markap14 commented on code in PR #10833:
URL: https://github.com/apache/nifi/pull/10833#discussion_r2759522484
##########
nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ConnectorResource.java:
##########
@@ -792,6 +797,201 @@ public Response cancelDrain(
);
}
+
+ @POST
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.APPLICATION_JSON)
+ @Path("/{id}/purge-requests")
+ @Operation(
+ summary = "Creates a request to purge the FlowFiles for this
connector",
+ responses = {
+ @ApiResponse(
+ responseCode = "202", description = "The request
has been accepted. A HTTP response header will contain the URI where the
response can be polled.",
+ content = @Content(schema = @Schema(implementation
= DropRequestEntity.class))
+ ),
+ @ApiResponse(responseCode = "400", description = "NiFi was
unable to complete the request because it was invalid. The request should not
be retried without modification."),
+ @ApiResponse(responseCode = "401", description = "Client
could not be authenticated."),
+ @ApiResponse(responseCode = "403", description = "Client
is not authorized to make this request."),
+ @ApiResponse(responseCode = "404", description = "The
specified resource could not be found."),
+ @ApiResponse(responseCode = "409", description = "The
request was valid but NiFi was not in the appropriate state to process it.")
+ },
+ description = "This will create a request to purge all FlowFiles
from the connector. The connector must be in a STOPPED state before purging can
begin. "
+ + "This is an asynchronous operation. The client should
poll the returned URI to get the status of the purge request.",
+ security = {
+ @SecurityRequirement(name = "Write - /connectors/{uuid}")
+ }
+ )
+ public Response createPurgeRequest(
+ @Parameter(
+ description = "The connector id.",
+ required = true
+ )
+ @PathParam("id") final String id) {
+
+ if (isReplicateRequest()) {
+ return replicate(HttpMethod.POST);
+ }
+
+ final ConnectorEntity requestConnectorEntity = new ConnectorEntity();
+ requestConnectorEntity.setId(id);
+
+ return withWriteLock(
+ serviceFacade,
+ requestConnectorEntity,
+ lookup -> {
+ final Authorizable connector = lookup.getConnector(id);
+ connector.authorize(authorizer, RequestAction.WRITE,
NiFiUserUtils.getNiFiUser());
+ },
+ () -> serviceFacade.verifyPurgeConnectorFlowFiles(id),
+ (connectorEntity) -> performAsyncPurge(connectorEntity, id,
NiFiUserUtils.getNiFiUser())
+ );
+ }
+
+
+ @GET
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.APPLICATION_JSON)
+ @Path("/{id}/purge-requests/{purge-request-id}")
+ @Operation(
+ summary = "Gets the current status of a purge request for the
specified connector",
+ responses = {
+ @ApiResponse(responseCode = "200", content =
@Content(schema = @Schema(implementation = DropRequestEntity.class))),
+ @ApiResponse(responseCode = "400", description = "NiFi was
unable to complete the request because it was invalid. The request should not
be retried without modification."),
+ @ApiResponse(responseCode = "401", description = "Client
could not be authenticated."),
+ @ApiResponse(responseCode = "403", description = "Client
is not authorized to make this request."),
+ @ApiResponse(responseCode = "404", description = "The
specified resource could not be found."),
+ @ApiResponse(responseCode = "409", description = "The
request was valid but NiFi was not in the appropriate state to process it.")
+ },
+ security = {
+ @SecurityRequirement(name = "Only the user that submitted
the request can get it")
+ }
+ )
+ public Response getPurgeRequest(
+ @Parameter(
+ description = "The connector id.",
+ required = true
+ )
+ @PathParam("id") final String connectorId,
+ @Parameter(
+ description = "The purge request id.",
+ required = true
+ )
+ @PathParam("purge-request-id") final String purgeRequestId) {
+
+ if (isReplicateRequest()) {
+ return replicate(HttpMethod.GET);
+ }
+
+ final NiFiUser user = NiFiUserUtils.getNiFiUser();
+
+ final AsynchronousWebRequest<ConnectorEntity, Void> asyncRequest =
purgeRequestManager.getRequest(PURGE_REQUEST_TYPE, purgeRequestId, user);
+ final DropRequestEntity purgeRequestEntity =
createPurgeRequestEntity(asyncRequest, connectorId, purgeRequestId);
+ return generateOkResponse(purgeRequestEntity).build();
+ }
+
+
+ @DELETE
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.APPLICATION_JSON)
+ @Path("/{id}/purge-requests/{purge-request-id}")
+ @Operation(
+ summary = "Cancels and/or removes a request to purge the FlowFiles
for this connector",
+ responses = {
+ @ApiResponse(responseCode = "200", content =
@Content(schema = @Schema(implementation = DropRequestEntity.class))),
+ @ApiResponse(responseCode = "400", description = "NiFi was
unable to complete the request because it was invalid. The request should not
be retried without modification."),
+ @ApiResponse(responseCode = "401", description = "Client
could not be authenticated."),
+ @ApiResponse(responseCode = "403", description = "Client
is not authorized to make this request."),
+ @ApiResponse(responseCode = "404", description = "The
specified resource could not be found."),
+ @ApiResponse(responseCode = "409", description = "The
request was valid but NiFi was not in the appropriate state to process it.")
+ },
+ security = {
+ @SecurityRequirement(name = "Only the user that submitted
the request can remove it")
+ }
+ )
+ public Response removePurgeRequest(
+ @Parameter(
+ description = "The connector id.",
+ required = true
+ )
+ @PathParam("id") final String connectorId,
+ @Parameter(
+ description = "The purge request id.",
+ required = true
+ )
+ @PathParam("purge-request-id") final String purgeRequestId) {
+
+ if (isReplicateRequest()) {
+ return replicate(HttpMethod.DELETE);
+ }
+
+ final NiFiUser user = NiFiUserUtils.getNiFiUser();
Review Comment:
Looking at what we do in the FlowFileQueueResource, it looks like we do
authorize here. But I don't know that we really need to, because we do throw an
Exception in `requestManager.removeRequest` if the user is not the one who
created the request. I suppose there's a chance that the user loses permissions
to the Connector between the time that they submitted the request and the time
they attempt to delete it. Then should they be able to READ/DELETE it? I guess
since we do check that elsewhere it is worth updating just for consistency
purposes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
