- Initial commit for client side provenance lineage svg download.
- css styling adjustments, changes for svg replace
- Addressing some style/spacing.
- This closes#982.
* Corrected the DEFAULT_REGEX pattern.
* Added tests to isolate regex capture group problem and verify corrected functionality.
* Removed short circuit logic that masked configuration errors and created inconsistent processor behavior.
This closes#1007.
Added 'file.lastModifiedTime' attribute to ListFileTransfer, which is
the abstract class extended by ListSFTP.
String literal attribute names were replaced with static references to
attribute name constants in ListFile.
ListFileTransfer stores the 'file.lastModifiedTime' attribute in the
format specified in ListFile.FILE_MODIFY_DATE_ATTR_FORMAT
Updated WritesAttribute description for file last modify time attribute
to mirror the entry in ListFile
Signed-off-by: Joe Skora <jskora@gmail.com>
This closes#931.
This commit fixes following two issues, that happens when a Root Group Port
policy for S2S data transfer is removed at a remote NiFi, after a client NiFi has
connected to that port:
1. At client side, Remote Process Group should show that authorization
is failing on its bulletin, but the Exception is caught and
ignored. Nothing is shown on the UI with HTTP transport protocol.
RAW S2S shows error on RPG bulletin. This commit fixes HTTP S2S to
behave the same.
2. At server side, corresponding input-port or output-port should show
that it is accessed by an unauthorized client on its bulletin, but it's
not shown with HTTP transport protocol.
RAW S2S shows warning messages for this. This commit fixes HTTP S2S to
behave the same.
In order to fix the 2nd issue above, request authorization at
DataTransferResource is changed from using DataTransferAuthorizable
directly, to call RootGroupPort.checkUserAuthorization().
Because the blettin is tied to the Port instance and it's
difficult to produce blettin message from this resource.
Since RootGroupPort.checkUserAuthorization uses
DataTransferAuthorizable inside, the check logic stays the same as
before.
Adding a RootGroupPortAuthorizable to provide access to necessary components for performing the authorization.
This closes#996
- Updating the component entity as long as the proposed entity is not older than the current one since stats are bundled in the entity too.
This closes#983
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
- Ensuring the controller services table to correctly reloaded regardless if its the processor group or controller level controller services. This closes#968
- Re-using the DataTransferAuthorizable in the DataTransferResource.
- Removing use of the DataTransferResource when obtaining site to site details as it performs additional unnecessary checks.
- Code clean up.
- This closes#971.
It caused "Error: Unable to find remote process group with id 'XXXX'" error with modifying the transmitting toggle switch of an Input or Output port.
This closes#962
Removed $sanitize from breadcrumbs controller, as it escapes multibyte
chars with numerical reference. Even without $sanitize, html tags can be
escaped when Angular binds the value to text content.
- Fixing contrib check issues.
- Clean up pom.
- Addressing issue where reporting task property descriptor using wrong scope.
NIFI-2635:
- Fixing issue with revisions when creating users and user groups.
- Forwarding requests to the coordinator instead of replicating.
- Tweaking verbage in dialog for removing users and groups.
This closes#943
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2591 - Added Format option for binary data types. Updated unit tests.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#883
- Ensure that we log which node is the cluster coordinator on startup instead of just indicating that there is one. If we later determine that there is none, ensure that we register for the role
This closes#900
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Addressing issue when fingerprinting ReportingTasks and ControllerServices properties with default values.
- Ensuring the flow is saved when templates are created and imported.
- Ensuring default values are included in templates.
- Fixing unit tests.
This closes#908.
This processor adds the capability to delete files or
directories inside of HDFS.
Paths supports both static and expression language values,
as well as glob support (e.g. /data/for/2016/07/*).
This processor may be used standalone, as well as part of a
downstream connection.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
Add Glob Matcher with Tests
Also set displayName on properties.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#850
* Removed @Ignore annotation on class and unnecessary EOL translation of test data. Because ModifyBytes treat input as binary data, not text, line endings don't matter as long as they byte offsets are calculated correctly.
* Replace validator with .allowableValues.
This closes#890.
- Making the bulletin responses consistent in that all bulletins will be included but in redacted form as appropriate.
- Fixing broken unit test.
This closes#892.
Signed-off-by: Bryan Bende <bbende@apache.org>
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2582
Signed-off-by: Matt Burgess <mattyb149@apache.org>
NIFI-2582
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#877
NIFI-2566: Removed storage of cluster roles from heartbeats and NodeConnectionStatus; use LeaderElectionManager to determine roles instead
NIFI-2566: Updated Heartbeats so that if a node is out-of-sync with cluster topology, cluster coordinator will provide updated information back to the nodes
NIFI-2566: Fixed issue that prevented standalone instance from starting by creating a standalone-instance version of the Leader Election Manager. Also added Controller Service enabled/disabled state to fingerprint rather than attempting to update the state when joining the cluster, as the implementation was incorrect and the correct implementation will be a rather significant effort that doesn't have to happen for 1.0.0 release
This closes#866
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Preventing client side selection of unauthorized controller services unless they were the previously configured value.
This closes#860.
Signed-off-by: Bryan Bende <bbende@apache.org>
This closes#840
Removed partial file check (based on missing first file)
Added condition to merge if at least one journal files available on disk. If all files are missing from disk that is considered an error.
Added retry logic to prevent endless thread execution when encountering errors (such as missing files).
- Removed message queueing which could result in data loss
- Fixed life-cycle issues that coudl put processor in an unstable state
- Fixed PropertyDescriptor translation for Time units and Byte sizes
- Fixed broken tests
- Added additional tests
NIFI-2519 added default for SMTP_MAXIMUM_CONNECTIONS
NIFI-2519 addressed PR comments, polishing
- fixed intermittent deadlock on processor stop and added test for it
- the attributes that can not be extracted from the message but available via MessageContext are written into the outgoing FlowFile
- other minor fixes
NIFI-2519 addressed lates PR comments
NIFI-2519 added better messaging when server closes the connection
NIFI-2519 some polishing and additional tests to validate deadlocks
NIFI-2519 address latest PR comments
fixed deadlock condition for when the consumer is stopped while server is distributing messages
fixed MAX message size issue ensuring it is validated
set max connections to SMTPServer
polished pom
added L&N
NIFI-2519 PR comments
- fixed LICENSE
- Added usage of LimitingInputStream
- simplified SmtpConsumer by removing hasMessage operation
- Addressing potential NullPointerException when an AccessDeniedException is thrown from an endpoint that isn't subject to the security filter chain.
This closes#846.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
NIFI-1876 Updated PermissionsDTO to use boolean primitives instead of Boolean objects for read and write permission
Removed ISE throwing from EntityFactory, it will rely on null checks instead
This closes#694
Signed-off-by: jpercivall <joepercivall@yahoo.com>
NIFI-1876 Added merging for labels, funnels, and controller service references.
NIFI-1876 Added Label and Funnel merging to FlowMerger.java
NIFI-1876 Added replication of request for process group controller services
- Updated merging code for Status and Status History based on read permissions
NIFI-1876 Fixed issue with node status snapshots all looking like they came from one node
Updated ProcessGroupStatusSnapshotDTO to contain status snapshot entities to retain readability permission
Added entity classes for ConnectionStatusSnapshotDTO, PortStatusSnapshotDTO, ProcessGroupStatusSnapshotDTO, ProcessorStatusSnapshotDTO, and RemoteProcessGroupStatusSnapshotDTO
Updated PropertyDescriptorDTO to contain AllowableValueEntity to retain readability permission
Added entity class for AllowableValueDTO
Moved AllowableValueDTO to its own top-level class
Updated DtoFactory to get permissions for status snapshot entities
Updated StatusMerger to merge status snapshot entities
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Allowing selection of User/Cluster node when searching and encountering an exact match.
This closes#839
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
NIFI-2543: - Ensuring we have permissions before attempting to reload a controller service.
This closes#837
Signed-off-by: jpercivall <joepercivall@yahoo.com>
Extend template handling to read only properties.
* Add read only property handling to type.hbs template.
* Add flag to ProcessorDTO.getRelationships to reflect read only nature of the property.
* Remove explicit "read only" message from ConnectionDTO.getAvailableRelationships to avoid duplicate text.
* This closes#806
- Addressing comments from PR. Moving new service button below the tab pane. (+2 squashed commits)
Squashed commits:
[f746d09] NIFI-2468:
- Addressing numerous inconsistencies throughout the UI (button placement above tables, timestamp styles, etc)
[7d1fb09] addressing some inconsistencies
This closes#794.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Fixed KafkaConsumer's connection block when broker is not available
- Fixed Serializer/Deserializer configs in both Consume/Publish Kafka
- Added sensitive properties for SSL ket/trust stores
NIFI-2322 fixed tests
- Added EL support to "Directory" property of ListHDFS and GetHDFS processors
- Added EL support to "Destination" property for ConsumeJMS and PublishJMS processors
- Added EL support to "MQ ConnectionFactory Implementation", "MQ client library path", "Broker URI" properties for the JMS Connection Factory Provider
- Added EL support to "Database Connection URL", "Database Driver Class Name", "DB Driver jar url", "DB username", and "DB password" properties for the DBCP Connection Pool
- Removed NotificationServiceManagerSpec.groovy, previous PR from Joe Witt covers the needed testing for Variable Registry/Value Lookup at this time
This closes#778.
This closes#695.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
Defaulting to same keyStore, key password (+18 squashed commits)
Squashed commits:
[9d01ba0] NIFI-2193 - Fixing typo
[55440bc] NIFI-2193 - Standalone can run as long as there are no conflicting files/folders
[0ca34ed] NIFI-2193 - Fixing some filename, absolute path issues
[9d4f65b] NIFI-2193 - Incorporating feedback
[f7550b4] NIFI-2193 - Cleaning up imports
[59a7637] NIFI-2193 - Updating umask to allow owner to execute
[cf824e7] NIFI-2193 - Moving DN arg to CA service specific parent class
[921ee13] NIFI-2193 - Making keystore getInstance more consistent
[a283c4b] NIFI-2193 - Updating sample config files in assembly to reflect new structure
[8d3a21d] NIFI-2193 - Making TlsHelper static, adding option to use same password for Key, KeyStore
[b13d247] NIFI-2193 - Addressing PR feedback
[46ef8ed] NIFI-2193 - Removing commons-logging, log4j from notice
[d4cf41a] NIFI-2193 - Adding option to specify output file for CA certificate when using cli client
[b74bf25] NIFI-2193 - Removing Bouncy Castle from notice
[6e34f9a] NIFI-2193 - Adding CLI client for easier generation of client certificates
[2924fca] NIFI-2193 - nifi-toolkit-ssl -> nifi-toolkit-tls, removing unused constants
[886167e] NIFI-2193 - Adding slf4j to avoid runtime issue
[082de46] NIFI-2193 - Command line SSL config utility as well as certificate authority client/server
Fixed NPE (+2 squashed commits)
Squashed commits:
[c5d521a] NIFI-2466: Added unit test to verify changes; fixed validation
[aa4d418] NIFI-2446: Add option to specify key password when different than keystore password
This closes#776.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- fixed the logging issue NIFI-2444 by ensuring the ProcessLog is added to KafkaPublisher
- fixed KafkaPublisher's isAllAcked operation to ensure that it properly reports that the flow file has failed.
- added additional test
This closes#758.
HTTP Site-to-Site can't handle TRANSACTION_FINISHED_BUT_DESTINATION_FULL
scenario as expected.
That happens if the remote NiFi's input port destination relationship
becomes full during Site-to-Site client sends data. The data which has
already sent to the remote NiFi has to be committed successfully.
However, the remote NiFi returns 503 as a response of commit HTTP
request. Because it does check port availability.
The port availability check shouldn't be called at commit request, since
the session at source NiFi has already been committed. The remote NiFi
should commit its session as well, and return
TRANSACTION_FINISHED_BUT_DESTINATION_FULL response.
This fix makes a remote NiFi to keep the handshaken properties when it holds
transaction to be committed. Then if a transaction already has
handshaken properties, then use it, instead of doing a handshake process
again.
Fixed Site-to-Site Transit URI for HTTP to be consistent with RAW socket.
- Removed url from CommunicationsSession since it's redundant as we have
Peer.url, too. The value was not used from anywhere other than HTTP
Site-to-Site.
- Added createTransitUri method in Communicant interface, so that
implementation can customize transitUri while providing consistent
interface.
Removed permission check causing "Cannot read property 'canRead' of
undefined". A given user won't have record level permission
difference for component state. It's not required here.
- Returning the enabled state of play and stop buttons in the palette. Allowing the user to always press if they have permissions to modify the selection.
- Only attempting to schedule components that are not running, not disabled, and valid.
This closes#745
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- added SnippetUtilsTest
- renamed TypeOneUUIDGenerator to ComponentIdGenerator
- changed lsb part of ComponentIdGenerator back to long
- Fixed 'isCopy' condition for clustered environments
This closes#718.
[NIFI-2025] update birdseye after dragging/dropping element on the canvas
[NIFI-2367] update width of content viewer combo
[NIFI-2355] update table sorting based on auth efforts
[NIFI-2027] update EL editors
[NIFI-2387] update bulletin alert backgroud color to actually change the color of the icon not the div background
[NIFI-2141] Hide bulletin icon/background on processors unless a bulletin exists
[NIFI-2400] close any open combos contained within a shell when closing the shell
[NIFI-2404] remove extra scrollbar from #node-events
[NIFI-2027] account for min widths of EL editors
[NIFI-2025] update birdseye after changing color
[NIFI-2027] Update EL editor checkbox text
[NIFI-2027] update checkbox text
[NIFI-2355] update table sorting
[NIFI-2141] Hide bulletin icon/background on processors unless a bulletin exists
[NIFI-2027] update EL editors
[NIFI-2367] Overlapping links repositioned on error/login pages
This closes#715
- Introducing data resource for authorizing provenance events and queue listing.
- Authorizing entire proxy chain for data resource and data transfer resource.
NIFI-2338:
- Ensuring that replay authorization only happens once.
- Allowing users with access to policies for a component to be able to access all policies for that component.
-- Includes the component, data, data transfers, and policies.
- Fixing drop request completion to update the correct queued field.
- Fixing access control check for listing and emptying queues.
- Reseting selected policy when re-opening the policy management page.
- Fixing button/link visibility for available actions in policy management page.
- Fixing policy issues with policy removal when the underlying component is deleted.
- Updating file authorizer seeding to grant data access to node's in the cluster.
This closes#720.
- Adding Authorizer implementation for Ranger
- Adding build profile and assembly that controls the inclusion of Ranger in the final assembly
- Add properties to specify ranger admin identity and a flag to indicate if ranger is using kerberos, plugin is updated to perform a UGI login if ranger is using kerberos
- Adding LICENSE and NOTICE for Ranger NAR, and some other licensing clean up
- Adding tests for kerberos properties, adding test for RangerBasePluginWithPolicies, cleaning up code to use Java 8 features
This closes#574
- Allowing users with read only access to the tenants page.
- Fixing current user integration test.
- Ensuring schedule methods are locked appropriately.
- Addressing comments from PR.
This closes#698
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Ensuring the appropriate visibilty of the action in the policy management page.
NIFI-2273:
- Ensuring we load the policy or inform the user of the appropriate permissions of the effective policy.
NIFI-2239:
- Providing help tooltips for the policies in the management page.
NIFI-2283:
- Adding auditing for access policies, users, and groups.
NIFI-2263:
- Not replicating history requests throughout the cluster.
NIFI-2096:
- Fixing upload template file input in Firefox.
NIFI-2301:
- Removing relevant policies after component deletion.
- Updated site-to-site client and server to support clustered nifi instances
NIFI-2274:
- Ensuring we use the correct URI when updating a connection.
This closes#530
With this commit, MonitorActivity can be configured as:
- Monitor activity per node individually
- Monitor cluster wide activity
- Send notification flow-file from all of nodes
- or only from a primary node
Changes:
- Added 'Monitoring Scope' property
- Added 'Reporting Node' property
- Falls back from cluster scope to node scope if necessary
- Persist the latest activity as Cluster state
- Examine cluster state on each node if necessary
- Only update the cluster state if current timestamp is later than existing
timestamp stored in Zookeeper
This closes#575
Signed-off-by: jpercivall <joepercivall@yahoo.com>
- Added NodeTypeProvider to expose flowController's isClustered and
isPrimaryNode so that processor can know if it's running on a cluster
and if it's a primary node.
- Added mechanism to simulate clustered or not, and primary or not, for testing
This closes#657
Signed-off-by: jpercivall <joepercivall@yahoo.com>
NIFI-2020 - updates to use lambdas/stream wherever possible and fix potential nullpointer issue.
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#564
* Updated the AWS SDK dependency version to 1.11.8
* Removed GetDynamoDBTest references to JsonObject class dropped from AWS SDK
* Fixed integration test ITPutSNS.testPublish() - exception from not evaluating expressions
* Ignored integration test ITPutS3Object.testS3MultipartAgeoff() - did not work before or after SDK update
This closes#562.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
- Addressed issue enabling/disabling controller services where the wrong URI was referenced.
- Addressed with the update revisions in the controller service references.
- Addressed issue with showing the disconnected from cluster dialog on page load.
- Addressed issue with URI when adding a dynamic property.
This closes#654.
- Added following properties:
- nifi.flow.configuration.archive.enabled
- nifi.flow.configuration.archive.max.time
- nifi.flow.configuration.archive.max.storage
- Removed manual archive operation:
- Removed 'Back-up flow' link from UI since it's not needed any longer
- Removed corresponding REST API controller/archive and its
implementations
- Added FlowConfigurationArchiveManager to enclose archive related code
- Updated related docs
- Move bulletins out of the controller status endpoint.
NIFI-2238:
- Ensuring the controller bulletins are rendered on screen.
NIFI-2246:
- Ensuring the correct number of bulletins are returned when clustered.
- Switched from absolute layout to responsible using flex-box.
- Added toggle switch to control component listing pane visibility.
Signed-off-by: joewitt <joewitt@apache.org>
- Ensuring the active thread count is shown.
NIFI-2019:
- Ensuring correct color of the run status in the From connection label.
NIFI-2183:
- Removing the DownloadSvg servlet and hidding the download icon until we're able to support save the svg entirely from the client side.
This closes#634.
[NIFI-2217] fix single node and cluster link
[NIFI-2219] Fix styles on provenance cluster search combo
[NIFI-2180] Fix settings shell table text alignment for run status
[NIFI-2140] Update preview image for Change Color dialog
[NIFI-2131] update progress bars/percent complete to use angular material progress linear directive
[NIFI-2099] add header text to all ok and yes/no dialogs
[NIFI-2233] fix invalid/warning icon shifts position as tasks are added
[NIFI-2131] update progress bars/percent complete
[NIFI-2140] Update preview image for label. This closes#627
- Adding a page for managing users and groups.
- Adding a page for managing access policies.
- Renaming accessPolicy in entity to permissions to avoid confusion with the accessPolicy model.
- Adding an Authorizable for access policies.
- Refactoring access policies endpoints.
NIFI-2022:
- Implementing site to site authorizations.
NIFI-2201 Add support for seeding cluster nodes in authorizations.xml
- Passing client address along in user context on authorization requests
- This closes#628
Added unit tests for DN extraction.
Corrected typo in Javadoc.
Switched server/client socket logic for certificate extraction -- when the local socket is in client/server mode, the peer is necessarily the inverse.
Fixed unit tests.
Moved lazy-loading authentication access out of isDebugEnabled() control branch.
This closes#622
Aldrin Piri
Matt Gilman
Pierre Villard
Matt Burgess
Toivo Adams
Oleg Zhurakousky
Joey Frazee
Koji Kawamura
Andy LoPresto
Peter Wicks
Yolanda M. Davis
Joe Skora
Scott Aslan
Bryan Bende
Kirk Tarou
Mark Payne
vijayk
joewitt
Joe Gresock
Jeff Storck
jpercivall
Bryan Rosander
Andre F de Miranda
Andrew Psaltis
Ramiz
ricky
Simon Elliston Ball
Tim Reardon
Joe Skora
Scott Aslan
Mike Moser
mans2singh
Koji Kawamura
Puspendu Banerjee
James Wing