Commit Graph

1230 Commits

Author SHA1 Message Date
Scott Aslan ed5c44ba53 [NIFI-2053] update open/close palettes. This closes #775 2016-08-04 07:59:13 -04:00
Matt Gilman c26398eaba NIFI-2402: - Removing client side check component move eligibility and instead relaying on verification server side. Cannot check client side as the current user may not have permissions to inspect required fields.
This closes #750

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-03 19:08:25 -04:00
Matt Gilman 1511887a68 NIFI-2301: - Ensure all component specific policies are removed when the component is removed. - Allowing snippets to be created if the user has read or write access as we don't know what the intended snippet usage. When used the snippet is still authorized accordingly. - Ensuring actions involving Process Groups correctly authorize encapsulated components. - Not requiring read permissions when showing the delete button for Controller Services and Reporting Tasks.
This closes #757

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-03 18:06:30 -04:00
Matt Gilman 9338f102cb NIFI-2237:
- Updating Rest Endpoint documentation specifically regarding access policies.
- Ensuring the resource listing is accurate.
- Removing unnecessary code.
2016-08-03 16:18:30 -04:00
Mark Payne 16348b071d NIFI-2452: This closes #771. Ensure that we keep track of how many references we have to each lucene searcher and only close the underlying index reader if there are no references to the searcher. Also updated to prefer newer provenance events over older provenance events, and calculate FlowFile lineage based on an event id instead of a FlowFile UUID, as it's much more efficient 2016-08-03 08:05:26 -07:00
Matt Gilman 52d97f966d NIFI-2443: - Addressing issue where reload group deferred was being resolved prematurely.
This closes #756

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-02 17:06:25 -04:00
Matt Gilman ecca76099a NIFI-2427: - Only showing read/write data policies for applicable components. Disabling for labels, controller services, reporting tasks, and templates.
This closes #748

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-02 16:25:02 -04:00
Koji Kawamura aae2d27879 NIFI-2259: HTTP Site-to-Site can't handle DEST_FULL
HTTP Site-to-Site can't handle TRANSACTION_FINISHED_BUT_DESTINATION_FULL
scenario as expected.

That happens if the remote NiFi's input port destination relationship
becomes full during Site-to-Site client sends data. The data which has
already sent to the remote NiFi has to be committed successfully.
However, the remote NiFi returns 503 as a response of commit HTTP
request. Because it does check port availability.

The port availability check shouldn't be called at commit request, since
the session at source NiFi has already been committed. The remote NiFi
should commit its session as well, and return
TRANSACTION_FINISHED_BUT_DESTINATION_FULL response.

This fix makes a remote NiFi to keep the handshaken properties when it holds
transaction to be committed. Then if a transaction already has
handshaken properties, then use it, instead of doing a handshake process
again.
2016-08-02 09:08:00 -04:00
Koji Kawamura 809f042353 NIFI-2028: Fixed Site-to-Site Transit URI
Fixed Site-to-Site Transit URI for HTTP to be consistent with RAW socket.

- Removed url from CommunicationsSession since it's redundant as we have
  Peer.url, too. The value was not used from anywhere other than HTTP
Site-to-Site.
- Added createTransitUri method in Communicant interface, so that
  implementation can customize transitUri while providing consistent
interface.
2016-08-02 09:08:00 -04:00
Koji Kawamura 9a2f8c598e NIFI-2441 This closes #766. View state fails with a JS error
Removed permission check causing "Cannot read property 'canRead' of
undefined". A given user won't have record level permission
difference for component state. It's not required here.
2016-08-01 22:54:37 -04:00
joewitt 05a99a93cb NIFI-2208 This closes #754. refactored as per comments on JIRA. Reduced API expsosure and tightened lifecycle management. 2016-08-01 14:17:26 -04:00
Scott Aslan 7f45251bbd [NIFI-2426] Update visibility of New service/task button in Controller Settings
- Ensuring button is hidden when the user doesn't have permissions to modify the controller.
- This closes #759
2016-08-01 13:32:42 -04:00
Scott Aslan 5d63ba6a19 NIFI-2303 This closes #749. Update lineage styles 2016-08-01 13:30:58 -04:00
Matt Gilman 372a316deb NIFI-2401:
- Returning the enabled state of play and stop buttons in the palette. Allowing the user to always press if they have permissions to modify the selection.
 - Only attempting to schedule components that are not running, not disabled, and valid.

This closes #745

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-01 11:39:55 -04:00
Oleg Zhurakousky 1bf10944ea NIFI-2366 - Fixed ID generation semantics in clustered environment
- added SnippetUtilsTest
- renamed TypeOneUUIDGenerator to ComponentIdGenerator

- changed lsb part of ComponentIdGenerator back to long
- Fixed 'isCopy' condition for clustered environments

This closes #718.
2016-07-31 15:24:02 -04:00
Yolanda M. Davis 8412d2662a NIFI-2208 - initial commit Custom Property Expression Language support with Variable Registry, includes bug fix for NIFI-2057
This closes #529

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-29 17:10:20 -04:00
Scott Aslan 0c8fc25ba4 NIFI-2430 This closes #737. Update some tooltip text and context menu text/icon 2016-07-29 12:54:31 -04:00
Scott Aslan a8224edb8d [NIFI-2428] update modal glasspane to always close, even if the dialog we closed by user in close handler 2016-07-29 12:12:00 -04:00
Scott Aslan f5dfa580db [NIFI-2348] When processor is selected, can now copy id from palette 2016-07-29 12:12:00 -04:00
Scott Aslan da5e468489 [NIFI-2371] fix cluster page padding 2016-07-29 12:12:00 -04:00
Matt Gilman a73c8bba30 NIFI-2302: - Showing a message on the history page when in a cluster to indicate that only the actions from the current node are displayed.
This closes #740

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-29 11:27:09 -04:00
Matt Gilman da238b16ef NIFI-2122: - Merging responses for the current user and the flow configuration. - Returning whether NiFi is configured with a policy based authorizer in the flow configuration. - Only showing the users and policy icons when configured with a policy based authorizer. - Failing faster when invoking the users or policies endpoint when not configured with a configurable authorizer.
This closes #736

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-28 16:51:40 -04:00
Matt Gilman 01adb050f9 NIFI-2421: - Only attempting to clone policies when NiFI supports a configurable authorizer.
This closes #738

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-28 13:01:20 -04:00
Matt Gilman 09b124714e NIFI-2347: - Ensuring component specific policies are retained when using copy/paste. - This includes the policies for the component, data of the component, data transfers of the component, and policies of the component.
This closes #730

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-28 09:43:40 -04:00
Scott Aslan 25cadf5db1 [NIFI-2396] Update Bulletin Board shell header and filter control position. This closes #732 2016-07-28 09:09:25 -04:00
Bryan Bende dedd4fcda1 NIFI-2403
- Ensuring uniqueness on user identities and group names
- Ensure errors when updating a group are displayed.
- This closes #724
2016-07-28 08:45:47 -04:00
Matt Gilman ae344806c0 NIFI-2224: - Ensuring the template form is reset when the upload template dialog is closed. NIFI-2175: - Not submitting the template form is a template isn't choosen. NIFI-2176: - Ensuring a template is specified during creation. NIFI-2223: - Ensuring templates with the same name cannot be added. NIFI-2296: - Updating the tooltip for the upload template browse button.
- Cleaning up un-used parameters to REST endpoints.

This closes #725

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-27 17:38:12 -04:00
Scott Aslan f3e49fefa0 [NIFI-2367] Overlapping links repositioned on error/login pages
[NIFI-2025] update birdseye after dragging/dropping element on the canvas
[NIFI-2367] update width of content viewer combo
[NIFI-2355] update table sorting based on auth efforts
[NIFI-2027] update EL editors
[NIFI-2387] update bulletin alert backgroud color to actually change the color of the icon not the div background
[NIFI-2141] Hide bulletin icon/background on processors unless a bulletin exists
[NIFI-2400] close any open combos contained within a shell when closing the shell
[NIFI-2404] remove extra scrollbar from #node-events
[NIFI-2027] account for min widths of EL editors
[NIFI-2025] update birdseye after changing color
[NIFI-2027] Update EL editor checkbox text
[NIFI-2027] update checkbox text
[NIFI-2355] update table sorting
[NIFI-2141] Hide bulletin icon/background on processors unless a bulletin exists
[NIFI-2027] update EL editors
[NIFI-2367] Overlapping links repositioned on error/login pages
This closes #715
2016-07-27 16:29:25 -04:00
joewitt 15d1e1bbf8 NIFI-2405 corrected string equality checks
This closes #723.
2016-07-26 23:04:38 +02:00
Bryan Bende c3b4872b55 NIFI-2389 Refactoring identity mapping and applying it to FileAuthorizer for initial admin, cluster nodes, and legacy authorized users. This closes #719 2016-07-26 15:24:50 -04:00
Matt Gilman 69586d8bd0 NIFI-2346:
- Introducing data resource for authorizing provenance events and queue listing.
- Authorizing entire proxy chain for data resource and data transfer resource.
NIFI-2338:
- Ensuring that replay authorization only happens once.

- Allowing users with access to policies for a component to be able to access all policies for that component.
-- Includes the component, data, data transfers, and policies.
- Fixing drop request completion to update the correct queued field.
- Fixing access control check for listing and emptying queues.
- Reseting selected policy when re-opening the policy management page.
- Fixing button/link visibility for available actions in policy management page.
- Fixing policy issues with policy removal when the underlying component is deleted.
- Updating file authorizer seeding to grant data access to node's in the cluster.

This closes #720.
2016-07-26 14:15:36 -04:00
Mark Payne 7779af69b4 NIFI-2292: Funnel all cluster node status changes through the cluster coordinator instead of having each node broadcast changes to the whole cluster. This gives us the ability to increment the updateId consistently without race conditions.
This closes #717

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-25 23:17:37 -04:00
Bryan Bende 3e9867d5da NIFI-1950 Updating FileAuthorizer to convert access controls from input and output ports during legacy conversion. This closes #702. 2016-07-25 12:37:26 -04:00
Mark Payne b082858595 Revert "NIFI-2292: Funnel all cluster node status changes through the cluster coordinator instead of having each node broadcast changes to the whole cluster. This gives us the ability to increment the updateId consistently without race conditions."
This reverts commit 35ff0975bf.
2016-07-25 12:35:43 -04:00
Mark Payne 35ff0975bf NIFI-2292: Funnel all cluster node status changes through the cluster coordinator instead of having each node broadcast changes to the whole cluster. This gives us the ability to increment the updateId consistently without race conditions. 2016-07-25 12:14:13 -04:00
Scott Aslan 26ffc6d7ec [NIFI-2050] update dialog advanced buttons
[NIFI-2076] fix Add inline controller service dialog description width
[NIFI-2143] update to combo width
[NIFI-2136] [NIFI-2139] [NIFI-2134] update provenance details dialog
[NIFI-2368] add transparent glasspane when in a shell
[NIFI-2134] update flow-file details padding and .unset font-weight
[NIFI-2349] [NIFI-2351] update policies shell styles
[NIFI-2350] update empty queue dialog styles
[NIFI-2367] update links on message pane
This closes #703
2016-07-25 08:24:23 -04:00
Matt Gilman 4a4d60e6af NIFI-2307: - Enforcing connection permissions based on the source and destination comonent. - Removing connection specific access policies. NIFI-2265: - Filtering out sensitive details in component status and status history when appropriate. NIFI-1800: - Adding parent process group id to the Controller Services table. NIFI-2077: - Removing some old un-used icons following the UI refresh. NIFI-2242: - Requiring write permissions for all components in a selection. NIFI-2080: - Updating style of the name in the selection context to handle scroll bars and use available width. NIFI-2331: - Addressing issue when removing a user/group which was causing the tenant policy to be removed. NIFI-2335: - Ensuring the flow is saved after starting/stopping a process group. NIFI-2235: - Ensuring we use consistent conditions between the context menu and the operate palette.
- Allowing users with read only access to the tenants page.
- Fixing current user integration test.
- Ensuring schedule methods are locked appropriately.
- Addressing comments from PR.

This closes #698

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-21 23:52:01 -04:00
Scott Aslan f352ea10b7 [NIFI-2107] [NIFI-2143] Update content-viewer, error, and login pages...Fix Provenance filter combo text. This closes #684 2016-07-21 08:22:22 -04:00
Mark Payne 5eba2b763e NIFI-2334: Delegate requests for cluster info to the cluster coordinator
This closes #697

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-20 21:38:53 -04:00
joewitt 2a8be95480 NIFI-2326 This closes #685. fixed test breaking static class causing ordering issues. Addressed potential issue in NarClassLoaders for multi-init scenarios - now idempotent for a given config 2016-07-20 15:13:37 -04:00
Scott Aslan 8f23afde50 [NIFI-2257] [NIFI-2294] refresh updateattribute processor advanced shell and fix connection config setting tab scrolling issue
[NIFI-2270] Update splash screen
This closes #646
2016-07-20 06:59:30 -04:00
Scott Aslan deb2819bfb [NIFI-2105] [NIFI-2106] fix status history dialog issues. This closes #673 2016-07-19 07:33:34 -04:00
Oleg Zhurakousky f4d2919955 NIFI-826 (part deux)
- fixed clustering issues discovered after NIFI-826 was applied
2016-07-18 15:49:24 -04:00
Matt Gilman aa91032cde NIFI-2272:
- Ensuring the appropriate visibilty of the action in the policy management page.
NIFI-2273:
- Ensuring we load the policy or inform the user of the appropriate permissions of the effective policy.
NIFI-2239:
- Providing help tooltips for the policies in the management page.
NIFI-2283:
- Adding auditing for access policies, users, and groups.
NIFI-2263:
- Not replicating history requests throughout the cluster.
NIFI-2096:
- Fixing upload template file input in Firefox.
NIFI-2301:
- Removing relevant policies after component deletion.
2016-07-18 15:05:54 -04:00
Oleg Zhurakousky 52a961873b NIFI-826 This closes #617. Added deterministic template support 2016-07-15 20:41:18 -04:00
Mark Payne 4d4c525d9c NIFI-2281: Allow connections to be moved away from running local input ports and funnels
This closes #662

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-15 16:36:19 -04:00
Mark Payne c81dc1959a NIFI-1992:
- Updated site-to-site client and server to support clustered nifi instances
NIFI-2274:
- Ensuring we use the correct URI when updating a connection.

This closes #530
2016-07-15 16:13:59 -04:00
Matt Gilman 5cd5a4ce78 NIFI-2260:
- Addressing issue searching provenance on a specific node.
- Fixing issues viewing content and replaying events.

This closes #658.
2016-07-15 12:14:24 -04:00
Aldrin Piri d1129706e2 NIFI-1896 This closes #650. Refactored nifi-api into nifi-framework-api and other locations. The nifi-api is specific to that which is needed for intended extension points. 2016-07-14 18:24:48 -04:00
Bryan Rosander 1da18a3f40 NIFI-2222 - Fixing SslContextFactory Properties set by keyStorePasswd and keyPasswd
This closes #632

Signed-off-by: James Wing <jvwing@gmail.com>
2016-07-14 14:07:24 -07:00
Scott Aslan 02784b5fca [NIFI-2227] fix race condition for showing the view button on the flow file details dialog
[NIFI-2109] update check boxes
[NIFI-2226] reset controller services properties table size on dialog open
This closes #653
2016-07-14 14:50:14 -04:00
Mark Payne b83d9bde1a Fixed checkstyle problem 2016-07-14 14:01:28 -04:00
Matt Gilman 4f26072444 NIFI-2261
- Addressed issue enabling/disabling controller services where the wrong URI was referenced.
- Addressed with the update revisions in the controller service references.
- Addressed issue with showing the disconnected from cluster dialog on page load.
- Addressed issue with URI when adding a dynamic property.

This closes #654.
2016-07-14 13:59:26 -04:00
Matt Gilman 3373e18158 NIFI-1947 NIFI-2082:
- Making it more obviously when a nodes cluster state changes.
- Showing which node is the cluster coordinator.

This closes #651
2016-07-14 11:31:48 -04:00
Koji Kawamura 30889995cb NIFI-2145: Auto flow.xml archive
- Added following properties:
  - nifi.flow.configuration.archive.enabled
  - nifi.flow.configuration.archive.max.time
  - nifi.flow.configuration.archive.max.storage
- Removed manual archive operation:
  - Removed 'Back-up flow' link from UI since it's not needed any longer
  - Removed corresponding REST API controller/archive and its
    implementations
- Added FlowConfigurationArchiveManager to enclose archive related code
- Updated related docs
2016-07-14 10:35:16 -04:00
joewitt f987b21609 NIFI-1157 searched for and resolved all remaining references to deprecated items that were clearly addressable. 2016-07-14 09:32:35 -04:00
Matt Gilman 6e5e4cf52b NIFI-2204:
- Move bulletins out of the controller status endpoint.
NIFI-2238:
- Ensuring the controller bulletins are rendered on screen.
NIFI-2246:
- Ensuring the correct number of bulletins are returned when clustered.
2016-07-14 08:50:26 -04:00
Matt Gilman a989f6b9c2 NIFI-2254: - Addressing accessing URI on the wrong object.
This closes #644

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-07-13 16:18:09 -04:00
Mark Payne 6b87e1ea84 NIFI-2252: Fixed issue where POST to Controller Resource createControllerService and also ensure that URI is set on the entity. This closes #641 2016-07-13 14:40:43 -04:00
Scott Aslan 252bfb5c31 [NIFI-2248] update disable toolbox component style. This closes #640 2016-07-13 14:29:31 -04:00
Koji Kawamura 7db728d219 NIFI-906: This closes #600. Make NiFi docs responsible
- Switched from absolute layout to responsible using flex-box.
- Added toggle switch to control component listing pane visibility.

Signed-off-by: joewitt <joewitt@apache.org>
2016-07-13 10:40:53 -04:00
Matt Gilman 1e1630cc69 NIFI-2182:
- Ensuring the active thread count is shown.
NIFI-2019:
- Ensuring correct color of the run status in the From connection label.
NIFI-2183:
- Removing the DownloadSvg servlet and hidding the download icon until we're able to support save the svg entirely from the client side.

This closes #634.
2016-07-13 09:32:47 -04:00
Matt Gilman 8ab9fca7f8 NIFI-2232:
- Dynamically updating the global menu according to the current users permissions.

This closes #635.
2016-07-13 09:21:55 -04:00
Matt Gilman 9e2f52c8b5 NIFI-2249:
- Making the URI accessibility outside of the component.
2016-07-13 09:01:05 -04:00
Scott Aslan 8db89c8c0b [NIFI-2205] Update Cluster Shell
[NIFI-2217] fix single node and cluster link
[NIFI-2219] Fix styles on provenance cluster search combo
[NIFI-2180] Fix settings shell table text alignment for run status
[NIFI-2140] Update preview image for Change Color dialog
[NIFI-2131] update progress bars/percent complete to use angular material progress linear directive
[NIFI-2099] add header text to all ok and yes/no dialogs
[NIFI-2233] fix invalid/warning icon shifts position as tasks are added
[NIFI-2131] update progress bars/percent complete
[NIFI-2140] Update preview image for label. This closes #627
2016-07-12 23:33:21 -04:00
Matt Gilman e0c96794fa NIFI-2095:
- Adding a page for managing users and groups.
- Adding a page for managing access policies.
- Renaming accessPolicy in entity to permissions to avoid confusion with the accessPolicy model.
- Adding an Authorizable for access policies.
- Refactoring access policies endpoints.
NIFI-2022:
- Implementing site to site authorizations.
2016-07-12 15:45:13 -04:00
Bryan Bende ba763b95e8 NIFI-2003 Creating abstract authentication provider and incorporating into existing providers
NIFI-2201 Add support for seeding cluster nodes in authorizations.xml
- Passing client address along in user context on authorization requests
- This closes #628
2016-07-12 11:20:29 -04:00
Andy LoPresto 4b9df7d1e2 NIFI-2186 Refactored CertificateUtils to separate logic for DN extraction from server/client sockets. Added logic to detect server/client mode encapsulated in exposed method.
Added unit tests for DN extraction.
Corrected typo in Javadoc.
Switched server/client socket logic for certificate extraction -- when the local socket is in client/server mode, the peer is necessarily the inverse.
Fixed unit tests.
Moved lazy-loading authentication access out of isDebugEnabled() control branch.
This closes #622
2016-07-11 23:15:28 -04:00
Scott Aslan 039fd70ded [NIFI-2147] Fix Warning/Invalid roll-over text. This closes #620 2016-07-11 23:01:46 -04:00
Mark Payne cf183e15e3 NIFI-2185: Proxy requests through the cluster coordinator rather than making use of distributed read/write locks. This closes #621 2016-07-11 08:12:44 -04:00
Scott Aslan b836db21a6 [NIFI-2198] Fix Ctrl Service GoTo
[NIFI-1879] Update component state dialog styles to support large description texts
[NIFI-2197] Update some shell styles
This closes #619
2016-07-11 07:15:48 -04:00
Scott Aslan 22f72c3d2e [NIFI-2189] Update open/close handlers for dialogs
[NIFI-2190] About Dialog fixed text overlayed on image
[NIFI-2187] Update iconResize.png
[NIFI-2166] When adding Processor to canvas, previously selected tags is no longer selected
This closes #615
2016-07-08 08:52:29 -04:00
Scott Aslan fa351a61ab [NIFI-2038] Make component buttons larger, add hover icon, and add grip across bottom
[NIFI-2031] update global menu styles
[NIFI-2037] Increase header icons font sizes
[NIFI-2036] update logo
[NIFI-2144] consistent view details icons
This closes #604
2016-07-08 08:50:16 -04:00
Scott Aslan b7a584122d [NIFI-2018] Update icons used in Context Menu
[NIFI-2108] update favicon
This closes #607
2016-07-07 07:52:28 -04:00
Bryan Bende c5889314ca NIFI-2171 Removing list of groups from User
- Making FileAuthorizer not update the resource or action when updating an AccessPolicy
- Adding corresponding READ policies during initial seeding and legacy conversions
- Adding checks to FileAuthorizer to ensure only one policy per resource-action
- Removing merging of policies on legacy conversion since we have one action per policy now
- This closes #608
2016-07-06 16:56:07 -04:00
Mark Payne f4c94e349c NIFI-2170: Refactor RevisionManager into a RevisionManager and a DistributedLockingManager. This closes #610 2016-07-06 14:36:12 -04:00
Scott Aslan 293dc29936 [NIFI-2081] Responsive dialog content, tab content, and scrollable styles. This closes #594 2016-07-06 08:02:49 -04:00
Mark Payne e7e349631f NIFI-2021: Fixed infinite replicated recursion. This closes #597 2016-07-01 16:42:10 -04:00
Matt Gilman ce5330330a NIFI-1781:
- Updating UI according to permissions through out the application.
- Shuffling provenance events, template, and cluster search REST APIs according to resources being authorized.
- Moving template upload controls.
- Removing username where appropriate.
- Addressing issues when authorizing flow configuration actions.
- Code clean up.
2016-07-01 15:10:27 -04:00
Mark Payne 8eb0a3882c NIFI-2150:
Cleanse more values from templates that are not necessary. Additionally, updated javadocs in ProcessorConfigDTO to provide further explanation of the getAutoTerminatedRelationships() method, since this was confusing
Removed additional unused fields from templates
Populating snippet response using actual components rather than the snippet contents.
This closes #593
2016-07-01 14:21:02 -04:00
Mark Payne ae9e2fdf0b NIFI-2123: Add authorization of provenance events; refactor core classes so that Authorizable is located within nifi-api. This closes #592 2016-06-30 07:57:17 -04:00
Bryan Bende f43f47694c NIFI-2138 Making AccessPolicy have a single RequestAction. This closes #590 2016-06-28 16:32:27 -04:00
Jeff Storck 41f3253445 NIFI-1952 Update to revision-locking for users and groups
Adding user and group summary objects (TenantEntity)
Fixed ComponentEntity JSON mapping issues when the id field is null
Removing unecessary revision checking.
Fixing error message when checking user, group, and policy revision.
This closes #589
2016-06-28 15:38:01 -04:00
Bryan Bende 8c837ba1ea NIFI-2127 Adding support for managing the user-group relationship from the Group side. This closes #588 2016-06-28 14:25:38 -04:00
Scott Aslan bb0ea78741 [NIFI-2027] Responsive Tables. This closes #577 2016-06-28 08:16:50 -04:00
Jeff Storck 64719b6f9b NIFI-1952 Updated StandardPolicyBasedAuthorizerDAO to throw ResourceNotFoundExceptions when user/group/policy not found
Added spec for StandardPolicyBasedAuthorizerDAO
Added exception mapper for AuthorizationAccessException, added mapper to nifi-web-api-context.xml
Added rest endpoints to get all users and user groups
Merged UsersResource and UserGroupsResource into TenantsResource
This closes #582
2016-06-26 22:23:25 -04:00
Matt Gilman 82268afb0d NIFI-1554: - Updating cluster detection to support access through the flow resource. - Using the correct resource when authorizing a root group port during site to site.
This closes #579.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-06-24 16:59:06 -04:00
Matt Gilman f0811ca45a NIFI-1554:
- Addressing access controls for the Controller resource.
- Addressing access controls for RAW site to site clients.
- Addressing access controls for downloading content (from provenance and queue).
- Addressing access controls for accessing queues.
- Addressing access controls for cluster endpoints.
- Addressing access controls for counter endpoints.
- Removing redundant authorization calls.
NIFI-2044:
- Requiring revision when creating components.
- Requiring component creation over POST requests.
NIFI-1901
- Continuing to restore access control tests.
- Converting access control tests to itegration tests.
- Restoring contrib check to travis build.
- This closes #567
2016-06-23 17:09:54 -04:00
Mark Payne 0e085bdddd NIFI-2065: When a provenance query matches the max number of results requested, stop querying lucene for improved performance
This closes #558
2016-06-22 13:27:31 -04:00
Mark Payne 36ab8474dd NIFI-1900: Verify that connection's destination is not running when trying to change destination
This closes #550
2016-06-22 12:39:53 -04:00
Jeff Storck f47be77b6a NIFI-1952 Create REST endpoints for user/group/policy management
created REST Resources for users, groups, and access policies
added Authorizables for users, groups, and access policies
added methods to DtoFactory and EntityFactory to create objects for users, groups, and access policies
extracted anonymous AuthorizableLookup impl in StandardNiFiServiceFacade.java to a protected class to make the lookup call mockable in tests
added methods to manage users/groups/access policies to StandardNiFiServiceFacade
added StandardNiFiServiceFacadeSpec to unit-test management of users/groups/access policies
added implementations for UserDAO, GroupDAO, AccessPolicyDAO.
added spring config for user/group/policy resources and daos
Updated user/group/policy creation via REST resources, no longer requires the use of the revision manager
updated StandardNiFiServiceFacadeSpec based on user/group/policy creation changes
condensed user/group/policy DAOs to a single DAO (StandardPolicyBasedAuthorizerDAO)
fixed spring config of user/group/policy REST resources
Updated to return ComponentEntity objects instead of just their IDs
mid-progress on updating tests
updated code and tests to return component entities from REST endpoints for users, groups, policies
This closes #526
2016-06-22 10:12:41 -04:00
Scott Aslan 32facaedb4 [NIFI-1879] Update dialog content scrollable styles. This closes #560 2016-06-22 08:11:12 -04:00
Matt Gilman 27ff5f9a87 NIFI-2075:
- Fixing issue rendering event rows while visible in the shell.
- Fixing issue go to/from the event table and lineage graph.
- Fixing visibility of the event table header, search, and filter controls.
- This closes #559
2016-06-22 07:47:03 -04:00
Scott Aslan 8ed66e5df1 [NIFI-1879] Update containment for status history dialog. This closes #557 2016-06-21 21:49:36 -04:00
Matt Gilman 9e54a3d260 NIFI-1946: - Updating palette styling.
- Providing selection context.
- Updating add connection icon.
NIFI-2058: - Updating defaults for connection backpressure.
NIFI-2014: - Updating birds eye colors.
NIFI-2016: - Updating default label color.
NIFI-2013: - Updating how we color processors.
NIFI-2043: - Using correct group id when creating controller services inline.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-06-21 17:11:21 -04:00
Scott Aslan 8b27ed905d [NIFI-1879] Responsive dialogs and dialog UX refresh. This closes #523 2016-06-21 14:48:14 -04:00
Mark Payne ce8a0de368 NIFI-1994: Fixed issue with Controller Service Fully Qualified Class Names and ensure that services are added to the process groups as appropriate when instantiating templates
NIFI-1882: Ensuring Controller Services are copied as part of a ProcessGroupDTO. This closes #517
2016-06-20 22:24:25 -04:00
Yolanda M. Davis cb3aa8f5c9 NIFI-1850 - Initial Commit for JSON-to-JSON Schema Converter Editor (merge from 0.7.0 - refactor for masterless cluster). This closes #511 2016-06-20 20:30:25 -04:00
Mark Payne c955ec1689 NIFI-2033: Allow Controller Services to be scoped at Controller level instead of just group level. This closes #540 2016-06-17 13:26:30 -04:00
Matt Gilman 0b437e09a7 NIFI-2007:
- Restoring bulletin functionality.
- Ensuring appropriate merging of bulletins in clustered responses.
2016-06-17 13:20:20 -04:00
Matt Gilman fbd299e885 NIFI-1901: - Building component based access control tests for Connections, Funnels, Labels, Input Ports, Output Ports, Processors, and Process Groups. - Restoring Access Token Endpoint tests.
This closes #518

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-06-17 10:16:09 -04:00
James Wing c2b26eb311 Merging NIFI-1941 Child Group Contents in Exported Templates
Signed-off-by: James Wing <jvwing@gmail.com>
This closes #532
2016-06-16 22:05:59 -07:00
Matt Gilman edce66d34f NIFI-1941:
- Ensuring descendent components are scheduled/unscheduled according to their respective ProcessGroups.
2016-06-16 20:17:16 -04:00
Matt Gilman 3156220a57 NIFI-1941:
- Ensuring child group contents are included in exported templates.
2016-06-16 20:00:39 -04:00
Oleg Zhurakousky 8e4a4532df
NIFI-1690 Changed MonitorMemory to use allowable values for pool names
- removed dead code from MonitorMemory
- added MonitorMemoryTest
- minor refactoring in MonitorMemory
- initial fix for NIFI-1731 (WARN/INFO logging) that was required by MonitorMemoryTest

NIFI-1690 polishing

NIFI-1690 address PR comments, removed default value for MEMORY_POOL_PROPERTY

NIFI-1690 addressed latest PR comments

NIFI-1690 fixed breaking changes

Fixed checkstyle issue in StandardProcessScheduler. (+2 squashed commits)
Squashed commits:
[03829c4] Fixed checkstyle issues.
[cb20fe6]

This closes #328.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-06-16 15:17:13 -07:00
Matt Gilman 6e74c10f49 NIFI-2041:
- Fixing issue when attempting to refresh Controller Services when scoped by Process Group.
- This closes #535
2016-06-16 16:51:35 -04:00
Matt Gilman b3de8f76fe Addressing contrib-check issues. 2016-06-16 09:55:10 -04:00
Mark Payne b753a82d7e NIFI-2000: Ensure that if we override setters in ApplicationResource that we call the super class's setter as well
NIFI-2000: Updated to avoid multiple instance variables and instead just provide a getter in ApplicationResource

This closes #522
2016-06-15 13:00:37 -04:00
Mark Payne 992b5552bb NIFI-1996: Fixed bug in the generation of UUID's for components when dealing with Snippets
This closes #519
2016-06-15 09:33:30 -04:00
Matt Gilman 75bb4bfaa2 NIFI-1781:
- Listening for window resize events more selectively.
- Fixing malformed request when configuring remote process group ports.
- Fixing malformed request when starting/stopping a selected process group.
- Fixing default value for authorizers.xml.
- This closes #524
2016-06-13 16:55:01 -04:00
Koji Kawamura c120c4982d NIFI-1857: HTTPS Site-to-Site
- Enable HTTP(S) for Site-to-Site communication
- Support HTTP Proxy in the middle of local and remote NiFi
- Support BASIC and DIGEST auth with Proxy Server
- Provide 2-phase style commit same as existing socket version
- [WIP] Test with the latest cluster env (without NCM) hasn't tested yet

- Fixed Buffer handling issues at asyc http client POST
- Fixed JS error when applying Remote Process Group Port setting from UI
- Use compression setting from UI
- Removed already finished TODO comments

- Added additional buffer draining code after receiving EOF
- Added inspection and assert code to make sure Site-to-Site client has
  written data fully to output
stream
- Changed default nifi.remote.input.secure from true to false

This closes #497.
2016-06-09 15:09:57 -04:00
Mark Payne 8a447eec66 NIFI-1052: Added Ghost Processors, Ghost Reporting Tasks, Ghost Controller Services
This closes #499.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-06-08 15:23:29 -04:00
Mark Payne 18133988a0 NIFI-1984: Ensure that if an Exception is thrown by the 'Deletion Task' when calling NaiveRevisionManager.deleteRevision() that the locking is appropriately cleaned up
This closes #510
2016-06-08 10:31:36 -04:00
Scott Aslan 6710094bd7 create bower.options mvn property to support bower cli options...including --offline
Signed-off-by: Matt Burgess <mattyb149@apache.org>

This closes #505
2016-06-07 14:05:32 -04:00
Bryan Bende 8d8a9cba79 NIFI-1916 Updating FileAuthorizer to extend AbstractPolicyBasedAuthorizer and adding intial loading of data users, groups, and policies
- Implementing CRUD operations and unit tests for Users
- Implementing CRUD operations and unit tests for Groups
- Implementing CRUD operations and unit tests for AccessPolicies
- Adding support for seeding with an initial admin user
- Fixing delete for user and group so it removes references from policies
- Adding example to authorizations.xml
- Adding back the old users schema in preparation for auto-converting to the new format, and providing the AuthorizationConfigurationContext with access to the root process group id
- Refactoring some of the FileAuthorizer to ensure thread safety
- Adding /groups to policies created for initial admin
- This closes #473
2016-06-03 17:26:22 -04:00
Matt Gilman 806f4d549d NIFI-1951:
- Removing deprecated NiFiWebContext and related classes.
- Adding authorization to Custom UIs.
- Fixing issue when creating ControllerService inline.
- Addressing contentType issue when attempting to clear component state.
- This closes #489
2016-06-03 16:52:02 -04:00
Mark Payne df0e4e7960 NIFI-1897:
- Refactoring to allow requests to be replicated from a node to other nodes
- Renaming cluster node connection/read timeout properties.
- Renaming NCM DN to Cluster Coordinator DN.
- Fixing default values in properties.
- Starting to fix Spring context to load correctly in standalone mode.
- Using the cluster protocol to handle connection failures instead of heartbeats.
- Ensured replicate call is returned from ControllerResource.
- Ensure the appropriate classloader when serializing templates.
- Handling when the flow contents are null.
- This closes #488
2016-06-03 15:29:16 -04:00
Matt Gilman f0f74fe404 NIFI-1928:
- Fixing UI action for bulk delete.
- Removing registration form.
- Fixing default visibility of the anonymous user warning.
2016-06-02 11:56:10 -04:00
Matt Gilman 950e0cfa58 NIFI-1265:
- Upgrading the jspc maven plugin.
2016-06-02 09:49:57 -04:00
Matt Gilman e587c99855 NIFI-1265:
- Upgrading to Jetty 9.3.
2016-06-02 09:49:57 -04:00
Jeff Storck 3e064101e9 NIFI-1948 Fixed encoding-version attribute not getting created in exported templates. This closes #485 2016-06-02 09:29:11 -04:00
Jeff Storck 893daf567d NIFI-1908 Added encoding-version attribute to TemplateDTO
added scaling of templates upon instantiation for placement on the canvas
added template-0.7.0.xml for live-testing the import of templates

Fixing issue with potentially uninitialized RemoteGroupPorts in copySnippet.

This closes #471
2016-05-30 14:40:52 -04:00
Matt Gilman b075f238a5 NIFI-1564:
- Addressing issue referencing the global jQuery variable in the content viewer.
- This closes #421
2016-05-26 15:23:29 -04:00
Matt Gilman a0ff2f7a9f NIFI-1554:
- Refactoring Cluster endpoints.
- Updating frontend to accomodate clustering endpoints.
- Remove the 'Make Primary' action.
- This closes #470
2016-05-26 14:28:24 -04:00
Matt Gilman 9152a9fdbb NIFI-1800:
- UI style updates to make the components stand out better.
- Reusing controller service table in different contexts (controller, process group, etc).
- This closes #469
2016-05-26 14:15:56 -04:00
Matt Gilman 4dd50c80a4 NIFI-1781:
- Including access policies in the breadcrumb's trail.
- Updating toolbox according to group access policies.
- Updating actions in palette based on selection access policies.
NIFI-1554:
- Introducing authorization during two phase commit.
- Introducing snippet authorization according to the encapsulated components and the action performed.
- This closes #461
2016-05-23 14:15:32 -04:00
Mark Payne 4b74e4de74 NIFI-1745: Refactor how revisions are handled at NCM/Distributed to Node. This closes #454 2016-05-20 14:04:24 -04:00
Matt Gilman 8bb56fca68 NIFI-1554:
- Introducing ControllerService and ReportingTask authorization and revision.
- Removing the revision where appropriate.
NIFI-1883
- Restoring referencing components automatically.
- This closes #448
2016-05-17 10:32:55 -04:00
rkarthik29 cfd36c5539 fix for 1864
Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-05-17 08:38:26 -04:00
Mark Payne 270944ec69 NIFI-1801: Scope Templates to Process Groups. This closes #446. 2016-05-16 16:12:43 -04:00
Matt Gilman 3cc16d35ed NIFI-1742:
- Addressing issues when creating a new inline controller service.
- Ensuring controller service referencing components are updated.
- Including revisions and status with each component.
- Dynamically updating component and authorization states.
- This closes #435
2016-05-12 12:41:11 -04:00
Scott Aslan 3c3304aff4 [NIFI-1782] new search UX and add angular control of flow status values. This closes #433 2016-05-11 16:39:38 -04:00
Mark Payne 25e7f314b1 NIFI-1800: Tie Controller Services to Process Groups. This closes #431 2016-05-11 14:56:05 -04:00
Scott Aslan cb67520129 [NIFI-1707] upgradeable angular components 2016-05-09 15:16:12 -04:00
ijokarumawak 5fb27e608f NIFI-1860 Added ContainerRequestFilter to redirect. This closes #422
- redirect /controller to /site-to-site
2016-05-09 08:17:46 -04:00
James Wing 257590dec3 NIFI-1711 Client-side JS for proxy-friendly URLs. This closes #316 2016-05-08 21:32:34 -04:00
Jeremy Dyer 7a5d53b8d3 NIFI-1747 add maven-jar-plugin to create jar as part of the existing nifi-web-api build process
This closes #340.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-05-08 14:31:25 -04:00
jpercivall e5925ff4b3 Fixing contrib check 2016-05-06 18:02:44 -04:00
Matt Gilman 9db1def6c6 NIFI-1781:
- Incorporating updated styles to reflect component level authorization.
- Updating canvas for new look and feel.
- This closes #417
2016-05-06 15:50:06 -04:00
Mark Payne 04c41c0654 NIFI-1678:
- Started refactoring heartbeating mechanism, using a new package: org.apache.nifi.cluster.coordination
- Added configuration options for ZooKeeper username & password for heartbeat management. Also addressed issue where nodes that were previously disconnected were asked to disconnect upon restart
- Ensure that ACL is set properly when creating heartbeat node. Removed unused ControllerStartupFailureMessage.java
- Changed ZooKeeper ACL's so that container nodes that would not be sensitive are wide open and removed the usage of username & password when communicating with ZooKeeper. This was done specifically because username/password combination is considered a 'testing' feature that should not be used in production and is not supported by Apache Curator
- Refactored CuratorHeartbeatMonitor into an abstract heartbeat monitor that is responsible for processing heartbeats and CuratorHeartbeatMonitor that is responsible for retrieving heartbeat information
- Refactored so that heartbeats are sent to Cluster Coordinator directly instead of to ZooKeeper. ZooKeeper is used to know which node is the cluster coordinator but heartbeats to the Cluster Coordinator provide additional information about the nodes.
- Started refactoring heartbeating mechanism, using a new package: org.apache.nifi.cluster.coordination
- Added configuration options for ZooKeeper username & password for heartbeat management. Also addressed issue where nodes that were previously disconnected were asked to disconnect upon restart
- Changed ZooKeeper ACL's so that container nodes that would not be sensitive are wide open and removed the usage of username & password when communicating with ZooKeeper. This was done specifically because username/password combination is considered a 'testing' feature that should not be used in production and is not supported by Apache Curator

NIFI-1727:
- Refactored logic for merging HTTP Requests that are federated across cluster

NIFI-1745:
- Refactoring how HTTP Requests are replicated to nodes
- Bug fixes and continuing to work on replication refactoring. Still need to handle cluster locking and revisions
- Begin work on RevisionManager
- Resolved some issues that resulted from rebase
- Fixed URIs to align with new URI's that will be used in 1.0.0
- This closes #413
2016-05-06 15:23:12 -04:00
Scott Aslan c527f64230 [NIFI-1762] Remove bower and npm from convenience binaries. This closes #412. 2016-05-04 15:23:11 -04:00
Scott Aslan 2824f5a23c NIFI-1782 cleanup whitespace and code styles
This closes #411
2016-05-03 15:32:49 -04:00
Scott Aslan 1df8fe44c4 [NIFI-1782] update toolbox, new global menu, and new pallattes...also introduced frontend-maven-plugin to allow bower to manage pulling in 3rd party libs at build time and not shipped with the source. This closes #395 2016-05-03 14:20:46 -04:00
jpercivall 0557095613 NIFI-1028 initial commit of NiFi In Depth documentation
NIFI-1028 addressing review comments
This closes #339
2016-05-03 14:01:45 -04:00
Matt Gilman ff98d823e2 NIFI-1554:
- Populating component entities in the REST API to decouple key fields from the configuration DTOs.
- Added initial support for components in UI when access isn't allowed. Formal styling to come later.
2016-04-29 14:49:14 -04:00
Mark Payne fb7b3fe4b8 NIFI-1678: Started refactoring heartbeating mechanism, using a new package: org.apache.nifi.cluster.coordination
Added configuration options for ZooKeeper username & password for heartbeat management. Also addressed issue where nodes that were previously disconnected were asked to disconnect upon restart

Ensure that ACL is set properly when creating heartbeat node. Removed unused ControllerStartupFailureMessage.java

Changed ZooKeeper ACL's so that container nodes that would not be sensitive are wide open and removed the usage of username & password when communicating with ZooKeeper. This was done specifically because username/password combination is considered a 'testing' feature that should not be used in production and is not supported by Apache Curator

Refactored CuratorHeartbeatMonitor into an abstract heartbeat monitor that is responsible for processing heartbeats and CuratorHeartbeatMonitor that is responsible for retrieving heartbeat information

Refactored so that heartbeats are sent to Cluster Coordinator directly instead of to ZooKeeper. ZooKeeper is used to know which node is the cluster coordinator but heartbeats to the Cluster Coordinator provide additional information about the nodes.

Code cleanup and incorporate comments from peer review

This closes #323
2016-04-22 15:01:04 -04:00
Andy LoPresto 9ea2275677
NIFI-1802 Separated /access REST API endpoints into separate section in API docs.
Fixed typo in DocGenerator comments.

This closes #376.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-04-21 21:18:14 -07:00
Matt Gilman add298168d NIFI-1554:
- Introducing new REST endpoints to align with the authorizable resources.
- Additionally changes to support the new endpoints.
- Addressing comments in PR.
- This closes #374.
2016-04-21 17:29:58 -04:00
Matt Gilman f54e5d4b1b NIFI-1551: - Ensuring the datum is included when getting the entity key in nf-actions.
This closes #364.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-04-19 10:23:10 -04:00
Scott Aslan 10986553aa [NIFI-1761] UI - Remove reminants of cluster-indicator. This closes #356 2016-04-15 16:12:51 -04:00
Matt Gilman 153f63ef43 NIFI-1551:
- Removing the AuthorityProvider.
- Refactoring REST API in preparation for introduction of the Authorizer.
- Updating UI accordingly.
- Removing unneeded properties from nifi.properties.
- Addressing comments from PR.
- This closes #359.
2016-04-15 16:03:00 -04:00
Scott Aslan 7db78e87a5 [NIFI-1761] UI - Introduce AngularJS application bootstrapping, Roboto fonts, and breadcrumbs directive. This closes #331 2016-04-15 09:46:06 -04:00
Mark Payne b59d3ece75 NIFI-1762: Changed Java dependency to 1.8 instead of 1.7 and refactored StandardNiFiServiceFacade to make use of Lambda expressions to simplify code base. Also had to address a unit test because changing to Java 8 results in calls to assertEquals to become ambiguous. This closes #352 2016-04-14 10:38:03 -04:00
Matt Gilman 3f4ac3156c Revert "NIFI-1551:"
This reverts commit c4d06f203d. Accidently merged wrong branch.
2016-04-07 16:22:35 -04:00
Matt Gilman c4d06f203d NIFI-1551:
- Starting to remove the AuthorityProvider.
- This closes #330
2016-04-07 16:18:36 -04:00
Mark Payne 1ac05266a5 NIFI-483: Use ZooKeeper's Leader Election to determine Primary Node. This closes #301
Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-04-04 11:47:08 -04:00
Mark Payne 0d3bd2c401 NIFI-1563: - Federate requests and merge responses from nodes instead of storing bulletins and stats at NCM - Updating UI to support restructured status history DTO. - Return 'Insufficient History' message if aggregate stats don't have enough data points, even if all nodes do (which can be the case if the node performing the aggregation has a different value for the 'nifi.components.status.snapshot.frequency' property than the other nodes) - Bug fixes; code cleanup; replicate requests to bulletin board endpoint - Refactored the <Component>StatusDTO objects into <Component>StatusDTO, <Component>StatusSnapshotDTO, Node<Component>StatusSnapshotDTO objects - Introducing endpoints for accessing individual component status. - Wiring up new endpoints and updated core. - Code clean up. - Starting to handling status merging of individual components. - Nodewise breakdown has been added to Processors but the remaining components still need to be updated. - Refactor so that System Diagnostics requests are replicated to nodes instead of the information being pulled from Heartbeats - Replicate request for counters instead of pulling them from heartbeats - Removed the getCounters / setCounters method from HeartbeatPayload - Implementing component specific endpoints. - Removing unused endpoints. - Supporting nodewise breakdown for system diagnostics and counters. - Updating DTOs to use more consistent naming. - Code clean up. - Addressing contrib issues. - Removed ProcessGroupStatus from HeartbeatPayload - Removing nodewise from the system diagnostics endpoint. Had included it for testing that option but did not intend for it to be committed. - Addressing comments in PR #294. - This closes #294
Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-04-04 11:42:39 -04:00
Matt Gilman 2de7f3f884 Updating versions to 1.0.0-SNAPSHOT. 2016-04-04 11:36:20 -04:00
Matt Gilman 16108467c1 NIFI-1695:
- Removing hidden control characters that were affecting graph styles. This closes #311
2016-04-04 11:26:55 -04:00
Aldrin Piri e977729b56 NIFI-1634-rc2 prepare for next development iteration 2016-03-23 18:56:34 -04:00
Aldrin Piri 0b9bd20d31 NIFI-1634-rc2 prepare release nifi-0.6.0-RC2 2016-03-23 18:56:22 -04:00
Mark Payne 38c782c30b NIFI-1650: Ensure that proper size and offset are specified for Content Claim when viewing FlowFiles still in queue 2016-03-21 10:30:24 -04:00
Aldrin Piri b44b177039 NIFI-1605 Adjust documentation and resources to reflect nifi.provenance.repository.rollover.time default
This closes #263

Signed-off-by: Matt Burgess <mattyb149@apache.org>
2016-03-17 22:14:24 -04:00
Andy LoPresto 76f2d5702f NIFI-1274 Added Kerberos authentication mechanism.
NIFI-1274 Cleaned up TODO statements. (+3 squashed commits)
Squashed commits:
[fd101cd] Removed logic to check for presence of services to determine if token support is enabled when username/password authentication is enabled (Kerberos also requires tokens).
[c2ce29f] Reverted import changes to RulesResource.java.
[c269d72] Added Kerberos authentication mechanism.

Moved Kerberos service wiring from XML to Java to handle scenario where admin has not configured Kerberos (previously threw NullPointerException in FileSystemResource constructor). (+15 squashed commits)
Squashed commits:
[09fc694] Added Kerberos documentation to Admin Guide.
[ecfb864] Cleaned up unused logic.
[157efb3] Added logic to determine if client certificates are required for REST API (login, anonymous, and Kerberos service authentication all disabled).
Cleaned up KerberosService by moving logic to NiFiProperties.
[5438619] Added documentation for Kerberos login-identity-providers.xml.
[3332d9f] Added NiFi properties for Kerberos SSO.
[b14a557] Fixed canvas call to only attempt Kerberos login if JWT not present in local storage.
Added logic to handle ticket validation failure in AccessResource.
Changed wiring of Kerberos service beans to XML in nifi-web-security-context.xml for consistency.
[c31ae3d] Kerberos SPNEGO works without additional filter (new entry endpoint accepts Kerberos ticket in Authorization header and returns JWT so the rest of the application functions the same as LDAP).
[98460e7] Added check to only instantiate beans when Kerberos enabled to allow access control integration tests to pass.
[6ed0724] Renamed Kerberos discovery method to be explicit about service vs. credential login.
[ed67d2e] Removed temporary solution for Rules Resource access via Kerberos ticket.
[c8b2b01] Added temporary solution for Rules Resource access via Kerberos ticket.
[81ca80f] NIFI-1274 Added KerberosAuthenticationFilter to conduct SPNEGO authentication with local (client) Kerberos ticket.
Added properties and accessors for service principal and keytab location for NiFi app server.
Added KAF to NiFiWebApiSecurityConfiguration.
Added AlternateKerberosUserDetailsService to provide user lookup without dependency on extension bundle (nifi-kerberos-iaa-provider).
Added dependencies on spring-security-kerberos-core and -web modules to pom.xml.
[0605ba8] Added working configuration files to test/resources in kerberos module to document necessary config. This version requires the user to enter their Kerberos username (without realm) and password into the NiFi login screen and will authenticate them against the running KDC.
Also includes a sample keystore and root CA public key for configuring a secure instance.
[49236c8] Added kerberos module dependencies to nifi/pom.xml and nifi-assembly/pom.xml.
Added default properties to login-identity-providers.xml.
[928c52b] Added nifi-kerberos-iaa-providers-bundle module to nifi/pom.xml.
Added skeleton of Kerberos authenticator using Spring Security Kerberos plugin.
This closes #284

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-03-17 13:10:09 -04:00
Oleg Zhurakousky 1c22f3f012 NIFI-1464 refactored the latest commit 2016-03-11 12:54:50 -05:00
Oleg Zhurakousky 48af0bfbc5 NIFI-1464 addressed latest PR comments
NIFI-1464 polishing
2016-03-11 12:54:50 -05:00
Matt Gilman 0d13de0cf3 NIFI-1539: - Comparing octet stream content type by using starts with and ignores case. 2016-02-25 10:13:07 -05:00
Sönke Liebau fc92441981 NIFI-1539 - Add normalization of content type for content viewing
Add code to ContentViewerController to strip content type of any trailing parameters and lowercase the type and subtype.

Added function to ViewableContent to enable retrieving the original value of the content type if needed.

This closes #242

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-02-25 10:12:45 -05:00
James Wing 24a77755de NIFI-1548 Fixing Controller Service Usage Button. This closes #245
Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-02-22 21:09:01 -05:00
Matt Gilman e7676ffae5 NIFI-1546: - Ensuring that the data reference query is not null before attempt to extract a cluster node id from it.
Signed-off-by: joewitt <joewitt@apache.org>
2016-02-22 12:39:37 -05:00
Matt Gilman a8edab2e79 NIFI-1497: - Introducing a one time use password service for use in query parameters when accessing UI extensions and downloading resources. - Using one time use tokens when accessing ui extensions and downloading resources. - Ensuring appropriate roles when accessing component details through the web context for custom UIs. - Addressing typo in class name. - Ensuring appropriate roles when accessing content through the content access. - Code clean up. - Refactoring some basic scripts for accessing JWT tokens so UI extensions can reuse common functionality.
Signed-off-by: Bryan Bende <bbende@apache.org>
2016-02-19 10:54:53 -05:00
joewitt 86ab4428f0 NIFI-1520 by default skip javadoc and source jar generation in nars and wars
Reviewed by Tony Kurc (tkurc@apache.org). This closes #234
2016-02-18 18:45:26 -05:00
Tony Kurc ad73b5c9d9 NIFI-1379-RC3 prepare for next development iteration 2016-02-12 17:28:10 -05:00
Tony Kurc 8309dba80b NIFI-1379-RC3 prepare release nifi-0.5.0-RC3 2016-02-12 17:27:59 -05:00
Matt Gilman 778229eb52 NIFI-1499: - Ensuring the universal keystroke capture is available to UI extensions.
Signed-off-by: joewitt <joewitt@apache.org>
2016-02-10 19:15:48 -05:00
Matt Gilman f4487dd5f6 NIFI-1492: - Limiting the amount of state entries returned to a client. - Code clean up.
Signed-off-by: joewitt <joewitt@apache.org>
2016-02-09 20:48:56 -05:00
Aldrin Piri 1c03fc7871 Removing unused import to remedy checkstyle error on previous documentation update. 2016-02-09 16:13:16 -05:00
Aldrin Piri a33289393d Correcting documentation on SnippetResource#createSnippet to reflect that it is creating a snippet. 2016-02-09 15:33:46 -05:00
Tony Kurc 5be83166ee NIFI-1485: Updated 'header' section of NiFi NOTICE files 2016-02-07 13:52:00 -05:00
Tony Kurc 303f8eabf1 NIFI-1379: Move to 0.5.0-SNAPSHOT, add tkurc code signing key to keys 2016-02-06 08:49:48 -05:00
Matt Gilman 7314af6177 NIFI-259: - Addressing issues that arose from a merge conflict.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-02-05 17:47:56 -05:00
Aldrin Piri 4df6512126 Merge branch 'NIFI-259' 2016-02-05 14:09:29 -05:00
Andy LoPresto 498b5023ce NIFI-1257 NIFI-1259
Added utility method to return the maximum acceptable password length for PBE ciphers on JVM with limited strength crypto because BC implementation is undocumented (based on empirical evidence).
Updated EncryptionMethod definitions to accurately reflect need for unlimited strength crypto according to algorithm key length.
Added processor logic to invoke keyed cipher.
Added EncryptContent processor property for raw hex key (always visible until NIFI-1121).
Added validations for KDF (keyed and PBE) and hex key.
Added utility method to return list of valid key lengths for algorithm.
Added description to allowable values for KDF and encryption method in EncryptContent processor.
Added IV read/write to KeyedCipherProvider and changed from interface to abstract class.
Added salt read/write logic to NifiLegacy and OpenSSL cipher providers.
Changed RandomIVPBECipherProvider from interface to abstract class.
Updated strong KDF implementations.
Renamed CipherFactory to CipherProviderFactory.
Added unit test for registered KDF resolution from factory.
Updated default iteration count for PBKDF2 cipher provider.
Implemented Scrypt cipher provider.
Added salt translator from mcrypt format to Java format.
Added unit tests for salt formatting and validation.
Added surefire block to groovy unit test profile to enforce 3072 MB heap for Scrypt test.
Added local Java implementation of Scrypt KDF (and underlying PBKDF2 KDF) from Will Glozer.
Defined interface for KeyedCipherProvider.
Implemented AES implementation for KeyedCipherProvider.
Added Ruby script to test/resources for external compatibility check.
Added key length check to PBKDF2 cipher provider.
Changed default PRF to SHA-512.
Added salt and key length check to PBKDF2 cipher provider.
Added utility method to check key length validity for cipher families.
Added Bcrypt implementation.
Implemented PBKDF2 cipher provider.
Added default constructor with strong choices for PBKDF2 cipher provider.
Implemented NiFiLegacyCipherProvider and added unit tests.
Added key length parameter to PBKDF2 cipher provider.
Added PRF resolution to PBKDF2 cipher provider.
Added RandomIVPBECipherProvider to allow for non-deterministic IVs.
Added new keyed encryption methods and added boolean field for compatibility with new KDFs.
Added CipherFactory.
Improved Javadoc in NiFi legacy cipher provider and OpenSSL cipher provider.
Added KeyedCipherProvider interface.
Added OpenSSL PKCS#5 v1.5 EVP_BytesToKey cipher provider and unit test.

This closes #201.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-02-04 19:40:55 -05:00
Matt Gilman 6f4c3db186 NIFI-259:
- Fixing the line height to ensure the multiline ellipsis is consistent across browsers.
2016-02-04 08:59:26 -05:00
Matt Gilman dbe8ff3f44 NIFI-1426:
- Ensuring we aren't preventing default when focused in a textarea.
2016-02-01 08:28:18 -05:00
Matt Gilman b3990ecdcf NIFI-1426: - Introducing a universal capture for key events to ensure a consistent behavior throughout the application. - Allowing backspace to remove components from the canvas. - Introducing a more consistent behavior around the escape button.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-28 12:23:02 -06:00
Andy LoPresto 93aac8cff3 NIFI-1365
Added Groovy support for unit tests to pom with skeleton test.
Added Groovy unit tests for OCSPCertificateValidator.
Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate.
Modified pom.xml to support Groovy unit tests with custom variable.

mvn clean test -Dgroovy=test

Added local cache injection into Groovy tests for OCSP certificate validation (see NIFI-1324 and NIFI-1364).
Set Java version to 1.7 for Groovy test src/target.
Moved Groovy unit test profile from nifi-web-security to root pom.
Added null check for algorithm argument in PGPUtil.
Changed buffer length check from ">= 0" to "> -1" because it was confusing other developers.
Resolved contrib-check line length issues.
Fixed contrib-check issues in OpenPGPKeyBasedEncryptorTest.
This closes #163

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-01-26 17:37:59 -05:00
Matt Gilman d71266502c NIFI-1435: - Addressing typo when initializing and showing the reporting task property table which prevented dynamic properties to be created. 2016-01-25 10:42:37 -05:00
Matt Gilman a7d3f8d75f NIFI-1428: - Adding a button to link from a flowfile in a queue listing to a provenance search for that flowfile.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 18:26:52 -05:00
Matt Gilman b25db650fd NIFI-1400: - Addressing sort issues with the controller service and reporting task tables. Specifically addressing bulletins, type, and state.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 16:41:14 -05:00
Matt Gilman 8392b46597 NIFI-1397: - Only resetting the node availability when closing the new controller service or reporting task dialog.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 13:20:58 -05:00
Mark Payne 3e13996512 Merge branch 'master' into NIFI-259 2016-01-21 15:02:00 -05:00
Mark Payne b07e13a1d8 NIFI-259: Bug fixes 2016-01-21 13:44:44 -05:00
Matt Gilman 53322c99ac NIFI-1383: - Ensuring appropriate access and state prior to attempting an action with hot keys. - Fixing contrib-check issue. 2016-01-21 12:39:45 -05:00
Matt Gilman 561f5b740a NIFI-1383: - Ensuring that nodes are not kicked out of the cluster when failing to successfully process a mutable request (like copy/paste). - Showing a more descriptive error message when possible. - Ensuring we don't try to instantiate an incomplete flow snippet. 2016-01-21 12:39:28 -05:00
Matt Gilman c18f75c597 NIFI-259:
- Ensuring component state is sorted accordingly when loaded in the table.
2016-01-21 11:25:17 -05:00
Mark Payne f6ec437bc7 Merge branch 'master' into NIFI-259 2016-01-21 09:32:02 -05:00
Matt Gilman 0d7edcb3ac NIFI-108:
- Removing sort from UI.
- Addressing issues with listing and flowfile retrieval when clustered.
- Making the context menu item available when source and destination are still running.
- Adding a refresh button to the queue listing table.
- Fixing the flowfile summary sorting in the cluster manager.
- Adding a message when the source or destination of a connection is actively running.
- Updating the documentation regarding queue interaction.
- Updating the error message when a flowfile is no longer in the active queue.
- Updated queue listing to allow listing to be done while source and destination are running but not sort or have ability to search
- Added heartbeat when we finish clearing queue
- Addressing comments from review.
2016-01-21 08:13:32 -05:00
Mark Payne 16dcf4595c Merge branch 'master' into NIFI-259 2016-01-18 08:48:30 -05:00
Mark Payne eba25ecaca NIFI-259, NIFI-1339: Added OnConfigurationRestored annotation, always invoke onPropertyModified even on restart when properties are changed from defaults, as was done previously 2016-01-17 14:40:27 -05:00
Matt Gilman 5b62ff0fc3 NIFI-259:
- Only providing the View State menu item for DFMs.
2016-01-14 15:36:57 -05:00
Matt Gilman 4236125f2b NIFI-259:
- Fixing Consumes for clear state endpoints.
2016-01-14 15:35:53 -05:00
Matt Gilman ae6f615365 NIFI-259:
- Code clean up.
- Adding component state actions to the controller service and reporting task tables.
2016-01-14 13:09:39 -05:00
Matt Gilman 65dfcd06a3 NIFI-259:
- Fixing contrib check issues.
2016-01-14 11:16:35 -05:00
Matt Gilman 1a7e6c735d NIFI-259:
- Exsuring the component state css file is included in aggregated builds.
2016-01-13 17:20:11 -05:00
Matt Gilman f0d8f73f26 NIFI-259:
- Addressing some minor layout issues with the view state dialog.
- Ensuring appropriate locking when attempting to clear state.
2016-01-13 16:57:59 -05:00
Matt Gilman 3f4bd919a9 NIFI-259:
- Merging responses when clustered to populate node details.
- Fixed bug when clearing processor state when clustered.
- Cleared the table after successfully clearing state.
2016-01-13 15:12:17 -05:00
Matt Gilman d05314c54b NIFI-259:
- Initial implementation of viewing and clearing state for a processor.
2016-01-13 13:35:24 -05:00
Matt Gilman bbd35a0258 NIFI-259:
- Adding endpoints for getting and clearing component state.
2016-01-12 10:43:30 -05:00
Andy LoPresto ffbfffce6d NIFI-1324:
Changed Maven dependencies for BouncyCastle bcprov and bcpg from jdk16:1.46 to jdk15on:1.53 (kept nifi-web-security on jdk16:1.46 because jdk15on:1.53 splits OCSP logic into new module bcpkix).
Added individual unit tests for PGP public keyring validation.
Passes all legacy unit tests.
Added TODOs for customizable brick encryption and refactoring shared code.
Cleaned up magic numbers to constants.
Added unit tests for OpenPGPPasswordBasedEncryptor (internal consistency and legacy file decrypt).
Began refactoring shared encrypt code from OpenPGP* implementations.
Extracted encrypt utility method from OpenPGPPasswordBasedEncryptor to PGPUtil class.
Added test resources (signed and unsigned key-encrypted files).
Added unit tests for OpenPGPKeyBasedEncryptor (internal consistency and external file decrypt).
Changed BC dependency for nifi-web-security to bcprov-jdk15on:1.53 and bcpkix-jdk15on:1.53.
Updated OCSPValidator to use new BC logic for OCSP validation. This code compiles but should be fully audited, as the legacy OCSP validation was not completely implemented.
Added skeleton of OCSP validator unit tests with successful keypair and certificate generation and signing code.
Added further unit tests for issued certificates.
Annotated unimplemented unit tests with note about Groovy integration.
Refactored Jersey call in OCSPCertificateValidator to internal method.
Added toString() to NiFi local OcspRequest.
Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate.
Resolved contrib-check issues.
Removed ignored code in unit test.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-01-12 09:22:51 -05:00
Mark Payne d2a969e3d6 NIFI-259: Initial implementation of State Management feature 2016-01-11 16:38:52 -05:00
Matt Gilman fdef994ead NIFI-1346: - Always showing input and output content for a provenance event.
Signed-off-by: joewitt <joewitt@apache.org>
2016-01-10 15:08:09 -05:00
Matt Gilman 6e9175459f NIFI-1363: - Using the appropriate namespace to call the function to detect if the content viewer is configured.
Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-01-07 17:15:44 -05:00
Aldrin Piri 3d487a5381 NIFI-1354 Using the newly generated keystore and truststore throughout the code base and updating an associated test to utilize the specified properties. 2016-01-06 18:16:37 -05:00
Mark Payne b330fd1601 NIFI-108: Built out 'skeleton' of the requests so that web tier can be written against it
NIFI-108: Implementing ability to list FlowFiles in a queue

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108: Added merging of response for listing of flowfiles in cluster manager

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108:
- Adding checkstyle issues.

NIFI-108: Add clusterNodeId to FlowFileSummaryDTO

NIFI-108: Added unit tests; added verifyCanList method to queue; fixed bugs

NIFI-108:
- Adding compilation error for IOException from getFlowFile().
- Code clean up.
- Javadocs.

NIFI-108:
- Verifying two phase commit for queue listing.
- Fixing checkstyle.
- Ensuring drop and listing requests are merged when created when clustered.

NIFI-108:
- Adding initial listing capabilities.
- Passing through the sort column and direction.

NIFI-108:
- Removing Delete FlowFile button.
- Ensuring sort flags are being passed correctly.
- Setting column widths.
- Also including the cluster node address in the flowfile summaries.

NIFI-108:
- Including queue size statistics in listing request.
- Showing connection name.

NIFI-108:
- Including queue size statistics in listing request.
- Ensuring verifyCanList runs when appropriate.

NIFI-108:
- Adding initial support for viewing flowfile details dialog.
- Adding initial support for click to content.

NIFI-108:
- Allowing the flowfile details dialog to be draggable.

NIFI-108:
- Only showing the flowfile listing table when the listing is successful and the listing is not empty.

NIFI-108:
- Reseting the queue stats when closing the listing table.

NIFI-108: Implemented sorting when performing listing of FlowFiles

NIFI-108: Fixed bug that caused the listFlowFiles operation to wait on a readLock before returning and performing work asynchronously; fixed bug in Write-Ahead FlowFile Repository that caused ContentClaims to be queued up for destruction instead of ResourceClaims - this caused millions of ContentClaims to be queued up instead of a single ResourceClaim in some tests

NIFI-108:
- Ensured the column sort indicator is reset when a new listing is opened.
- Removing unused import.

NIFI-108:
- Addressed issues found during the review.
2016-01-06 16:20:23 -05:00
joewitt f4ac8d75c5 NIFI-1312-RC1 prepare for next development iteration 2015-12-19 00:41:04 -05:00
joewitt d624ea4866 NIFI-1312-RC1 prepare release nifi-0.4.1-RC1 2015-12-19 00:40:53 -05:00
Matt Gilman 43c7ecd221 NIFI-1298: - Addressing too many significant digits in the processor load average and [non]heap utilization.
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-18 17:02:40 -05:00
Matt Gilman 0436383f49 NIFI-1286: - Removing provenance option from the Label context menu
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-18 17:02:33 -05:00
Matt Gilman 608287f9fe NIFI-1309:
- Addressing issues around remote process groups automatically issuing new account requests.
- Ensuring authorization issues are updated with status refresh.
2015-12-18 15:57:38 -05:00
Matt Gilman b19ff7cf37 NIFI-1215:
- Only showing the run duration setting when applicable.
- Showing the user a warning that a source processor with a non 0 run duration could lose data when NiFi is restarted.
2015-12-16 10:53:15 -05:00
Matt Gilman 51b8ecd01b NIFI-1185:
- Using banners from the NCM rather than replicating to a node.
2015-12-15 12:51:14 -05:00
Matt Gilman c75b5cfcea NIFI-1119: - Addressing race condition that caused the revision to be checked before the flow was loaded.
Signed-off-by: jpercivall <joepercivall@yahoo.com>
2015-12-15 10:05:44 -05:00
Matt Gilman 17be1c2d9f NIFI-1206: - Only enabling the enable/disable toolbar icon when appropriate.
Signed-off-by: Joseph Percivall <joepercivall@yahoo.com>
2015-12-14 18:09:11 -05:00
Matt Gilman f9f04439fd NIFI-1119:
- Also refreshing flow revision when the user clicks Refresh status.
2015-12-14 12:41:45 -05:00
joewitt a7b09a57c5 NIFI-1122 release vote passess. Merge branch 'NIFI-1122_nifi-0.4.0-RC2' 2015-12-11 17:14:26 -05:00
Matt Gilman 8070a9f1cc NIFI-1104:
- Using the appropriate attributes based on the content direction.
2015-12-11 10:59:41 -05:00
joewitt d755e43ec8 NIFI-1122_nifi-0.4.0-RC2prepare for next development iteration 2015-12-08 13:00:10 -05:00
joewitt b66c029090 NIFI-1122_nifi-0.4.0-RC2prepare release nifi-0.4.0-RC2 2015-12-08 12:59:59 -05:00
Matt Gilman 08d0f3e596 NIFI-956: - Initialize the filter controls prior to the new processor table. Because of this, items were being incorrectly filtered on load. - Clean up in web.xml.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-07 20:12:44 -05:00
Matt Gilman ee7eeb0493 NIFI-1268: - In some environments it appears as though the row selection event is triggering when there is no items in the table. Verifying the item was found prior to continuing.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-07 19:50:37 -05:00
Matt Gilman 4c7894bccc NIFI-1260:
- Not pre-compiling message-page as it seems to be causign some runtime errors in some environments.
2015-12-07 12:20:18 -05:00
Mark Payne ee14d8f9dd Merge branch 'NIFI-1249' 2015-12-04 16:38:49 -05:00
Mark Payne f378ee9021 NIFI-1249: Allow Processors to add their own variables to those referencable by Expression Language. Make ReplaceText allow users to reference back-references of regex matches 2015-12-04 13:17:37 -05:00
Matt Gilman dae73c52a7 NIFI-1248:
- Initializing the actions file which ensures the progress bar is initialized.
2015-12-03 13:49:56 -08:00
Tony Kurc 3a7ddc6a35 NIFI-1054: Fixed DOS line endings in xml, java and js source files
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-01 22:49:51 -05:00
Matt Gilman 7726d069cd Merge branch 'NIFI-655' 2015-12-01 11:20:56 -05:00
Matt Gilman e22b51f3a7 NIFI-655:
- Renaming spring tokens to avoid confusion over authentication and authorization.
2015-12-01 10:08:36 -05:00
Matt Gilman 85eb8defdd NIFI-655:
- Changing default expiration time to 12 hours.
2015-12-01 09:36:33 -05:00
Matt Gilman c100052dac NIFI-655:
- Adding additional logging when proceeding as an anonymous user.
2015-12-01 08:51:45 -05:00
Matt Gilman 2b0819a5f2 NIFI-655:
- Removing unused imports.
2015-11-30 16:33:11 -05:00
Matt Gilman 014b2ac4e8 NIFI-655:
- Removing proxied user chain as user details are already serialized.
2015-11-30 16:30:12 -05:00
Matt Gilman 774d626f88 NIFI-655:
- Adding documentation around the behavior of the authentication filters.
- Only passing along necessary parameters.
2015-11-30 15:07:40 -05:00
Matt Gilman c722b56335 NIFI-655:
- Ensuring the access token is not replicated when the user is already authenticated/authorized.
2015-11-30 14:57:38 -05:00
Matt Gilman a84e505bcd NIFI-655:
- Ensuring the access token is not replicated when the user is already authenticated/authorized.
2015-11-30 14:47:30 -05:00
Matt Gilman 64beeef593 NIFI-655:
- Ensuring anonymous user label and login links are rendered when appropriate.
- Ensuring responses are accurate when making requests with a token when user log in is not supported.
2015-11-27 14:13:40 -05:00
Matt Gilman c1cc165edb NIFI-655:
- Fixing issue with filter bean initialization when clustered.
2015-11-27 10:05:58 -05:00
Matt Gilman 6bce858e4a NIFI-655:
- Updated user guide with screenshots of login process.
- Tweaked wording in admin guide.
- Triggering login on enter press in login form.
2015-11-25 16:42:22 -05:00
Matt Gilman 0435911186 NIFI-1198: - Updating the connection source and destination when appropriate (deletion and (re)connection).
Signed-off-by: joewitt <joewitt@apache.org>
2015-11-25 14:50:56 -05:00
Matt Gilman c073253366 NIFI-655:
- Update admin guide with documentation for username/password authentication.
- Setting default anonymous roles to none.
- Making account status messages to users more clear.
- Deleting user keys when an admin revokes/deletes an account.
- Updating authentication filter to error back whenever authentication fails.
2015-11-25 14:17:23 -05:00
Matt Gilman 1312bde498 NIFI-655:
- Updating available links during login, registration, and account status review.
2015-11-24 00:37:47 -05:00
Matt Gilman aaf14c45c9 NIFI-655:
- Refactoring web security to use Spring Security Java Configuration.
- Introducing security in Web UI in order to get JWT.

NIFI-655:
- Setting up the resources (js/css) for the login page.

NIFI-655:
- Adding support for configuring anonymous roles.
- Addressing checkstyle violations.

NIFI-655:
- Moving to token api to web-api.
- Creating an LoginProvider API for user/pass based authentication.
- Creating a module for funneling access to the authorized useres.

NIFI-655:
- Moving away from usage of DN to identity throughout the application (from the user db to the authorization provider).
- Updating the authorized users schema to support login users.
- Creating an extension point for authentication of users based on username/password.

NIFI-655:
- Creating an endpoint for returning the identity of the current user.
- Updating the LoginAuthenticationFilter.

NIFI-655:
- Moving NiFi registration to the login page.
- Running the authentication filters in a different order to ensure we can disambiguate each case.
- Starting to layout each case... Forbidden, Login, Create User, Create NiFi Account.

NIFI-655:
- Addressing checkstyle issues.

NIFI-655:
- Making nf-storage available in the login page.
- Requiring use of local storage.
- Ignoring security for GET requests when obtaining the login configuration.

NIFI-655:
- Adding a new endpoint to obtain the status of a user registration.
- Updated the login page loading to ensure all possible states work.

NIFI-655:
- Ensuring we know the necessary state before we attempt to render the login page.
- Building the proxy chain in the JWT authentication filter.
- Only rendering the login when appropriate.

NIFI-655:
- Starting to style the login page.
- Added simple 'login' support by identifying username/password. Issuing JWT token coming...
- Added logout support
- Rendering the username when appropriate.

NIFI-655:
- Extracting certificate validation into a utility class.
- Fixing checkstyle issues.
- Cleaning up the web security context.
- Removing proxy chain checking where possible.

NIFI-655:
- Starting to add support for registration.
- Creating registration form.

NIFI-655:
- Starting to implement the JWT service.
- Parsing JWT on client side in order to render who the user currently is when logged in.

NIFI-655:
- Allowing the user to link back to the log in page from the new account page.
- Renaming DN to identity where possible.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding more/better support for logging out.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding a few new exceptions for the login identity provider.

NIFI-655:
- Disabling log in by default initially.
- Restoring authorization service unit test.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Updating packages for log in filters.
- Handling new registration exceptions.
- Code clean up.

NIFI-655:
- Removing registration support.
- Removing file based implementation.

NIFI-655:
- Removing file based implementation.

NIFI-655:
- Removing unused spring configuration files.

NIFI-655:
- Making the auto wiring more explicit.

NIFI-655:
- Removing unused dependencies.

NIFI-655:
- Removing unused filter.

NIFI-655:
- Updating the login API authenticate method to use a richer set of exceptions.
- UI code clean.

NIFI-655:
- Ensuring the login identity provider is able to switch context classloaders via the standard NAR mechanisms.

NIFI-655:
- Initial commit of the LDAP based identity providers.
- Fixed issue when attempting to log into a NiFi that does not support new account requests.

NIFI-655:
- Allowing the ldap provider to specify if client authentication is required/desired.

NIFI-655:
- Persisting keys to sign user tokens.
- Allowing the identity provider to specify the token expiration.
- Code clean up.

NIFI-655:
- Ensuring identities are unique in the key table.

NIFI-655:
- Adding support for specifying the user search base and user search filter in the active directory provider.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding automatic client side token renewal.

NIFI-655:
- Ensuring the logout link is rendered when appropriate.

NIFI-655:
- Adding configuration options for referrals and connect/read timeouts

NIFI-655:
- Added an endpoint for access details including configuration, creating tokens, and checking status.
- Updated DTOs and client side to utilize new endpoints.

NIFI-655:
- Refactoring certificate extraction and validation.
- Refactoring how expiration is specified in the login identity providers.
- Adding unit tests for the access endpoints.
- Code clean up.

NIFI-655:
- Keeping token expiration between 1 minute and 12 hours.

NIFI-655:
- Using the user identity provided by the login identity provider.

NIFI-655: - Fixed typo in error message for unrecognized authentication strategy.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added logback-test.xml configuration resource for nifi-web-security.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added issuer field to LoginAuthenticationToken. - Updated AccessResource to pass identity provider class name when creating LoginAuthenticationTokens. - Began refactoring JWT logic from request parsing logic in JwtService. - Added unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Changed issuer field to use FQ class name because some classes return an empty string for getSimpleName(). - Finished refactoring JWT logic from request parsing logic in JwtService. - Updated AccessResource and JwtAuthenticationFilter to call new JwtService methods decoupled from request header parsing. - Added extensive unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Refactoring key service to expose the key id.
- Handling client side expiration better.
- Removing specialized active directory provider and abstract ldap provider.

NIFI-655. - Updated JwtService and JwtServiceTest to use Key POJO instead of raw String key from KeyService.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Fixing typo when loading the ldap connect timeout.
- Providing a better experience for session expiration.
- Using ellipsis for lengthly user name.
- Adding an issuer to the authentication response so the LIP can specify the appropriate value.

NIFI-655:
- Showing a logging in notification during the log in process.

NIFI-655:
- Removing unnecessary class.

NIFI-655:
- Fixing checkstyle issues.
- Showing the progress spinner while submitting account justification.

NIFI-655:
- Removing deprecated authentication strategy.
- Renaming TLS to START_TLS.
- Allowing the protocol to be configured.

NIFI-655:
- Fixing issue detecting the presence of DN column

NIFI-655:
- Pre-populating the login-identity-providers.xml file with necessary properties and documentation.
- Renaming the Authentication Duration property name.

NIFI-655:
- Updating documentation for the failure response codes.

NIFI-655:
- Ensuring the user identity is not too long.

NIFI-655:
- Updating default authentication expiration to 12 hours.

NIFI-655:
- Remaining on the login form when there is any unsuccessful login attempt.
- Fixing checkstyle issues.
2015-11-23 14:50:13 -05:00
Aldrin Piri 08d59e4374 NIFI-1196 Providing handling of FETCH provenance events for their "unique" property, transit URI, within the framework and UI.
Reviewed by Tony Kurc (tkurc@apache.org)
2015-11-19 17:42:15 -05:00
Matt Gilman 64369f67f9 NIFI-1160:
- Addressing possible NPE when removing a drop request.
- Only updating a connection status once it's been retrieved for the first time.
2015-11-16 08:34:04 -05:00
Mark Payne da9f40b3f0 NIFI-973: Updated main Help page to provide a link to the Getting Started Guide.
Reviewed by Aldrin Piri (aldrin@apache.org)
2015-11-15 08:38:51 -05:00
Tony Kurc 528dab78d6 NIFI-1073: Fixing coverity discovered errors. Resource leaks, and statics
Reviewed by Bryan Bende (bbende@apache.org)
2015-11-14 18:56:43 -05:00
joewitt 99629646fe NIFI-1122 moved to 0.4.0-SNAPSHOT 2015-11-06 23:41:15 -05:00
Andrew Grande f1bd3d471d NIFI-1112 Fixed APIOperation Annotation on ReportingTaskResource.
Reviewed by Tony Kurc (tkurc@apache.org)
2015-11-04 18:31:34 -05:00
Mark Payne e4cebba3c7 Merge branch 'master' into NIFI-730 2015-11-02 14:02:16 -05:00
Matt Gilman 5a04021dd7 NIFI-730:
- Updating logic now that original is guaranteed to be non null.
- Always reporting 100% once the drop request has completed.
2015-11-02 08:59:11 -05:00
Bryan Bende 5cc2b04b91 NIFI-986 Refactoring of action classes from nifi-user-actions to have interfaces in nifi-api, and adding getFlowChanges to EventAccess
- Fixing empty java docs and adding sort by id asc to the history query
- Changing userDn to userIdentity in Action and FlowChangeAction
- Modifying NiFiAuditor to always save events locally, and implementing getFlowChanges for ClusteredEventAccess
2015-10-29 16:28:36 -04:00
Matt Gilman f8c3377c84 NIFI-820:
- Creating a context menu item for accessing provenance directly for a selected component.
2015-10-26 10:16:01 -04:00
Mark Payne 0636f0e731 NIFI-810: Merged master into branch 2015-10-25 11:02:40 -04:00
Matt Gilman 570202eb30 NIFI-730:
- Fixing capitalization to remain consistent.
2015-10-16 10:47:02 -04:00
Matt Gilman a872403831 NIFI-730:
- Updating the styling of the drop request status dialog.
- Rendering any errors that may have occurred.
2015-10-16 09:37:57 -04:00
Matt Gilman 39a050d2fd NIFI-730:
- Adding emptying a queue when clustered.
2015-10-14 17:47:06 -04:00
Matt Gilman cad0e7cf0f NIFI-730:
- Adding progress bar for showing current status of drop request.
- Allowing the user to cancel the current drop request.
2015-10-14 12:39:19 -04:00
Matt Gilman 4b41aaab02 NIFI-730:
- Fixing checkstyle violations.
- Wiring endpoints and framework model.
- Lowering the max delay while polling from 8 seconds to 4 seconds.
2015-10-13 13:43:10 -04:00
Matt Gilman 09d6fe5cdb NIFI-730:
- Fixing checkstyle violations.
- Renaming context menu item for emptying a queue.
2015-10-13 10:12:58 -04:00
Mark Payne 9be37914dd Merge branch 'NIFI-730' of https://git-wip-us.apache.org/repos/asf/nifi into NIFI-730 2015-10-13 10:03:31 -04:00
Mark Payne 49a781df2d NIFI-730: Implemented swapping in and out on-demand by the FlowFileQueue rather than in a background thread 2015-10-13 10:03:03 -04:00
Matt Gilman e0ac7cde37 NIFI-730:
- Starting to add support for deleting flow files from a queue by creating endpoints and starting to wire everything together.
- Adding context menu item for initiating the request to drop flow files.
2015-10-12 10:00:54 -04:00
Matt Gilman 2583d7869a NIFI-442:
NIFI-828:
- Always selecting the first item in the new component table.
- Enabling adding the selected component by typing Enter.
- Removing the 'filter by' in the new component dialogs and instead just searching every field.
2015-10-07 19:11:55 -04:00
Matt Gilman 13edcfda2e NIFI-810:
- Adding basic support for preventing connection when appropriate.
- Updating validation when [dis]connecting processors.
2015-10-07 17:26:14 -04:00
Matt Gilman ded74ec94c NIFI-876 prepare for next development iteration 2015-09-14 21:48:11 -04:00
Matt Gilman 2ec735e350 NIFI-876 prepare release nifi-0.3.0-RC1 2015-09-14 21:48:00 -04:00
Mark Payne 1ddd736558 NIFI-854: Ensure that controller services are included in template if any processor (or other service) in the template references it, regardless of how many levels deep the component's ProcessGroup is 2015-08-21 14:46:20 -04:00
Chin Huang 8f98f80938 NIFI-868 Configure advertised host name of Remote Process Group Input Port
Before this change, the host given out to clients to connect to a Remote
Process Group Input Port is the host where the NiFi instance runs.
However, sometimes the binding host is different from the host that
clients connect to. For example, when a NiFi instance runs inside a
Docker container, a client on a separate machine must connect to the
Docker host which forwards the connection to the container.

Add a configuration property to specify the host name to give out to
clients to connect to a Remote Process Group Input Port. If the property
is not configured, then give out the name of host running the NiFi
instance.
2015-08-18 21:35:28 -07:00
Matt Gilman ffa7ceb2b1 NIFI-861:
- Addressing issue with blank processor names when attempting to generate ellipsis on the canvas.
2015-08-17 15:23:36 -04:00
joewitt aa99884782 NIFI-850 removed nifi parent, updated nifi pom, moved all nifi subdirs up one level, fixed readme. 2015-08-15 13:12:22 -04:00