public static String getNiFiUserIdentity() { // get the nifi user to extract the username NiFiUser user = NiFiUserUtils.getNiFiUser(); if (user == null) { return "unknown"; } else { return user.getIdentity(); } }
/** * This static builder allows the chain and clientAddress to be populated without allowing calling code to provide a non-anonymous identity of the anonymous user. * * @param chain the proxied entities in {@see NiFiUser} form * @param clientAddress the address the request originated from * @return an anonymous user instance with the identity "anonymous" */ public static StandardNiFiUser populateAnonymousUser(NiFiUser chain, String clientAddress) { return new Builder().identity(ANONYMOUS_IDENTITY).chain(chain).clientAddress(clientAddress).anonymous(true).build(); }
/** * @return builds a StandardNiFiUser from the current state of the builder */ public StandardNiFiUser build() { return new StandardNiFiUser(this); } }
/** * Returns a regular user populated with the provided values, or if the user should be anonymous, a well-formed instance of the anonymous user with the provided values. * * @param identity the user's identity * @param chain the proxied entities * @param clientAddress the requesting IP address * @param isAnonymous if true, an anonymous user will be returned (identity will be ignored) * @return the populated user */ protected static NiFiUser createUser(String identity, Set<String> groups, NiFiUser chain, String clientAddress, boolean isAnonymous) { if (isAnonymous) { return StandardNiFiUser.populateAnonymousUser(chain, clientAddress); } else { return new Builder().identity(identity).groups(groups).chain(chain).clientAddress(clientAddress).build(); } }
private String getIdentity(final NiFiUser user) { return (user == null || user.isAnonymous()) ? null : user.getIdentity(); }
@Override public String getUsername() { return user.getIdentity(); }
private boolean requiresAuthentication(final HttpServletRequest request) { return NiFiUserUtils.getNiFiUser() == null; }
@Override protected Authentication createAuthentication(HttpServletRequest request) { return new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS)); }
@Override public String toString() { final String formattedGroups; if (groups == null) { formattedGroups = "none"; } else { formattedGroups = StringUtils.join(groups, ", "); } return String.format("identity[%s], groups[%s]", getIdentity(), formattedGroups); }
@Override public String getCurrentUserIdentity() { final NiFiUser user = NiFiUserUtils.getNiFiUser(); authorizeFlowAccess(user); return user.getIdentity(); }
@Override public boolean equals(Object obj) { if (obj == null) { return false; } if (!(obj instanceof NiFiUser)) { return false; } final NiFiUser other = (NiFiUser) obj; return Objects.equals(this.identity, other.getIdentity()); }
@Override public AsyncClusterResponse replicate(Set<NodeIdentifier> nodeIds, String method, URI uri, Object entity, Map<String, String> headers, final boolean indicateReplicated, final boolean performVerification) { return replicate(nodeIds, NiFiUserUtils.getNiFiUser(), method, uri, entity, headers, indicateReplicated, performVerification); }
/** * Generates an audit record for the creation of the specified funnel. */ private FlowChangeAction generateAuditRecord(String id, String name, Component type, Operation operation, Date timestamp) { FlowChangeAction action = null; // get the current user NiFiUser user = NiFiUserUtils.getNiFiUser(); // ensure the user was found if (user != null) { // create the action for adding this funnel action = new FlowChangeAction(); action.setUserIdentity(user.getIdentity()); action.setOperation(operation); action.setTimestamp(timestamp); action.setSourceId(id); action.setSourceName(name); action.setSourceType(type); } return action; }
private FlowChangeAction createFlowChangeAction(final NiFiUser user, final Date timestamp, final RemoteProcessGroup remoteProcessGroup, final FlowChangeRemoteProcessGroupDetails remoteProcessGroupDetails) { FlowChangeAction remoteProcessGroupAction = new FlowChangeAction(); remoteProcessGroupAction.setUserIdentity(user.getIdentity()); remoteProcessGroupAction.setTimestamp(timestamp); remoteProcessGroupAction.setSourceId(remoteProcessGroup.getIdentifier()); remoteProcessGroupAction.setSourceName(remoteProcessGroup.getName()); remoteProcessGroupAction.setSourceType(Component.RemoteProcessGroup); remoteProcessGroupAction.setComponentDetails(remoteProcessGroupDetails); return remoteProcessGroupAction; }
/** * Creates the PermissionsDTO based on the specified Authorizable. * * @param authorizable authorizable * @return dto */ public PermissionsDTO createPermissionsDto(final Authorizable authorizable) { return createPermissionsDto(authorizable, NiFiUserUtils.getNiFiUser()); }
@Override public AsyncClusterResponse replicate(String method, URI uri, Object entity, Map<String, String> headers) { return replicate(NiFiUserUtils.getNiFiUser(), method, uri, entity, headers); }
@Override public AsyncClusterResponse forwardToCoordinator(final NodeIdentifier coordinatorNodeId, final String method, final URI uri, final Object entity, final Map<String, String> headers) { return forwardToCoordinator(coordinatorNodeId, NiFiUserUtils.getNiFiUser(), method, uri, entity, headers); }
@Override public RemoteProcessGroupEntity getRemoteProcessGroup(final String remoteProcessGroupId) { final RemoteProcessGroup rpg = remoteProcessGroupDAO.getRemoteProcessGroup(remoteProcessGroupId); return createRemoteGroupEntity(rpg, NiFiUserUtils.getNiFiUser()); }
@Override public ControllerService getControllerService(final String serviceIdentifier, final String componentId) { final NiFiUser user = NiFiUserUtils.getNiFiUser(); authorizeFlowAccess(user); return controllerServiceProvider.getControllerServiceForComponent(serviceIdentifier, componentId); }
@Override public ProcessorEntity getProcessor(final String id) { final ProcessorNode processor = processorDAO.getProcessor(id); return createProcessorEntity(processor, NiFiUserUtils.getNiFiUser()); }