+ "use which keytabs and principals. This provides a more robust security model for multi-tenant use cases.") @Tags({"Kerberos", "Keytab", "Principal", "Credentials", "Authentication", "Security"}) @Restricted(restrictions = { @Restriction(requiredPermission = RequiredPermission.ACCESS_KEYTAB, explanation = "Allows user to define a Keytab and principal that can then be used by other components.") })
@Override protected void writeRestrictedInfo(final Restricted restricted) throws IOException { writeStartElement("restricted"); if (restricted != null) { writeTextElement("generalRestrictionExplanation", restricted.value()); final Restriction[] restrictions = restricted.restrictions(); if (restrictions != null) { writeArray("restrictions", Arrays.asList(restrictions), this::writeRestriction); } } writeEndElement(); }
public static Set<Authorizable> getRestrictedComponentsAuthorizable(final Class<?> configurableComponentClass) { final Set<Authorizable> authorizables = new HashSet<>(); final Restricted restricted = configurableComponentClass.getAnnotation(Restricted.class); if (restricted != null) { final Restriction[] restrictions = restricted.restrictions(); if (restrictions != null && restrictions.length > 0) { Arrays.stream(restrictions).forEach(restriction -> authorizables.add(getRestrictedComponentsAuthorizable(restriction.requiredPermission()))); } else { authorizables.add(getRestrictedComponentsAuthorizable()); } } return authorizables; }
private Set<ExplicitRestrictionDTO> getExplicitRestrictions(final Class<?> cls) { final Restricted restricted = cls.getAnnotation(Restricted.class); if (restricted == null) { return null; } final Restriction[] restrictions = restricted.restrictions(); if (restrictions == null || restrictions.length == 0) { return null; } return Arrays.stream(restrictions).map(restriction -> { final RequiredPermissionDTO requiredPermission = new RequiredPermissionDTO(); requiredPermission.setId(restriction.requiredPermission().getPermissionIdentifier()); requiredPermission.setLabel(restriction.requiredPermission().getPermissionLabel()); final ExplicitRestrictionDTO usageRestriction = new ExplicitRestrictionDTO(); usageRestriction.setRequiredPermission(requiredPermission); usageRestriction.setExplanation(restriction.explanation()); return usageRestriction; }).collect(Collectors.toSet()); }
@Restricted( restrictions = { @Restriction(
final String value = restricted.value(); xmlStreamWriter.writeCharacters(restricted.value()); final Restriction[] restrictions = restricted.restrictions(); if (restrictions != null && restrictions.length > 0) { xmlStreamWriter.writeStartElement("table");
@Restricted( restrictions = { @Restriction(
@Restricted( restrictions = { @Restriction(
+ "10 bulletins at controller level for a duration of up to 5 minutes. If this reporting task is not scheduled frequently enough some bulletins " + "may not be sent.") @Restricted( restrictions = { @Restriction(
description = "Updates a script engine property specified by the Dynamic Property's key with the value " + "specified by the Dynamic Property's value") @Restricted( restrictions = { @Restriction(
@InputRequirement(Requirement.INPUT_REQUIRED) @CapabilityDescription("Execute a Flume sink. Each input FlowFile is converted into a Flume Event for processing by the sink.") @Restricted( restrictions = { @Restriction(
@Tags({"provenance", "lineage", "tracking", "site", "site to site"}) @CapabilityDescription("Publishes Provenance events using the Site To Site protocol.") @Stateful(scopes = Scope.LOCAL, description = "Stores the Reporting Task's last event Id so that on restart the task knows where it left off.") @Restricted( restrictions = { @Restriction(
@InputRequirement(Requirement.INPUT_FORBIDDEN) @CapabilityDescription("Execute a Flume source. Each Flume Event is sent to the success relationship as a FlowFile") @Restricted( restrictions = { @Restriction(
@SupportsBatching @InputRequirement(InputRequirement.Requirement.INPUT_REQUIRED) @Tags({"parquet", "hadoop", "HDFS", "get", "ingest", "fetch", "source", "record"}) @CapabilityDescription("Reads from a given Parquet file and writes records to the content of the flow file using " + "the selected record writer. The original Parquet file will remain unchanged, and the content of the flow file " + "will be replaced with records of the selected type. This processor can be used with ListHDFS or ListFile to obtain " + "a listing of files to fetch.") @WritesAttributes({ @WritesAttribute(attribute="fetch.failure.reason", description="When a FlowFile is routed to 'failure', this attribute is added " + "indicating why the file could not be fetched from the given filesystem."), @WritesAttribute(attribute = "record.count", description = "The number of records in the resulting flow file") }) @SeeAlso({PutParquet.class}) @Restricted(restrictions = { @Restriction( requiredPermission = RequiredPermission.READ_FILESYSTEM, explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.") }) public class FetchParquet extends AbstractFetchHDFSRecord { @Override public HDFSRecordReader createHDFSRecordReader(final ProcessContext context, final FlowFile flowFile, final Configuration conf, final Path path) throws IOException { final ParquetReader.Builder<GenericRecord> readerBuilder = AvroParquetReader.<GenericRecord>builder(path).withConf(conf); return new AvroParquetHDFSRecordReader(readerBuilder.build()); } }
+ "not be fetched from HDFS") @SeeAlso({ListHDFS.class, GetHDFS.class, PutHDFS.class}) @Restricted(restrictions = { @Restriction( requiredPermission = RequiredPermission.READ_FILESYSTEM,
+ "to help keep the file system organized.") @SeeAlso({GetFile.class, PutFile.class, ListFile.class}) @Restricted( restrictions = { @Restriction(
description = "Updates a script engine property specified by the Dynamic Property's key with the value " + "specified by the Dynamic Property's value") @Restricted( restrictions = { @Restriction(
description = "Scripts can store and retrieve state using the State Management APIs. Consult the State Manager section of the Developer's Guide for more details.") @SeeAlso({ExecuteScript.class}) @Restricted( restrictions = { @Restriction(
@WritesAttribute(attribute = "record.count", description = "The number of records written to the Parquet file") }) @Restricted(restrictions = { @Restriction( requiredPermission = RequiredPermission.WRITE_FILESYSTEM,