NIFI-2768: - Ensuring we correctly enforce authorization when the destination of a connection changes. This includes source, destination, and parent process group. - Ensuring the UI reseting accordingly when a request fails.
This closes #1014. Signed-off-by: Bryan Bende <bbe...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/nifi/repo Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/cdfed075 Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/cdfed075 Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/cdfed075 Branch: refs/heads/support/nifi-1.0.x Commit: cdfed075a1563695a15d088a3ce5a10a3f73f99f Parents: af1732a Author: Matt Gilman <matt.c.gil...@gmail.com> Authored: Tue Sep 13 11:22:03 2016 -0400 Committer: jpercivall <jperciv...@apache.org> Committed: Thu Dec 15 10:21:03 2016 -0500 ---------------------------------------------------------------------- .../src/main/java/org/apache/nifi/web/api/ConnectionResource.java | 2 +- .../nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/nifi/blob/cdfed075/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectionResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectionResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectionResource.java index 11abf86..fb25211 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectionResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectionResource.java @@ -223,7 +223,7 @@ public class ConnectionResource extends ApplicationResource { // if a destination has been specified and is different final Connectable currentDestination = connAuth.getDestination(); - if (requestConnection.getDestination() != null && currentDestination.getIdentifier().equals(requestConnection.getDestination().getId())) { + if (requestConnection.getDestination() != null && !currentDestination.getIdentifier().equals(requestConnection.getDestination().getId())) { // verify access of the new destination (current destination was already authorized as part of the connection check) final Authorizable newDestinationAuthorizable = lookup.getConnectable(requestConnection.getDestination().getId()); newDestinationAuthorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); http://git-wip-us.apache.org/repos/asf/nifi/blob/cdfed075/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js index 01d411a..dcc54f1 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/canvas/nf-connection.js @@ -1386,7 +1386,7 @@ nf.Connection = (function () { nf.CanvasUtils.reloadConnectionSourceAndDestination(null, previousDestinationId); nf.CanvasUtils.reloadConnectionSourceAndDestination(response.sourceId, response.destinationId); }).fail(function (xhr, status, error) { - if (xhr.status === 400 || xhr.status === 404 || xhr.status === 409) { + if (xhr.status === 400 || xhr.status === 401 || xhr.status === 403 || xhr.status === 404 || xhr.status === 409) { nf.Dialog.showOkDialog({ headerText: 'Connection', dialogContent: nf.Common.escapeHtml(xhr.responseText)
