Package org.apache.nifi.authorization
Class FileUserGroupProvider
java.lang.Object
org.apache.nifi.authorization.FileUserGroupProvider
- All Implemented Interfaces:
ConfigurableUserGroupProvider,UserGroupProvider
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final Stringprivate static final Stringprivate static final Stringprivate static final String(package private) static final Patternprivate static final jakarta.xml.bind.JAXBContextprivate static final Stringprivate static final org.slf4j.Loggerprivate static final String(package private) static final String(package private) static final Stringprivate NiFiPropertiesprivate Fileprivate static final Stringprivate Fileprivate Schemaprivate static final Stringprivate final AtomicReference<UserGroupHolder> private static final XMLOutputFactory -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate voidaddUsersAndGroups(FileUserGroupProvider.UsersAndGroups usersAndGroups) voidvoidcheckInheritability(String proposedFingerprint) private UsercreateJAXBUser(User user) private voidcreateUser(Tenants tenants, String userIdentity) Finds the User with the given identity, or creates a new one and adds it to the Tenants.deleteGroup(Group group) deleteUser(User user) voidforciblyInheritFingerprint(String fingerprint) getGroupByName(String name) getUserAndGroups(String identity) getUserByIdentity(String identity) (package private) UserGroupHoldergetUsers()private voidinherit(FileUserGroupProvider.UsersAndGroups usersAndGroups) voidinheritFingerprint(String fingerprint) voidinitialize(UserGroupProviderInitializationContext initializationContext) private static jakarta.xml.bind.JAXBContextLoad the JAXBContext.private booleanprivate voidload()Loads the authorizations file and populates the AuthorizationsHolder, only called during start-up.voidonConfigured(AuthorizerConfigurationContext configurationContext) private GroupparseGroup(Element element) private UserparseUsersAndGroups(String fingerprint) private voidpopulateInitialUsers(Tenants tenants) voidvoidprivate voidsaveAndRefreshHolder(Tenants tenants) Saves the Authorizations instance by marshalling to a file, then re-populates the in-memory data structures and sets the new holder.private voidsaveTenants(Tenants tenants) private voidsaveTenants(Tenants tenants, File destinationFile) voidsetNiFiProperties(NiFiProperties properties) private TenantsupdateGroup(Group group) updateUser(User user) private voidwriteGroup(XMLStreamWriter writer, Group group) private voidwriteUser(XMLStreamWriter writer, User user) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.apache.nifi.authorization.ConfigurableUserGroupProvider
isConfigurable, isConfigurable
-
Field Details
-
logger
private static final org.slf4j.Logger logger -
TENANTS_XSD
- See Also:
-
JAXB_TENANTS_PATH
- See Also:
-
JAXB_TENANTS_CONTEXT
private static final jakarta.xml.bind.JAXBContext JAXB_TENANTS_CONTEXT -
XML_OUTPUT_FACTORY
-
USER_ELEMENT
- See Also:
-
GROUP_USER_ELEMENT
- See Also:
-
GROUP_ELEMENT
- See Also:
-
IDENTIFIER_ATTR
- See Also:
-
IDENTITY_ATTR
- See Also:
-
NAME_ATTR
- See Also:
-
PROP_INITIAL_USER_IDENTITY_PREFIX
- See Also:
-
PROP_TENANTS_FILE
- See Also:
-
INITIAL_USER_IDENTITY_PATTERN
-
tenantsSchema
-
properties
-
tenantsFile
-
restoreTenantsFile
-
initialUserIdentities
-
userGroupHolder
-
-
Constructor Details
-
FileUserGroupProvider
public FileUserGroupProvider()
-
-
Method Details
-
initializeJaxbContext
private static jakarta.xml.bind.JAXBContext initializeJaxbContext()Load the JAXBContext. -
initialize
public void initialize(UserGroupProviderInitializationContext initializationContext) throws AuthorizerCreationException - Specified by:
initializein interfaceUserGroupProvider- Throws:
AuthorizerCreationException
-
onConfigured
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws AuthorizerCreationException - Specified by:
onConfiguredin interfaceUserGroupProvider- Throws:
AuthorizerCreationException
-
getUsers
- Specified by:
getUsersin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
addUser
- Specified by:
addUserin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
getUser
- Specified by:
getUserin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
updateUser
- Specified by:
updateUserin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
getUserByIdentity
- Specified by:
getUserByIdentityin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
deleteUser
- Specified by:
deleteUserin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
getGroups
- Specified by:
getGroupsin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
addUsersAndGroups
-
addGroup
- Specified by:
addGroupin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
getGroup
- Specified by:
getGroupin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
getGroupByName
- Specified by:
getGroupByNamein interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
getUserAndGroups
- Specified by:
getUserAndGroupsin interfaceUserGroupProvider- Throws:
AuthorizationAccessException
-
updateGroup
- Specified by:
updateGroupin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
deleteGroup
- Specified by:
deleteGroupin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
getUserGroupHolder
UserGroupHolder getUserGroupHolder() -
setNiFiProperties
-
inheritFingerprint
- Specified by:
inheritFingerprintin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
inherit
-
forciblyInheritFingerprint
- Specified by:
forciblyInheritFingerprintin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
backupUsersAndGroups
- Throws:
AuthorizationAccessException
-
purgeUsersAndGroups
public void purgeUsersAndGroups() -
checkInheritability
- Specified by:
checkInheritabilityin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
isInheritable
private boolean isInheritable() -
getFingerprint
- Specified by:
getFingerprintin interfaceConfigurableUserGroupProvider- Throws:
AuthorizationAccessException
-
parseUsersAndGroups
-
parseUser
-
parseGroup
-
writeUser
- Throws:
XMLStreamException
-
writeGroup
- Throws:
XMLStreamException
-
createJAXBUser
-
load
Loads the authorizations file and populates the AuthorizationsHolder, only called during start-up.- Throws:
jakarta.xml.bind.JAXBException- Unable to reload the authorized users fileIllegalStateException- Unable to sync file with restore
-
saveTenants
- Throws:
jakarta.xml.bind.JAXBException
-
saveTenants
private void saveTenants(Tenants tenants, File destinationFile) throws jakarta.xml.bind.JAXBException - Throws:
jakarta.xml.bind.JAXBException
-
unmarshallTenants
- Throws:
jakarta.xml.bind.JAXBException
-
populateInitialUsers
-
createUser
Finds the User with the given identity, or creates a new one and adds it to the Tenants.- Parameters:
tenants- the Tenants referenceuserIdentity- the user identity to find or create
-
saveAndRefreshHolder
Saves the Authorizations instance by marshalling to a file, then re-populates the in-memory data structures and sets the new holder. Synchronized to ensure only one thread writes the file at a time.- Parameters:
tenants- the tenants to save and populate from- Throws:
AuthorizationAccessException- if an error occurs saving the authorizations
-
preDestruction
- Specified by:
preDestructionin interfaceUserGroupProvider- Throws:
AuthorizerDestructionException
-