Repository: nifi Updated Branches: refs/heads/master e89512e74 -> 6df97bbc8
NIFI-4135 - added hadoop-client and enhanced Authorizers entity to support classpath for resources entry NIFI-4135 - classpath under class This closes #1956. Signed-off-by: Bryan Bende <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/nifi/repo Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/6df97bbc Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/6df97bbc Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/6df97bbc Branch: refs/heads/master Commit: 6df97bbc88beedff8bed516ffef6e083d3172ad8 Parents: e89512e Author: Yolanda M. Davis <[email protected]> Authored: Tue Jun 27 23:24:04 2017 -0400 Committer: Bryan Bende <[email protected]> Committed: Fri Jul 7 10:08:48 2017 -0400 ---------------------------------------------------------------------- .../nifi/authorization/AuthorizerFactory.java | 26 ++++++++++---------- .../authorization/AuthorizerFactoryBean.java | 16 +++++++++--- .../src/main/xsd/authorizers.xsd | 3 ++- .../nifi-ranger-plugin/pom.xml | 6 ++++- 4 files changed, 32 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/nifi/blob/6df97bbc/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactory.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactory.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactory.java index 660b47b..8940c78 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactory.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactory.java @@ -329,62 +329,62 @@ public final class AuthorizerFactory { * @param baseAuthorizer base authorizer * @return authorizer */ - public static Authorizer withNarLoader(final Authorizer baseAuthorizer) { + public static Authorizer withNarLoader(final Authorizer baseAuthorizer, final ClassLoader classLoader) { if (baseAuthorizer instanceof ManagedAuthorizer) { final ManagedAuthorizer baseManagedAuthorizer = (ManagedAuthorizer) baseAuthorizer; return new ManagedAuthorizer() { @Override public String getFingerprint() throws AuthorizationAccessException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { return baseManagedAuthorizer.getFingerprint(); } } @Override public void inheritFingerprint(String fingerprint) throws AuthorizationAccessException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseManagedAuthorizer.inheritFingerprint(fingerprint); } } @Override public void checkInheritability(String proposedFingerprint) throws AuthorizationAccessException, UninheritableAuthorizationsException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseManagedAuthorizer.checkInheritability(proposedFingerprint); } } @Override public AccessPolicyProvider getAccessPolicyProvider() { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { return baseManagedAuthorizer.getAccessPolicyProvider(); } } @Override public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { return baseManagedAuthorizer.authorize(request); } } @Override public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseManagedAuthorizer.initialize(initializationContext); } } @Override public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseManagedAuthorizer.onConfigured(configurationContext); } } @Override public void preDestruction() throws AuthorizerDestructionException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseManagedAuthorizer.preDestruction(); } } @@ -393,28 +393,28 @@ public final class AuthorizerFactory { return new Authorizer() { @Override public AuthorizationResult authorize(final AuthorizationRequest request) throws AuthorizationAccessException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { return baseAuthorizer.authorize(request); } } @Override public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseAuthorizer.initialize(initializationContext); } } @Override public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseAuthorizer.onConfigured(configurationContext); } } @Override public void preDestruction() throws AuthorizerDestructionException { - try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) { + try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) { baseAuthorizer.preDestruction(); } } http://git-wip-us.apache.org/repos/asf/nifi/blob/6df97bbc/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java index 9de8756..8ed5aaf 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java @@ -26,6 +26,7 @@ import org.apache.nifi.authorization.generated.Property; import org.apache.nifi.bundle.Bundle; import org.apache.nifi.nar.ExtensionManager; import org.apache.nifi.util.NiFiProperties; +import org.apache.nifi.util.file.classloader.ClassLoaderUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.DisposableBean; @@ -45,6 +46,8 @@ import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.net.URL; +import java.net.URLClassLoader; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -131,7 +134,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG // create each authorizer for (final org.apache.nifi.authorization.generated.Authorizer authorizer : authorizerConfiguration.getAuthorizer()) { - authorizers.put(authorizer.getIdentifier(), createAuthorizer(authorizer.getIdentifier(), authorizer.getClazz())); + authorizers.put(authorizer.getIdentifier(), createAuthorizer(authorizer.getIdentifier(), authorizer.getClazz(),authorizer.getClasspath())); } // configure each authorizer @@ -273,7 +276,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG return AccessPolicyProviderFactory.withNarLoader(instance); } - private Authorizer createAuthorizer(final String identifier, final String authorizerClassName) throws Exception { + private Authorizer createAuthorizer(final String identifier, final String authorizerClassName, final String classpathResources) throws Exception { // get the classloader for the specified authorizer final List<Bundle> authorizerBundles = ExtensionManager.getBundles(authorizerClassName); @@ -286,7 +289,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG } final Bundle authorizerBundle = authorizerBundles.get(0); - final ClassLoader authorizerClassLoader = authorizerBundle.getClassLoader(); + ClassLoader authorizerClassLoader = authorizerBundle.getClassLoader(); // get the current context classloader final ClassLoader currentClassLoader = Thread.currentThread().getContextClassLoader(); @@ -318,7 +321,12 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG } } - return AuthorizerFactory.installIntegrityChecks(AuthorizerFactory.withNarLoader(instance)); + if(StringUtils.isNotEmpty(classpathResources)) { + URL[] urls = ClassLoaderUtils.getURLsForClasspath(classpathResources, null, true); + authorizerClassLoader = new URLClassLoader(urls, authorizerClassLoader); + } + + return AuthorizerFactory.installIntegrityChecks(AuthorizerFactory.withNarLoader(instance,authorizerClassLoader)); } private AuthorizerConfigurationContext loadAuthorizerConfiguration(final String identifier, final List<Property> properties) { http://git-wip-us.apache.org/repos/asf/nifi/blob/6df97bbc/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/xsd/authorizers.xsd ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/xsd/authorizers.xsd b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/xsd/authorizers.xsd index 46c004a..41963fd 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/xsd/authorizers.xsd +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-authorizer/src/main/xsd/authorizers.xsd @@ -37,7 +37,8 @@ <xs:sequence> <xs:element name="identifier" type="NonEmptyStringType"/> <xs:element name="class" type="NonEmptyStringType"/> - <xs:element name="property" type="Property" minOccurs="0" maxOccurs="unbounded" /> + <xs:element name="classpath" type="NonEmptyStringType" minOccurs="0"/> + <xs:element name="property" type="Property" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> http://git-wip-us.apache.org/repos/asf/nifi/blob/6df97bbc/nifi-nar-bundles/nifi-ranger-bundle/nifi-ranger-plugin/pom.xml ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-ranger-bundle/nifi-ranger-plugin/pom.xml b/nifi-nar-bundles/nifi-ranger-bundle/nifi-ranger-plugin/pom.xml index 4844e95..cf779dc 100644 --- a/nifi-nar-bundles/nifi-ranger-bundle/nifi-ranger-plugin/pom.xml +++ b/nifi-nar-bundles/nifi-ranger-bundle/nifi-ranger-plugin/pom.xml @@ -86,7 +86,11 @@ <artifactId>findbugs-annotations</artifactId> <version>1.3.9-1</version> </dependency> - + <dependency> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-client</artifactId> + <version>${hadoop.version}</version> + </dependency> <dependency> <groupId>org.apache.nifi</groupId> <artifactId>nifi-mock</artifactId>
