From 83316736f8f2c657c96aca6d6346f53be061b4d7 Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Wed, 25 May 2022 20:36:31 -0500 Subject: [PATCH] NIFI-9959 Add UI Support for Sensitive Dynamic Properties (#6073) * NIFI-9959 Added UI Support for Sensitive Dynamic Properties - Added SupportsSensitiveDynamicProperties to DBCPConnectionPool and ScriptedReportingTask * NIFI-9959 Added sensitive parameter argument for Controller Service descriptors * NIFI-9959 Adjusted sensitive property descriptor handling to support changing status * NIFI-9959 Added info icon for Sensitive Value field * NIFI-9959 Corrected handling of descriptor for existing dynamic properties * NIFI-9959 Cleaning up dialog markup. Co-authored-by: Matt Gilman This closes #6073 --- .../controller/AbstractComponentNode.java | 6 + .../apache/nifi/controller/ComponentNode.java | 5 + .../apache/nifi/web/NiFiServiceFacade.java | 9 +- .../nifi/web/StandardNiFiServiceFacade.java | 53 +++--- .../web/api/ControllerServiceResource.java | 7 +- .../nifi/web/api/ProcessorResource.java | 7 +- .../nifi/web/api/ReportingTaskResource.java | 7 +- .../webapp/js/jquery/modal/jquery.modal.css | 2 +- .../propertytable/jquery.propertytable.js | 158 +++++++++++++----- .../js/nf/canvas/nf-controller-service.js | 9 +- .../nf/canvas/nf-processor-configuration.js | 10 +- .../webapp/js/nf/canvas/nf-reporting-task.js | 9 +- .../script/ScriptedReportingTask.java | 2 + .../apache/nifi/dbcp/DBCPConnectionPool.java | 2 + 14 files changed, 189 insertions(+), 97 deletions(-) diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractComponentNode.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractComponentNode.java index c2f7636a7a..32361f6576 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractComponentNode.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/AbstractComponentNode.java @@ -996,6 +996,12 @@ public abstract class AbstractComponentNode implements ComponentNode { return foundApiDependency; } + @Override + public boolean isSensitiveDynamicProperty(final String name) { + Objects.requireNonNull(name, "Property Name required"); + return sensitiveDynamicPropertyNames.get().contains(name); + } + @Override public PropertyDescriptor getPropertyDescriptor(final String name) { try (final NarCloseable narCloseable = NarCloseable.withComponentNarLoader(extensionManager, getComponent().getClass(), getComponent().getIdentifier())) { diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/ComponentNode.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/ComponentNode.java index 136dac5fef..3be5204bb5 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/ComponentNode.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core-api/src/main/java/org/apache/nifi/controller/ComponentNode.java @@ -261,6 +261,11 @@ public interface ComponentNode extends ComponentAuthorizable { */ PropertyDescriptor getPropertyDescriptor(String name); + /** + * @param name Property Name + * @return Sensitive Dynamic Property status + */ + boolean isSensitiveDynamicProperty(String name); @Override default AuthorizationResult checkAuthorization(Authorizer authorizer, RequestAction action, NiFiUser user, Map resourceContext) { diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java index ea78af85ae..aa75f20234 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiServiceFacade.java @@ -616,9 +616,10 @@ public interface NiFiServiceFacade { * * @param id id * @param property property + * @param sensitive requested sensitive status * @return descriptor */ - PropertyDescriptorDTO getProcessorPropertyDescriptor(String id, String property); + PropertyDescriptorDTO getProcessorPropertyDescriptor(String id, String property, boolean sensitive); /** * Gets all the Processor transfer objects for this controller. @@ -2046,9 +2047,10 @@ public interface NiFiServiceFacade { * * @param id id * @param property property + * @param sensitive requested sensitive status * @return property */ - PropertyDescriptorDTO getControllerServicePropertyDescriptor(String id, String property); + PropertyDescriptorDTO getControllerServicePropertyDescriptor(String id, String property, boolean sensitive); /** * Gets the references for specified controller service. @@ -2168,9 +2170,10 @@ public interface NiFiServiceFacade { * * @param id id * @param property property + * @param sensitive requested sensitive status * @return descriptor */ - PropertyDescriptorDTO getReportingTaskPropertyDescriptor(String id, String property); + PropertyDescriptorDTO getReportingTaskPropertyDescriptor(String id, String property, boolean sensitive); /** * Updates the specified reporting task. diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java index ff96408805..aa39cb6d7a 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java @@ -3642,15 +3642,9 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { } @Override - public PropertyDescriptorDTO getProcessorPropertyDescriptor(final String id, final String property) { + public PropertyDescriptorDTO getProcessorPropertyDescriptor(final String id, final String property, final boolean sensitive) { final ProcessorNode processor = processorDAO.getProcessor(id); - PropertyDescriptor descriptor = processor.getPropertyDescriptor(property); - - // return an invalid descriptor if the processor doesn't support this property - if (descriptor == null) { - descriptor = new PropertyDescriptor.Builder().name(property).addValidator(Validator.INVALID).dynamic(true).build(); - } - + final PropertyDescriptor descriptor = getPropertyDescriptor(processor, property, sensitive); return dtoFactory.createPropertyDescriptorDto(descriptor, processor.getProcessGroup().getIdentifier()); } @@ -4511,15 +4505,9 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { } @Override - public PropertyDescriptorDTO getControllerServicePropertyDescriptor(final String id, final String property) { + public PropertyDescriptorDTO getControllerServicePropertyDescriptor(final String id, final String property, final boolean sensitive) { final ControllerServiceNode controllerService = controllerServiceDAO.getControllerService(id); - PropertyDescriptor descriptor = controllerService.getPropertyDescriptor(property); - - // return an invalid descriptor if the controller service doesn't support this property - if (descriptor == null) { - descriptor = new PropertyDescriptor.Builder().name(property).addValidator(Validator.INVALID).dynamic(true).build(); - } - + final PropertyDescriptor descriptor = getPropertyDescriptor(controllerService, property, sensitive); final String groupId = controllerService.getProcessGroup() == null ? null : controllerService.getProcessGroup().getIdentifier(); return dtoFactory.createPropertyDescriptorDto(descriptor, groupId); } @@ -4555,15 +4543,9 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { } @Override - public PropertyDescriptorDTO getReportingTaskPropertyDescriptor(final String id, final String property) { + public PropertyDescriptorDTO getReportingTaskPropertyDescriptor(final String id, final String property, final boolean sensitive) { final ReportingTaskNode reportingTask = reportingTaskDAO.getReportingTask(id); - PropertyDescriptor descriptor = reportingTask.getPropertyDescriptor(property); - - // return an invalid descriptor if the reporting task doesn't support this property - if (descriptor == null) { - descriptor = new PropertyDescriptor.Builder().name(property).addValidator(Validator.INVALID).dynamic(true).build(); - } - + final PropertyDescriptor descriptor = getPropertyDescriptor(reportingTask, property, sensitive); return dtoFactory.createPropertyDescriptorDto(descriptor, null); } @@ -5887,6 +5869,29 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade { }; } + private PropertyDescriptor getPropertyDescriptor(final ComponentNode componentNode, final String property, final boolean sensitive) { + final PropertyDescriptor propertyDescriptor; + + final PropertyDescriptor componentDescriptor = componentNode.getPropertyDescriptor(property); + if (componentDescriptor == null) { + propertyDescriptor = new PropertyDescriptor.Builder().name(property).addValidator(Validator.INVALID).dynamic(true).build(); + } else if ( + componentDescriptor.isDynamic() && ( + // Allow setting sensitive status for properties marked as sensitive in previous requests + componentNode.isSensitiveDynamicProperty(property) || ( + // Allow setting sensitive status for properties not marked as sensitive in supporting components + !componentDescriptor.isSensitive() && componentNode.isSupportsSensitiveDynamicProperties() + ) + ) + ) { + propertyDescriptor = new PropertyDescriptor.Builder().fromPropertyDescriptor(componentDescriptor).sensitive(sensitive).build(); + } else { + propertyDescriptor = componentDescriptor; + } + + return propertyDescriptor; + } + @Override public void verifyPublicInputPortUniqueness(final String portId, final String portName) { inputPortDAO.verifyPublicPortUniqueness(portId, portName); diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerServiceResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerServiceResource.java index e22a672b4f..928a649e1d 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerServiceResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ControllerServiceResource.java @@ -281,12 +281,7 @@ public class ControllerServiceResource extends ApplicationResource { }); // get the property descriptor - final PropertyDescriptorDTO descriptor = serviceFacade.getControllerServicePropertyDescriptor(id, propertyName); - - // Adjust sensitive status for dynamic properties when sensitive status enabled - if (descriptor.isDynamic() && sensitive) { - descriptor.setSensitive(true); - } + final PropertyDescriptorDTO descriptor = serviceFacade.getControllerServicePropertyDescriptor(id, propertyName, sensitive); // generate the response entity final PropertyDescriptorEntity entity = new PropertyDescriptorEntity(); diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ProcessorResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ProcessorResource.java index f16c28ff31..440981737d 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ProcessorResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ProcessorResource.java @@ -427,12 +427,7 @@ public class ProcessorResource extends ApplicationResource { }); // get the property descriptor - final PropertyDescriptorDTO descriptor = serviceFacade.getProcessorPropertyDescriptor(id, propertyName); - - // Adjust sensitive status for dynamic properties when sensitive status enabled - if (descriptor.isDynamic() && sensitive) { - descriptor.setSensitive(true); - } + final PropertyDescriptorDTO descriptor = serviceFacade.getProcessorPropertyDescriptor(id, propertyName, sensitive); // generate the response entity final PropertyDescriptorEntity entity = new PropertyDescriptorEntity(); diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ReportingTaskResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ReportingTaskResource.java index 3f32e6b1fc..114af5d64b 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ReportingTaskResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ReportingTaskResource.java @@ -267,12 +267,7 @@ public class ReportingTaskResource extends ApplicationResource { }); // get the property descriptor - final PropertyDescriptorDTO descriptor = serviceFacade.getReportingTaskPropertyDescriptor(id, propertyName); - - // Adjust sensitive status for dynamic properties when sensitive status enabled - if (descriptor.isDynamic() && sensitive) { - descriptor.setSensitive(true); - } + final PropertyDescriptorDTO descriptor = serviceFacade.getReportingTaskPropertyDescriptor(id, propertyName, sensitive); // generate the response entity final PropertyDescriptorEntity entity = new PropertyDescriptorEntity(); diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/modal/jquery.modal.css b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/modal/jquery.modal.css index 1795d6d099..f12da2989e 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/modal/jquery.modal.css +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/modal/jquery.modal.css @@ -108,4 +108,4 @@ bottom: 0; width: 100%; height: 32px; -} \ No newline at end of file +} diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/propertytable/jquery.propertytable.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/propertytable/jquery.propertytable.js index 5ec357f7a6..6c482bb3e7 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/propertytable/jquery.propertytable.js +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/jquery/propertytable/jquery.propertytable.js @@ -105,6 +105,7 @@ _) { var groupId = null; + var supportsSensitiveDynamicProperties = false; var propertyVerificationCallback = null; var COMBO_MIN_WIDTH = 212; var EDITOR_MIN_WIDTH = 212; @@ -1211,7 +1212,8 @@ contentType: 'application/json' }).done(function (response) { // load the descriptor and update the property - configurationOptions.descriptorDeferred(item.property).done(function (descriptorResponse) { + // Controller Service dynamic property descriptors will not be marked as sensitive + configurationOptions.descriptorDeferred(item.property, false).done(function (descriptorResponse) { var descriptor = descriptorResponse.propertyDescriptor; // store the descriptor for use later @@ -1600,6 +1602,10 @@ hidden: true })); + // Delete property descriptor + var descriptors = table.data('descriptors'); + delete descriptors[property.property]; + // prevents standard edit logic e.stopImmediatePropagation(); } else if (target.hasClass('go-to-service')) { @@ -1829,6 +1835,17 @@ return properties; }; + var getSensitiveDynamicPropertyNames = function (table) { + var sensitiveDynamicPropertyNames = []; + var descriptors = table.data('descriptors'); + $.each(descriptors, function () { + if (nfCommon.isSensitiveProperty(this) === true && nfCommon.isDynamicProperty(this) === true) { + sensitiveDynamicPropertyNames.push(this.name); + } + }); + return sensitiveDynamicPropertyNames; + }; + /** * Performs the filtering. * @@ -2028,21 +2045,35 @@ var newPropertyDialogMarkup = '