org.apache.nifi.action.Operation; import org.apache.nifi.action.component.details.FlowChangeExtensionDetails; import org.apache.nifi.action.details.ActionDetails; import org.apache.nifi.action.details.FlowChangeConfigureDetails; +import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.components.PropertyDescriptor; import org.apache.nifi.controller.ConfiguredComponent; import org.apache.nifi.controller.ProcessorNode; import org.apache.nifi.controller.ReportingTaskNode; import org.apache.nifi.controller.ScheduledState; -import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.controller.service.ControllerServiceNode; import org.apache.nifi.controller.service.ControllerServiceReference; import org.apache.nifi.controller.service.ControllerServiceState; @@ -49,6 +42,13 @@ import org.aspectj.lang.annotation.Aspect; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + /** * Audits controller service creation/removal and configuration changes. */ @@ -168,7 +168,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create a configuration action FlowChangeAction configurationAction = new FlowChangeAction(); configurationAction.setUserIdentity(user.getIdentity()); - configurationAction.setUserName(user.getUserName()); configurationAction.setOperation(operation); configurationAction.setTimestamp(actionTimestamp); configurationAction.setSourceId(controllerService.getIdentifier()); @@ -188,7 +187,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create a controller service action FlowChangeAction serviceAction = new FlowChangeAction(); serviceAction.setUserIdentity(user.getIdentity()); - serviceAction.setUserName(user.getUserName()); serviceAction.setTimestamp(new Date()); serviceAction.setSourceId(controllerService.getIdentifier()); serviceAction.setSourceName(controllerService.getName()); @@ -272,7 +270,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create a processor action FlowChangeAction processorAction = new FlowChangeAction(); processorAction.setUserIdentity(user.getIdentity()); - processorAction.setUserName(user.getUserName()); processorAction.setTimestamp(new Date()); processorAction.setSourceId(processor.getIdentifier()); processorAction.setSourceName(processor.getName()); @@ -290,7 +287,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create a reporting task action FlowChangeAction reportingTaskAction = new FlowChangeAction(); reportingTaskAction.setUserIdentity(user.getIdentity()); - reportingTaskAction.setUserName(user.getUserName()); reportingTaskAction.setTimestamp(new Date()); reportingTaskAction.setSourceId(reportingTask.getIdentifier()); reportingTaskAction.setSourceName(reportingTask.getName()); @@ -308,7 +304,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create a controller service action FlowChangeAction serviceAction = new FlowChangeAction(); serviceAction.setUserIdentity(user.getIdentity()); - serviceAction.setUserName(user.getUserName()); serviceAction.setTimestamp(new Date()); serviceAction.setSourceId(controllerService.getIdentifier()); serviceAction.setSourceName(controllerService.getName()); @@ -388,7 +383,6 @@ public class ControllerServiceAuditor extends NiFiAuditor { // create the controller service action for adding this controller service action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(controllerService.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/FunnelAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/FunnelAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/FunnelAuditor.java index 7230f9c..4f96772 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/FunnelAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/FunnelAuditor.java @@ -16,24 +16,23 @@ */ package org.apache.nifi.audit; -import java.util.Date; - import org.apache.nifi.action.Action; import org.apache.nifi.action.Component; import org.apache.nifi.action.FlowChangeAction; import org.apache.nifi.action.Operation; import org.apache.nifi.action.details.ActionDetails; +import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.connectable.Funnel; -import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.web.dao.FunnelDAO; - import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Around; import org.aspectj.lang.annotation.Aspect; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.Date; + @Aspect public class FunnelAuditor extends NiFiAuditor { @@ -121,7 +120,6 @@ public class FunnelAuditor extends NiFiAuditor { // create the action for adding this funnel action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(funnel.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/PortAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/PortAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/PortAuditor.java index 3e5b0b5..93ac1f7 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/PortAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/PortAuditor.java @@ -204,7 +204,6 @@ public class PortAuditor extends NiFiAuditor { // create the port action for updating the name FlowChangeAction portAction = new FlowChangeAction(); portAction.setUserIdentity(user.getIdentity()); - portAction.setUserName(user.getUserName()); portAction.setOperation(Operation.Configure); portAction.setTimestamp(timestamp); portAction.setSourceId(updatedPort.getIdentifier()); @@ -224,7 +223,6 @@ public class PortAuditor extends NiFiAuditor { // create a processor action FlowChangeAction processorAction = new FlowChangeAction(); processorAction.setUserIdentity(user.getIdentity()); - processorAction.setUserName(user.getUserName()); processorAction.setTimestamp(new Date()); processorAction.setSourceId(updatedPort.getIdentifier()); processorAction.setSourceName(updatedPort.getName()); @@ -321,7 +319,6 @@ public class PortAuditor extends NiFiAuditor { // create the port action for adding this processor action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(port.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessGroupAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessGroupAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessGroupAuditor.java index a4277c6..391f9e2 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessGroupAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessGroupAuditor.java @@ -143,7 +143,6 @@ public class ProcessGroupAuditor extends NiFiAuditor { // create the port action for updating the name FlowChangeAction processGroupAction = new FlowChangeAction(); processGroupAction.setUserIdentity(user.getIdentity()); - processGroupAction.setUserName(user.getUserName()); processGroupAction.setOperation(operation); processGroupAction.setTimestamp(timestamp); processGroupAction.setSourceId(updatedProcessGroup.getIdentifier()); @@ -188,7 +187,6 @@ public class ProcessGroupAuditor extends NiFiAuditor { // if the user was starting/stopping this process group FlowChangeAction action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setSourceId(processGroup.getIdentifier()); action.setSourceName(processGroup.getName()); action.setSourceType(Component.ProcessGroup); @@ -264,7 +262,6 @@ public class ProcessGroupAuditor extends NiFiAuditor { // create the process group action for adding this process group action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(processGroup.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessorAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessorAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessorAuditor.java index 8da70f0..32aab33 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessorAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ProcessorAuditor.java @@ -16,17 +16,7 @@ */ package org.apache.nifi.audit; -import java.text.Collator; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Locale; -import java.util.Map; -import java.util.Set; - +import org.apache.commons.lang3.StringUtils; import org.apache.nifi.action.Action; import org.apache.nifi.action.Component; import org.apache.nifi.action.FlowChangeAction; @@ -34,22 +24,32 @@ import org.apache.nifi.action.Operation; import org.apache.nifi.action.component.details.FlowChangeExtensionDetails; import org.apache.nifi.action.details.ActionDetails; import org.apache.nifi.action.details.FlowChangeConfigureDetails; +import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.components.PropertyDescriptor; import org.apache.nifi.controller.ProcessorNode; import org.apache.nifi.controller.ScheduledState; import org.apache.nifi.processor.Relationship; -import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.web.api.dto.ProcessorConfigDTO; import org.apache.nifi.web.api.dto.ProcessorDTO; import org.apache.nifi.web.dao.ProcessorDAO; -import org.apache.commons.lang3.StringUtils; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Around; import org.aspectj.lang.annotation.Aspect; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.text.Collator; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Locale; +import java.util.Map; +import java.util.Set; + /** * Audits processor creation/removal and configuration changes. */ @@ -177,7 +177,6 @@ public class ProcessorAuditor extends NiFiAuditor { // create a configuration action FlowChangeAction configurationAction = new FlowChangeAction(); configurationAction.setUserIdentity(user.getIdentity()); - configurationAction.setUserName(user.getUserName()); configurationAction.setOperation(operation); configurationAction.setTimestamp(actionTimestamp); configurationAction.setSourceId(processor.getIdentifier()); @@ -197,7 +196,6 @@ public class ProcessorAuditor extends NiFiAuditor { // create a processor action FlowChangeAction processorAction = new FlowChangeAction(); processorAction.setUserIdentity(user.getIdentity()); - processorAction.setUserName(user.getUserName()); processorAction.setTimestamp(new Date()); processorAction.setSourceId(processor.getIdentifier()); processorAction.setSourceName(processor.getName()); @@ -293,7 +291,6 @@ public class ProcessorAuditor extends NiFiAuditor { // create the processor action for adding this processor action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(processor.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RelationshipAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RelationshipAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RelationshipAuditor.java index 1780790..2560b24 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RelationshipAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RelationshipAuditor.java @@ -16,14 +16,7 @@ */ package org.apache.nifi.audit; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; - +import org.apache.commons.lang3.StringUtils; import org.apache.nifi.action.Action; import org.apache.nifi.action.Component; import org.apache.nifi.action.FlowChangeAction; @@ -32,28 +25,34 @@ import org.apache.nifi.action.details.ActionDetails; import org.apache.nifi.action.details.ConnectDetails; import org.apache.nifi.action.details.FlowChangeConfigureDetails; import org.apache.nifi.action.details.FlowChangeConnectDetails; +import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.connectable.Connectable; import org.apache.nifi.connectable.Connection; import org.apache.nifi.connectable.Funnel; import org.apache.nifi.connectable.Port; import org.apache.nifi.controller.ProcessorNode; -import org.apache.nifi.groups.ProcessGroup; import org.apache.nifi.flowfile.FlowFilePrioritizer; +import org.apache.nifi.groups.ProcessGroup; import org.apache.nifi.processor.Relationship; import org.apache.nifi.remote.RemoteGroupPort; import org.apache.nifi.remote.TransferDirection; -import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.web.api.dto.ConnectionDTO; import org.apache.nifi.web.dao.ConnectionDAO; - -import org.apache.commons.lang3.StringUtils; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Around; import org.aspectj.lang.annotation.Aspect; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; + /** * Audits relationship creation/removal. */ @@ -188,7 +187,6 @@ public class RelationshipAuditor extends NiFiAuditor { // create a configuration action FlowChangeAction configurationAction = new FlowChangeAction(); configurationAction.setUserIdentity(user.getIdentity()); - configurationAction.setUserName(user.getUserName()); configurationAction.setOperation(Operation.Configure); configurationAction.setTimestamp(actionTimestamp); configurationAction.setSourceId(connection.getIdentifier()); @@ -352,7 +350,6 @@ public class RelationshipAuditor extends NiFiAuditor { // create a new relationship action action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(actionTimestamp); action.setSourceId(connectionId); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RemoteProcessGroupAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RemoteProcessGroupAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RemoteProcessGroupAuditor.java index e19bf29..d9a5df6 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RemoteProcessGroupAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/RemoteProcessGroupAuditor.java @@ -247,7 +247,6 @@ public class RemoteProcessGroupAuditor extends NiFiAuditor { // create the port action for updating the name FlowChangeAction remoteProcessGroupAction = new FlowChangeAction(); remoteProcessGroupAction.setUserIdentity(user.getIdentity()); - remoteProcessGroupAction.setUserName(user.getUserName()); remoteProcessGroupAction.setOperation(Operation.Configure); remoteProcessGroupAction.setTimestamp(timestamp); remoteProcessGroupAction.setSourceId(updatedRemoteProcessGroup.getIdentifier()); @@ -268,7 +267,6 @@ public class RemoteProcessGroupAuditor extends NiFiAuditor { // create a processor action FlowChangeAction remoteProcessGroupAction = new FlowChangeAction(); remoteProcessGroupAction.setUserIdentity(user.getIdentity()); - remoteProcessGroupAction.setUserName(user.getUserName()); remoteProcessGroupAction.setTimestamp(new Date()); remoteProcessGroupAction.setSourceId(updatedRemoteProcessGroup.getIdentifier()); remoteProcessGroupAction.setSourceName(updatedRemoteProcessGroup.getName()); @@ -356,7 +354,6 @@ public class RemoteProcessGroupAuditor extends NiFiAuditor { // create the remote process group action action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(remoteProcessGroup.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ReportingTaskAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ReportingTaskAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ReportingTaskAuditor.java index 0dc8ee3..e198d5e 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ReportingTaskAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/ReportingTaskAuditor.java @@ -16,13 +16,6 @@ */ package org.apache.nifi.audit; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; -import java.util.Set; - import org.apache.nifi.action.Action; import org.apache.nifi.action.Component; import org.apache.nifi.action.FlowChangeAction; @@ -30,11 +23,11 @@ import org.apache.nifi.action.Operation; import org.apache.nifi.action.component.details.FlowChangeExtensionDetails; import org.apache.nifi.action.details.ActionDetails; import org.apache.nifi.action.details.FlowChangeConfigureDetails; +import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.components.PropertyDescriptor; import org.apache.nifi.controller.ReportingTaskNode; import org.apache.nifi.controller.ScheduledState; -import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.web.api.dto.ReportingTaskDTO; import org.apache.nifi.web.dao.ReportingTaskDAO; import org.aspectj.lang.ProceedingJoinPoint; @@ -43,6 +36,13 @@ import org.aspectj.lang.annotation.Aspect; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + /** * Audits reporting creation/removal and configuration changes. */ @@ -161,7 +161,6 @@ public class ReportingTaskAuditor extends NiFiAuditor { // create a configuration action FlowChangeAction configurationAction = new FlowChangeAction(); configurationAction.setUserIdentity(user.getIdentity()); - configurationAction.setUserName(user.getUserName()); configurationAction.setOperation(operation); configurationAction.setTimestamp(actionTimestamp); configurationAction.setSourceId(reportingTask.getIdentifier()); @@ -181,7 +180,6 @@ public class ReportingTaskAuditor extends NiFiAuditor { // create a reporting task action FlowChangeAction taskAction = new FlowChangeAction(); taskAction.setUserIdentity(user.getIdentity()); - taskAction.setUserName(user.getUserName()); taskAction.setTimestamp(new Date()); taskAction.setSourceId(reportingTask.getIdentifier()); taskAction.setSourceName(reportingTask.getName()); @@ -277,7 +275,6 @@ public class ReportingTaskAuditor extends NiFiAuditor { // create the reporting task action for adding this reporting task action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(new Date()); action.setSourceId(reportingTask.getIdentifier()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/SnippetAuditor.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/SnippetAuditor.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/SnippetAuditor.java index 27b76b1..ce7313e 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/SnippetAuditor.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/audit/SnippetAuditor.java @@ -232,7 +232,6 @@ public class SnippetAuditor extends NiFiAuditor { // create the action for adding this funnel action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); - action.setUserName(user.getUserName()); action.setOperation(operation); action.setTimestamp(timestamp); action.setSourceId(id); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/AuthorizableLookup.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/AuthorizableLookup.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/AuthorizableLookup.java index f5421e5..01f06c2 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/AuthorizableLookup.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/AuthorizableLookup.java @@ -38,6 +38,20 @@ public interface AuthorizableLookup { Authorizable getProcessor(String id); /** + * Get the authorizable for querying Provenance. + * + * @return authorizable + */ + Authorizable getProvenance(); + + /** + * Get the authorizable for viewing/reseting Counters. + * + * @return authorizable + */ + Authorizable getCounters(); + + /** * Get the authorizable InputPort. * * @param id input port id http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java index 40361ef..dd1f7e0 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java @@ -73,6 +73,7 @@ import org.apache.nifi.web.api.entity.ConnectionEntity; import org.apache.nifi.web.api.entity.ControllerConfigurationEntity; import org.apache.nifi.web.api.entity.ControllerServiceEntity; import org.apache.nifi.web.api.entity.ControllerServiceReferencingComponentsEntity; +import org.apache.nifi.web.api.entity.CurrentUserEntity; import org.apache.nifi.web.api.entity.FlowConfigurationEntity; import org.apache.nifi.web.api.entity.FlowEntity; import org.apache.nifi.web.api.entity.FunnelEntity; @@ -86,6 +87,7 @@ import org.apache.nifi.web.api.entity.RemoteProcessGroupPortEntity; import org.apache.nifi.web.api.entity.ReportingTaskEntity; import org.apache.nifi.web.api.entity.ScheduleComponentsEntity; import org.apache.nifi.web.api.entity.SnippetEntity; +import org.apache.nifi.web.api.entity.TemplateEntity; import org.apache.nifi.web.api.entity.UserEntity; import org.apache.nifi.web.api.entity.UserGroupEntity; @@ -440,7 +442,7 @@ public interface NiFiServiceFacade { * * @return templates */ - Set<TemplateDTO> getTemplates(); + Set<TemplateEntity> getTemplates(); /** * Deletes the specified template. @@ -832,9 +834,16 @@ public interface NiFiServiceFacade { */ PortEntity deleteOutputPort(Revision revision, String outputPortId); + // ------------ + // Current user + // ------------ + + CurrentUserEntity getCurrentUser(); + // ---------------------------------------- // Flow methods // ---------------------------------------- + /** * Returns the flow. * http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java index e9117a9..5a9de3e 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java @@ -20,7 +20,6 @@ import org.apache.nifi.util.NiFiProperties; import org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter; import org.apache.nifi.web.security.jwt.JwtAuthenticationFilter; import org.apache.nifi.web.security.jwt.JwtAuthenticationProvider; -import org.apache.nifi.web.security.node.NodeAuthorizedUserFilter; import org.apache.nifi.web.security.otp.OtpAuthenticationFilter; import org.apache.nifi.web.security.otp.OtpAuthenticationProvider; import org.apache.nifi.web.security.x509.X509AuthenticationFilter; @@ -54,8 +53,6 @@ public class NiFiWebApiSecurityConfiguration extends WebSecurityConfigurerAdapte private NiFiProperties properties; - private NodeAuthorizedUserFilter nodeAuthorizedUserFilter; - private X509AuthenticationFilter x509AuthenticationFilter; private X509CertificateExtractor certificateExtractor; private X509PrincipalExtractor principalExtractor; @@ -94,9 +91,6 @@ public class NiFiWebApiSecurityConfiguration extends WebSecurityConfigurerAdapte .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS); - // cluster authorized user - http.addFilterBefore(nodeAuthorizedUserFilterBean(), AnonymousAuthenticationFilter.class); - // x509 http.addFilterBefore(x509FilterBean(), AnonymousAuthenticationFilter.class); @@ -126,17 +120,6 @@ public class NiFiWebApiSecurityConfiguration extends WebSecurityConfigurerAdapte } @Bean - public NodeAuthorizedUserFilter nodeAuthorizedUserFilterBean() throws Exception { - if (nodeAuthorizedUserFilter == null) { - nodeAuthorizedUserFilter = new NodeAuthorizedUserFilter(); - nodeAuthorizedUserFilter.setProperties(properties); - nodeAuthorizedUserFilter.setCertificateExtractor(certificateExtractor); - nodeAuthorizedUserFilter.setCertificateIdentityProvider(certificateIdentityProvider); - } - return nodeAuthorizedUserFilter; - } - - @Bean public JwtAuthenticationFilter jwtFilterBean() throws Exception { if (jwtAuthenticationFilter == null) { jwtAuthenticationFilter = new JwtAuthenticationFilter(); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardAuthorizableLookup.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardAuthorizableLookup.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardAuthorizableLookup.java index 13a5c20..4139888 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardAuthorizableLookup.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardAuthorizableLookup.java @@ -16,9 +16,11 @@ */ package org.apache.nifi.web; +import org.apache.nifi.authorization.Resource; import org.apache.nifi.authorization.resource.AccessPoliciesAuthorizable; import org.apache.nifi.authorization.resource.AccessPolicyAuthorizable; import org.apache.nifi.authorization.resource.Authorizable; +import org.apache.nifi.authorization.resource.ResourceFactory; import org.apache.nifi.authorization.resource.TenantAuthorizable; import org.apache.nifi.controller.ConfiguredComponent; import org.apache.nifi.controller.Snippet; @@ -46,6 +48,30 @@ class StandardAuthorizableLookup implements AuthorizableLookup { private static final TenantAuthorizable TENANT_AUTHORIZABLE = new TenantAuthorizable(); private static final Authorizable ACCESS_POLICIES_AUTHORIZABLE = new AccessPoliciesAuthorizable(); + private static final Authorizable PROVENANCE_AUTHORIZABLE = new Authorizable() { + @Override + public Authorizable getParentAuthorizable() { + return null; + } + + @Override + public Resource getResource() { + return ResourceFactory.getProvenanceResource(); + } + }; + + private static final Authorizable COUNTERS_AUTHORIZABLE = new Authorizable() { + @Override + public Authorizable getParentAuthorizable() { + return null; + } + + @Override + public Resource getResource() { + return ResourceFactory.getCountersResource(); + } + }; + // nifi core components private ControllerFacade controllerFacade; @@ -127,6 +153,16 @@ class StandardAuthorizableLookup implements AuthorizableLookup { } @Override + public Authorizable getProvenance() { + return PROVENANCE_AUTHORIZABLE; + } + + @Override + public Authorizable getCounters() { + return COUNTERS_AUTHORIZABLE; + } + + @Override public Authorizable getControllerServiceReferencingComponent(String controllerSeriveId, String id) { final ControllerServiceNode controllerService = controllerServiceDAO.getControllerService(controllerSeriveId); final ControllerServiceReference referencingComponents = controllerService.getReferences(); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiContentAccess.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiContentAccess.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiContentAccess.java index 1691217..8a6b438 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiContentAccess.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiContentAccess.java @@ -16,22 +16,11 @@ */ package org.apache.nifi.web; -import java.io.Serializable; -import java.net.URI; -import java.net.URISyntaxException; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; -import java.util.Set; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.ws.rs.HttpMethod; -import javax.ws.rs.core.MultivaluedMap; - +import com.sun.jersey.api.client.ClientResponse; +import com.sun.jersey.api.client.ClientResponse.Status; +import com.sun.jersey.core.util.MultivaluedMapImpl; import org.apache.commons.lang3.StringUtils; import org.apache.nifi.authorization.AccessDeniedException; -import org.apache.nifi.authorization.user.NiFiUserDetails; import org.apache.nifi.cluster.coordination.ClusterCoordinator; import org.apache.nifi.cluster.coordination.http.replication.RequestReplicator; import org.apache.nifi.cluster.manager.NodeResponse; @@ -39,13 +28,17 @@ import org.apache.nifi.cluster.manager.exception.IllegalClusterStateException; import org.apache.nifi.cluster.protocol.NodeIdentifier; import org.apache.nifi.controller.repository.claim.ContentDirection; import org.apache.nifi.util.NiFiProperties; -import org.apache.nifi.web.util.WebUtils; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.core.util.MultivaluedMapImpl; +import javax.ws.rs.HttpMethod; +import javax.ws.rs.core.MultivaluedMap; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** * @@ -87,19 +80,6 @@ public class StandardNiFiContentAccess implements ContentAccess { headers.put("X-ProxiedEntitiesChain", request.getProxiedEntitiesChain()); } - // add the user's authorities (if any) to the headers - final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication != null) { - final Object userDetailsObj = authentication.getPrincipal(); - if (userDetailsObj instanceof NiFiUserDetails) { - // serialize user details object - final String hexEncodedUserDetails = WebUtils.serializeObjectToHex((Serializable) userDetailsObj); - - // put serialized user details in header - headers.put("X-ProxiedEntityUserDetails", hexEncodedUserDetails); - } - } - // ensure we were able to detect the cluster node id if (request.getClusterNodeId() == null) { throw new IllegalArgumentException("Unable to determine the which node has the content."); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java index 180b6bc..da253ca 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java @@ -143,6 +143,7 @@ import org.apache.nifi.web.api.entity.ControllerConfigurationEntity; import org.apache.nifi.web.api.entity.ControllerServiceEntity; import org.apache.nifi.web.api.entity.ControllerServiceReferencingComponentEntity; import org.apache.nifi.web.api.entity.ControllerServiceReferencingComponentsEntity; +import org.apache.nifi.web.api.entity.CurrentUserEntity; import org.apache.nifi.web.api.entity.FlowConfigurationEntity; import org.apache.nifi.web.api.entity.FlowEntity; import org.apache.nifi.web.api.entity.FunnelEntity; @@ -156,6 +157,7 @@ import org.apache.nifi.web.api.entity.RemoteProcessGroupPortEntity; import org.apache.nifi.web.api.entity.ReportingTaskEntity; import org.apache.nifi.web.api.entity.ScheduleComponentsEntity; import org.apache.nifi.web.api.entity.SnippetEntity; +import org.apache.nifi.web.api.entity.TemplateEntity; import org.apache.nifi.web.api.entity.TenantEntity; import org.apache.nifi.web.api.entity.UserEntity; import org.apache.nifi.web.api.entity.UserGroupEntity; @@ -639,7 +641,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { final D dto = dtoCreation.apply(component); final Revision updatedRevision = revisionManager.getRevision(revision.getComponentId()).incrementRevision(revision.getClientId()); - final FlowModification lastModification = new FlowModification(updatedRevision, user.getUserName()); + final FlowModification lastModification = new FlowModification(updatedRevision, user.getIdentity()); return new StandardRevisionUpdate<>(dto, lastModification); } }); @@ -1243,7 +1245,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { controllerFacade.save(); final D dto = dtoCreation.apply(component); - final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getUserName()); + final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getIdentity()); return new StandardRevisionUpdate<D>(dto, lastMod); }); } finally { @@ -1271,7 +1273,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { public AccessPolicyEntity createAccessPolicy(final Revision revision, final AccessPolicyDTO accessPolicyDTO) { // TODO read lock on users and groups (and resource+action?) while the policy is being created? final Authorizable tenantAuthorizable = authorizableLookup.getTenantAuthorizable(); - final String creator = NiFiUserUtils.getNiFiUserName(); + final String creator = NiFiUserUtils.getNiFiUserIdentity(); final AccessPolicy newAccessPolicy = accessPolicyDAO.createAccessPolicy(accessPolicyDTO); final AccessPolicyDTO newAccessPolicyDto = dtoFactory.createAccessPolicyDto(newAccessPolicy, newAccessPolicy.getGroups().stream().map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet()), @@ -1288,7 +1290,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { @Override public UserEntity createUser(final Revision revision, final UserDTO userDTO) { final Authorizable tenantAuthorizable = authorizableLookup.getTenantAuthorizable(); - final String creator = NiFiUserUtils.getNiFiUserName(); + final String creator = NiFiUserUtils.getNiFiUserIdentity(); final User newUser = userDAO.createUser(userDTO); final UserDTO newUserDto = dtoFactory.createUserDto(newUser, newUser.getGroups().stream() .map(mapUserGroupIdToTenantEntity()).collect(Collectors.toSet())); @@ -1300,7 +1302,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { @Override public UserGroupEntity createUserGroup(final Revision revision, final UserGroupDTO userGroupDTO) { final Authorizable tenantAuthorizable = authorizableLookup.getTenantAuthorizable(); - final String creator = NiFiUserUtils.getNiFiUserName(); + final String creator = NiFiUserUtils.getNiFiUserIdentity(); final Group newUserGroup = userGroupDAO.createUserGroup(userGroupDTO); final UserGroupDTO newUserGroupDto = dtoFactory.createUserGroupDto(newUserGroup, newUserGroup.getUsers().stream() .map(userId -> { @@ -1615,7 +1617,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { controllerFacade.save(); - final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getUserName()); + final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getIdentity()); return new StandardRevisionUpdate<ControllerServiceDTO>(dto, lastMod); }); } finally { @@ -1631,7 +1633,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { controllerFacade.save(); - final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getUserName()); + final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getIdentity()); return new StandardRevisionUpdate<ControllerServiceDTO>(dto, lastMod); }); } finally { @@ -1759,7 +1761,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { private ControllerServiceReferencingComponentsEntity createControllerServiceReferencingComponentsEntity( final ControllerServiceReference reference, final Map<String, Revision> revisions, final Set<ControllerServiceNode> visited) { - final String modifier = NiFiUserUtils.getNiFiUserName(); + final String modifier = NiFiUserUtils.getNiFiUserIdentity(); final Set<ConfiguredComponent> referencingComponents = reference.getReferencingComponents(); final Set<ControllerServiceReferencingComponentEntity> componentEntities = new HashSet<>(); @@ -1827,7 +1829,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { controllerFacade.save(); final ReportingTaskDTO dto = dtoFactory.createReportingTaskDto(reportingTask); - final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getUserName()); + final FlowModification lastMod = new FlowModification(revision.incrementRevision(revision.getClientId()), user.getIdentity()); return new StandardRevisionUpdate<ReportingTaskDTO>(dto, lastMod); }); @@ -1882,7 +1884,6 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { // create a purge action to record that records are being removed final FlowChangeAction purgeAction = new FlowChangeAction(); purgeAction.setUserIdentity(user.getIdentity()); - purgeAction.setUserName(user.getUserName()); purgeAction.setOperation(Operation.Purge); purgeAction.setTimestamp(new Date()); purgeAction.setSourceId("Flow Controller"); @@ -2127,12 +2128,18 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { } @Override - public Set<TemplateDTO> getTemplates() { - final Set<TemplateDTO> templateDtos = new LinkedHashSet<>(); - for (final Template template : templateDAO.getTemplates()) { - templateDtos.add(dtoFactory.createTemplateDTO(template)); - } - return templateDtos; + public Set<TemplateEntity> getTemplates() { + return templateDAO.getTemplates().stream() + .map(template -> { + final TemplateDTO dto = dtoFactory.createTemplateDTO(template); + final AccessPolicyDTO accessPolicy = dtoFactory.createAccessPolicyDto(template); + + final TemplateEntity entity = new TemplateEntity(); + entity.setId(dto.getId()); + entity.setAccessPolicy(accessPolicy); + entity.setTemplate(dto); + return entity; + }).collect(Collectors.toSet()); } @Override @@ -2599,6 +2606,19 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { } @Override + public CurrentUserEntity getCurrentUser() { + final NiFiUser user = NiFiUserUtils.getNiFiUser(); + final CurrentUserEntity entity = new CurrentUserEntity(); + entity.setIdentity(user.getIdentity()); + entity.setAnonymous(user.isAnonymous()); + entity.setProvenancePermissions(dtoFactory.createAccessPolicyDto(authorizableLookup.getProvenance())); + entity.setCountersPermissions(dtoFactory.createAccessPolicyDto(authorizableLookup.getCounters())); + entity.setTenantsPermissions(dtoFactory.createAccessPolicyDto(authorizableLookup.getTenantAuthorizable())); + entity.setControllerPermissions(dtoFactory.createAccessPolicyDto(authorizableLookup.getController())); + return entity; + } + + @Override public ProcessGroupFlowEntity getProcessGroupFlow(final String groupId, final boolean recurse) { return revisionManager.get(groupId, rev -> { @@ -2823,7 +2843,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { historyQuery.setStartDate(historyQueryDto.getStartDate()); historyQuery.setEndDate(historyQueryDto.getEndDate()); historyQuery.setSourceId(historyQueryDto.getSourceId()); - historyQuery.setUserName(historyQueryDto.getUserName()); + historyQuery.setUserIdentity(historyQueryDto.getUserIdentity()); historyQuery.setOffset(historyQueryDto.getOffset()); historyQuery.setCount(historyQueryDto.getCount()); historyQuery.setSortColumn(historyQueryDto.getSortColumn()); @@ -2833,10 +2853,25 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { final History history = auditService.getActions(historyQuery); // only retain authorized actions - history.getActions().stream().filter(action -> authorizeAction(action)).collect(Collectors.toList()); + final HistoryDTO historyDto = dtoFactory.createHistoryDto(history); + if (history.getActions() != null) { + final List<ActionDTO> actionDtos = new ArrayList<>(); + for (final Action action : history.getActions()) { + if (authorizeAction(action)) { + actionDtos.add(dtoFactory.createActionDto(action)); + } else { + final ActionDTO actionDto = new ActionDTO(); + actionDto.setTimestamp(action.getTimestamp()); + actionDto.setId(action.getId()); + actionDto.setSourceId(action.getSourceId()); + actionDtos.add(actionDto); + } + } + historyDto.setActions(actionDtos); + } // create the response - return dtoFactory.createHistoryDto(history); + return historyDto; } @Override @@ -2869,7 +2904,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { final PreviousValueDTO dto = new PreviousValueDTO(); dto.setPreviousValue(previousValue.getPreviousValue()); dto.setTimestamp(previousValue.getTimestamp()); - dto.setUserName(previousValue.getUserName()); + dto.setUserIdentity(previousValue.getUserIdentity()); previousValueDtos.add(dto); } http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java index f263ac6..b42f839 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java @@ -34,7 +34,6 @@ import org.apache.nifi.authorization.RequestAction; import org.apache.nifi.authorization.resource.Authorizable; import org.apache.nifi.authorization.resource.ResourceFactory; import org.apache.nifi.authorization.user.NiFiUser; -import org.apache.nifi.authorization.user.NiFiUserDetails; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.cluster.coordination.ClusterCoordinator; import org.apache.nifi.cluster.coordination.http.replication.RequestReplicator; @@ -54,16 +53,12 @@ import org.apache.nifi.web.api.entity.ControllerServiceEntity; import org.apache.nifi.web.api.entity.ProcessorEntity; import org.apache.nifi.web.api.entity.ReportingTaskEntity; import org.apache.nifi.web.util.ClientResponseUtils; -import org.apache.nifi.web.util.WebUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; import javax.ws.rs.HttpMethod; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; -import java.io.Serializable; import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URISyntaxException; @@ -182,8 +177,7 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration action.setSourceName(configurationAction.getName()); action.setSourceType(componentType); action.setOperation(Operation.Configure); - action.setUserIdentity(getCurrentUserDn()); - action.setUserName(getCurrentUserName()); + action.setUserIdentity(getCurrentUserIdentity()); action.setComponentDetails(extensionDetails); action.setActionDetails(configureDetails); actions.add(action); @@ -203,20 +197,13 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration } @Override - public String getCurrentUserDn() { + public String getCurrentUserIdentity() { final NiFiUser user = NiFiUserUtils.getNiFiUser(); authorizeFlowAccess(user); return user.getIdentity(); } @Override - public String getCurrentUserName() { - final NiFiUser user = NiFiUserUtils.getNiFiUser(); - authorizeFlowAccess(user); - return user.getUserName(); - } - - @Override public ComponentDetails getComponentDetails(final NiFiWebRequestContext requestContext) throws ResourceNotFoundException, ClusterRequestException { final String id = requestContext.getId(); @@ -841,19 +828,6 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration if (StringUtils.isNotBlank(config.getProxiedEntitiesChain())) { headers.put("X-ProxiedEntitiesChain", config.getProxiedEntitiesChain()); } - - // add the user's authorities (if any) to the headers - final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication != null) { - final Object userDetailsObj = authentication.getPrincipal(); - if (userDetailsObj instanceof NiFiUserDetails) { - // serialize user details object - final String hexEncodedUserDetails = WebUtils.serializeObjectToHex((Serializable) userDetailsObj); - - // put serialized user details in header - headers.put("X-ProxiedEntityUserDetails", hexEncodedUserDetails); - } - } return headers; } http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java index b425562..e0162bc 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java @@ -16,21 +16,11 @@ */ package org.apache.nifi.web.api; -import java.net.URI; -import java.security.cert.X509Certificate; -import java.util.concurrent.TimeUnit; - -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.Consumes; -import javax.ws.rs.FormParam; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; - +import com.wordnik.swagger.annotations.Api; +import com.wordnik.swagger.annotations.ApiOperation; +import com.wordnik.swagger.annotations.ApiResponse; +import com.wordnik.swagger.annotations.ApiResponses; +import io.jsonwebtoken.JwtException; import org.apache.commons.lang3.StringUtils; import org.apache.nifi.admin.service.AdministrationException; import org.apache.nifi.authentication.AuthenticationResponse; @@ -75,12 +65,19 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor; -import com.wordnik.swagger.annotations.Api; -import com.wordnik.swagger.annotations.ApiOperation; -import com.wordnik.swagger.annotations.ApiResponse; -import com.wordnik.swagger.annotations.ApiResponses; - -import io.jsonwebtoken.JwtException; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.Consumes; +import javax.ws.rs.FormParam; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import java.net.URI; +import java.security.cert.X509Certificate; +import java.util.concurrent.TimeUnit; /** * RESTful endpoint for managing access. @@ -207,7 +204,6 @@ public class AccessResource extends ApplicationResource { // set the user identity accessStatus.setIdentity(nifiUser.getIdentity()); - accessStatus.setUsername(nifiUser.getUserName()); // attempt authorize to /flow accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name()); @@ -226,7 +222,6 @@ public class AccessResource extends ApplicationResource { // set the user identity accessStatus.setIdentity(nifiUser.getIdentity()); - accessStatus.setUsername(nifiUser.getUserName()); // attempt authorize to /flow accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name()); http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java index 262e274..120c387 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ApplicationResource.java @@ -25,7 +25,6 @@ import org.apache.nifi.authorization.Authorizer; import org.apache.nifi.authorization.RequestAction; import org.apache.nifi.authorization.resource.Authorizable; import org.apache.nifi.authorization.user.NiFiUser; -import org.apache.nifi.authorization.user.NiFiUserDetails; import org.apache.nifi.authorization.user.NiFiUserUtils; import org.apache.nifi.cluster.coordination.ClusterCoordinator; import org.apache.nifi.cluster.coordination.http.replication.RequestReplicator; @@ -41,12 +40,8 @@ import org.apache.nifi.web.api.dto.RevisionDTO; import org.apache.nifi.web.api.dto.SnippetDTO; import org.apache.nifi.web.api.entity.ComponentEntity; import org.apache.nifi.web.api.request.ClientIdParameter; -import org.apache.nifi.web.security.jwt.JwtAuthenticationFilter; -import org.apache.nifi.web.util.WebUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -58,7 +53,6 @@ import javax.ws.rs.core.Response.ResponseBuilder; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriBuilderException; import javax.ws.rs.core.UriInfo; -import java.io.Serializable; import java.net.URI; import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; @@ -80,13 +74,10 @@ public abstract class ApplicationResource { public static final String VERSION = "version"; public static final String CLIENT_ID = "clientId"; - public static final String CLUSTER_CONTEXT_HTTP_HEADER = "X-ClusterContext"; public static final String PROXY_SCHEME_HTTP_HEADER = "X-ProxyScheme"; public static final String PROXY_HOST_HTTP_HEADER = "X-ProxyHost"; public static final String PROXY_PORT_HTTP_HEADER = "X-ProxyPort"; public static final String PROXY_CONTEXT_PATH_HTTP_HEADER = "X-ProxyContextPath"; - public static final String PROXIED_ENTITIES_CHAIN_HTTP_HEADER = "X-ProxiedEntitiesChain"; - public static final String PROXIED_ENTITY_USER_DETAILS_HTTP_HEADER = "X-ProxiedEntityUserDetails"; private static final Logger logger = LoggerFactory.getLogger(ApplicationResource.class); @@ -324,24 +315,6 @@ public abstract class ApplicationResource { result.put(PROXY_SCHEME_HTTP_HEADER, httpServletRequest.getScheme()); } - if (httpServletRequest.isSecure()) { - - // add the user's authorities (if any) to the headers - final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication != null) { - final Object userDetailsObj = authentication.getPrincipal(); - if (userDetailsObj instanceof NiFiUserDetails) { - // serialize user details object - final String hexEncodedUserDetails = WebUtils.serializeObjectToHex((Serializable) userDetailsObj); - - // put serialized user details in header - result.put(PROXIED_ENTITY_USER_DETAILS_HTTP_HEADER, hexEncodedUserDetails); - - // remove the access token if present, since the user is already authenticated/authorized - result.remove(JwtAuthenticationFilter.AUTHORIZATION); - } - } - } return result; } http://git-wip-us.apache.org/repos/asf/nifi/blob/ce533033/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerResource.java index 30cff5f..31ecd4c 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerResource.java @@ -33,7 +33,6 @@ import org.apache.nifi.authorization.RequestAction; import org.apache.nifi.authorization.resource.ResourceFactory; import org.apache.nifi.authorization.user.NiFiUser; import org.apache.nifi.authorization.user.NiFiUserUtils; -import org.apache.nifi.cluster.coordination.node.NodeConnectionState; import org.apache.nifi.controller.FlowController; import org.apache.nifi.web.IllegalClusterResourceRequestException; import org.apache.nifi.web.NiFiServiceFacade; @@ -41,9 +40,7 @@ import org.apache.nifi.web.Revision; import org.apache.nifi.web.api.dto.ClusterDTO; import org.apache.nifi.web.api.dto.NodeDTO; import org.apache.nifi.web.api.dto.RevisionDTO; -import org.apache.nifi.web.api.dto.search.NodeSearchResultDTO; import org.apache.nifi.web.api.entity.ClusterEntity; -import org.apache.nifi.web.api.entity.ClusterSearchResultsEntity; import org.apache.nifi.web.api.entity.ControllerConfigurationEntity; import org.apache.nifi.web.api.entity.ControllerServiceEntity; import org.apache.nifi.web.api.entity.HistoryEntity; @@ -69,8 +66,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.net.URI; -import java.util.ArrayList; -import java.util.List; /** * RESTful endpoint for managing a Flow Controller. @@ -488,81 +483,6 @@ public class ControllerResource extends ApplicationResource { } /** - * Searches the cluster for a node with a given address. - * - * @param value Search value that will be matched against a node's address - * @return Nodes that match the specified criteria - */ - @GET - @Consumes(MediaType.WILDCARD) - @Produces(MediaType.APPLICATION_JSON) - @Path("cluster/search-results") - // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") - @ApiOperation( - value = "Searches the cluster for a node with the specified address", - response = ClusterSearchResultsEntity.class, - authorizations = { - @Authorization(value = "Read Only", type = "ROLE_MONITOR"), - @Authorization(value = "DFM", type = "ROLE_DFM"), - @Authorization(value = "Admin", type = "ROLE_ADMIN") - } - ) - @ApiResponses( - value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") - } - ) - public Response searchCluster( - @ApiParam( - value = "Node address to search for.", - required = true - ) - @QueryParam("q") @DefaultValue(StringUtils.EMPTY) String value) { - - authorizeController(RequestAction.READ); - - // ensure connected to the cluster - if (!isConnectedToCluster()) { - throw new IllegalClusterResourceRequestException("Only a node connected to a cluster can process the request."); - } - - final List<NodeSearchResultDTO> nodeMatches = new ArrayList<>(); - - // get the nodes in the cluster - final ClusterDTO cluster = serviceFacade.getCluster(); - - // check each to see if it matches the search term - for (NodeDTO node : cluster.getNodes()) { - // ensure the node is connected - if (!NodeConnectionState.CONNECTED.name().equals(node.getStatus())) { - continue; - } - - // determine the current nodes address - final String address = node.getAddress() + ":" + node.getApiPort(); - - // count the node if there is no search or it matches the address - if (StringUtils.isBlank(value) || StringUtils.containsIgnoreCase(address, value)) { - final NodeSearchResultDTO nodeMatch = new NodeSearchResultDTO(); - nodeMatch.setId(node.getNodeId()); - nodeMatch.setAddress(address); - nodeMatches.add(nodeMatch); - } - } - - // build the response - ClusterSearchResultsEntity results = new ClusterSearchResultsEntity(); - results.setNodeResults(nodeMatches); - - // generate an 200 - OK response - return noCache(Response.ok(results)).build(); - } - - /** * Gets the contents of the specified node in this NiFi cluster. * * @param id The node id.
