Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-3247: 

- Removing unnecessary authorization check during second phase of connection creation.
- Ensuring that the remote group port returns the correct resource type though not super critical since it is not possible to create policies for remote ports.

This closes #1353.
This commit is contained in:
Matt Gilman 2016-12-21 15:46:32 -05:00 committed by Pierre Villard
parent 8acbe9aa3f
commit 0d14db72f5
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRemoteGroupPort.java
View File

@ -31,7 +31,10 @@ import java.util.concurrent.atomic.AtomicReference;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import org.apache.nifi.authorization.Resource;
import org.apache.nifi.authorization.resource.Authorizable; import org.apache.nifi.authorization.resource.Authorizable;
import org.apache.nifi.authorization.resource.ResourceFactory;
import org.apache.nifi.authorization.resource.ResourceType;
import org.apache.nifi.components.ValidationResult; import org.apache.nifi.components.ValidationResult;
import org.apache.nifi.connectable.ConnectableType; import org.apache.nifi.connectable.ConnectableType;
import org.apache.nifi.connectable.Connection; import org.apache.nifi.connectable.Connection;
@ -122,6 +125,12 @@ public class StandardRemoteGroupPort extends RemoteGroupPort {
return getConnectableType() == ConnectableType.REMOTE_OUTPUT_PORT; return getConnectableType() == ConnectableType.REMOTE_OUTPUT_PORT;
} }
@Override
public Resource getResource() {
final ResourceType resourceType = ConnectableType.REMOTE_INPUT_PORT.equals(getConnectableType()) ? ResourceType.InputPort : ResourceType.OutputPort;
return ResourceFactory.getComponentResource(resourceType, getIdentifier(), getName());
}
@Override @Override
public Authorizable getParentAuthorizable() { public Authorizable getParentAuthorizable() {
return getRemoteProcessGroup(); return getRemoteProcessGroup();

6
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/dao/impl/StandardConnectionDAO.java
View File

@ -300,9 +300,6 @@ public class StandardConnectionDAO extends ComponentDAO implements ConnectionDAO
source = sourceGroup.getConnectable(sourceConnectableDTO.getId()); source = sourceGroup.getConnectable(sourceConnectableDTO.getId());
} }
// ensure the user has write access to the source component
source.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
// find the destination // find the destination
final Connectable destination; final Connectable destination;
if (ConnectableType.REMOTE_INPUT_PORT.name().equals(destinationConnectableDTO.getType())) { if (ConnectableType.REMOTE_INPUT_PORT.name().equals(destinationConnectableDTO.getType())) {
@ -326,9 +323,6 @@ public class StandardConnectionDAO extends ComponentDAO implements ConnectionDAO
destination = destinationGroup.getConnectable(destinationConnectableDTO.getId()); destination = destinationGroup.getConnectable(destinationConnectableDTO.getId());
} }
// ensure the user has write access to the source component
destination.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser());
// determine the relationships // determine the relationships
final Set<String> relationships = new HashSet<>(); final Set<String> relationships = new HashSet<>();
if (isNotNull(connectionDTO.getSelectedRelationships())) { if (isNotNull(connectionDTO.getSelectedRelationships())) {