NIFI-7884 Added and applied Distributed File System permissions (#4713)

This commit is contained in:
exceptionfactory 2020-12-08 15:56:46 -05:00 committed by GitHub
parent 039a09923a
commit cfbcecc4c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 12 additions and 10 deletions

View File

@ -24,6 +24,8 @@ import java.util.Arrays;
public enum RequiredPermission { public enum RequiredPermission {
READ_FILESYSTEM("read-filesystem", "read filesystem"), READ_FILESYSTEM("read-filesystem", "read filesystem"),
WRITE_FILESYSTEM("write-filesystem", "write filesystem"), WRITE_FILESYSTEM("write-filesystem", "write filesystem"),
READ_DISTRIBUTED_FILESYSTEM("read-distributed-filesystem", "read distributed filesystem"),
WRITE_DISTRIBUTED_FILESYSTEM("write-distributed-filesystem", "write distributed filesystem"),
EXECUTE_CODE("execute-code", "execute code"), EXECUTE_CODE("execute-code", "execute code"),
ACCESS_KEYTAB("access-keytab", "access keytab"), ACCESS_KEYTAB("access-keytab", "access keytab"),
EXPORT_NIFI_DETAILS("export-nifi-details", "export nifi details"); EXPORT_NIFI_DETAILS("export-nifi-details", "export nifi details");

View File

@ -64,7 +64,7 @@ import java.util.regex.Pattern;
+ " knowledge of globbed files deleted is necessary use ListHDFS first to produce a specific list of files to delete. ") + " knowledge of globbed files deleted is necessary use ListHDFS first to produce a specific list of files to delete. ")
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
}) })
@WritesAttributes({ @WritesAttributes({

View File

@ -66,7 +66,7 @@ import java.util.concurrent.TimeUnit;
@SeeAlso({ListHDFS.class, GetHDFS.class, PutHDFS.class}) @SeeAlso({ListHDFS.class, GetHDFS.class, PutHDFS.class})
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.READ_FILESYSTEM, requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class FetchHDFS extends AbstractHadoopProcessor { public class FetchHDFS extends AbstractHadoopProcessor {

View File

@ -80,10 +80,10 @@ import java.util.regex.Pattern;
@SeeAlso({PutHDFS.class, ListHDFS.class}) @SeeAlso({PutHDFS.class, ListHDFS.class})
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.READ_FILESYSTEM, requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."), explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class GetHDFS extends AbstractHadoopProcessor { public class GetHDFS extends AbstractHadoopProcessor {

View File

@ -77,10 +77,10 @@ import java.util.regex.Pattern;
@SeeAlso({PutHDFS.class, GetHDFS.class}) @SeeAlso({PutHDFS.class, GetHDFS.class})
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.READ_FILESYSTEM, requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."), explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class MoveHDFS extends AbstractHadoopProcessor { public class MoveHDFS extends AbstractHadoopProcessor {

View File

@ -85,7 +85,7 @@ import java.util.stream.Stream;
@SeeAlso(GetHDFS.class) @SeeAlso(GetHDFS.class)
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class PutHDFS extends AbstractHadoopProcessor { public class PutHDFS extends AbstractHadoopProcessor {

View File

@ -67,7 +67,7 @@ import java.util.List;
}) })
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class PutORC extends AbstractPutHDFSRecord { public class PutORC extends AbstractPutHDFSRecord {

View File

@ -53,7 +53,7 @@ import java.io.IOException;
@SeeAlso({PutParquet.class}) @SeeAlso({PutParquet.class})
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.READ_FILESYSTEM, requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class FetchParquet extends AbstractFetchHDFSRecord { public class FetchParquet extends AbstractFetchHDFSRecord {

View File

@ -70,7 +70,7 @@ import static org.apache.nifi.parquet.utils.ParquetUtils.applyCommonConfig;
}) })
@Restricted(restrictions = { @Restricted(restrictions = {
@Restriction( @Restriction(
requiredPermission = RequiredPermission.WRITE_FILESYSTEM, requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
explanation = "Provides operator the ability to write any file that NiFi has access to in HDFS or the local filesystem.") explanation = "Provides operator the ability to write any file that NiFi has access to in HDFS or the local filesystem.")
}) })
public class PutParquet extends AbstractPutHDFSRecord { public class PutParquet extends AbstractPutHDFSRecord {