Thanks Matt, I get now what is the problem, in order to exhaust all my possibilities I may ask, is there a way using the API to get the root UUID from the flow.xml.gz file? Because I see the file there after running the tests.
Thanks, On Mon, Feb 26, 2018 at 3:26 PM, Daniel Hernandez < [email protected]> wrote: > Hi Matt, > > Thanks for your answer. > > Do you know if there is a way to preconfigure this value when running > Nifi's Docker image? I am making the calls from an integration test that > runs a docker container with the Nifi server. I already check and the value > under <rootGroup><id> in the flow.xml.gz file changes everytime I deploy > the container, I guess it is created at startup. Is it possible that I can > change my docker image to get a fix root group value? > > Thanks, > > Daniel > > On Mon, Feb 26, 2018 at 11:35 AM, Daniel Hernandez <daniel.hernandez@ > civitaslearning.com> wrote: > >> Hi, >> >> I am currently working on calling the Nifi REST API to get the 'root' >> process group and setting it as parent for a new process-group. >> >> However I am getting the next messages: >> >> Attempting GET request to: JerseyWebTarget { >> https://127.0.0.1:8443/nifi-api/process-groups/root } >> 2018-02-26 11:06:55.341 DEBUG ???? --- [ main] >> c.c.p.n.c.i.b.BootApiClient : >> 2018-02-26 11:06:55.341 DEBUG ???? --- [ main] >> c.c.p.n.c.i.b.BootApiClient : Received 403 response from GET >> to JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root >> } >> >> com.civitaslearning.platform.nifi.client.invoker.boot.exception.NifiForbiddenException: >> No applicable policies could be found. Contact the system administrator. >> >> This is the content of my authorizations.xml file: >> >> <?xml version="1.0" encoding="UTF-8" standalone="yes"?> >> >> <authorizations> >> >> <policies> >> >> <policy identifier="f99bccd1-a30e-3e4a-98a2-dbc708edc67f" >> resource="/flow" action="R"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="b8775bd4-704a-34c6-987b-84f2daf7a515" >> resource="/restricted-components" action="W"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="627410be-1717-35b4-a06f-e9362b89e0b7" >> resource="/tenants" action="R"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="15e4e0bd-cb28-34fd-8587-f8d15162cba5" >> resource="/tenants" action="W"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="ff96062a-fa99-36dc-9942-0f6442ae7212" >> resource="/policies" action="R"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="ad99ea98-3af6-3561-ae27-5bf09e1d969d" >> resource="/policies" action="W"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="2e1015cb-0fed-3005-8e0d-722311f21a03" >> resource="/controller" action="R"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="c6322e6c-4cc1-3bcc-91b3-2ed2111674cf" >> resource="/controller" action="W"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="d2f2019f-0161-1000-201a-94a51ee94006" >> resource="/process-groups/root" action="R"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> <policy identifier="d2f20292-0161-1000-e8d2-a8f874682f68" >> resource="/process-groups/root" action="W"> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >> >> </policy> >> >> </policies> >> >> </authorizations> >> >> And this is the content of authorizations.xml >> >> <authorizers> >> >> <accessPolicyProvider> >> >> <identifier>file-access-policy-provider</identifier> >> >> <class>org.apache.nifi.authorization.FileAccessPolicyProvide >> r</class> >> >> <property name="User Group Provider">file-user-group-prov >> ider</property> >> >> <property name="Authorizations File">./conf/authorizations.xm >> l</property> >> >> <property name="Initial Admin Identity">CN=civitas, >> OU=ApacheNifi</property> >> >> <property name="Legacy Authorized Users File"></property> >> >> >> <property name="Node Identity 1"></property> >> >> </accessPolicyProvider> >> >> <authorizer> >> >> <identifier>managed-authorizer</identifier> >> >> <class>org.apache.nifi.authorization.StandardManagedAuthoriz >> er</class> >> >> <property name="Access Policy Provider">file-access-policy-p >> rovider</property> >> >> </authorizer> >> >> </authorizers> >> >> >> And users.xml >> >> >> <?xml version="1.0" encoding="UTF-8" standalone="yes"?> >> >> <tenants> >> >> <groups/> >> >> <users> >> >> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51" >> identity="CN=civitas, OU=ApacheNifi"/> >> >> </users> >> >> </tenants> >> >> I already create a policy using the same user cert so I guess the DN is >> valid. >> Am I defining the policy or making the call in a wrong way? >> >> Thanks in advance, >> >> Daniel Hernandez >> >> >> >
