http://git-wip-us.apache.org/repos/asf/nifi/blob/9338f102/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/FunnelResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/FunnelResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/FunnelResource.java index 42c8932..c23b1b9 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/FunnelResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/FunnelResource.java @@ -55,8 +55,8 @@ import java.util.Set; */ @Path("/funnels") @Api( - value = "/funnel", - description = "Endpoint for managing a Funnel." + value = "/funnel", + description = "Endpoint for managing a Funnel." ) public class FunnelResource extends ApplicationResource { @@ -97,23 +97,20 @@ public class FunnelResource extends ApplicationResource { @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") @ApiOperation( value = "Gets a funnel", response = FunnelEntity.class, authorizations = { - @Authorization(value = "Read Only", type = "ROLE_MONITOR"), - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM"), - @Authorization(value = "Administrator", type = "ROLE_ADMIN") + @Authorization(value = "Read - /funnels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response getFunnel( @@ -144,29 +141,28 @@ public class FunnelResource extends ApplicationResource { * Creates a new Funnel. * * @param httpServletRequest request - * @param id The id of the funnel to update. - * @param funnelEntity A funnelEntity. + * @param id The id of the funnel to update. + * @param funnelEntity A funnelEntity. * @return A funnelEntity. */ @PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Updates a funnel", response = FunnelEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /funnels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response updateFunnel( @@ -203,20 +199,20 @@ public class FunnelResource extends ApplicationResource { // Extract the revision final Revision revision = getRevision(funnelEntity, id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - Authorizable authorizable = lookup.getFunnel(id); - authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - null, - () -> { - // update the funnel - final FunnelEntity entity = serviceFacade.updateFunnel(revision, requestFunnelDTO); - populateRemainingFunnelEntityContent(entity); + serviceFacade, + revision, + lookup -> { + Authorizable authorizable = lookup.getFunnel(id); + authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + null, + () -> { + // update the funnel + final FunnelEntity entity = serviceFacade.updateFunnel(revision, requestFunnelDTO); + populateRemainingFunnelEntityContent(entity); - return clusterContext(generateOkResponse(entity)).build(); - } + return clusterContext(generateOkResponse(entity)).build(); + } ); } @@ -224,33 +220,32 @@ public class FunnelResource extends ApplicationResource { * Removes the specified funnel. * * @param httpServletRequest request - * @param version The revision is used to verify the client is working with - * the latest version of the flow. - * @param clientId Optional client id. If the client id is not specified, a - * new one will be generated. This value (whether specified or generated) is - * included in the response. - * @param id The id of the funnel to remove. + * @param version The revision is used to verify the client is working with + * the latest version of the flow. + * @param clientId Optional client id. If the client id is not specified, a + * new one will be generated. This value (whether specified or generated) is + * included in the response. + * @param id The id of the funnel to remove. * @return A entity containing the client id and an updated revision. */ @DELETE @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Deletes a funnel", response = FunnelEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /funnels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response removeFunnel( @@ -278,22 +273,23 @@ public class FunnelResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - final Authorizable funnel = lookup.getFunnel(id); - funnel.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - () -> serviceFacade.verifyDeleteFunnel(id), - () -> { - // delete the specified funnel - final FunnelEntity entity = serviceFacade.deleteFunnel(revision, id); - return clusterContext(generateOkResponse(entity)).build(); - } + serviceFacade, + revision, + lookup -> { + final Authorizable funnel = lookup.getFunnel(id); + funnel.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + () -> serviceFacade.verifyDeleteFunnel(id), + () -> { + // delete the specified funnel + final FunnelEntity entity = serviceFacade.deleteFunnel(revision, id); + return clusterContext(generateOkResponse(entity)).build(); + } ); } // setters + public void setServiceFacade(NiFiServiceFacade serviceFacade) { this.serviceFacade = serviceFacade; }
http://git-wip-us.apache.org/repos/asf/nifi/blob/9338f102/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/InputPortResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/InputPortResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/InputPortResource.java index ee4cc4a..a57e8aa 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/InputPortResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/InputPortResource.java @@ -55,8 +55,8 @@ import java.util.Set; */ @Path("/input-ports") @Api( - value = "/input-ports", - description = "Endpoint for managing an Input Port." + value = "/input-ports", + description = "Endpoint for managing an Input Port." ) public class InputPortResource extends ApplicationResource { @@ -76,12 +76,12 @@ public class InputPortResource extends ApplicationResource { return inputPortEntites; } - /** - * Populates the uri for the specified input port. - * - * @param inputPortEntity port - * @return ports - */ + /** + * Populates the uri for the specified input port. + * + * @param inputPortEntity port + * @return ports + */ public PortEntity populateRemainingInputPortEntityContent(PortEntity inputPortEntity) { inputPortEntity.setUri(generateResourceUri("input-ports", inputPortEntity.getId())); return inputPortEntity; @@ -97,23 +97,20 @@ public class InputPortResource extends ApplicationResource { @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") @ApiOperation( value = "Gets an input port", response = PortEntity.class, authorizations = { - @Authorization(value = "Read Only", type = "ROLE_MONITOR"), - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM"), - @Authorization(value = "Administrator", type = "ROLE_ADMIN") + @Authorization(value = "Read - /input-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response getInputPort( @@ -144,29 +141,28 @@ public class InputPortResource extends ApplicationResource { * Updates the specified input port. * * @param httpServletRequest request - * @param id The id of the input port to update. - * @param portEntity A inputPortEntity. + * @param id The id of the input port to update. + * @param portEntity A inputPortEntity. * @return A inputPortEntity. */ @PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Updates an input port", response = PortEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /input-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response updateInputPort( @@ -203,20 +199,20 @@ public class InputPortResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = getRevision(portEntity, id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - Authorizable authorizable = lookup.getInputPort(id); - authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - () -> serviceFacade.verifyUpdateInputPort(requestPortDTO), - () -> { - // update the input port - final PortEntity entity = serviceFacade.updateInputPort(revision, requestPortDTO); - populateRemainingInputPortEntityContent(entity); + serviceFacade, + revision, + lookup -> { + Authorizable authorizable = lookup.getInputPort(id); + authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + () -> serviceFacade.verifyUpdateInputPort(requestPortDTO), + () -> { + // update the input port + final PortEntity entity = serviceFacade.updateInputPort(revision, requestPortDTO); + populateRemainingInputPortEntityContent(entity); - return clusterContext(generateOkResponse(entity)).build(); - } + return clusterContext(generateOkResponse(entity)).build(); + } ); } @@ -224,30 +220,29 @@ public class InputPortResource extends ApplicationResource { * Removes the specified input port. * * @param httpServletRequest request - * @param version The revision is used to verify the client is working with the latest version of the flow. - * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. - * @param id The id of the input port to remove. + * @param version The revision is used to verify the client is working with the latest version of the flow. + * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. + * @param id The id of the input port to remove. * @return A inputPortEntity. */ @DELETE @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Deletes an input port", response = PortEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /input-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response removeInputPort( @@ -275,22 +270,23 @@ public class InputPortResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - final Authorizable inputPort = lookup.getInputPort(id); - inputPort.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - () -> serviceFacade.verifyDeleteInputPort(id), - () -> { - // delete the specified input port - final PortEntity entity = serviceFacade.deleteInputPort(revision, id); - return clusterContext(generateOkResponse(entity)).build(); - } + serviceFacade, + revision, + lookup -> { + final Authorizable inputPort = lookup.getInputPort(id); + inputPort.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + () -> serviceFacade.verifyDeleteInputPort(id), + () -> { + // delete the specified input port + final PortEntity entity = serviceFacade.deleteInputPort(revision, id); + return clusterContext(generateOkResponse(entity)).build(); + } ); } // setters + public void setServiceFacade(NiFiServiceFacade serviceFacade) { this.serviceFacade = serviceFacade; } http://git-wip-us.apache.org/repos/asf/nifi/blob/9338f102/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/LabelResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/LabelResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/LabelResource.java index 1742218..ddde515 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/LabelResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/LabelResource.java @@ -55,8 +55,8 @@ import java.util.Set; */ @Path("/labels") @Api( - value = "/labels", - description = "Endpoint for managing a Label." + value = "/labels", + description = "Endpoint for managing a Label." ) public class LabelResource extends ApplicationResource { @@ -97,23 +97,20 @@ public class LabelResource extends ApplicationResource { @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") @ApiOperation( value = "Gets a label", response = LabelEntity.class, authorizations = { - @Authorization(value = "Read Only", type = "ROLE_MONITOR"), - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM"), - @Authorization(value = "Administrator", type = "ROLE_ADMIN") + @Authorization(value = "Read - /labels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response getLabel( @@ -144,29 +141,28 @@ public class LabelResource extends ApplicationResource { * Updates the specified label. * * @param httpServletRequest request - * @param id The id of the label to update. - * @param labelEntity A labelEntity. + * @param id The id of the label to update. + * @param labelEntity A labelEntity. * @return A labelEntity. */ @PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Updates a label", response = LabelEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /labels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response updateLabel( @@ -203,20 +199,20 @@ public class LabelResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = getRevision(labelEntity, id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - Authorizable authorizable = lookup.getLabel(id); - authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - null, - () -> { - // update the label - final LabelEntity entity = serviceFacade.updateLabel(revision, requestLabelDTO); - populateRemainingLabelEntityContent(entity); + serviceFacade, + revision, + lookup -> { + Authorizable authorizable = lookup.getLabel(id); + authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + null, + () -> { + // update the label + final LabelEntity entity = serviceFacade.updateLabel(revision, requestLabelDTO); + populateRemainingLabelEntityContent(entity); - return clusterContext(generateOkResponse(entity)).build(); - } + return clusterContext(generateOkResponse(entity)).build(); + } ); } @@ -224,30 +220,29 @@ public class LabelResource extends ApplicationResource { * Removes the specified label. * * @param httpServletRequest request - * @param version The revision is used to verify the client is working with the latest version of the flow. - * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. - * @param id The id of the label to remove. + * @param version The revision is used to verify the client is working with the latest version of the flow. + * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. + * @param id The id of the label to remove. * @return A entity containing the client id and an updated revision. */ @DELETE @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Deletes a label", response = LabelEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /labels/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response removeLabel( @@ -275,22 +270,23 @@ public class LabelResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - final Authorizable label = lookup.getLabel(id); - label.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - null, - () -> { - // delete the specified label - final LabelEntity entity = serviceFacade.deleteLabel(revision, id); - return clusterContext(generateOkResponse(entity)).build(); - } + serviceFacade, + revision, + lookup -> { + final Authorizable label = lookup.getLabel(id); + label.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + null, + () -> { + // delete the specified label + final LabelEntity entity = serviceFacade.deleteLabel(revision, id); + return clusterContext(generateOkResponse(entity)).build(); + } ); } // setters + public void setServiceFacade(NiFiServiceFacade serviceFacade) { this.serviceFacade = serviceFacade; } http://git-wip-us.apache.org/repos/asf/nifi/blob/9338f102/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/OutputPortResource.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/OutputPortResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/OutputPortResource.java index 55681dc..70a9e2d 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/OutputPortResource.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/OutputPortResource.java @@ -55,8 +55,8 @@ import java.util.Set; */ @Path("/output-ports") @Api( - value = "/output-ports", - description = "Endpoint for managing an Output Port." + value = "/output-ports", + description = "Endpoint for managing an Output Port." ) public class OutputPortResource extends ApplicationResource { @@ -97,23 +97,20 @@ public class OutputPortResource extends ApplicationResource { @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") @ApiOperation( value = "Gets an output port", response = PortEntity.class, authorizations = { - @Authorization(value = "Read Only", type = "ROLE_MONITOR"), - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM"), - @Authorization(value = "Administrator", type = "ROLE_ADMIN") + @Authorization(value = "Read - /output-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response getOutputPort( @@ -144,29 +141,28 @@ public class OutputPortResource extends ApplicationResource { * Updates the specified output port. * * @param httpServletRequest request - * @param id The id of the output port to update. - * @param portEntity A outputPortEntity. + * @param id The id of the output port to update. + * @param portEntity A outputPortEntity. * @return A outputPortEntity. */ @PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Updates an output port", response = PortEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /output-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response updateOutputPort( @@ -203,20 +199,20 @@ public class OutputPortResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = getRevision(portEntity, id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - Authorizable authorizable = lookup.getOutputPort(id); - authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - () -> serviceFacade.verifyUpdateOutputPort(requestPortDTO), - () -> { - // update the output port - final PortEntity entity = serviceFacade.updateOutputPort(revision, requestPortDTO); - populateRemainingOutputPortEntityContent(entity); + serviceFacade, + revision, + lookup -> { + Authorizable authorizable = lookup.getOutputPort(id); + authorizable.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + () -> serviceFacade.verifyUpdateOutputPort(requestPortDTO), + () -> { + // update the output port + final PortEntity entity = serviceFacade.updateOutputPort(revision, requestPortDTO); + populateRemainingOutputPortEntityContent(entity); - return clusterContext(generateOkResponse(entity)).build(); - } + return clusterContext(generateOkResponse(entity)).build(); + } ); } @@ -224,30 +220,29 @@ public class OutputPortResource extends ApplicationResource { * Removes the specified output port. * * @param httpServletRequest request - * @param version The revision is used to verify the client is working with the latest version of the flow. - * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. - * @param id The id of the output port to remove. + * @param version The revision is used to verify the client is working with the latest version of the flow. + * @param clientId Optional client id. If the client id is not specified, a new one will be generated. This value (whether specified or generated) is included in the response. + * @param id The id of the output port to remove. * @return A outputPortEntity. */ @DELETE @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{id}") - // TODO - @PreAuthorize("hasRole('ROLE_DFM')") @ApiOperation( value = "Deletes an output port", response = PortEntity.class, authorizations = { - @Authorization(value = "Data Flow Manager", type = "ROLE_DFM") + @Authorization(value = "Write - /output-ports/{uuid}", type = "") } ) @ApiResponses( value = { - @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), - @ApiResponse(code = 401, message = "Client could not be authenticated."), - @ApiResponse(code = 403, message = "Client is not authorized to make this request."), - @ApiResponse(code = 404, message = "The specified resource could not be found."), - @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") + @ApiResponse(code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), + @ApiResponse(code = 401, message = "Client could not be authenticated."), + @ApiResponse(code = 403, message = "Client is not authorized to make this request."), + @ApiResponse(code = 404, message = "The specified resource could not be found."), + @ApiResponse(code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") } ) public Response removeOutputPort( @@ -275,22 +270,23 @@ public class OutputPortResource extends ApplicationResource { // handle expects request (usually from the cluster manager) final Revision revision = new Revision(version == null ? null : version.getLong(), clientId.getClientId(), id); return withWriteLock( - serviceFacade, - revision, - lookup -> { - final Authorizable outputPort = lookup.getOutputPort(id); - outputPort.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); - }, - () -> serviceFacade.verifyDeleteOutputPort(id), - () -> { - // delete the specified output port - final PortEntity entity = serviceFacade.deleteOutputPort(revision, id); - return clusterContext(generateOkResponse(entity)).build(); - } + serviceFacade, + revision, + lookup -> { + final Authorizable outputPort = lookup.getOutputPort(id); + outputPort.authorize(authorizer, RequestAction.WRITE, NiFiUserUtils.getNiFiUser()); + }, + () -> serviceFacade.verifyDeleteOutputPort(id), + () -> { + // delete the specified output port + final PortEntity entity = serviceFacade.deleteOutputPort(revision, id); + return clusterContext(generateOkResponse(entity)).build(); + } ); } // setters + public void setServiceFacade(NiFiServiceFacade serviceFacade) { this.serviceFacade = serviceFacade; }