Commit Graph

151 Commits

Author SHA1 Message Date
Matt Gilman 7f5eabd603
NIFI-3050: Implemented access control logic for restricted components.
- Addressing comments from PR.
- Adding restricted tags to relevant components.
- Showing a restricted icon overlay on the processor node on the canvas. (+1 squashed commit)
Squashed commits:
[f487682] NIFI-3050:
- Introducing a Restricted annotation for components that require elevated privileges to use.
- Updating the new Processor, Controller Service, and Reporting Task dialogs to include these details and prevent unauthorized selection.
- Including the Restricted description in the generated component documentation.
- Updating processor access control integration test to verify restricted component creation.
- Updating the developer, user, and admin guide to include the restricted component policy.

This closes #1247.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-11-21 12:07:48 -08:00
Matt Burgess 97cd94d260 NIFI-2684: Additional check for displayName
This closes #1002
2016-11-15 11:48:50 -05:00
Andre F de Miranda ef2c50577d NIFI-2684 - Change AbstractConfigurableComponent to use displayName when available 2016-11-15 11:48:33 -05:00
Mathias Tiberghien 65b7b377e3 NIFI-1526: DefaultSchedule annotation should be use on Custom Processor to set the default scheduling strategy, scheduling period or max number of concurrent task for each instance of the processor
DefaultSettings annotation should be use on Custom Processor to set the default penalty period, the yield duration or the bulletin log level for each instance of the processor
2016-11-14 12:04:21 -05:00
Mark Payne c441a8696d NIFI-2850 This closes #1115. Added a migrate() method to ProcessSession and refactored BinFiles and MergeContent to use it 2016-11-09 16:25:03 -05:00
Matt Gilman bff89f17b3 NIFI-401: - Minor tweaks to PR #1117. - Ensuring existing configuraiton is retained and shown until the user explicits changes it. - Retaining, but disabling, deprecated options.
This closes #1185
This closes #1117
This closes #512

Signed-off-by: jpercivall <JPercivall@apache.org>
2016-11-08 17:06:43 -05:00
Brian Eugley 7eca2037bd NIFI-401
Signed-off-by: jpercivall <JPercivall@apache.org>
2016-11-08 17:06:36 -05:00
Bryan Bende d1d053725b NIFI-2909 Adding per-instance class loading capability through @RequiresInstanceClassLoading annotation
NIFI-1712 Applying per-instance class loading to HBaseClientService to allow specifying Phoenix Client JAR

-Refactoring the ClassLoading so that every processor, controller service, and reporting task gets an InstanceClassLoader with a parent of the NAR ClassLoader, and only components with @RequiresInstanceClassLoading will make a copy of the NAR ClassLoader resources, and addressing some review feedback

This closes #1156
2016-11-08 13:21:27 -05:00
jpercivall 94ab999026 NIFI-1662 adding Expression Language decimal support 2016-10-24 10:20:21 -04:00
Andre F de Miranda 9b08f23b24
NIFI-1531 - Remove bogus .gitignore files from sub directories
This closes #1154.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-10-23 10:29:09 -04:00
Pierre Villard 26f46538b3 NIFI-766:
- Improved connection UI display when backpressure is enabled
- Updating the connection label to include backpressure indicators for object count and data size thresholds.
- Coloring the connection path and drop shadow once backpressure is engaged.
- Fixing bug with expiration icon tooltip.
- Including columns in the summary table for backpressure.
- Updating empty queue action to reload the connection status upon completion to ensure an updated count.

This closes #1080.
2016-10-13 12:14:16 -04:00
Andre F de Miranda 3b408f5601 NIFI-2816 - Clean typos across the code - Part 2. This closes #1085 2016-10-05 13:07:57 -04:00
Andre F de Miranda 446cd44702 NIFI-2816 - Clean typos across the code
This closes #1057.
2016-09-26 17:47:31 +02:00
Joseph Percivall 1fe18a1567 NIFI-2676-rc1 prepare for next development iteration 2016-08-26 11:40:58 -04:00
Joseph Percivall 74d5224783 NIFI-2676-rc1 prepare release nifi-1.0.0-RC1 2016-08-26 11:40:44 -04:00
Andy LoPresto c638191a47
NIFI-1831 Added internal logic and command-line tool to allow AES-encrypted sensitive configuration values in nifi.properties.
This closes #834.
2016-08-23 20:34:31 -07:00
Matt Gilman 087622eadc NIFI-2606:
- Addressing issue when fingerprinting ReportingTasks and ControllerServices properties with default values.
- Ensuring the flow is saved when templates are created and imported.
- Ensuring default values are included in templates.
- Fixing unit tests.
This closes #908.
2016-08-22 13:35:15 -04:00
Matt Gilman 87161ab96e
NIFI-2595: - Updating ReportingTasks to use ComponentLogger instead of creating Controller level bulletins.
- Making the bulletin responses consistent in that all bulletins will be included but in redacted form as appropriate.
- Fixing broken unit test.

This closes #892.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-08-18 17:06:28 -04:00
Mark Payne 91a59a8a5a NIFI-2545: Ensure that when @OnUnscheduled and @OnStopped methods are called that the active thread count takes that thread into account
This closes #836.
2016-08-18 08:33:45 -04:00
joewitt 7d7401add4 NIFI-2574 Changed NiFiProperties to avoid static initializer and updated all references to it. 2016-08-17 00:10:07 -07:00
Mark Payne 1db5e73102 NIFI-2474: Remove VariableRegistry from outward facing API so that the it is more flexible to evolve
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #782
2016-08-04 10:11:33 -04:00
Mark Payne bc5237593e NIFI-2291: Correct the Content URI for 1.0.0 REST API; added cluster node identifier & whether or not clustered to ReportingContext so that the Reporting Task could make use of it
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #752
2016-08-03 10:35:11 -04:00
joewitt 05a99a93cb NIFI-2208 This closes #754. refactored as per comments on JIRA. Reduced API expsosure and tightened lifecycle management. 2016-08-01 14:17:26 -04:00
Yolanda M. Davis 8412d2662a NIFI-2208 - initial commit Custom Property Expression Language support with Variable Registry, includes bug fix for NIFI-2057
This closes #529

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-29 17:10:20 -04:00
Matt Gilman aa91032cde NIFI-2272:
- Ensuring the appropriate visibilty of the action in the policy management page.
NIFI-2273:
- Ensuring we load the policy or inform the user of the appropriate permissions of the effective policy.
NIFI-2239:
- Providing help tooltips for the policies in the management page.
NIFI-2283:
- Adding auditing for access policies, users, and groups.
NIFI-2263:
- Not replicating history requests throughout the cluster.
NIFI-2096:
- Fixing upload template file input in Firefox.
NIFI-2301:
- Removing relevant policies after component deletion.
2016-07-18 15:05:54 -04:00
joewitt ad02b43099 NIFI-1157 removed methods no longer needed due to deprecation cleanup. In NIFI-2280 also ensure they were deprecated on the 0.x line. This closes #663. 2016-07-16 16:07:12 -04:00
Koji Kawamura 53326c7f9b NIFI-2267: A way for Processor to know node type
- Added NodeTypeProvider to expose flowController's isClustered and
  isPrimaryNode so that processor can know if it's running on a cluster
  and if it's a primary node.
- Added mechanism to simulate clustered or not, and primary or not, for testing

This closes #657

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-15 11:38:50 -04:00
Aldrin Piri d1129706e2 NIFI-1896 This closes #650. Refactored nifi-api into nifi-framework-api and other locations. The nifi-api is specific to that which is needed for intended extension points. 2016-07-14 18:24:48 -04:00
joewitt 961be21a38 NIFI-1157 resolved deprecated nifi-api items and ripple effects 2016-07-14 09:32:34 -04:00
joewitt 4c9d4655a8 NIFI-1307 removed deprecation indication for getId and provided better API documentation 2016-07-14 09:32:34 -04:00
Matt Gilman 6e5e4cf52b NIFI-2204:
- Move bulletins out of the controller status endpoint.
NIFI-2238:
- Ensuring the controller bulletins are rendered on screen.
NIFI-2246:
- Ensuring the correct number of bulletins are returned when clustered.
2016-07-14 08:50:26 -04:00
Mark Payne d403254b49 NIFI-2228: Change FlowFileHandlingException to extend from RuntimeException instead of ProcessException
This closes #630

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-13 19:27:43 -04:00
Matt Gilman e0c96794fa NIFI-2095:
- Adding a page for managing users and groups.
- Adding a page for managing access policies.
- Renaming accessPolicy in entity to permissions to avoid confusion with the accessPolicy model.
- Adding an Authorizable for access policies.
- Refactoring access policies endpoints.
NIFI-2022:
- Implementing site to site authorizations.
2016-07-12 15:45:13 -04:00
Bryan Bende ba763b95e8 NIFI-2003 Creating abstract authentication provider and incorporating into existing providers
NIFI-2201 Add support for seeding cluster nodes in authorizations.xml
- Passing client address along in user context on authorization requests
- This closes #628
2016-07-12 11:20:29 -04:00
Bryan Bende c5889314ca NIFI-2171 Removing list of groups from User
- Making FileAuthorizer not update the resource or action when updating an AccessPolicy
- Adding corresponding READ policies during initial seeding and legacy conversions
- Adding checks to FileAuthorizer to ensure only one policy per resource-action
- Removing merging of policies on legacy conversion since we have one action per policy now
- This closes #608
2016-07-06 16:56:07 -04:00
Mark Payne 470513fa2e NIFI-2039: Provide a new ProcessSession.read() method that provides an InputStream instead of using a callback
This closes #601
2016-07-05 15:41:36 -04:00
Mark Payne 32b8a9b9f4 NIFI-1877, NIFI-1306: Add fields to FlowFile for FIFO Prioritizer, Oldest/Newest FlowFile first prioritizers to work properly
This closes #546
2016-07-05 14:59:08 -04:00
Matt Gilman ce5330330a NIFI-1781:
- Updating UI according to permissions through out the application.
- Shuffling provenance events, template, and cluster search REST APIs according to resources being authorized.
- Moving template upload controls.
- Removing username where appropriate.
- Addressing issues when authorizing flow configuration actions.
- Code clean up.
2016-07-01 15:10:27 -04:00
Mark Payne ae9e2fdf0b NIFI-2123: Add authorization of provenance events; refactor core classes so that Authorizable is located within nifi-api. This closes #592 2016-06-30 07:57:17 -04:00
Bryan Bende f43f47694c NIFI-2138 Making AccessPolicy have a single RequestAction. This closes #590 2016-06-28 16:32:27 -04:00
Bryan Bende 8c837ba1ea NIFI-2127 Adding support for managing the user-group relationship from the Group side. This closes #588 2016-06-28 14:25:38 -04:00
Matt Gilman f0811ca45a NIFI-1554:
- Addressing access controls for the Controller resource.
- Addressing access controls for RAW site to site clients.
- Addressing access controls for downloading content (from provenance and queue).
- Addressing access controls for accessing queues.
- Addressing access controls for cluster endpoints.
- Addressing access controls for counter endpoints.
- Removing redundant authorization calls.
NIFI-2044:
- Requiring revision when creating components.
- Requiring component creation over POST requests.
NIFI-1901
- Continuing to restore access control tests.
- Converting access control tests to itegration tests.
- Restoring contrib check to travis build.
- This closes #567
2016-06-23 17:09:54 -04:00
Bryan Bende 4f2643f668 NIFI-2061 Added methods to AbstractPolicyBasedAuthorizer to generate and inherit a fingerprint
- Updated StandardFlowSynchronizer to compare authorization fingerprints
- This closes #566
2016-06-23 14:36:04 -04:00
Jeff Storck f47be77b6a NIFI-1952 Create REST endpoints for user/group/policy management
created REST Resources for users, groups, and access policies
added Authorizables for users, groups, and access policies
added methods to DtoFactory and EntityFactory to create objects for users, groups, and access policies
extracted anonymous AuthorizableLookup impl in StandardNiFiServiceFacade.java to a protected class to make the lookup call mockable in tests
added methods to manage users/groups/access policies to StandardNiFiServiceFacade
added StandardNiFiServiceFacadeSpec to unit-test management of users/groups/access policies
added implementations for UserDAO, GroupDAO, AccessPolicyDAO.
added spring config for user/group/policy resources and daos
Updated user/group/policy creation via REST resources, no longer requires the use of the revision manager
updated StandardNiFiServiceFacadeSpec based on user/group/policy creation changes
condensed user/group/policy DAOs to a single DAO (StandardPolicyBasedAuthorizerDAO)
fixed spring config of user/group/policy REST resources
Updated to return ComponentEntity objects instead of just their IDs
mid-progress on updating tests
updated code and tests to return component entities from REST endpoints for users, groups, policies
This closes #526
2016-06-22 10:12:41 -04:00
Bryan Rosander 61a2054b38 NIFI-2046 - Adding reference to @TriggerSerially in Processor javadoc
This closes #549

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-06-21 17:31:09 -04:00
Yolanda M. Davis cb3aa8f5c9 NIFI-1850 - Initial Commit for JSON-to-JSON Schema Converter Editor (merge from 0.7.0 - refactor for masterless cluster). This closes #511 2016-06-20 20:30:25 -04:00
Jeremy Dyer 406d8a1991 NIFI-1805
Expose BackPressureObjectThreshold and BackPressureDataSizeThreshold to
ConnectionStatus

This closes #377.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-06-18 23:05:32 -04:00
Bryan Bende 679ad93f57 NIFI-1804 Adding ability for FileAuthorizer to automatically convert existing authorized-users.xml to new model
- Removing Resources class from file authorizer and updating ResourceType enum
- Updating ResourceFactory to be in sync with ResourceType enum and adding additional required permissions to the auto-conversion
- Adding root process group to the seeding of the initial admin
- Improvement so that users that are already part of a read-write policy, won't end up in a read policy for the same resource
- Removing rootGroupId from authorization context and auto-detecting it from the flow provided through nifi.properties
- This closes #507
2016-06-17 16:33:00 -04:00
Mark Payne c955ec1689 NIFI-2033: Allow Controller Services to be scoped at Controller level instead of just group level. This closes #540 2016-06-17 13:26:30 -04:00
Matt Gilman 0b437e09a7 NIFI-2007:
- Restoring bulletin functionality.
- Ensuring appropriate merging of bulletins in clustered responses.
2016-06-17 13:20:20 -04:00