Making a call to "/process-groups/root" should retrieve the root process group which should then have an id element.
On Mon, Feb 26, 2018 at 5:20 PM, Daniel Hernandez <daniel.hernan...@civitaslearning.com> wrote: > Thanks Matt, > > I get now what is the problem, in order to exhaust all my possibilities I > may ask, is there a way using the API to get the root UUID from the > flow.xml.gz file? Because I see the file there after running the tests. > > Thanks, > > > On Mon, Feb 26, 2018 at 3:26 PM, Daniel Hernandez < > daniel.hernan...@civitaslearning.com> wrote: > >> Hi Matt, >> >> Thanks for your answer. >> >> Do you know if there is a way to preconfigure this value when running >> Nifi's Docker image? I am making the calls from an integration test that >> runs a docker container with the Nifi server. I already check and the value >> under <rootGroup><id> in the flow.xml.gz file changes everytime I deploy >> the container, I guess it is created at startup. Is it possible that I can >> change my docker image to get a fix root group value? >> >> Thanks, >> >> Daniel >> >> On Mon, Feb 26, 2018 at 11:35 AM, Daniel Hernandez <daniel.hernandez@ >> civitaslearning.com> wrote: >> >>> Hi, >>> >>> I am currently working on calling the Nifi REST API to get the 'root' >>> process group and setting it as parent for a new process-group. >>> >>> However I am getting the next messages: >>> >>> Attempting GET request to: JerseyWebTarget { >>> https://127.0.0.1:8443/nifi-api/process-groups/root } >>> 2018-02-26 11:06:55.341 DEBUG ???? --- [ main] >>> c.c.p.n.c.i.b.BootApiClient : >>> 2018-02-26 11:06:55.341 DEBUG ???? --- [ main] >>> c.c.p.n.c.i.b.BootApiClient : Received 403 response from GET >>> to JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root >>> } >>> >>> com.civitaslearning.platform.nifi.client.invoker.boot.exception.NifiForbiddenException: >>> No applicable policies could be found. Contact the system administrator. >>> >>> This is the content of my authorizations.xml file: >>> >>> <?xml version="1.0" encoding="UTF-8" standalone="yes"?> >>> >>> <authorizations> >>> >>> <policies> >>> >>> <policy identifier="f99bccd1-a30e-3e4a-98a2-dbc708edc67f" >>> resource="/flow" action="R"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="b8775bd4-704a-34c6-987b-84f2daf7a515" >>> resource="/restricted-components" action="W"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="627410be-1717-35b4-a06f-e9362b89e0b7" >>> resource="/tenants" action="R"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="15e4e0bd-cb28-34fd-8587-f8d15162cba5" >>> resource="/tenants" action="W"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="ff96062a-fa99-36dc-9942-0f6442ae7212" >>> resource="/policies" action="R"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="ad99ea98-3af6-3561-ae27-5bf09e1d969d" >>> resource="/policies" action="W"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="2e1015cb-0fed-3005-8e0d-722311f21a03" >>> resource="/controller" action="R"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="c6322e6c-4cc1-3bcc-91b3-2ed2111674cf" >>> resource="/controller" action="W"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="d2f2019f-0161-1000-201a-94a51ee94006" >>> resource="/process-groups/root" action="R"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> <policy identifier="d2f20292-0161-1000-e8d2-a8f874682f68" >>> resource="/process-groups/root" action="W"> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51"/> >>> >>> </policy> >>> >>> </policies> >>> >>> </authorizations> >>> >>> And this is the content of authorizations.xml >>> >>> <authorizers> >>> >>> <accessPolicyProvider> >>> >>> <identifier>file-access-policy-provider</identifier> >>> >>> <class>org.apache.nifi.authorization.FileAccessPolicyProvide >>> r</class> >>> >>> <property name="User Group Provider">file-user-group-prov >>> ider</property> >>> >>> <property name="Authorizations File">./conf/authorizations.xm >>> l</property> >>> >>> <property name="Initial Admin Identity">CN=civitas, >>> OU=ApacheNifi</property> >>> >>> <property name="Legacy Authorized Users File"></property> >>> >>> >>> <property name="Node Identity 1"></property> >>> >>> </accessPolicyProvider> >>> >>> <authorizer> >>> >>> <identifier>managed-authorizer</identifier> >>> >>> <class>org.apache.nifi.authorization.StandardManagedAuthoriz >>> er</class> >>> >>> <property name="Access Policy Provider">file-access-policy-p >>> rovider</property> >>> >>> </authorizer> >>> >>> </authorizers> >>> >>> >>> And users.xml >>> >>> >>> <?xml version="1.0" encoding="UTF-8" standalone="yes"?> >>> >>> <tenants> >>> >>> <groups/> >>> >>> <users> >>> >>> <user identifier="2ca01c6c-41bf-31b9-8101-5021367b7c51" >>> identity="CN=civitas, OU=ApacheNifi"/> >>> >>> </users> >>> >>> </tenants> >>> >>> I already create a policy using the same user cert so I guess the DN is >>> valid. >>> Am I defining the policy or making the call in a wrong way? >>> >>> Thanks in advance, >>> >>> Daniel Hernandez >>> >>> >>> >>