- Switch ExtensionManifestParser implementation to use JAXB instead of Jackson XML
- Fix handling of older NARs that don't have newer fields in ExtensionManifest
- Add response merging for runtime-manifest REST end-point, remove commons-lang3 from c2 dependencies
This closes#5630
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- 'Leave group' action button is added to 'Navigation'
- 'Leave group' action works with 'esc' hotkey if no modal, context menu, etc. is open
- 'esc' key closes context menu if it is open
- user guide is updated with new navigation options
This closes#5678
- Added DataTransferDoSFilter with request URI evaluation
- Added RequestFilterProvider and implementations to abstract Jetty Filter configuration
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5670.
- Added optional includedRegistries query parameter to Flow Metrics Resource method supporting one or more registries
- Added optional includedNames query parameter to Flow Metrics Resource method supporting one or more metric family names
- Added sampleName and sampleLabelValue optional pattern parameters
- Added FilteringMetricFamilySamplesEnumeration to support streamed filtering
- Added PrometheusMetricsWriter and TextFormat implementation
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5571.
- Added nifi-property-protection-api with provider interfaces
- Added nifi-property-protection-factory with implementation references
- Added ProtectionSchemeResolver for abstracting conversion from command arguments
- Refactored PropertyProtectionScheme to package private visibility
- Refactored multiple unit test and removed provider integration tests
- Renamed AESSensitivePropertyProvider to AesGcmSensitivePropertyProvider
- Added getSupportedProtectionSchemes() to StandardProtectionSchemeResolver
- Updated command argument descriptions for protection schemes to include supported values
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5650.
- Upgraded Apache HttpCore to 4.4.15
- Added dependency management declarations in root Maven configuration for HttpClient and HttpCore
- Removed version numbers from multiple modules
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#5647.
- Centralized Spring Framework and Spring Security versions using BOM dependencies
- Upgraded Spring Security from 5.5.2 to 5.6.1
- Upgraded Spring Boot from 2.5.5 to 2.5.8 in Registry
- Upgraded Spring Integration from 5.5.2 to 5.5.7
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#5631.
- Replaced JUnit 4 and TestNG references with JUnit 5
- Added test method for bulletin sorting
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#5607
* NIFI-9423 - Show icon and tooltip for Parameter values that have leading and/or trailing whitespaces
NIFI-9429 - Parameters should allow blank values that are non-null (only whitespace)
* - Update areas to clean up tooltips in parameter values
- Show whitespaces and ellipsis in parameter and property values and tooltips
- Update serializeValue to accommodate for blank values
* - Address review findings
* - Remove commented out code
* - Add multiline check for ellipsis
* NIFI-9459 - Empty string checked will disable Edit Parameter value field on dialog open
* - Add multi-line style to parameter and property table
* - Safely insert title attribute content
* - Fix Edit Parameter bug that clears textarea for sensitive and empty string values on dialog open
This closes#5569
NIFI-9382: Fixed issue with SharedInstanceClassLoader where the classloader may get closed but then get used again. When the SharedInstanceClassLoader is closed, we will now ensure that we don't use anymore and instead create a new one.
Signed-off-by: Joe Witt <joewitt@apache.org>
- Changed framework so that it serializes the dataflow into a VersionedDataflow using JSON as well as XML, and prefers the JSON representation on load, if it's available. This also results in the need for the cluster protocol to exchange its representation of the dataflow to using JSON. Rather than re-implementing all of the complex logic of Flow Fingerprinting, updated to just inherit the cluster's flow.
- Moved logic to synchronize Process Group with Versioned Process Group into a new ProcessGroupSynchronizer class instead of having all of the logic within StandardProcessGroup
- Reworked versioned components to use an instance id.
- Renamed StandardFlowSynchronizer to XmlFlowSynchronizer; introduced new StandardFlowSynchronizer that delegates to the appropriate (Xml or Versioned)FlowSynchronzer
- Updated to allow import of VersionedProcessGroup even if not all bundles are available - will now use ghost components
- Introduced a VersionedDataflow object to hold controller-level services, reporting tasks, parameter contexts, templates, etc.
- Allow mutable requests to be made while nodes are disconnected. Also fixed issue in AbstractPolicyBasedAuthorizer that caused ClassNotFoundException / NoClassDefFoundError if the authorizations were changed and then a node attempts to rejoin the cluster. The Authorizer was attempting to use XmlUtils, which is in nifi-security-utils and so so by madking nifi-security-utils a provided dependency of nifi-framework-api, but this doesn't work, because nifi-framework-api is loaded by a higher-level classloader, so the classloader that loads AbstractPolicyBasedAuthorizer will never have the appropriate classloader to provide nifi-security-utils. Addressed this by copying the code for creating a safe document builder from XmlUtils to AbstractPolicyBasedAuthorizer.
- Fixed bug that occurred when importing a Process Group that has 2 parameter contexts, one inheriting from another, where neither is pre-defined in the existing flow
- Fixed bug that was encountered when Updating a Versioned Process Group where one version had a disabled processor and the other had the processor running.
- Increased system-tests workflow timeout to 120 minutes
- Added additional exception handling to system tests
This closes#5514
Signed-off-by: David Handermann <exceptionfactory@apache.org>
* NIFI-9336 - Show icon in processor and controller services configurations when property values contain leading or trailing whitespace
* - Address PR feedback
* - Fix a bug to clean up tooltips to prevent a DOM leak
This closes#5559
- Replaced HashMap with LinkedHashMap to avoid potential non-deterministic results for user group properties
This closes#5524
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Set Scheduled State for Versioned Port and Versioned Remote Port when mapping Flow Definition
- Updated StandardProcessGroup to set disable Port based on Scheduled State of DISABLED
- Updated StandardProcessGroup to set Remote Port transmitting based on Scheduled State of ENABLED
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5534.
* NIFI-9382: Created a new ClassloaderIsolationKey mechanism by which Hadoop related processors (and potentially others) can indicate that they need full classloaders to be cloned but can share with other instances in certain circumstances
- Added system tests
* NIFI-9382: Renamed interface based on review feedback
* NIFI-9382: Removed ReentrantKerberosUser.
- Added nifi.web.request.log.format property
- Added Filters to set and retrieve authenticated username for logging
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5527.
- Removed unnecessary spaces from initialization log
- Changed bootstrap temporary password file processing messages to debug
- Updated several log statements using parameterized strings
- Refactored NiFi unit test class
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#5515.
- ConcurrentHashMap collection for Active Threads eliminates the need for method synchronization
- Replaced System.out.println() with Logger.info() in nifi-system-test-suite classes
- Methods without the synchronized keyword, such as terminate(), iterate over activeThreads
This closes#5509
Signed-off-by: David Handermann <exceptionfactory@apache.org>
Added <scope>test</scope> tag to the nifi-web-api pom.xml and corrected imports.
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#5447
- Ensure that we consider all property values to determine if a component references a variable, not just 'supported' (i.e., well-known/non-user-defined) properties
This closes#5499
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Removed parent AccessResource from OIDCAccessResource and SAMLAccessResource to avoid unexpected inherited methods
- Moved Token Expiration validation from AccessResource to StandardBearerTokenProvider
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5489.
- Replaced Netty 3.6.9 and 3.7.1 with 3.10.6
- Replaced Netty 4.1 with 4.1.69
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#5490.
NIFI-9309: Include a uiOnly flag when requesting flow for a given process group. In that case, do not include the property descriptors, property values, etc. for Processors. When fetching Variable Registry, improved logic to cache the VariableImpact for each property value instead of parsing/recreating it every time. When fetching bulletins for a component, avoid filtering through all components' bulletins and instead only look at bulletins that might pertain to the appropriate component
- Allowing the user to submit a verification request for Processors, Controller Services, and Reporting Tasks.
- Tracking progress of verification requests.
- Showing the verification results.
NIFI-9288:
- Fixing class name which prevented styles from being applied.
NIFI-9288:
- Ensuring that previously entered referenced attribute values take precedence.
NIFI-9288:
- Positioning the property listing and verification results based on percentages instead of fixed values.
- Removing the additional dialog height.
NIFI-9288:
- Allowing attribute value entry to be skipped when appropriate.
NIFI-9288:
- Working around an issue caused by css minification.
NIFI-9288:
- Adding some padding to the verifying progress dialog.
This closes#5461
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
- Similar to NIFI-9215, converting integer identifiers to strings to ensure the items are successfully retrieved when attempting to apply a tooltip.
This closes#5454
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
- Upgraded Spring Security from 5.5.1 to 5.5.2
- Upgraded Spring Boot from 2.5.2 to 2.5.5 in Registry
- Upgraded Spring Data Redis from 2.5.3 to 2.5.5 in Redis modules
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#5463.
- Addressed issue identified in system test where a flow can fail due to FailurePortEncounteredException but then purge the flow in the background after the call to trigger completes
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5450.
- During mouse over events the items in the Controller Service Types table could not be looked up because the identifier of the item was an integer value and the identifier was a string value. Addressing the issue by always using a string.
This closes#5439
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
- Populating the empty state when a parameter is not referenced by any component.
- Tweaking margins so the references are slightly more compact.
This closes#5442
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
- Migrating away from forceFitColumns which is deprecated. Updating to use the same strategy in the new configuration which will prevent the warning logs to the console.
This closes#5428
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
- Updated documentation with new properties
- Refactored cipher operations to common RepositoryEncryptor classes
- Abstracted record metadata serialization for better compatibility
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5407.
- A few minor updates to Stateless in order to surface some concepts from the stateless engine up to the caller, such as bulletins, counters, etc.
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5412.
- Removed c3p0 exclusions since Maven coordinates changed and c3p0 is also licensed under the compatible Eclipse Public License 1.0
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5430.
* NIFI-9229 Flow upgrade not possible if a Output Port changes to a funnel
* NIFI-9229 Addressing review comments modified log message and added comments
- Removed nifi.minifi.sensitive.props.provider Property from MiNiFi
- Removed property from example NiFi properties files
- Removed provider from MiNiFi SensitivePropsSchema
- Removed BC provider value from MiNiFi test cases
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5422.
- Replaced use of Authorization header with custom Request-Token header for CSRF mitigation
- Added Request-Token cookie for CSRF mitigation
- Replaced session storage of JWT with expiration in seconds
- Removed and disabled CORS configuration
- Disabled HTTP OPTIONS method
- Refactored HTTP Proxy URI construction using RequestUriBuilder
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5417.
* NIFI-8491:
- Adding support for configuring parameter context inheritance.
* NIFI-8491:
- Allowing changes to the parameter context inheritance to drive Apply disabled state.
* NIFI-8491: Updating StandardParameterContext#isAuthorized check
* NIFI-8491:
- Showing selected inherited parameter contexts in ready only form when appropriate.
- Allowing available parameter contexts to be inherited by double clicking.
- Removing support for rendering unauthorized inherited parameter contexts as they can no longer be opened.
* NIFI-8491: Adding inherited param context verification earlier
* NIFI-8491:
- Addressing CI failures by rolling back to some order JS language spec to allow yui-compress to minify and compress.
* NIFI-8491:
- Ensuring selected context sort order is honored.
- Ensuring the Apply button is correctly enabled.
- Showing Pending Apply message when selected Parameter Context changes.
- Ensuring the Parameter's tab is selected now that there is a third tab.
* Updates to inherited param context verification
* Improving validation between parameters/inherited parameters
* NIFI-8491:
- Ensuring the available parameter contexts are loaded whether the edit dialog is opened from the listing or outside of the listing.
* NIFI-8491:
- Fixing conditions we check if the parameter context listing is currently open.
* NIFI-8491:
- Waiting for the parameter contexts to load prior to rendering the parameter context inheritance tab and showing the dialog.
* NIFI-8491:
- Fixing pending apply message clipping.
- Hiding pending apply message after clicking Apply.
Co-authored-by: Joe Gresock <jgresock@gmail.com>
This closes#5371
- Implemented ApplicationCookieService for adding and retrieving HTTP Cookies
- Added getCookieResourceUri() leveraging allowed proxy headers to support optional Cookie Paths
- Refactored Access Resources to use ApplicationCookieService for processing
- Changed __Host- prefix to __Secure- prefix for Bearer Token cookie to support Cookie Path processing
- Removed unnecessary jetty-http dependency from nifi-web-api
- Corrected NiFi path references in JavaScript to support prefixed paths
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5329.
- Added TemporaryKeyStoreBuilder with File.deleteOnExit() for KeyStore and TrustStore files
- Removed JKS files from nifi-security-utils tests
- Refactored usage of KeyStoreUtils.createKeyStoreAndGetX509Certificate() to TemporaryKeyStoreBuilder
- Removed unnecesary hadoop-minikdc test dependency in security-utils
- Replaced Mini KDC Hex utility with Bouncy Castle Hex utility in unit tests
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#5406
- Added EncodedSensitivePropertiesProvider with Base64 encoding methods
- Added ClientBasedEncodedSensitivePropertiesProvider with validate method
- Abstracted client configuration to ClientProvider interface and implementations
- Added unit tests for AWS and Azure Property Providers
NIFI-9184 Adjusted abstract provider class names and updated documentation
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5363.
- Refactored multiple tests using KeyStoreUtils
- Removed static KeyStore and TrustStore files
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#5401
NIFI-9170 Add two more 1.9.4 references to close out the few things identified by the Maven dependency plugin.
This closes#5351
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
- Replaced old com.sun.xml.bind:jaxb-impl and jaxb-core with current org.glassfish.jaxb:jaxb-runtime
- Replaced old javax.xml.bind:jaxb-api with current jakarta.xml.bind-api
- Removed unnecessary dependency references to javax.activation-api
This closes#5320
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
Bryan Bende
Timea Barna
Adam Kocsis
exceptionfactory
Joe Witt
Lehel Boér
Joe Gresock
Shane Ardell
M Tien
Mark Payne
Yiming Li
Pierre Villard
Duan
Peter Turcsanyi
noblenumbat360
shadon
Tamas Palfy
Matthew Burgess
omkadmi
Matt Gilman
timeabarna
greyp9
Mohammed Nadeem
Chris Sampson
Emilio Setiadarma
Hsin-Ying Lee