- Addressing comments from PR.
- Adding restricted tags to relevant components.
- Showing a restricted icon overlay on the processor node on the canvas. (+1 squashed commit)
Squashed commits:
[f487682] NIFI-3050:
- Introducing a Restricted annotation for components that require elevated privileges to use.
- Updating the new Processor, Controller Service, and Reporting Task dialogs to include these details and prevent unauthorized selection.
- Including the Restricted description in the generated component documentation.
- Updating processor access control integration test to verify restricted component creation.
- Updating the developer, user, and admin guide to include the restricted component policy.
This closes#1247.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2750
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2750 Tweaking Property Retrieval
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#1001
- Introducing a strategy for identifying users.
- Fixing issue with the referral strategy error message.
- Adding code to shutdown the application when the authorizer or login identity provider are not initialized successfully.
NIFI-3020:
- Updating the admin guide to document the identity strategy.
NIFI-3020:
- Ensuring the request replicator attempts to shutdown regardless of whether the flow service properly terminates.
This closes#1236
NIFI-2854: Incorporated PR review feedback
NIFI-2854: Implemented feedback from PR Review
NIFI-2854: Ensure that all resources are closed on CompressableRecordReader.close() even if an IOException is thrown when closing one of them
This closes#1202
- Returning the appropriate authorizable when accessing provenance events for a manual DROP event by emptying a queue.
- Populating the component details of a provenance event when the source is a connection.
NIFI-1002: Added WebSocket support.
- Reflecting review comments
- Added displayName to peroperty descriptors
NIFI-1002: Added WebSocket support.
This closes#1184
- Reflecting review comments:
- Removed unnecessary use of NarCloseable.withComponentNarLoader.
- Removed intermediate on memory queue to make it simpler and more
robust. Received messages in WebSocket layer now will be transferred
to downstream relationships directly.
Squashed commits:
[5dd22a9] NIFI-2654 Updated administration guide with login-identity-providers.xml flags.
Exposed master key retrieval code in NiFiPropertiesLoader.
Added logic to decrypt login identity providers XML configuration.
Updated login-identity-providers.xsd to include encryption scheme attribute.
Added unit tests. (+18 squashed commits)
Squashed commits:
[57c815f] NIFI-2654 Resolved issue where empty LIP property elements could not be encrypted.
Added unit test and resource.
[27d7309] NIFI-2654 Wired in serialization logic to write logic for LIP.
Added comprehensive unit test for LIP & NFP in same test.
[b450eb2] NIFI-2654 Finalized logic for preserving comments in LIP parsing.
[5aa6c9c] NIFI-2654 Added logic for maintaining XML formatting (comments and whitespace) for LIP.
Added unit tests (w/o encryption works; w/ does not).
[b53461f] NIFI-2654 Added unit test for full tool invocation migrating a login-identity-providers.xml file and updating file and bootstrap.conf with key.
[2d9686c] NIFI-2654 Updated tool description and various logging statements.
Added unit test for full tool invocation encrypting a login-identity-providers.xml file and updating file and bootstrap.conf with key.
[8c67cb2] NIFI-2654 Added logic to encrypt LIP XML content.
Added unit tests.
[8682d19] NIFI-2654 Added logic to handle "empty" (commented) LIP files.
Added unit tests.
[077230e] NIFI-2654 Fixed logic to decrypt multiline and multiple-per-line XML elements.
Added unit tests and resources.
[d5bb8da] NIFI-2654 Ignored unit test for unreadable conf directory because directory was causing Maven build issues.
Removed test resources.
[7e50506] NIFI-2654 Fixed AESSensitivePropertyProvider bug handling cipher text with whitespace.
Added unit test.
[b69a661] NIFI-2654 Fixed AESSensitivePropertyProviderFactoryTest to reflect absence of key causes errors.
[6f821b9] NIFI-2654 Added standard password to arbitrary encryption test for use in test resources.
[d289ffa] NIFI-2654 Added LIP XML decryption.
Added unit tests.
[a482245] NIFI-2654 Added LIP test resources.
[7204df4] NIFI-2654 Changed logic to only perform properties encryption when file path is provided.
[729e1df] NIFI-2654 Removed population of default file locations for bootstrap.conf, nifi.properties, and login-identity-providers.xml as not all files may be desired.
Added/updated unit tests.
[7dba5ef] NIFI-2654 Started LIP work (arguments & parsing).
Added unit tests.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>
This closes#1216
Added unit tests and resources.
NIFI-3032 Fixed bug in AESSensitivePropertyProvider#getIdentifierKey where the result was always the max available key size, not the size of the current key.
Added unit test.
This closes#1220
Signed-off-by: Bryan Rosander <brosander@apache.org>
DefaultSettings annotation should be use on Custom Processor to set the default penalty period, the yield duration or the bulletin log level for each instance of the processor
- introduced org.apache.nifi.stream.io.util.TextLineDemarcator
- refactored SplitText to use org.apache.nifi.stream.io.util.TextLineDemarcator
- updated SplitText's capability discription to provide more clarity around splits with headers.
1 - Replace a r/w test over $NIFI_HOME/lib that is performed
but never utilised by a RO test
2 - Rename ensureDirectoryExistAndCanAccess to
ensureDirectoryExistAndCanReadAndWrite and deprecate the
former
- Removing legacy code when retrieving site to site details when the target instance is this local NiFi.
- Ensures the UI accurately reflects available remote ports.
NIFI-2603:
- Fixing color of remote output port status in connection label.
This closes#1189.
NIFI-1712 Applying per-instance class loading to HBaseClientService to allow specifying Phoenix Client JAR
-Refactoring the ClassLoading so that every processor, controller service, and reporting task gets an InstanceClassLoader with a parent of the NAR ClassLoader, and only components with @RequiresInstanceClassLoading will make a copy of the NAR ClassLoader resources, and addressing some review feedback
This closes#1156
- Updating the content of the delete policy dialog to make it a little more clear that the permissions for the component will revert back to the inherit policy.
This closes#1183.
- Ensuring the selection is cleared when going to the Process Group where the selected component policy is defined.
- Ensure that the selection context is updated when going to a component or group.
This closes#1174.
* Java version and vendor
* OS name and version
* Release Tag
* Build revision (commit SHA), branch, and timestamp
* Handles formal releases, ad-hoc builds, and non-release source builds
* Standalone UI presence in About dialog, Summary -> System Diagnostics
* Cluster UI as Versions tab in Cluster dialog
* Reduce About Dialog Content
* Fix Missing Property Display Bugs
* Marking the build time as type string.
* This closes#583
NIFI-2533: - Only including a user/group in the search results if they are not currently selected.
NIFI-2286: - Providing a tooltip for the add user and remove policy button.
This closes#1155.
Signed-off-by: Bryan Bende <bbende@apache.org>
This closes#1147.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
Fixed typos in error messages, renamed variables in test, and cleaned up unnecessary imports. (+1 squashed commit)
Squashed commits:
[e755cbd] NIFI-2919 improved GetFile to fail if target directory is inaccessible
ExecuteProcess ignores error stream when Redirect Error Stream is
false, this commit let it to be logged instead so that user can see it on
bulletin.
This closes#1143.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Improved connection UI display when backpressure is enabled
- Updating the connection label to include backpressure indicators for object count and data size thresholds.
- Coloring the connection path and drop shadow once backpressure is engaged.
- Fixing bug with expiration icon tooltip.
- Including columns in the summary table for backpressure.
- Updating empty queue action to reload the connection status upon completion to ensure an updated count.
This closes#1080.
- Consolidated the target cluster URL resolving logic into
SiteToSiteRestApiClient's as a common method
- Changed to more descriptive error message
- Added more unit test cases
Signed-off-by: Matt Burgess <mattyb149@apache.org>
Added NOTICE entries for test data and fixed checkstyle violations
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#1123
- Showing process group name when possible.
- Providing a link to jump to the process group defined in the effective policy.
- Preventing editing an inherited policy.
- When overriding a policy, allowing the user to indicate if the policy should be empty or should copy the user/groups of the inherited policy.
This closes#1090.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Added following properties:
- nifi.web.http.port.forwarding
- nifi.web.https.port.forwarding
This closes#1100.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
- Ensure that we wait until a request is completed before unlocking the lock for request replication
- Ensure that failures do not trigger request completion logic unless the failure is the last node to report its status
- This closes#1109
NIFI-2856:
- Only performing response merging when the node is the cluster cooridinator even if there is a single response.
- Fixing PropertyDescriptor merging to ensure the 'choosen' descriptor is included in map of all responses.
This closes#1095.
Correction as suggested by users in JIRA.
+ adding a unit test to check attachments.
This closes: #1081
Signed-off-by: Andre F de Miranda <trixpan@users.noreply.github.com>
- getSystemLoadAverage of OperatingSystemMXBean sometimes returns a negative value.
- ProcessorLoadAverage sets -1.0. It added a defensive logic.
- When load average is zero(load average: 0.00, 0.02, 0.04), systemLoad is zero.
- This closes#1091
- Added ClusterWorkload message to retrieve workload information from a
cluster coordinator
- Use cluster workload to return queued flow file count to site-to-site
client so that it can calculate distribution of data transfer
This closes#1084.
Signed-off-by: Bryan Bende <bbende@apache.org>
- Cleaning up tab resize loop
- Pre-authorizing sys diagnostics api calls
- Addressing issues filtering the tables in the cluster table.
- Addressing issues sorting the tables in the cluster page.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2803: Updated unit tests for GenerateTableFetch
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#1052
- Initial commit for client side provenance lineage svg download.
- css styling adjustments, changes for svg replace
- Addressing some style/spacing.
- This closes#982.
* Corrected the DEFAULT_REGEX pattern.
* Added tests to isolate regex capture group problem and verify corrected functionality.
* Removed short circuit logic that masked configuration errors and created inconsistent processor behavior.
This closes#1007.
Added 'file.lastModifiedTime' attribute to ListFileTransfer, which is
the abstract class extended by ListSFTP.
String literal attribute names were replaced with static references to
attribute name constants in ListFile.
ListFileTransfer stores the 'file.lastModifiedTime' attribute in the
format specified in ListFile.FILE_MODIFY_DATE_ATTR_FORMAT
Updated WritesAttribute description for file last modify time attribute
to mirror the entry in ListFile
Signed-off-by: Joe Skora <jskora@gmail.com>
This closes#931.
This commit fixes following two issues, that happens when a Root Group Port
policy for S2S data transfer is removed at a remote NiFi, after a client NiFi has
connected to that port:
1. At client side, Remote Process Group should show that authorization
is failing on its bulletin, but the Exception is caught and
ignored. Nothing is shown on the UI with HTTP transport protocol.
RAW S2S shows error on RPG bulletin. This commit fixes HTTP S2S to
behave the same.
2. At server side, corresponding input-port or output-port should show
that it is accessed by an unauthorized client on its bulletin, but it's
not shown with HTTP transport protocol.
RAW S2S shows warning messages for this. This commit fixes HTTP S2S to
behave the same.
In order to fix the 2nd issue above, request authorization at
DataTransferResource is changed from using DataTransferAuthorizable
directly, to call RootGroupPort.checkUserAuthorization().
Because the blettin is tied to the Port instance and it's
difficult to produce blettin message from this resource.
Since RootGroupPort.checkUserAuthorization uses
DataTransferAuthorizable inside, the check logic stays the same as
before.
Adding a RootGroupPortAuthorizable to provide access to necessary components for performing the authorization.
This closes#996
- Updating the component entity as long as the proposed entity is not older than the current one since stats are bundled in the entity too.
This closes#983
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
- Ensuring the controller services table to correctly reloaded regardless if its the processor group or controller level controller services. This closes#968
- Re-using the DataTransferAuthorizable in the DataTransferResource.
- Removing use of the DataTransferResource when obtaining site to site details as it performs additional unnecessary checks.
- Code clean up.
- This closes#971.
It caused "Error: Unable to find remote process group with id 'XXXX'" error with modifying the transmitting toggle switch of an Input or Output port.
This closes#962
Removed $sanitize from breadcrumbs controller, as it escapes multibyte
chars with numerical reference. Even without $sanitize, html tags can be
escaped when Angular binds the value to text content.
- Fixing contrib check issues.
- Clean up pom.
- Addressing issue where reporting task property descriptor using wrong scope.
NIFI-2635:
- Fixing issue with revisions when creating users and user groups.
- Forwarding requests to the coordinator instead of replicating.
- Tweaking verbage in dialog for removing users and groups.
This closes#943
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591 - Added Format option for binary data types. Updated unit tests.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#883
- Ensure that we log which node is the cluster coordinator on startup instead of just indicating that there is one. If we later determine that there is none, ensure that we register for the role
This closes#900
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Addressing issue when fingerprinting ReportingTasks and ControllerServices properties with default values.
- Ensuring the flow is saved when templates are created and imported.
- Ensuring default values are included in templates.
- Fixing unit tests.
This closes#908.
This processor adds the capability to delete files or
directories inside of HDFS.
Paths supports both static and expression language values,
as well as glob support (e.g. /data/for/2016/07/*).
This processor may be used standalone, as well as part of a
downstream connection.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
Add Glob Matcher with Tests
Also set displayName on properties.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#850
* Removed @Ignore annotation on class and unnecessary EOL translation of test data. Because ModifyBytes treat input as binary data, not text, line endings don't matter as long as they byte offsets are calculated correctly.
* Replace validator with .allowableValues.
This closes#890.
- Making the bulletin responses consistent in that all bulletins will be included but in redacted form as appropriate.
- Fixing broken unit test.
This closes#892.
Signed-off-by: Bryan Bende <bbende@apache.org>
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2582
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2582
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#877
NIFI-2566: Removed storage of cluster roles from heartbeats and NodeConnectionStatus; use LeaderElectionManager to determine roles instead
NIFI-2566: Updated Heartbeats so that if a node is out-of-sync with cluster topology, cluster coordinator will provide updated information back to the nodes
NIFI-2566: Fixed issue that prevented standalone instance from starting by creating a standalone-instance version of the Leader Election Manager. Also added Controller Service enabled/disabled state to fingerprint rather than attempting to update the state when joining the cluster, as the implementation was incorrect and the correct implementation will be a rather significant effort that doesn't have to happen for 1.0.0 release
This closes#866
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Preventing client side selection of unauthorized controller services unless they were the previously configured value.
This closes#860.
Signed-off-by: Bryan Bende <bbende@apache.org>
This closes#840
Removed partial file check (based on missing first file)
Added condition to merge if at least one journal files available on disk. If all files are missing from disk that is considered an error.
Added retry logic to prevent endless thread execution when encountering errors (such as missing files).
- Removed message queueing which could result in data loss
- Fixed life-cycle issues that coudl put processor in an unstable state
- Fixed PropertyDescriptor translation for Time units and Byte sizes
- Fixed broken tests
- Added additional tests
NIFI-2519 added default for SMTP_MAXIMUM_CONNECTIONS
NIFI-2519 addressed PR comments, polishing
- fixed intermittent deadlock on processor stop and added test for it
- the attributes that can not be extracted from the message but available via MessageContext are written into the outgoing FlowFile
- other minor fixes
NIFI-2519 addressed lates PR comments
NIFI-2519 added better messaging when server closes the connection
NIFI-2519 some polishing and additional tests to validate deadlocks
NIFI-2519 address latest PR comments
fixed deadlock condition for when the consumer is stopped while server is distributing messages
fixed MAX message size issue ensuring it is validated
set max connections to SMTPServer
polished pom
added L&N
NIFI-2519 PR comments
- fixed LICENSE
- Added usage of LimitingInputStream
- simplified SmtpConsumer by removing hasMessage operation
- Addressing potential NullPointerException when an AccessDeniedException is thrown from an endpoint that isn't subject to the security filter chain.
This closes#846.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
NIFI-1876 Updated PermissionsDTO to use boolean primitives instead of Boolean objects for read and write permission
Removed ISE throwing from EntityFactory, it will rely on null checks instead
This closes#694
Signed-off-by: jpercivall <joepercivall@yahoo.com>
NIFI-1876 Added merging for labels, funnels, and controller service references.
NIFI-1876 Added Label and Funnel merging to FlowMerger.java
NIFI-1876 Added replication of request for process group controller services
- Updated merging code for Status and Status History based on read permissions
NIFI-1876 Fixed issue with node status snapshots all looking like they came from one node
Updated ProcessGroupStatusSnapshotDTO to contain status snapshot entities to retain readability permission
Added entity classes for ConnectionStatusSnapshotDTO, PortStatusSnapshotDTO, ProcessGroupStatusSnapshotDTO, ProcessorStatusSnapshotDTO, and RemoteProcessGroupStatusSnapshotDTO
Updated PropertyDescriptorDTO to contain AllowableValueEntity to retain readability permission
Added entity class for AllowableValueDTO
Moved AllowableValueDTO to its own top-level class
Updated DtoFactory to get permissions for status snapshot entities
Updated StatusMerger to merge status snapshot entities
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Allowing selection of User/Cluster node when searching and encountering an exact match.
This closes#839
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
NIFI-2543: - Ensuring we have permissions before attempting to reload a controller service.
This closes#837
Signed-off-by: jpercivall <joepercivall@yahoo.com>
joewitt
Matt Burgess
Matt Gilman
Peter Wicks
Mark Payne
Joey Frazee
James Wing
Bryan Rosander
Scott Aslan
Oleg Zhurakousky
Koji Kawamura
Bryan Bende
Andre F de Miranda
jpercivall
Pierre Villard
Andy LoPresto
Mathias Tiberghien
Byunghwa Yun
João Henrique Ferreira de Freitas
Jeff Storck
Brian Eugley
patricker
Joe N
Andrew Lim
simplesteph
jpercivall
Michal Klempa
d810146
Edgardo
Stephane Maarek
Keren Tseytlin
Peter Mitchell
mans2singh
Yolanda M. Davis
Mike Moser
Joe Gresock
Bartosz Wozniak
Nicolas Dupont
Aldrin Piri
Toivo Adams
Joe Skora
Kirk Tarou
vijayk
Bryan Rosander
Andrew Psaltis
Ramiz
ricky
Simon Elliston Ball
Tim Reardon