Commit Graph

864 Commits

Author SHA1 Message Date
Matt Gilman f0c6739a1f NIFI-3251:
- Ensuring read permissions to the ControllerService before attempting to check permissions to parent.

This closes #1483
2017-02-08 15:13:20 -05:00
Matt Gilman 83ee7590a6
- Fixing checkstyle violation. 2017-02-08 10:45:34 -05:00
Pierre Villard da5aafdf3f
NIFI-3121 Remove read permissions on proxy resource for Node Identities. This closes #1368 2017-02-07 17:01:51 -05:00
Koji Kawamura 5af6eb17b0
NIFI-3162: Audit RPG and RPG port config changes.
- Added configure audits for Transport Protocol, HTTP Proxy Server Host,
  Port, User and Password in RemoteProcessGroup configuration
- Added configure audits for enabling/disabling individual remote port
- Added configure audits for Concurrent Tasks and Compressed in Remote
  Port configuration
- This closes #1476
2017-02-07 16:22:51 -05:00
James Wing e4cee7ee0d NIFI-3427 Fix Provenance DateTime Sorting
This closes #1465.
2017-02-06 18:06:58 +01:00
Oleg Zhurakousky 6518778c11 NIFI-3180 Fixed NPE in TemplateUtils
added null check for ProcessorDTO.getRelationship()
removed deprecated usage of ByteArrayInputStream

This closes #1451.
2017-01-30 22:10:50 +01:00
Pierre Villard 89f1bd3189 NIFI-957 Added the possibility to use DefaultSchedule annotation in reporting tasks
This closes #1400
2017-01-30 08:35:39 -05:00
Matt Gilman f8f66fa22b NIFI-3291:
- Removing dead code.

This closes #1438
2017-01-27 11:50:56 -05:00
Matt Gilman 0950186fbb NIFI-3291:
- Fixing overflow calculation to determine if scrollbars are necessary.
- Fixing styles with jquery ui slider usage.
2017-01-27 11:47:09 -05:00
Jeff Storck bd4ea488bb NIFI-3387 Updated NOT_YET_CONNECTED value in DisconnectionCode enum
This closes #1448.

Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
2017-01-27 08:44:11 +09:00
Pierre Villard c15111d985 NIFI-3390 Added support for multiple LDAP servers. This closes #1441 2017-01-26 08:59:18 -05:00
Pierre Villard 1a6802a016 NIFI-3295 - ensures node is disconnected before trying to remove it. This closes #1444 2017-01-25 12:24:45 -05:00
Pierre Villard e113511fef NIFI-3393 - replicates cluster/nodes/{id} to cluster coordinator. This closes #1443 2017-01-25 10:25:36 -05:00
Matt Gilman 7340078de2 NIFI-3251: Delete requires WRITE perms on parent
- Requiring WRITE permissions to the parent resource when attempting to remove a component.
- Updating expired certificates in the REST API integration tests.

This closes #1399.

Signed-off-by: James Wing <jvwing@gmail.com>
2017-01-24 13:24:29 -08:00
Mike Moser ddda602620 NIFI-3350 optimized documentation extraction to reduce startup time
Signed-off-by: James Wing <jvwing@gmail.com>

This closes #1416.
2017-01-22 14:27:19 -08:00
Matt Gilman 79ca30be4a NIFI-3301: Provenance UI Cursor Styling
- Addressing inconsistent cursor styling and drag behavior in lineage graph.

This closes #1430.

Signed-off-by: James Wing <jvwing@gmail.com>
2017-01-20 18:40:36 -08:00
Scott Aslan dc934cbb8e [NIFI-3359] Modularize all of nifi-web-ui except canvas directory
- Removing shell.jsp from summary.jsp.
- This closes #1428
2017-01-20 16:18:08 -05:00
Matt Gilman e62eeb7563 NIFI-3291:
- Fixing styles from our usage of jquery ui autocomplete.
- Fixing horizontal scroll bars.
- Fixing border around content repos.

This closes #1429
2017-01-19 11:13:44 -05:00
Matt Gilman e925b18fe6 NIFI-1135:
- Adding additional parameters to be able to limit the size of the provenance response. Specifically, whether the events should be summarized and whether events should be returned incrementally before the query has completed.
- Ensuring the cluster node address is included in provenance events returned.
- Ensuring there is a cluster coordinator before attempting to get the cluster node address.
- Removing exponential back off between provenance requests.
- Ensuring the content viewer url is retrieve before initializing the provenance table.

This closes #1413.
2017-01-18 10:34:56 -05:00
Matt Gilman 82cf0c6fa8 NIFI-3291:
- Ensuring we don't see a horizontal scrollbar.
- Ensuring slick-nifi-theme is bundled.

This closes #1408
2017-01-17 15:42:34 -05:00
Matt Gilman 6170f6442e NIFI-3291:
- Upgrading jQuery and it's plugins.
- Packaging at build time using npm.
2017-01-17 14:54:59 -05:00
Pierre Villard 2fbeabb95f
NIFI-3309 ensures that CS are deleted when a process group is deleted
This closes #1411.

Signed-off-by: Bryan Bende <bbende@apache.org>
2017-01-12 11:21:46 -05:00
Matt Gilman a794166d21 NIFI-3118 - Sorting the garbage collection stats and content repository entries client side. Opting to not sort server side as the property of the DTO does not allow deterministic sorting. Consequently, order would need to be implemented every time that DTO is (de)serializaed which may happen in a number of places with zero master clustering.
This closes #1337.
2017-01-09 18:09:25 +01:00
Bryan Rosander 474df053d6 NIFI-3276 - FileSystemRepository.getPath() only check exists if necessary
This closes #1388.
2017-01-05 21:44:59 +01:00
jpercivall 273e69f2cb NIFI-3274 Adding WriteAheadLog configuration options to WriteAheadLogLocalStateProvider
This closes #1386.
2017-01-05 19:59:58 +01:00
Pierre Villard 64bb55ef3c NIFI-2839 Add a confirmation dialog when deleting a Controller Service or Reporting Task. This closes #1384 2017-01-05 09:07:35 -05:00
Matt Gilman 083d4043e0 NIFI-2840:
- Sorting the templates to ensure that the newest templates are listed first.

This closes #1391.
2017-01-04 19:24:37 +01:00
Matt Gilman b1c9f0e764
NIFI-2695: - Providing more granular and meaningful authorization error messages.
This closes #1309.

Signed-off-by: Bryan Bende <bbende@apache.org>
2017-01-04 13:06:19 -05:00
Pierre Villard 2c0f1c348e
NIFI-3259 - Process group level option in Ambari reporting task
This closes #1360.

Signed-off-by: Bryan Bende <bbende@apache.org>
2017-01-03 16:18:53 -05:00
Pierre Villard be6bcf20ad
NIFI-2944 Check remote input hostname at startup.
Added unit test cases.

This closes #1379.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2017-01-02 20:25:03 -08:00
Scott Aslan 67cbef5df3
NIFI-2917: disable canvas refresh after ajax error and allow page refresh
This closes #1351.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2017-01-02 16:32:05 -08:00
Matt Gilman 0d14db72f5 NIFI-3247:
- Removing unnecessary authorization check during second phase of connection creation.
- Ensuring that the remote group port returns the correct resource type though not super critical since it is not possible to create policies for remote ports.

This closes #1353.
2016-12-30 16:05:06 +01:00
Pierre Villard 4986b83b83 NIFI-3164 Added NAR loading duration
This closes #1366.

Signed-off-by: James Wing <jvwing@gmail.com>
2016-12-29 10:29:03 -08:00
Pierre Villard 5c095f3a18 NIFI-3164 Added message at startup to log NAR loading
This closes #1365.

Signed-off-by: James Wing <jvwing@gmail.com>
2016-12-28 14:10:30 -08:00
Matt Gilman 2f3017638f
NIFI-3239:
- Indicating components are not restricted when appropriate.
- Updating unit tests.

This closes #1350.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-12-27 13:06:07 -05:00
Bryan Bende 978f483ba8
NIFI-3250 Fixing logic in StandardFlowFileQueue when migrating flow files to the active queue
This closes #3250.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-12-27 12:52:01 -05:00
Matt Gilman 6c5d4084d5 NIFI-3207: Fixed Template upload import URI
- Fixing the importUri when replicating a Template upload request. Previously was leveraging getResourceUri which considers proxy headers meant for client responses.

This closes #1334.

Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
2016-12-27 15:44:25 +09:00
Scott Aslan 5ea17d30c5 [NIFI-96] add align horizontal and align vertical capability to components on the canvas. This closes #1354 2016-12-22 16:47:34 -05:00
Matt Gilman e65aad8fe6 NIFI-2994: - Setting the default position for remote process groups.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #1303
2016-12-22 14:39:56 -05:00
Matt Gilman acc9e0b45c NIFI-2967:
- Disabling the Add button in the new Processor, Controller Service, and Reporting Task dialog when no components match the filter.
This closes #1340
2016-12-22 11:52:20 -05:00
Koji Kawamura 908e7d3131
NIFI-2585: Add attributes to track s2s host and port
- Removed host and port field from Peer since the same information is
  available in PeerDescription
- Refactored variable names in SocketRemoteSiteListener to improve readability
- Changed how SocketRemoteSiteListener constructs PeerDescription
  instance. It used to use hard-coded 'localhost' as hostname, and
  getPort() which returns server's port. Since the peer is a remote peer,
  i.e the client, it should be client hostname and port.
- Added hostname resolution at DataTransferResource to make s2s.host
  value consistent with RAW transport. Without this, RAW uses hostname
  while HTTP uses IP address. It will be hard to be used from downstream flows.
- Replaced heavy use of mockito which was difficult to maintain, with
  nifi-mock
- Added SiteToSiteAttributes and more assertions in unit tests

This closes #1342.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-12-22 11:00:00 -05:00
Bryan Bende f7d761a28a
NIFI-2585 Moving attributes into loop in AbstractFlowFileServerProtocol, and also updating StandardRemoteGroupPort to apply the same attributes when doing a pull-based site-to-site.
Signed-off-by: Bryan Bende <bbende@apache.org>
2016-12-22 10:59:56 -05:00
Randy Gelhausen 28e5d85493
NIFI-2585: Add attributes to track where a flow file came from when receiving over site-to-site
Signed-off-by: Bryan Bende <bbende@apache.org>
2016-12-22 10:59:55 -05:00
Matt Gilman 721c9ee7f0 NIFI-3167: - Ensuring the DELETE button is visible for cluster nodes. - Removing unecessary wrapper element and non breaking spaces.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #1319
2016-12-21 12:02:44 -05:00
Scott Aslan aef17f9a8b [NIFI-3170] remove action details if user does not have read perms, also update action details styles to match other dialogs. This closes #1322 2016-12-19 10:07:15 -05:00
Mark Payne 5776c4b1f9 NIFI-3173: When a template is created with multiple components in different groups all referencing the same controller service, ensure that controller service is added to the template at a high enough level that all components needing hte service can access it.
- Ensure that controller services are added to child process groups when creating snippet

- Addressed issue related to modifying higher-level process groups' controller services in snippet after having already visited the process group

This closes #1318

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-12-14 14:10:59 -05:00
Scott Aslan 868795cdaa [NIFI-3159] Add ellipsis to long PG name in access policies shell. This closes #1310 2016-12-13 09:41:31 -05:00
Scott Aslan 45e4514a40 [NIFI-3160] reload canvas when updating PG name of current PG. This closes #1315 2016-12-12 11:45:10 -05:00
Scott Aslan 2c84b44f54 [NIFI-3154] display ellipsis when text is sufficiently long in connection details and connection configuration dialogs. This closes #1305 2016-12-08 12:52:01 -05:00
Koji Kawamura d15bd0c00c NIFI-3165: Update RPG revision when RPGPort is updated. This closes #1308 2016-12-08 08:34:07 -05:00
Bryan Rosander 9ce0af22af NIFI-3138 - Adding urls, transport, proxy settings to rpg portion of flow config xsd
This closes #1304.

Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
2016-12-08 14:37:07 +09:00
Scott Aslan 6b82e25c74 [NIFI-3106] updating hover text for remove counter icon. This closes #1299 2016-12-07 16:42:19 -05:00
jpercivall e36b37692c NIFI-1582 added state to UpdateAttribute as well as updated a few parts that hadn't be touched in years (referenced the 'FlowFileMetadataEnhancer' processor'. Also added a 'NUMBER_VALIDATOR' to StandardValidators
NIFI-1582 removing the option to use cluster state

NIFI-1582 addressing Oleg's comments

NIFI-1582 No longer forcing numbers as the init value and adding getStateValue() to EL instead of using 'ATTRIBUTE_state'

NIFI-1582 Removing init state value

NIFI-1582 Adding documentation for the changes to Init State value

This closes #319
2016-12-06 16:52:02 -05:00
Bryan Rosander 97d2d30423
NIFI-3131 - Qualifying nifi-env in nifi bat scripts, removing popd from toolkit bat scripts
This closes #1293

Signed-off-by: Bryan Rosander <brosander@apache.org>
2016-12-05 23:03:41 -05:00
Bryan Rosander d1f2492dec
NIFI-3132 - Using cygpath and quoting paths correctly in sh scripts when run in cygwin
This closes #1292

Signed-off-by: Bryan Rosander <brosander@apache.org>
2016-12-05 22:16:24 -05:00
Matt Gilman 2d6bba080f NIFI-3133: - Ensuring that Remote Group Ports are always authorized according to their Remote Process Group.
NIFI-3133:
- Using getSourceAuthorizable() when accessing flow files and content.

NIFI-3133:
- Decouple local and remote connectable's to avoid ambiguity with self referencing RPGs.

NIFI-3133:
- Addressing comments from the PR.

NIFI-3133:
- Fixed check verifying source/destination when creating a connection.

NIFI-3133:
- Only showing the go to link when the source component is not a remote port.

NIFI-3133:
- Removing unnecessary checking of remote group port authorization since it's handled by the parent RPG.

NIFI-3133:
- Fixing issue showing the connection details dialog when the source component is a RPG.

NIFI-3133:
- Ensuring the local connectable was found.

This closes #1297

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-12-05 19:45:45 -05:00
jpercivall 7633fe35c1 NIFI-3149 Adding proper literal support for number operators ('-' and '+') to ANTLR parser and UI highlighting
This closes #1298
2016-12-05 13:34:54 -05:00
Matt Gilman c5ef076786
NIFI-2325:
- Adding support for LDAPS.

This closes #1275.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-12-02 12:41:03 -08:00
Koji Kawamura 7c5bd876bd NIFI-3026: Support multiple remote target URLs
- Added urls in addition to the existing url, to support multiple target
  URLs
- Backward compatibility is provided by returning the first url if
  multipe urls are specified, but component accessing the url doesn't
support multiple urls
- UI is not fully updated yet. Following UI components are planned to be updated
  by different commits
  - Search component: only the first URL is searchable and shown
  - Component status: RPG status shows only the first URL
  - Component action history: only the first URL is searchable and shown
  - Updated Search component to use URLs.

This closes #1208.
2016-12-02 14:01:39 -05:00
Matt Gilman d8d29811f5
NIFI-3135: - Authorizing restricted components on snippet usage.
- Updating REST API docs accordingly.
- Adding some integration tests to exercise the additional restricted component checks.

This closes #1287.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-12-02 12:55:23 -05:00
Bryan Bende 0297352350
NIFI-2017 Fixing failing test PermissionBasedStatusMergerSpec.groovy introduced in previous commit 2016-12-01 14:02:05 -05:00
Mark Payne 02f02b245a NIFI-2017: Fixed typo in nf-port.js that was referencing the wrong variable name to determine whether or not a port is transmitting
Fixed merging logic for root group status. Only consider a port transmitting when there is an active request, not when there is a 'queued' request
This closes #1279
2016-11-30 14:51:28 -05:00
Matt Gilman 1f40f298c0
NIFI-3130: - Loading the temporary instance from the correct type of component.
This closes #1285.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-11-30 14:13:43 -05:00
Mark Payne fff0148a0e NIFI-3129: When adding controller services to a snippet, ensure that we don't add the service multiple times, even when it's referenced by child process groups. This closes #1284 2016-11-30 13:07:51 -05:00
Matt Gilman bc223fa197
NIFI-3117: - Checking referenced services when performing an action with a snippet that requires it.
- Updating the SnippetManager to automatically expire unused snippets.
- Making the checking of referenced services consistent across component removal.
- Adding checking of referenced services for all nested components in a snippet.
- Updating the REST API docs to clarify when a referenced service is authorized.
- Conditionally authorizing transitive service references.

This closes #1277.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-11-30 12:50:25 -05:00
jpercivall e3c7611347
NIFI-3112 Revert "NIFI-2199 - allows nifi.sh restart through ssh"
This reverts commit 88d125137e.

This closes #1282.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-11-29 17:32:47 -08:00
Mark Payne 9d6ca6e1e6
NIFI-2975: Only start expiring FlowFiles after FlowFile Repository has been restored
This closes #1274.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-11-29 09:54:15 -05:00
joewitt 92f17a995b NIFI-3100-rc2 prepare for next development iteration 2016-11-25 23:49:27 -05:00
joewitt 5536f690a8 NIFI-3100-rc2 prepare release nifi-1.1.0-RC2 2016-11-25 23:49:13 -05:00
Andy LoPresto 2c3714536f
NIFI-3024 Added key migration for sensitive processor properties contained in flow.xml.gz. (nifi.sensitive.props.key)
This closes #1261.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-11-23 13:26:18 -08:00
Mark Payne 7ff14f7191 NIFI-3091: Ensure that we set the appropriate size on FlowFiles when modifying them
This closes #1267

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-11-23 12:07:44 -05:00
Mark Payne 91ff810dba NIFI-3088: Ensure that on recovery of FlowFile Repository, if we find a FlowFile that maps to an unknown queue that we log a warning that the queue is missing and drop the FlowFile, rather than throwing an NPE
This closes #1266

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-11-23 11:27:14 -05:00
Mark Payne aa99cc6822
NIFI-3079: Ensure that in all cases we increment session's bytesRead count when finished reading from Content Repo
This closes #3079.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-11-22 11:26:22 -05:00
Scott Aslan ead9205458 [NIFI-3075] remove fixed width from combo options and add max-width css style to display ellipsis when options text is too long. This closes #1253 2016-11-21 17:27:03 -05:00
Mike Moser 15af764dd8 NIFI-2996
- validate processors only when they are in STOPPED state
- report validation errors via REST API on processors/services/tasks/ports only when they are in the STOPPED state
- This closes #1192
2016-11-21 17:02:25 -05:00
joewitt fb9cbccc38 NIFI-2954 This closes #1244. Moved StandardPropertyValidator to nifi-utils, documented scope/purpose of a few util libs, removed deps from nifi-utils. 2016-11-21 16:30:42 -05:00
Matt Gilman 7f5eabd603
NIFI-3050: Implemented access control logic for restricted components.
- Addressing comments from PR.
- Adding restricted tags to relevant components.
- Showing a restricted icon overlay on the processor node on the canvas. (+1 squashed commit)
Squashed commits:
[f487682] NIFI-3050:
- Introducing a Restricted annotation for components that require elevated privileges to use.
- Updating the new Processor, Controller Service, and Reporting Task dialogs to include these details and prevent unauthorized selection.
- Including the Restricted description in the generated component documentation.
- Updating processor access control integration test to verify restricted component creation.
- Updating the developer, user, and admin guide to include the restricted component policy.

This closes #1247.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-11-21 12:07:48 -08:00
Matt Gilman c8830742ee NIFI-3020:
- Introducing a strategy for identifying users.
- Fixing issue with the referral strategy error message.
- Adding code to shutdown the application when the authorizer or login identity provider are not initialized successfully.

NIFI-3020:
- Updating the admin guide to document the identity strategy.

NIFI-3020:
- Ensuring the request replicator attempts to shutdown regardless of whether the flow service properly terminates.

This closes #1236
2016-11-19 08:38:41 -05:00
Mark Payne 1be0871473 NIFI-2854: Refactor repositories and swap files to use schema-based serialization so that nifi can be rolled back to a previous version after an upgrade.
NIFI-2854: Incorporated PR review feedback

NIFI-2854: Implemented feedback from PR Review

NIFI-2854: Ensure that all resources are closed on CompressableRecordReader.close() even if an IOException is thrown when closing one of them

This closes #1202
2016-11-18 14:53:13 -05:00
Bryan Rosander e5eda63705
NIFI-2943 - Toolkit uses JKS type over PKCS12 when creating truststore because non-Bouncy Castle providers cannot read certificates from PKCS12 truststore.
Peer review feedback (+2 squashed commits)
Squashed commits:
[0102c8e] NIFI-2943 - Peer review feedback
[9bcd495] NIFI-2943 - pkcs12 keystore improvements

1. loading pkcs12 keystores with bouncy castle everywhere
2. tls-toolkit client using jks truststore when keystore type is specified differently
3. tests

This closes #1165.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-11-16 17:13:10 -08:00
Scott Aslan 878db82375 [NIFI-2949] update remote process group port styles. This closes #1226 2016-11-16 17:08:06 -05:00
Bryan Bende 2f9ec03242 NIFI-2909 Fix logic in AbstractConfiguredComponent setProperties() for setting classpath resources in the InstanceClassLoader
This closes #1232
2016-11-16 11:34:52 -05:00
Matt Gilman 49afacc3ab NIFI-3022:
- Returning the appropriate authorizable when accessing provenance events for a manual DROP event by emptying a queue.
- Populating the component details of a provenance event when the source is a connection.
2016-11-16 10:13:18 -05:00
joewitt 45a5f5295c NIFI-2374 This closes #712. updated to latest tika versions where possible, updated doc, commented why cannot update media nar 2016-11-15 23:18:55 -05:00
Mark Payne 721964b7d8 NIFI-3036: When we replay a FlowFile, ensure that we are using the 'golden copy' of the associated Resource Claim, if the claim is still writable. Ensure that StandardResourceClaimManager retains the 'golden copy' of a Resource Claim until it is no longer writable and has a claim count of 0
This closes #1223

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-11-15 16:51:34 -05:00
Scott Aslan 81357d4456 [NIFI-3042] Update class name for disabled combo option. This closes #1228 2016-11-15 16:43:27 -05:00
Mark Payne 9f3bf121f9 NIFI-3040: Fixed bug where we were generating a RepositoryRecord with an 'UPDATE' type instead of a 'CREATE' time for Replay of FlowFiles. This caused FlowFile to have no attributes when restored from the FlowFile Repository.
This closes #1224
2016-11-15 16:37:51 -05:00
Bryan Bende fe59b3415c NIFI-3003 Upgrading hadoop.version to 2.7.3 and fixing TDE issue with PutHDFS, ensuring clean up of instance class loaders, and adding classpath resource property to all HDFS processors
NIFI-3003 Addressing review feedback

NIFI-3003 added minor notice updates

This closes #1219
2016-11-15 16:23:27 -05:00
Pierre Villard 45bc3e054d NIFI-2751 - Pull batch in round-robin manner - fix for / by 0 2016-11-15 16:19:00 -05:00
Scott Aslan 45bf8430fc [NIFI-2844] Update CSS styles for Cluster Summary Dialog icons and refresh button. This closes #1104 2016-11-15 11:55:42 -05:00
Scott Aslan 8f928e5d6e NIFI-2926: add policy action item to the user table and add user centric policy dialog with user policy listing table compolete with GoTo action.
This closes #1188.
2016-11-15 09:58:58 -05:00
Andy LoPresto 59fea1cb4e NIFI-2654 Enabled encryption coverage for login-identity-providers.xml.
Squashed commits:
[5dd22a9] NIFI-2654 Updated administration guide with login-identity-providers.xml flags.

Exposed master key retrieval code in NiFiPropertiesLoader.
Added logic to decrypt login identity providers XML configuration.
Updated login-identity-providers.xsd to include encryption scheme attribute.
Added unit tests. (+18 squashed commits)
Squashed commits:
[57c815f] NIFI-2654 Resolved issue where empty LIP property elements could not be encrypted.
Added unit test and resource.
[27d7309] NIFI-2654 Wired in serialization logic to write logic for LIP.
Added comprehensive unit test for LIP & NFP in same test.
[b450eb2] NIFI-2654 Finalized logic for preserving comments in LIP parsing.
[5aa6c9c] NIFI-2654 Added logic for maintaining XML formatting (comments and whitespace) for LIP.
Added unit tests (w/o encryption works; w/ does not).
[b53461f] NIFI-2654 Added unit test for full tool invocation migrating a login-identity-providers.xml file and updating file and bootstrap.conf with key.
[2d9686c] NIFI-2654 Updated tool description and various logging statements.
Added unit test for full tool invocation encrypting a login-identity-providers.xml file and updating file and bootstrap.conf with key.
[8c67cb2] NIFI-2654 Added logic to encrypt LIP XML content.
Added unit tests.
[8682d19] NIFI-2654 Added logic to handle "empty" (commented) LIP files.
Added unit tests.
[077230e] NIFI-2654 Fixed logic to decrypt multiline and multiple-per-line XML elements.
Added unit tests and resources.
[d5bb8da] NIFI-2654 Ignored unit test for unreadable conf directory because directory was causing Maven build issues.
Removed test resources.
[7e50506] NIFI-2654 Fixed AESSensitivePropertyProvider bug handling cipher text with whitespace.
Added unit test.
[b69a661] NIFI-2654 Fixed AESSensitivePropertyProviderFactoryTest to reflect absence of key causes errors.
[6f821b9] NIFI-2654 Added standard password to arbitrary encryption test for use in test resources.
[d289ffa] NIFI-2654 Added LIP XML decryption.
Added unit tests.
[a482245] NIFI-2654 Added LIP test resources.
[7204df4] NIFI-2654 Changed logic to only perform properties encryption when file path is provided.
[729e1df] NIFI-2654 Removed population of default file locations for bootstrap.conf, nifi.properties, and login-identity-providers.xml as not all files may be desired.
Added/updated unit tests.
[7dba5ef] NIFI-2654 Started LIP work (arguments & parsing).
Added unit tests.

Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #1216
2016-11-14 22:39:06 -05:00
Andy LoPresto 4d1bcc808f
NIFI-3032 Resolved issue where multiple invocations of NiFiPropertiesLoader.withKey() used cached key.
Added unit tests and resources.

NIFI-3032 Fixed bug in AESSensitivePropertyProvider#getIdentifierKey where the result was always the max available key size, not the size of the current key.
Added unit test.

This closes #1220

Signed-off-by: Bryan Rosander <brosander@apache.org>
2016-11-14 17:50:32 -05:00
Matt Gilman ae4f27a627 NIFI-3023:
- Ensuring there are no authorization issues prior to considering the remote process group's transmitting flag.
This closes #1205
2016-11-14 16:23:36 -05:00
Matt Gilman 2c91a1a33d NIFI-3023:
- Verifying permissions prior to checking Remote Process Group transmission status.
2016-11-14 16:03:47 -05:00
Mathias Tiberghien 65b7b377e3 NIFI-1526: DefaultSchedule annotation should be use on Custom Processor to set the default scheduling strategy, scheduling period or max number of concurrent task for each instance of the processor
DefaultSettings annotation should be use on Custom Processor to set the default penalty period, the yield duration or the bulletin log level for each instance of the processor
2016-11-14 12:04:21 -05:00
Mark Payne b73ba7f8d4 NIFI-2999: When Cluster Coordinator changes, purge any old heartbeats so that we don't disconnect a node due to very old heartbeats
This closes #1210
2016-11-11 15:13:49 -05:00
joewitt b9ef0fb847 NIFI-2818 This closes #1059. aligned read method with read/write method 2016-11-11 14:52:13 -05:00
Andre F de Miranda f32bdf7be9 NIFI-2818 - Minimise fs permission required by NiFi
1 - Replace a r/w test over $NIFI_HOME/lib that is performed
            but never utilised by a RO test
            2 - Rename ensureDirectoryExistAndCanAccess to
            ensureDirectoryExistAndCanReadAndWrite and deprecate the
            former
2016-11-11 14:49:33 -05:00
Scott Aslan 52cde9ad13 [NIFI-2898] restore ellipsis for processor type, controller servies type, and reporting task type descriptions. This closes #1191 2016-11-11 14:46:20 -05:00