[GitHub] nifi pull request #2515: NIFI-4885: Granular component restrictions
Github user asfgit closed the pull request at: https://github.com/apache/nifi/pull/2515 ---
[GitHub] nifi pull request #2515: NIFI-4885: Granular component restrictions
Github user mcgilman commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2515#discussion_r173869295
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/coordination/http/endpoints/CurrentUserEndpointMerger.java
---
@@ -53,6 +54,23 @@ protected void mergeResponses(final CurrentUserEntity
clientEntity, final Map
clientEntityComponentRestrictionsPermissions =
clientEntity.getComponentRestrictionPermissions();
+final Set
entityComponentRestrictionsPermissions =
entity.getComponentRestrictionPermissions();
+
+// only retain the component restriction permissions in
common
+
clientEntityComponentRestrictionsPermissions.retainAll(entityComponentRestrictionsPermissions);
+
+// merge the component restriction permissions
+
clientEntityComponentRestrictionsPermissions.forEach(clientEntityPermission -> {
+final ComponentRestrictionPermissionDTO
entityPermission =
entityComponentRestrictionsPermissions.stream().filter(entityComponentRestrictionsPermission
-> {
+return
entityComponentRestrictionsPermission.getRequiredPermission().getId().equals(clientEntityPermission.getRequiredPermission().getId());
+}).findFirst().orElse(null);
--- End diff --
Because we're doing a retainAll right before this we know that both
collections will each have an entry for the current clientEntityPermission. I
will update to use get() instead.
---
[GitHub] nifi pull request #2515: NIFI-4885: Granular component restrictions
Github user markap14 commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2515#discussion_r173858341
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-cluster/src/main/java/org/apache/nifi/cluster/coordination/http/endpoints/CurrentUserEndpointMerger.java
---
@@ -53,6 +54,23 @@ protected void mergeResponses(final CurrentUserEntity
clientEntity, final Map
clientEntityComponentRestrictionsPermissions =
clientEntity.getComponentRestrictionPermissions();
+final Set
entityComponentRestrictionsPermissions =
entity.getComponentRestrictionPermissions();
+
+// only retain the component restriction permissions in
common
+
clientEntityComponentRestrictionsPermissions.retainAll(entityComponentRestrictionsPermissions);
+
+// merge the component restriction permissions
+
clientEntityComponentRestrictionsPermissions.forEach(clientEntityPermission -> {
+final ComponentRestrictionPermissionDTO
entityPermission =
entityComponentRestrictionsPermissions.stream().filter(entityComponentRestrictionsPermission
-> {
+return
entityComponentRestrictionsPermission.getRequiredPermission().getId().equals(clientEntityPermission.getRequiredPermission().getId());
+}).findFirst().orElse(null);
--- End diff --
Are we guaranteed at this point that there will be at least one entry? If
so, then we should probably just use findFirst().get() because it makes this
more clear. If not, then we could end up with a null value here, and the next
line would then throw a NPE.
---
[GitHub] nifi pull request #2515: NIFI-4885: Granular component restrictions
GitHub user mcgilman opened a pull request: https://github.com/apache/nifi/pull/2515 NIFI-4885: Granular component restrictions NIFI-4885: - Introducing more granular restricted component access policies. - Current restricted components have been updated to use new granular restrictions. You can merge this pull request into a Git repository by running: $ git pull https://github.com/mcgilman/nifi NIFI-4885 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/nifi/pull/2515.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2515 commit 0610789f4e75f3983d54f75cec79e0a2bd8b7991 Author: Matt Gilman Date: 2018-02-16T21:21:47Z NIFI-4885: - Introducing more granular restricted component access policies. ---
