mirror of https://github.com/apache/nifi.git
NIFI-4135 - added hadoop-client and enhanced Authorizers entity to support classpath for resources entry
NIFI-4135 - classpath under class This closes #1956. Signed-off-by: Bryan Bende <bbende@apache.org>
This commit is contained in:
parent
e89512e744
commit
6df97bbc88
|
@ -329,62 +329,62 @@ public final class AuthorizerFactory {
|
||||||
* @param baseAuthorizer base authorizer
|
* @param baseAuthorizer base authorizer
|
||||||
* @return authorizer
|
* @return authorizer
|
||||||
*/
|
*/
|
||||||
public static Authorizer withNarLoader(final Authorizer baseAuthorizer) {
|
public static Authorizer withNarLoader(final Authorizer baseAuthorizer, final ClassLoader classLoader) {
|
||||||
if (baseAuthorizer instanceof ManagedAuthorizer) {
|
if (baseAuthorizer instanceof ManagedAuthorizer) {
|
||||||
final ManagedAuthorizer baseManagedAuthorizer = (ManagedAuthorizer) baseAuthorizer;
|
final ManagedAuthorizer baseManagedAuthorizer = (ManagedAuthorizer) baseAuthorizer;
|
||||||
return new ManagedAuthorizer() {
|
return new ManagedAuthorizer() {
|
||||||
@Override
|
@Override
|
||||||
public String getFingerprint() throws AuthorizationAccessException {
|
public String getFingerprint() throws AuthorizationAccessException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
return baseManagedAuthorizer.getFingerprint();
|
return baseManagedAuthorizer.getFingerprint();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void inheritFingerprint(String fingerprint) throws AuthorizationAccessException {
|
public void inheritFingerprint(String fingerprint) throws AuthorizationAccessException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseManagedAuthorizer.inheritFingerprint(fingerprint);
|
baseManagedAuthorizer.inheritFingerprint(fingerprint);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void checkInheritability(String proposedFingerprint) throws AuthorizationAccessException, UninheritableAuthorizationsException {
|
public void checkInheritability(String proposedFingerprint) throws AuthorizationAccessException, UninheritableAuthorizationsException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseManagedAuthorizer.checkInheritability(proposedFingerprint);
|
baseManagedAuthorizer.checkInheritability(proposedFingerprint);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AccessPolicyProvider getAccessPolicyProvider() {
|
public AccessPolicyProvider getAccessPolicyProvider() {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
return baseManagedAuthorizer.getAccessPolicyProvider();
|
return baseManagedAuthorizer.getAccessPolicyProvider();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException {
|
public AuthorizationResult authorize(AuthorizationRequest request) throws AuthorizationAccessException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
return baseManagedAuthorizer.authorize(request);
|
return baseManagedAuthorizer.authorize(request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
|
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseManagedAuthorizer.initialize(initializationContext);
|
baseManagedAuthorizer.initialize(initializationContext);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
|
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseManagedAuthorizer.onConfigured(configurationContext);
|
baseManagedAuthorizer.onConfigured(configurationContext);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preDestruction() throws AuthorizerDestructionException {
|
public void preDestruction() throws AuthorizerDestructionException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseManagedAuthorizer.preDestruction();
|
baseManagedAuthorizer.preDestruction();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -393,28 +393,28 @@ public final class AuthorizerFactory {
|
||||||
return new Authorizer() {
|
return new Authorizer() {
|
||||||
@Override
|
@Override
|
||||||
public AuthorizationResult authorize(final AuthorizationRequest request) throws AuthorizationAccessException {
|
public AuthorizationResult authorize(final AuthorizationRequest request) throws AuthorizationAccessException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
return baseAuthorizer.authorize(request);
|
return baseAuthorizer.authorize(request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
|
public void initialize(AuthorizerInitializationContext initializationContext) throws AuthorizerCreationException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseAuthorizer.initialize(initializationContext);
|
baseAuthorizer.initialize(initializationContext);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
|
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseAuthorizer.onConfigured(configurationContext);
|
baseAuthorizer.onConfigured(configurationContext);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void preDestruction() throws AuthorizerDestructionException {
|
public void preDestruction() throws AuthorizerDestructionException {
|
||||||
try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
|
try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(classLoader)) {
|
||||||
baseAuthorizer.preDestruction();
|
baseAuthorizer.preDestruction();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,6 +26,7 @@ import org.apache.nifi.authorization.generated.Property;
|
||||||
import org.apache.nifi.bundle.Bundle;
|
import org.apache.nifi.bundle.Bundle;
|
||||||
import org.apache.nifi.nar.ExtensionManager;
|
import org.apache.nifi.nar.ExtensionManager;
|
||||||
import org.apache.nifi.util.NiFiProperties;
|
import org.apache.nifi.util.NiFiProperties;
|
||||||
|
import org.apache.nifi.util.file.classloader.ClassLoaderUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.DisposableBean;
|
import org.springframework.beans.factory.DisposableBean;
|
||||||
|
@ -45,6 +46,8 @@ import java.lang.reflect.Constructor;
|
||||||
import java.lang.reflect.Field;
|
import java.lang.reflect.Field;
|
||||||
import java.lang.reflect.InvocationTargetException;
|
import java.lang.reflect.InvocationTargetException;
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
|
import java.net.URL;
|
||||||
|
import java.net.URLClassLoader;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
@ -131,7 +134,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG
|
||||||
|
|
||||||
// create each authorizer
|
// create each authorizer
|
||||||
for (final org.apache.nifi.authorization.generated.Authorizer authorizer : authorizerConfiguration.getAuthorizer()) {
|
for (final org.apache.nifi.authorization.generated.Authorizer authorizer : authorizerConfiguration.getAuthorizer()) {
|
||||||
authorizers.put(authorizer.getIdentifier(), createAuthorizer(authorizer.getIdentifier(), authorizer.getClazz()));
|
authorizers.put(authorizer.getIdentifier(), createAuthorizer(authorizer.getIdentifier(), authorizer.getClazz(),authorizer.getClasspath()));
|
||||||
}
|
}
|
||||||
|
|
||||||
// configure each authorizer
|
// configure each authorizer
|
||||||
|
@ -273,7 +276,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG
|
||||||
return AccessPolicyProviderFactory.withNarLoader(instance);
|
return AccessPolicyProviderFactory.withNarLoader(instance);
|
||||||
}
|
}
|
||||||
|
|
||||||
private Authorizer createAuthorizer(final String identifier, final String authorizerClassName) throws Exception {
|
private Authorizer createAuthorizer(final String identifier, final String authorizerClassName, final String classpathResources) throws Exception {
|
||||||
// get the classloader for the specified authorizer
|
// get the classloader for the specified authorizer
|
||||||
final List<Bundle> authorizerBundles = ExtensionManager.getBundles(authorizerClassName);
|
final List<Bundle> authorizerBundles = ExtensionManager.getBundles(authorizerClassName);
|
||||||
|
|
||||||
|
@ -286,7 +289,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG
|
||||||
}
|
}
|
||||||
|
|
||||||
final Bundle authorizerBundle = authorizerBundles.get(0);
|
final Bundle authorizerBundle = authorizerBundles.get(0);
|
||||||
final ClassLoader authorizerClassLoader = authorizerBundle.getClassLoader();
|
ClassLoader authorizerClassLoader = authorizerBundle.getClassLoader();
|
||||||
|
|
||||||
// get the current context classloader
|
// get the current context classloader
|
||||||
final ClassLoader currentClassLoader = Thread.currentThread().getContextClassLoader();
|
final ClassLoader currentClassLoader = Thread.currentThread().getContextClassLoader();
|
||||||
|
@ -318,7 +321,12 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, UserG
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return AuthorizerFactory.installIntegrityChecks(AuthorizerFactory.withNarLoader(instance));
|
if(StringUtils.isNotEmpty(classpathResources)) {
|
||||||
|
URL[] urls = ClassLoaderUtils.getURLsForClasspath(classpathResources, null, true);
|
||||||
|
authorizerClassLoader = new URLClassLoader(urls, authorizerClassLoader);
|
||||||
|
}
|
||||||
|
|
||||||
|
return AuthorizerFactory.installIntegrityChecks(AuthorizerFactory.withNarLoader(instance,authorizerClassLoader));
|
||||||
}
|
}
|
||||||
|
|
||||||
private AuthorizerConfigurationContext loadAuthorizerConfiguration(final String identifier, final List<Property> properties) {
|
private AuthorizerConfigurationContext loadAuthorizerConfiguration(final String identifier, final List<Property> properties) {
|
||||||
|
|
|
@ -37,7 +37,8 @@
|
||||||
<xs:sequence>
|
<xs:sequence>
|
||||||
<xs:element name="identifier" type="NonEmptyStringType"/>
|
<xs:element name="identifier" type="NonEmptyStringType"/>
|
||||||
<xs:element name="class" type="NonEmptyStringType"/>
|
<xs:element name="class" type="NonEmptyStringType"/>
|
||||||
<xs:element name="property" type="Property" minOccurs="0" maxOccurs="unbounded" />
|
<xs:element name="classpath" type="NonEmptyStringType" minOccurs="0"/>
|
||||||
|
<xs:element name="property" type="Property" minOccurs="0" maxOccurs="unbounded"/>
|
||||||
</xs:sequence>
|
</xs:sequence>
|
||||||
</xs:complexType>
|
</xs:complexType>
|
||||||
|
|
||||||
|
|
|
@ -86,7 +86,11 @@
|
||||||
<artifactId>findbugs-annotations</artifactId>
|
<artifactId>findbugs-annotations</artifactId>
|
||||||
<version>1.3.9-1</version>
|
<version>1.3.9-1</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.apache.hadoop</groupId>
|
||||||
|
<artifactId>hadoop-client</artifactId>
|
||||||
|
<version>${hadoop.version}</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.apache.nifi</groupId>
|
<groupId>org.apache.nifi</groupId>
|
||||||
<artifactId>nifi-mock</artifactId>
|
<artifactId>nifi-mock</artifactId>
|
||||||
|
|
Loading…
Reference in New Issue