@Override public AuthorizationResult authorize(final AuthorizationRequest request) throws AuthorizationAccessException { return AuthorizationResult.approved(); }
@Override public AuthorizationResult checkAuthorization(NiFiUser user) { // perform the authorization of the user by using the underlying component, ensures consistent authorization with raw s2s final PortAuthorizationResult authorizationResult = ((RootGroupPort) inputPort).checkUserAuthorization(user); if (authorizationResult.isAuthorized()) { return AuthorizationResult.approved(); } else { return AuthorizationResult.denied(authorizationResult.getExplanation()); } } };
@Override public AuthorizationResult checkAuthorization(NiFiUser user) { // perform the authorization of the user by using the underlying component, ensures consistent authorization with raw s2s final PortAuthorizationResult authorizationResult = ((RootGroupPort) outputPort).checkUserAuthorization(user); if (authorizationResult.isAuthorized()) { return AuthorizationResult.approved(); } else { return AuthorizationResult.denied(authorizationResult.getExplanation()); } } };
@Override public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException { final String resourceIdentifier = request.getResource().getIdentifier(); final AccessPolicy policy = accessPolicyProvider.getAccessPolicy(resourceIdentifier, request.getAction()); if (policy == null) { return AuthorizationResult.resourceNotFound(); } final UserAndGroups userAndGroups = userGroupProvider.getUserAndGroups(request.getIdentity()); final User user = userAndGroups.getUser(); if (user == null) { return AuthorizationResult.denied(String.format("Unknown user with identity '%s'.", request.getIdentity())); } final Set<Group> userGroups = userAndGroups.getGroups(); if (policy.getUsers().contains(user.getIdentifier()) || containsGroup(userGroups, policy)) { return AuthorizationResult.approved(); } return AuthorizationResult.denied(request.getExplanationSupplier().get()); }
@Override public final AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException { final UsersAndAccessPolicies usersAndAccessPolicies = getUsersAndAccessPolicies(); final String resourceIdentifier = request.getResource().getIdentifier(); final AccessPolicy policy = usersAndAccessPolicies.getAccessPolicy(resourceIdentifier, request.getAction()); if (policy == null) { return AuthorizationResult.resourceNotFound(); } final User user = usersAndAccessPolicies.getUser(request.getIdentity()); if (user == null) { return AuthorizationResult.denied(String.format("Unknown user with identity '%s'.", request.getIdentity())); } final Set<Group> userGroups = usersAndAccessPolicies.getGroups(user.getIdentity()); if (policy.getUsers().contains(user.getIdentifier()) || containsGroup(userGroups, policy)) { return AuthorizationResult.approved(); } return AuthorizationResult.denied(request.getExplanationSupplier().get()); }
@Override public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException { return AuthorizationResult.approved(); }