mirror of https://github.com/apache/nifi.git
NIFI-7884 Added and applied Distributed File System permissions (#4713)
This commit is contained in:
parent
039a09923a
commit
cfbcecc4c6
|
@ -24,6 +24,8 @@ import java.util.Arrays;
|
||||||
public enum RequiredPermission {
|
public enum RequiredPermission {
|
||||||
READ_FILESYSTEM("read-filesystem", "read filesystem"),
|
READ_FILESYSTEM("read-filesystem", "read filesystem"),
|
||||||
WRITE_FILESYSTEM("write-filesystem", "write filesystem"),
|
WRITE_FILESYSTEM("write-filesystem", "write filesystem"),
|
||||||
|
READ_DISTRIBUTED_FILESYSTEM("read-distributed-filesystem", "read distributed filesystem"),
|
||||||
|
WRITE_DISTRIBUTED_FILESYSTEM("write-distributed-filesystem", "write distributed filesystem"),
|
||||||
EXECUTE_CODE("execute-code", "execute code"),
|
EXECUTE_CODE("execute-code", "execute code"),
|
||||||
ACCESS_KEYTAB("access-keytab", "access keytab"),
|
ACCESS_KEYTAB("access-keytab", "access keytab"),
|
||||||
EXPORT_NIFI_DETAILS("export-nifi-details", "export nifi details");
|
EXPORT_NIFI_DETAILS("export-nifi-details", "export nifi details");
|
||||||
|
|
|
@ -64,7 +64,7 @@ import java.util.regex.Pattern;
|
||||||
+ " knowledge of globbed files deleted is necessary use ListHDFS first to produce a specific list of files to delete. ")
|
+ " knowledge of globbed files deleted is necessary use ListHDFS first to produce a specific list of files to delete. ")
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
@WritesAttributes({
|
@WritesAttributes({
|
||||||
|
|
|
@ -66,7 +66,7 @@ import java.util.concurrent.TimeUnit;
|
||||||
@SeeAlso({ListHDFS.class, GetHDFS.class, PutHDFS.class})
|
@SeeAlso({ListHDFS.class, GetHDFS.class, PutHDFS.class})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.READ_FILESYSTEM,
|
requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class FetchHDFS extends AbstractHadoopProcessor {
|
public class FetchHDFS extends AbstractHadoopProcessor {
|
||||||
|
|
|
@ -80,10 +80,10 @@ import java.util.regex.Pattern;
|
||||||
@SeeAlso({PutHDFS.class, ListHDFS.class})
|
@SeeAlso({PutHDFS.class, ListHDFS.class})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.READ_FILESYSTEM,
|
requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
|
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class GetHDFS extends AbstractHadoopProcessor {
|
public class GetHDFS extends AbstractHadoopProcessor {
|
||||||
|
|
|
@ -77,10 +77,10 @@ import java.util.regex.Pattern;
|
||||||
@SeeAlso({PutHDFS.class, GetHDFS.class})
|
@SeeAlso({PutHDFS.class, GetHDFS.class})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.READ_FILESYSTEM,
|
requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
|
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem."),
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class MoveHDFS extends AbstractHadoopProcessor {
|
public class MoveHDFS extends AbstractHadoopProcessor {
|
||||||
|
|
|
@ -85,7 +85,7 @@ import java.util.stream.Stream;
|
||||||
@SeeAlso(GetHDFS.class)
|
@SeeAlso(GetHDFS.class)
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to delete any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class PutHDFS extends AbstractHadoopProcessor {
|
public class PutHDFS extends AbstractHadoopProcessor {
|
||||||
|
|
|
@ -67,7 +67,7 @@ import java.util.List;
|
||||||
})
|
})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class PutORC extends AbstractPutHDFSRecord {
|
public class PutORC extends AbstractPutHDFSRecord {
|
||||||
|
|
|
@ -53,7 +53,7 @@ import java.io.IOException;
|
||||||
@SeeAlso({PutParquet.class})
|
@SeeAlso({PutParquet.class})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.READ_FILESYSTEM,
|
requiredPermission = RequiredPermission.READ_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to retrieve any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class FetchParquet extends AbstractFetchHDFSRecord {
|
public class FetchParquet extends AbstractFetchHDFSRecord {
|
||||||
|
|
|
@ -70,7 +70,7 @@ import static org.apache.nifi.parquet.utils.ParquetUtils.applyCommonConfig;
|
||||||
})
|
})
|
||||||
@Restricted(restrictions = {
|
@Restricted(restrictions = {
|
||||||
@Restriction(
|
@Restriction(
|
||||||
requiredPermission = RequiredPermission.WRITE_FILESYSTEM,
|
requiredPermission = RequiredPermission.WRITE_DISTRIBUTED_FILESYSTEM,
|
||||||
explanation = "Provides operator the ability to write any file that NiFi has access to in HDFS or the local filesystem.")
|
explanation = "Provides operator the ability to write any file that NiFi has access to in HDFS or the local filesystem.")
|
||||||
})
|
})
|
||||||
public class PutParquet extends AbstractPutHDFSRecord {
|
public class PutParquet extends AbstractPutHDFSRecord {
|
||||||
|
|
Loading…
Reference in New Issue