Commit Graph

1000 Commits

Author SHA1 Message Date
Andy LoPresto 9370571131
NIFI-7804 Split nifi-security-utils into sub-module for nifi-security… (#4533)
* NIFI-7804 Split nifi-security-utils into sub-module for nifi-security-utils-api (no external dependencies).
Separated interface and implementation of TlsConfiguration.
Reabsorbed nifi-security-xml-config into nifi-security-utils.

* NIFI-7804 Resolved failing unit test on Java 8.
Removed accidental module dependency.

* NIFI-7804 Resolved failing unit test.

* NIFI-7804 Removed legacy dependency.

* NIFI-7804 Marked nifi-security-utils-api as provided and overrode with compile scope in specific modules which are not children of nifi-standard-services-api-nar.
2020-09-17 12:52:22 -04:00
Peter Gyori 266433e13d
NIFI-7624: ListenFTP processor
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4481.
2020-09-17 12:37:58 +02:00
Matthew Burgess 60a5d71809
NIFI-7803: Allow ExecuteSQL(Record) properties to evaluate flowfile attributes where possible
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4523.
2020-09-15 21:02:52 +02:00
noedetore 85501e08e6
NIFI-7506 add snappy-hadoop to CompressContent
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4321.
2020-09-07 13:54:33 +02:00
Cameron E. Tidd 9a1ae469d8
NIFI-7167 This closes #4486. Fixing resource leaks in IdentifyMimeType
The TikaInputStream and FileInputStream instances utilized in IdentifyMimeType are now explicitly closed. The FileInputStream is additionally wrapped by a BufferedInputStream.

Signed-off-by: Joe Witt <joewitt@apache.org>
2020-09-02 13:22:26 -05:00
Kotaro Terada c3cab48325
NIFI-7730 Added regression tests for multiple certificate keystores.
Cleaned up JettyServer code.
Changed test logging severity to include debug statements.
Added test resources.

This closes #4498.

Co-authored-by: Kotaro Terada <kotarot@apache.org>
2020-09-01 18:32:03 -07:00
Matthew Burgess 3952c70448 NIFI-7745: Add SampleRecord processor
This closes #4482.

Signed-off-by: Joey Frazee <jfrazee@apache.org>
2020-08-28 14:28:19 -05:00
Tamás Bunth aaab9ee0cf NIFI-7760 Remove invalid permission check
Because even though permissions are only the 7 least significant bits of the file
mode but the file mode can be wider and can contain further info (like the
sticky bit).

Extend unit test for converting file mode with sticky bit into 'rwx' style
permission string.

Remove old test cases

This closes #4490.

Signed-off-by: Peter Turcsanyi <turcsanyi@apache.org>
2020-08-25 19:37:18 +02:00
Pierre Villard d0c0f9704c
NIFI-7751 - This closes #4483. fix for TestExecuteStreamCommand unit tests
Signed-off-by: Joe Witt <joewitt@apache.org>
2020-08-24 12:52:07 -07:00
Joe Witt 8baa5c9940
NIFI-7692 updating for next dev release 1.13.0 2020-08-18 14:48:02 -07:00
Joe Witt fb57bcbc11
NIFI-7692-RC1 prepare for next development iteration 2020-08-13 09:20:39 -07:00
Joe Witt 303d6c59ba
NIFI-7692-RC1 prepare release nifi-1.12.0-RC1 2020-08-13 09:20:36 -07:00
Joe Witt 4417b9d64a
NIFI-6666 removing all modifications to the nifi-api and the newly created builder class
This closes #4475.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2020-08-12 17:49:51 -07:00
Kyle Miracle a79493082c
NIFI-XXXX Fixed typo in documentation.
This closes #4455.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2020-08-11 14:43:06 -07:00
Andy LoPresto 96810f677f NIFI-7723 Upgraded BouncyCastle version to 1.66. 2020-08-11 14:08:57 -04:00
Joe Witt 536dbb72bb
NIFI-7703 updated all commons codec references to 1.14
This closes #4448.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2020-08-04 12:11:57 -07:00
Mike Thomsen 0861b2f632
NIFI-7605 Removed user-agent default value so no header will be sent by default.
Added and updated unit tests.

This closes #4428.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
Signed-off-by: Joe Witt <joe.witt@gmail.com>
2020-08-03 17:23:56 -07:00
Tamás Bunth 455f48fce4
NIFI-7640 Add documentation: temporary directory (#4414)
NiFi uses the Java IO temporary directory for storing HTTP multipart
files when using HandleHttpRequest processor. The directory can be
overwritten with Java command line parameter.
2020-07-29 13:57:34 -07:00
Andy LoPresto 7f0416ee8b
NIFI-7680 Added convenience methods for creating XML DocumentBuilder instances.
Added unit tests.

NIFI-7680 Duplicated DocumentBuilder creation method in NotificationServiceManager to avoid nifi-bootstrap dependency on nifi-security-utils.
Explicitly added commons-lang3 to lib/bootstrap/ directory in nifi-assembly.

NIFI-7680 Reverted unnecessary dependency changes.
Added explicit dependencies where necessary.

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4436
2020-07-28 17:02:42 -04:00
Mark Payne e926a17968
NIFI-7683: Fixed bug that resulted in a byte[] being allocated and held onto by a member variable that was unprotected. This caused the byte array to be modified by two different threads concurrently, which can potentially cause corruption of FlowFile's data
Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4439
2020-07-28 14:52:57 -04:00
Andy LoPresto eeeda84474
NIFI-7122 Introduced improvements to EncryptContent processor.
Added unit tests.
Refactored shared logic from various algorithm-specific secure hasher implementations to AbstractSecureHasher.
Introduced secure hasher implementations for various KDFs.
Added custom validation to EncryptContent processor.
Implemented logic for EncryptContent to write operational metadata to flowfile attributes.
Added encryption metadata attribute annotations to EncryptContent.
Added Argon2 KDF documentation and Bcrypt key derivation change notes to Admin Guide.
Updated unit tests to calculate default/recommended cost parameters for Argon2.

This closes #4421.

Co-authored-by: mtien <mtien.apache@gmail.com>
2020-07-24 12:31:39 -07:00
Tamás Bunth b1e77019ac NIFI-6128 UnpackContent: Store unpacked file data
Tar format allows us to archive files with their original permission,
owner, group name and last modification time.

When unpacking with Tar unpacker, these information are stored in new
attributes with names: "file.inner.*". This way, it preserves backward
compatibility when using parallel with GetFile processor (which stores
information in "file.*").

NIFI-6128 Tar unpackContent: assert date of last modification of content is a valid date format.

NIFI-6128 UnpackContent: use original attributes

In case of tar format:
- Use "file.*" attributes instead of "file.inner.*" (which eventually
  lead to overwrite if tar had been fetched with GetFile)
- Store file permission in "rwx" format, instead of integer
  representation.
- Also replace SimpleDateFormat with DateTimeFormatter.

Replace generic error with IllegalArgumentException
Also refactor: move permission string to top of file as static constant.

Update test

Remove 'file systems' text

Unpackcontent: Fill file.creationTime attribute
which always holds the very same value as file.lastModifiedTime.

This closes #4370.

Signed-off-by: Peter Turcsanyi <turcsanyi@apache.org>
2020-07-14 18:04:56 +02:00
Tamás Bunth 72666a9c7e NIFI-7589 Fix path value when unpacking tar
Refactor: remove variable reassignment

This closes #4371.

Signed-off-by: Peter Turcsanyi <turcsanyi@apache.org>
2020-07-14 17:32:51 +02:00
Tamas Palfy ad95287e78
NIFI-6934 In PutDatabaseRecord added DatabaseAdapter-based UPSERT support for Postgres (9.5+)
NIFI-6934 Added more documentation and unit tests.

NIFI-6934 Added missing license for new test class.

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4350
2020-07-09 11:26:41 -04:00
Tamas Palfy c396927299 NIFI-7594 In HandleHttpRequest deleting multipart file resources after processing.
This closes #4379.

Signed-off-by: Peter Turcsanyi <turcsanyi@apache.org>
2020-07-06 14:15:43 +02:00
Tamás Bunth 91cd74d725 NIFI-7576 ListenHTTP: Honor primary node only
ListenHTTP processor now binds port and creates a HTTP connection only
if one of the following conditions apply:
- Primary node execution is 'false'
- Primary node execution is 'true' and node is elected as primary node.

Changes:
- Connection is established in 'onTrigger' annotated method instead of
  'onSchedule'. (This is similar to how handleHTTPRequest processor
  handles connections.)
- 'onPrimaryNodeStateChange' annotated method is introduced to tear down
  server on reelection of primary node

This closes #4356.

Signed-off-by: Mark Payne <markap14@hotmail.com>
2020-06-23 14:26:45 -04:00
mtien 005d05f20b
NIFI-7542 Override jackson-databind version.
NIFI-7542 Override additional jackson-databind versions.
NIFI-7542 Upgrade jackson-databind dependency to 2.9.10.5 in the root pom.xml.

This closes #4343

Signed-off-by: Mike Thomsen <mthomsen@apache.org>
2020-06-22 17:37:57 -04:00
dennisjaheruddin 704260755a
NIFI-7501
Update nf-context-menu.js for an intuitive road to parameters
When rightclicking a process group the variables are shown, but parameters are not. This makes sense as they have a prerequisite, in the form of a parameter context. This change gives a more consistent experience for finding the functionality regarding parameters by ensuring the contextmenu shows the possibility to configure a parameter context. Once the paramater context has been created for a process group, the parameters text shows, so this is no longer visible. People would then need to click configure to change the context, just as they would be required to do now.

Added generateflowfile load tag and description
Added GenerateFlowFile load tag to be consistent with DuplicateFlowFile and updated description to refer to DuplicateFlowFile.

Revert "Update nf-context-menu.js for an intuitive road to parameters"

This reverts commit 3c44b1661f.

This closes #4333

Signed-off-by: Mike Thomsen <mthomsen@apache.org>
2020-06-22 11:12:22 -04:00
Mike Thomsen 64b544d5af NIFI-7529 Removed OS and Java information from InvokeHttp's UserAgent field so that it's removed regardless of whether or not this field is kept.
This closes #4332
2020-06-21 12:40:53 -04:00
Mark Payne 0a16002076
NIFI-7509: Added optional Record Writer property to all List* Processors
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4315.
2020-06-19 17:30:40 +02:00
Joey c18b27af18
NIFI-7540: Fix TestListenSMTP and TestListFile on macOS build environment (#4341)
* NIFI-7540: Fix TestListenSMTP and TestListFile on macOS build environment

This also fixes NIFI-4760.

* NIFI-7540: Remove duplicate mail.smtp.starttls.enable from TestListenSMTP

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2020-06-16 17:45:37 -07:00
wanghq-c 3c757b6ba8
NIFI-7313:fix bug on 'Quote Table Identifiers'
NIFI-7313:add test by wanghongqi
NIFI-7313:edit test

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4185
2020-06-09 16:02:25 -04:00
Wouter de Vries f2368a0dd1 NIFI-7393: Add max idle time and idle connections to InvokeHTTP
This closes #4233.

Signed-off-by: Joey Frazee <jfrazee@apache.org>
2020-06-08 09:29:10 -05:00
Mark Payne e0dd6d466e NIFI-7369: Consider DECIMAL type as a numeric type when using a CHOICE type in QueryRecord
This closes #4223.
2020-06-02 15:13:14 -04:00
Bence Simon 5c2bfcf7d3 NIFI-7369 Adding decimal support for record handling in order to avoid missing precision when reading in records
Signed-off-by: Mark Payne <markap14@hotmail.com>
2020-06-02 15:13:14 -04:00
jahenaor 04711ab466
NIFI-7477 Optionally adding validation details as a new attribute of the flowfile
NIFI-7477 Improving description and unit test now verifies attribute content

NIFI-7477: Fixed checkstyle errors

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4301
2020-06-01 14:08:08 -04:00
zhangcheng 1ec6675f38
NIFI-7403:Add a function that adjust if the result is failed before we call the onFailed or onCompleted function. If the result is failed, return true and do sth
NIFI-7403:Add an extension point to adjust the result, if the result is failed then process onFailed function

NIFI-7403:Implement the AdjustFailed Function, if PutSQL set the SUPPORT_TRANSACTIONS true, then check whether the result contains REL_RETRY or REL_FAILURE.If it contains that, reroute the result and return true.

NIFI-7403: fix reroute logic in AdjustFailed function

NIFI-7403:Add and modify some unit test for PutSQL's SUPPORT_TRANSACTIONS property

NIFI-7403:Update for PR recheck

NIFI-7403:Add documentation on the Support Fragmented Transactions property to indicate the transactions rollback behavior

NIFI-7403: Fix Checkstyle issue

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4266
2020-06-01 11:33:10 -04:00
Niels Basjes 2a82efc417
NIFI-6666 Add Useragent Header to InvokeHTTP requests
This closes #3734

Signed-off-by: Mike Thomsen <mthomsen@apache.org>
2020-05-29 21:39:14 -04:00
Pierre Villard af58714606 NIFI-7430 - LookupRecord change coordinate key for in-place replacement 2020-05-29 13:54:11 -04:00
zhangcheng a1f277fdf7
NIFI-7484:fix ListFTP and FetchFTP docs. Change 'SFTP' to 'FTP' in description
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4294.
2020-05-29 10:41:19 +02:00
zhangcheng e04e6793ca
NIFI-7483 - Remove description about 'Rolling strategy' in TailFile's docs
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4293.
2020-05-29 10:39:04 +02:00
r65535 4ced1775b5
NIFI-7487 - Added batch support and displayName to ModifyBytes processor
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4302.
2020-05-29 10:28:37 +02:00
adyoun2 101387bfaa
NIFI-6785 Support Deflate Compression
NIFI-6785 Remove unused imports

This closes #3822

Signed-off-by: Mike Thomsen <mthomsen@apache.org>
2020-05-25 16:22:08 -04:00
Andy LoPresto 97a919a3be
NIFI-7482 Changed InvokeHTTP to be extensible.
Added unit test.

This closes #4291.

Signed-off-by: Arpad Boda <aboda@apache.org>
2020-05-22 11:44:53 -07:00
pcgrenier b6ef7e13bf
NIFI-7462: This adds a way to convert or cast a choice object into a valid type for use with calcite query functions
NIFI-7462: Update to allow FlowFile Table's schema to be more intelligent when using CHOICE types

NIFI-7462: Fixed checkstyle violation, removed documentation around the CAST functions that were no longer needed

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #4282
2020-05-21 13:13:12 -04:00
Andy LoPresto 441781cec5
NIFI-7407 Replaced SSLContextFactory references to "TLS" with "TLSv1.2" (in shared constant).
Changed JettyServer default SSL initialization and updated unit test.
Removed SecurityStoreTypes (unused).
Added StringUtils inverted blank and empty checks.
Added TlsConfiguration container object.
Enhanced KeystoreType enum.
Added clean #createSSLContext() method to serve as base method for special cases/other method signatures.
Added utility methods in KeyStoreUtils.
Added generic TlsException for callers that cannot resolve TLS-specific exceptions.
Added utility methods for component object debugging.
Enforced TLS protocol version on cluster comms socket creation.
Added utility method for SSL server socket creation.
Refactored (Server)SocketConfigurationFactoryBean to store relevant NiFiProperties in TlsConfiguration instead of stateful SSLContextFactory (Cluster comms now enforce modern TLS protocol version).
Removed duplicate SSLContextFactory.
Switched duplicate SslContextFactory to wrap shared SSLContextFactory.
Refactored SslContextFactoryTest for clarity (will move any unique tests to nifi-security-utils class test).
Added further validation & boundary checking in uses of TlsConfiguration.
Provided SSLSocketFactory accessor in SslContextFactory.
Refactored OkHttpReplicationClient tuple method.
Refactored OcspCertificateValidator TLS logic.
Added utility method to apply TLS configs to OkHttpClientBuilder.
Removed references to duplicate SslContextFactory.
Removed unnecessary SslContextFactory.
Moved OkHttpClientUtils to nifi-web-util module.
Updated module dependencies.
Removed now empty nifi-security module.
Enforced TLS protocol selection on LB server socket.
Enforced TLS protocol selection on S2S server socket.
Applied specified TLS protocol versions to S2S socket creation.
Completed removal of legacy SSLContext creation methods from only remaining SslContextFactory.
Replaced references to creation methods throughout codebase.
Replaced references to unnecessary NiFiProperties file reads throughout tests.
Removed duplicate ClientAuth enum from SSLContextService and changed all references to SslContextFactory.ClientAuth.
Suppressed repeated TLS exceptions in cluster, S2S, and load balance socket listeners.
Cleaned up legacy code.
Added external timing check to timing test assertion.
Made RestrictedSSLContextService TLS protocol versions allowable values explicit.
Enabled TLSv1.3 on Java 11.
Added explanations of TLS protocol versions in StandardSSLContextService and StandardRestrictedSSLContextService.
Resolved additional Java 11 test failures for NiFi internal classes that don't support TLSv1.3. Filed NIFI-7468 as follow on task.

This closes #4263.

Signed-off-by: Nathan Gough <thenatog@gmail.com>
Signed-off-by: Mark Payne <markap14@hotmail.com>
2020-05-19 12:56:59 -07:00
Otto Fowler f22cd26cf4 NIFI-7420 remove the http.param attribute. It contained both the query parameters already captured in http.query.param _and_ the multipart form data names and values, which are captured in the part data, and could be very very large
This closes #4251.

Signed-off-by: Mark Payne <markap14@hotmail.com>
2020-05-06 17:20:08 -04:00
Alan Jackoway effa930151
NIFI-7425 Log Message for ReplaceText Over Buffer Size
Adds a log message when ReplaceText sends a flowfile to the failure relationship because
it is larger than the max buffer size.

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #4255.
2020-05-06 09:40:46 +02:00
Otto Fowler 659a383723 NIFI-7394: Add support for sending Multipart/FORM data to InvokeHTTP.
By using dynamic properties with a prefix naming scheme, allow
definition of the parts, including the name to give the Flowfile content
part, and optionally it's file name.
After review:
- change so that we can send just the form content or just form data
  without the flowfile
- change the content name and content file name from dynamic properties
  to properties
- change the dynamic name to be an invalid http header "post:form:xxxx"
- add validation and more tests

This closes #4234.

Signed-off-by: Mark Payne <markap14@hotmail.com>
2020-04-29 13:01:06 -04:00
EndzeitBegins 8e3f42051f
NIFI-7348 Wait - Removes WAIT_START_TIMESTAMP after expiration
This closes #4201.

Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
2020-04-16 15:56:40 +09:00