[11/50] nifi git commit: NIFI-4769: Use FlowFile for EL at Fetch and PutAzureBlobStorage

aldrin Thu, 10 May 2018 08:50:36 -0700

NIFI-4769: Use FlowFile for EL at Fetch and PutAzureBlobStorage

This commit add back the existing capability for those Processors to use
incoming FlowFile attributes to compute account name and account key,
which had been removed by NIFI-4004.


Also, the same capability is added for SAS token.

This closes #2400.

Signed-off-by: Koji Kawamura <ijokaruma...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/nifi/repo
Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/e77e66e8
Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/e77e66e8
Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/e77e66e8

Branch: refs/heads/HDF-3.1-maint
Commit: e77e66e8eb3ab10061bd3691e754715c480634f4
Parents: 6847c9e
Author: Koji Kawamura <ijokaruma...@apache.org>
Authored: Fri Jan 12 11:03:05 2018 +0900
Committer: Matt Gilman <matt.c.gil...@gmail.com>
Committed: Tue Jan 16 15:01:01 2018 -0500

----------------------------------------------------------------------
 .../azure/storage/FetchAzureBlobStorage.java    |  2 +-
 .../azure/storage/ListAzureBlobStorage.java     |  2 +-
 .../azure/storage/PutAzureBlobStorage.java      |  2 +-
 .../azure/storage/utils/AzureStorageUtils.java  | 33 ++++++++++++++++----
 4 files changed, 30 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/nifi/blob/e77e66e8/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/FetchAzureBlobStorage.java
----------------------------------------------------------------------
diff --git 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/FetchAzureBlobStorage.java
 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/FetchAzureBlobStorage.java
index d960f7d..89d22f3 100644
--- 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/FetchAzureBlobStorage.java
+++ 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/FetchAzureBlobStorage.java
@@ -66,7 +66,7 @@ public class FetchAzureBlobStorage extends 
AbstractAzureBlobProcessor {
 
         AtomicReference<Exception> storedException = new AtomicReference<>();
         try {
-            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger());
+            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger(), flowFile);
             CloudBlobContainer container = 
blobClient.getContainerReference(containerName);
 
             final Map<String, String> attributes = new HashMap<>();

http://git-wip-us.apache.org/repos/asf/nifi/blob/e77e66e8/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/ListAzureBlobStorage.java
----------------------------------------------------------------------
diff --git 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/ListAzureBlobStorage.java
 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/ListAzureBlobStorage.java
index 41f347c..2cb6316 100644
--- 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/ListAzureBlobStorage.java
+++ 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/ListAzureBlobStorage.java
@@ -151,7 +151,7 @@ public class ListAzureBlobStorage extends 
AbstractListProcessor<BlobInfo> {
         }
         final List<BlobInfo> listing = new ArrayList<>();
         try {
-            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger());
+            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger(), null);
             CloudBlobContainer container = 
blobClient.getContainerReference(containerName);
 
             for (ListBlobItem blob : container.listBlobs(prefix, true, 
EnumSet.of(BlobListingDetails.METADATA), null, null)) {

http://git-wip-us.apache.org/repos/asf/nifi/blob/e77e66e8/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/PutAzureBlobStorage.java
----------------------------------------------------------------------
diff --git 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/PutAzureBlobStorage.java
 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/PutAzureBlobStorage.java
index a316256..c41733b 100644
--- 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/PutAzureBlobStorage.java
+++ 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/PutAzureBlobStorage.java
@@ -72,7 +72,7 @@ public class PutAzureBlobStorage extends 
AbstractAzureBlobProcessor {
 
         AtomicReference<Exception> storedException = new AtomicReference<>();
         try {
-            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger());
+            CloudBlobClient blobClient = 
AzureStorageUtils.createCloudBlobClient(context, getLogger(), flowFile);
             CloudBlobContainer container = 
blobClient.getContainerReference(containerName);
 
             CloudBlob blob = container.getBlockBlobReference(blobPath);

http://git-wip-us.apache.org/repos/asf/nifi/blob/e77e66e8/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java
----------------------------------------------------------------------
diff --git 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java
 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java
index 360afbf..95b6d7e 100644
--- 
a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java
+++ 
b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java
@@ -24,6 +24,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.apache.nifi.components.PropertyDescriptor;
 import org.apache.nifi.components.ValidationContext;
 import org.apache.nifi.components.ValidationResult;
+import org.apache.nifi.flowfile.FlowFile;
 import org.apache.nifi.logging.ComponentLog;
 import org.apache.nifi.processor.ProcessContext;
 import org.apache.nifi.processor.util.StandardValidators;
@@ -42,7 +43,7 @@ public final class AzureStorageUtils {
     public static final PropertyDescriptor ACCOUNT_KEY = new 
PropertyDescriptor.Builder().name("storage-account-key").displayName("Storage 
Account Key")
             .description("The storage account key. This is an admin-like 
password providing access to every container in this account. It is recommended 
" +
                     "one uses Shared Access Signature (SAS) token instead for 
fine-grained control with policies. " +
-                    "There are certain risks in allowing the account key to be 
stored as a flowfile" +
+                    "There are certain risks in allowing the account key to be 
stored as a flowfile " +
                     "attribute. While it does provide for a more flexible flow 
by allowing the account key to " +
                     "be fetched dynamically from a flow file attribute, care 
must be taken to restrict access to " +
                     "the event provenance data (e.g. by strictly controlling 
the policies governing provenance for this Processor). " +
@@ -63,7 +64,12 @@ public final class AzureStorageUtils {
     public static final PropertyDescriptor PROP_SAS_TOKEN = new 
PropertyDescriptor.Builder()
             .name("storage-sas-token")
             .displayName("SAS Token")
-            .description("Shared Access Signature token, including the leading 
'?'. Specify either SAS Token (recommended) or Account Key")
+            .description("Shared Access Signature token, including the leading 
'?'. Specify either SAS Token (recommended) or Account Key. " +
+                    "There are certain risks in allowing the SAS token to be 
stored as a flowfile " +
+                    "attribute. While it does provide for a more flexible flow 
by allowing the account name to " +
+                    "be fetched dynamically from a flowfile attribute, care 
must be taken to restrict access to " +
+                    "the event provenance data (e.g. by strictly controlling 
the policies governing provenance for this Processor). " +
+                    "In addition, the provenance repositories may be put on 
encrypted disk partitions.")
             .required(false)
             .expressionLanguageSupported(true)
             .sensitive(true)
@@ -78,10 +84,25 @@ public final class AzureStorageUtils {
         // do not instantiate
     }
 
-    public static CloudBlobClient createCloudBlobClient(ProcessContext 
context, ComponentLog logger) {
-        final String accountName = 
context.getProperty(AzureStorageUtils.ACCOUNT_NAME).evaluateAttributeExpressions().getValue();
-        final String accountKey = 
context.getProperty(AzureStorageUtils.ACCOUNT_KEY).evaluateAttributeExpressions().getValue();
-        final String sasToken = 
context.getProperty(AzureStorageUtils.PROP_SAS_TOKEN).evaluateAttributeExpressions().getValue();
+    /**
+     * Create CloudBlobClient instance.
+     * @param flowFile An incoming FlowFile can be used for NiFi Expression 
Language evaluation to derive
+     *                 Account Name, Account Key or SAS Token. This can be 
null if not available.
+     */
+    public static CloudBlobClient createCloudBlobClient(ProcessContext 
context, ComponentLog logger, FlowFile flowFile) {
+        final String accountName;
+        final String accountKey;
+        final String sasToken;
+
+        if (flowFile == null) {
+            accountName = 
context.getProperty(AzureStorageUtils.ACCOUNT_NAME).evaluateAttributeExpressions().getValue();
+            accountKey = 
context.getProperty(AzureStorageUtils.ACCOUNT_KEY).evaluateAttributeExpressions().getValue();
+            sasToken = 
context.getProperty(AzureStorageUtils.PROP_SAS_TOKEN).evaluateAttributeExpressions().getValue();
+        } else {
+            accountName = 
context.getProperty(AzureStorageUtils.ACCOUNT_NAME).evaluateAttributeExpressions(flowFile).getValue();
+            accountKey = 
context.getProperty(AzureStorageUtils.ACCOUNT_KEY).evaluateAttributeExpressions(flowFile).getValue();
+            sasToken = 
context.getProperty(AzureStorageUtils.PROP_SAS_TOKEN).evaluateAttributeExpressions(flowFile).getValue();
+        }
 
         CloudBlobClient cloudBlobClient;

[11/50] nifi git commit: NIFI-4769: Use FlowFile for EL at Fetch and PutAzureBlobStorage

Reply via email to