[GitHub] [nifi] sjyang18 commented on a change in pull request #4249: NIFI-7409: Azure managed identity support to Azure Datalake processors

Mon, 18 May 2020 22:49:18 -0700 


sjyang18 commented on a change in pull request #4249:
URL: https://github.com/apache/nifi/pull/4249#discussion_r427044249



##########
File path: 
nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/AbstractAzureDataLakeStorageProcessor.java
##########
@@ -134,17 +157,35 @@
 
     public static Collection<ValidationResult> 
validateCredentialProperties(final ValidationContext validationContext) {
         final List<ValidationResult> results = new ArrayList<>();
+
+        final boolean useManagedIdentity = 
validationContext.getProperty(USE_MANAGED_IDENTITY).asBoolean();
         final String accountName = 
validationContext.getProperty(ACCOUNT_NAME).getValue();
-        final String accountKey = 
validationContext.getProperty(ACCOUNT_KEY).getValue();
-        final String sasToken = 
validationContext.getProperty(SAS_TOKEN).getValue();
-
-        if (StringUtils.isNotBlank(accountName)
-                && ((StringUtils.isNotBlank(accountKey) && 
StringUtils.isNotBlank(sasToken)) || (StringUtils.isBlank(accountKey) && 
StringUtils.isBlank(sasToken)))) {
-            results.add(new ValidationResult.Builder().subject("Azure Storage 
Credentials").valid(false)
-                    .explanation("either " + ACCOUNT_NAME.getDisplayName() + " 
with " + ACCOUNT_KEY.getDisplayName() +
-                            " or " + ACCOUNT_NAME.getDisplayName() + " with " 
+ SAS_TOKEN.getDisplayName() +
-                            " must be specified, not both")
+        final boolean accountKeyIsSet  = 
validationContext.getProperty(ACCOUNT_KEY).isSet();
+        final boolean sasTokenIsSet     = 
validationContext.getProperty(SAS_TOKEN).isSet();
+
+        if(useManagedIdentity){
+            if(accountKeyIsSet || sasTokenIsSet) {
+                final String msg = String.format(
+                    "('%s') and ('%s' or '%s') fields cannot be set at the 
same time.",
+                    USE_MANAGED_IDENTITY.getDisplayName(),
+                    ACCOUNT_KEY.getDisplayName(),
+                    SAS_TOKEN.getDisplayName()
+                );
+                results.add(new 
ValidationResult.Builder().subject("Credentials 
config").valid(false).explanation(msg).build());
+            }
+        } else {
+            final String accountKey = 
validationContext.getProperty(ACCOUNT_KEY).getValue();
+            final String sasToken = 
validationContext.getProperty(SAS_TOKEN).getValue();
+            if (StringUtils.isNotBlank(accountName) && 
((StringUtils.isNotBlank(accountKey) && StringUtils.isNotBlank(sasToken))
+            || (StringUtils.isBlank(accountKey) && 
StringUtils.isBlank(sasToken)))) {
+                final String msg = String.format("either " + 
ACCOUNT_NAME.getDisplayName() + " with " + ACCOUNT_KEY.getDisplayName() +
+                    " or " + ACCOUNT_NAME.getDisplayName() + " with " + 
SAS_TOKEN.getDisplayName() +
+                    " must be specified, not both"
+                );
+                results.add(new 
ValidationResult.Builder().subject("Credentials Config").valid(false)
+                    .explanation(msg)
                     .build());
+            }

Review comment:
       changed the logic as you suggested.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to