Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-65: 

- Adding methods to the AuthorityProvider to authorize the downloading of content.
This commit is contained in:
Matt Gilman 2014-12-23 09:31:46 -05:00
parent 2df03143b9
commit 418d6b03b2
2 changed files with 103 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
nifi-api/src/main/java/org/apache/nifi/authorization/AuthorityProvider.java
View File

@ -16,6 +16,8 @@
*/
package org.apache.nifi.authorization;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.nifi.authorization.exception.AuthorityAccessException;
import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
@ -136,6 +138,22 @@ public interface AuthorityProvider {
*/
void ungroup(String group) throws AuthorityAccessException;
/**
* Determines whether the user in the specified dnChain should be able to
* download the content for the flowfile with the specified attributes.
*
* The last dn in the chain is the end user that the request was issued on
* behalf of. The previous dn's in the chain represent entities proxying the
* user's request.
*
* @param dnChain
* @param attributes
* @return
* @throws UnknownIdentityException
* @throws AuthorityAccessException
*/
DownloadAuthorization authorizeDownload(List<String> dnChain, Map<String, String> attributes) throws UnknownIdentityException, AuthorityAccessException;
/**
* Called immediately after instance creation for implementers to perform
* additional setup

85
nifi-api/src/main/java/org/apache/nifi/authorization/DownloadAuthorization.java Normal file
View File

@ -0,0 +1,85 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.nifi.authorization;
/**
* Represents a decision whether authorization is granted to download content.
*/
public class DownloadAuthorization {
private static enum Result {
Approved,
Denied;
};
private static final DownloadAuthorization APPROVED = new DownloadAuthorization(Result.Approved, null);
private final Result result;
private final String explanation;
/**
* Creates a new DownloadAuthorization with the specified result and explanation.
*
* @param result
* @param explanation
*/
private DownloadAuthorization(Result result, String explanation) {
if (Result.Denied.equals(result) && explanation == null) {
throw new IllegalArgumentException("An explanation is request when the download request is denied.");
}
this.result = result;
this.explanation = explanation;
}
/**
* Whether or not the download request is approved.
*
* @return
*/
public boolean isApproved() {
return Result.Approved.equals(result);
}
/**
* If the download request is denied, the reason why. Null otherwise.
*
* @return
*/
public String getExplanation() {
return explanation;
}
/**
* Creates a new approved DownloadAuthorization.
*
* @return
*/
public static DownloadAuthorization approved() {
return APPROVED;
}
/**
* Creates a new denied DownloadAuthorization with the specified exlanation.
*
* @param explanation
* @return
*/
public static DownloadAuthorization denied(String explanation) {
return new DownloadAuthorization(Result.Denied, explanation);
}
}