You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by mc...@apache.org on 2015/01/21 14:04:43 UTC
[31/64] [partial] incubator-nifi git commit: NIFI-270 Made all
changes identified by adam, mark, joey to prep for a cleaner build
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUserGroupAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUserGroupAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUserGroupAction.java
deleted file mode 100644
index 5377c46..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUserGroupAction.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.user.NiFiUserGroup;
-
-/**
- *
- */
-public class GetUserGroupAction implements AdministrationAction<NiFiUserGroup> {
-
- private final String group;
-
- public GetUserGroupAction(String group) {
- this.group = group;
- }
-
- @Override
- public NiFiUserGroup execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- final UserDAO userDAO = daoFactory.getUserDAO();
- final NiFiUserGroup userGroup = new NiFiUserGroup();
-
- // set the group
- userGroup.setGroup(group);
-
- // get the users in this group
- userGroup.setUsers(userDAO.findUsersForGroup(group));
-
- // return the group
- return userGroup;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUsersAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUsersAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUsersAction.java
deleted file mode 100644
index 42d180e..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/GetUsersAction.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Collection;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.user.NiFiUser;
-
-/**
- *
- */
-public class GetUsersAction implements AdministrationAction<Collection<NiFiUser>> {
-
- @Override
- public Collection<NiFiUser> execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- // get a UserDAO
- UserDAO userDAO = daoFactory.getUserDAO();
-
- // return the desired user
- return userDAO.findUsers();
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/HasPendingUserAccounts.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/HasPendingUserAccounts.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/HasPendingUserAccounts.java
deleted file mode 100644
index 3325642..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/HasPendingUserAccounts.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-
-/**
- * Action for creating a NiFiUser account.
- */
-public class HasPendingUserAccounts extends AbstractUserAction<Boolean> {
-
- @Override
- public Boolean execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
- return userDao.hasPendingUserAccounts();
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserAccountAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserAccountAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserAccountAction.java
deleted file mode 100644
index 14596b2..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserAccountAction.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.user.NiFiUser;
-
-/**
- * Invalidates a user account.
- */
-public class InvalidateUserAccountAction implements AdministrationAction<Void> {
-
- private final String id;
-
- public InvalidateUserAccountAction(String id) {
- this.id = id;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
-
- // get the current user details
- NiFiUser user = userDao.findUserById(id);
-
- // ensure the user exists
- if (user == null) {
- throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", id));
- }
-
- // invalidate the user account
- user.setLastVerified(null);
-
- // create the user entry
- userDao.updateUser(user);
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserGroupAccountsAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserGroupAccountsAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserGroupAccountsAction.java
deleted file mode 100644
index 0cb7e14..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/InvalidateUserGroupAccountsAction.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-
-/**
- * Invalidates a user account.
- */
-public class InvalidateUserGroupAccountsAction implements AdministrationAction<Void> {
-
- private final String group;
-
- public InvalidateUserGroupAccountsAction(String group) {
- this.group = group;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
-
- // create the user entry
- userDao.updateGroupVerification(group, null);
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/PurgeActionsAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/PurgeActionsAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/PurgeActionsAction.java
deleted file mode 100644
index b5a2883..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/PurgeActionsAction.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Date;
-import org.apache.nifi.action.Action;
-import org.apache.nifi.admin.dao.ActionDAO;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.authorization.AuthorityProvider;
-
-/**
- * Purges actions up to a specified end date.
- */
-public class PurgeActionsAction implements AdministrationAction<Void> {
-
- private final Date end;
- private final Action purgeAction;
-
- public PurgeActionsAction(Date end, Action purgeAction) {
- this.end = end;
- this.purgeAction = purgeAction;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) {
- ActionDAO actionDao = daoFactory.getActionDAO();
-
- // remove the corresponding actions
- actionDao.deleteActions(end);
-
- // create a purge action
- actionDao.createAction(purgeAction);
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/RequestUserAccountAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/RequestUserAccountAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/RequestUserAccountAction.java
deleted file mode 100644
index 3dce6d9..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/RequestUserAccountAction.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Date;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.security.util.CertificateUtils;
-import org.apache.nifi.user.AccountStatus;
-import org.apache.nifi.user.NiFiUser;
-
-/**
- *
- */
-public class RequestUserAccountAction implements AdministrationAction<NiFiUser> {
-
- private final String dn;
- private final String justification;
-
- public RequestUserAccountAction(String dn, String justification) {
- this.dn = dn;
- this.justification = justification;
- }
-
- @Override
- public NiFiUser execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
-
- // determine if this user already exists
- NiFiUser user = userDao.findUserByDn(dn);
- if (user != null) {
- throw new IllegalArgumentException(String.format("User account for %s already exists.", dn));
- }
-
- // create the user
- user = new NiFiUser();
- user.setDn(dn);
- user.setUserName(CertificateUtils.extractUsername(dn));
- user.setJustification(justification);
- user.setStatus(AccountStatus.PENDING);
-
- // update user timestamps
- Date now = new Date();
- user.setCreation(now);
-
- // create the new user account
- userDao.createUser(user);
-
- return user;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/SeedUserAccountsAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/SeedUserAccountsAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/SeedUserAccountsAction.java
deleted file mode 100644
index 72d68db..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/SeedUserAccountsAction.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.HashSet;
-import java.util.Set;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.security.util.CertificateUtils;
-import org.apache.nifi.user.AccountStatus;
-import org.apache.nifi.user.NiFiUser;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Seeds the user accounts. This action is performed at start up because it
- * takes the users specified in the authority provider and makes them available
- * to be seen in the UI. This happens because the UI loads the users from the
- * cache. Without pre loading the users, the table in the UI would only show a
- * given user once they have visited the application.
- */
-public class SeedUserAccountsAction extends AbstractUserAction<Void> {
-
- private static final Logger logger = LoggerFactory.getLogger(SeedUserAccountsAction.class);
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
- Set<String> authorizedDns = new HashSet<>();
-
- // get the current user cache
- final Set<NiFiUser> existingUsers;
- try {
- existingUsers = userDao.findUsers();
- } catch (Exception e) {
- // unable to access local cache... start up failure
- logger.error(String.format("Unable to get existing user base. Cannot proceed until these users can be "
- + "verified against the current authority provider: %s", e));
- throw new AdministrationException(e);
- }
-
- try {
- // all users for all roles
- for (final Authority authority : Authority.values()) {
- authorizedDns.addAll(authorityProvider.getUsers(authority));
- }
- } catch (AuthorityAccessException aae) {
- // unable to access the authority provider... honor the cache
- logger.warn("Unable to access authority provider due to " + aae);
- return null;
- }
-
- final Set<NiFiUser> accountsToRevoke = new HashSet<>(existingUsers);
-
- // persist the users
- for (String dn : authorizedDns) {
- NiFiUser user = null;
- try {
- // locate the user for this dn
- user = userDao.findUserByDn(dn);
- boolean newAccount = false;
-
- // if the user does not exist, create a new account
- if (user == null) {
- logger.info(String.format("Creating user account: %s", dn));
- newAccount = true;
-
- // create the user
- user = new NiFiUser();
- user.setDn(dn);
- user.setUserName(CertificateUtils.extractUsername(dn));
- user.setJustification("User details specified by authority provider.");
- } else {
- logger.info(String.format("User account already created: %s. Updating authorities...", dn));
- }
-
- // verify the account
- verifyAccount(authorityProvider, user);
-
- // persist the account accordingly
- if (newAccount) {
- CreateUserAction createUser = new CreateUserAction(user);
- createUser.execute(daoFactory, authorityProvider);
- } else {
- // this is not a new user and we have just verified their
- // account, do not revoke...
- accountsToRevoke.remove(user);
-
- // persist the user
- UpdateUserCacheAction updateUser = new UpdateUserCacheAction(user);
- updateUser.execute(daoFactory, authorityProvider);
-
- // persist the user's authorities
- UpdateUserAuthoritiesCacheAction updateUserAuthorities = new UpdateUserAuthoritiesCacheAction(user);
- updateUserAuthorities.execute(daoFactory, authorityProvider);
- }
- } catch (DataAccessException dae) {
- if (user != null) {
- logger.warn(String.format("Unable to access account details in local cache for user %s: %s", user, dae.getMessage()));
- } else {
- logger.warn(String.format("Unable to access account details in local cache: %s", dae.getMessage()));
- }
- } catch (UnknownIdentityException uie) {
- if (user != null) {
- logger.warn(String.format("Unable to find account details in authority provider for user %s: %s", user, uie.getMessage()));
- } else {
- logger.warn(String.format("Unable to find account details in authority provider: %s", uie.getMessage()));
- }
- } catch (AuthorityAccessException aae) {
- logger.warn("Unable to access authority provider due to " + aae);
-
- // unable to access authority provider for this user, honor the cache for now
- accountsToRevoke.remove(user);
- }
- }
-
- // remove all users that are no longer in the provider
- for (final NiFiUser user : accountsToRevoke) {
- // allow pending requests to remain...
- if (AccountStatus.PENDING.equals(user.getStatus())) {
- continue;
- }
-
- try {
- logger.info(String.format("User not authorized with configured provider: %s. Disabling account...", user.getDn()));
-
- // disable the account and reset its last verified timestamp since it was not found
- // in the current configured authority provider
- user.setStatus(AccountStatus.DISABLED);
- user.setLastVerified(null);
-
- // update the user record
- UpdateUserCacheAction updateUser = new UpdateUserCacheAction(user);
- updateUser.execute(daoFactory, authorityProvider);
- } catch (final Exception e) {
- // unable to revoke access for someone we know is not authorized... fail start up
- logger.error(String.format("Unable to revoke access for user %s that is no longer authorized: %s", user, e));
- throw new AdministrationException(e);
- }
- }
-
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserAction.java
deleted file mode 100644
index 01eaf5f..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserAction.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.user.NiFiUser;
-
-/**
- *
- */
-public class UngroupUserAction extends AbstractUserAction<Void> {
-
- private final String userId;
-
- public UngroupUserAction(String userId) {
- this.userId = userId;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) {
- final UserDAO userDao = daoFactory.getUserDAO();
-
- // get the user in question
- final NiFiUser user = userDao.findUserById(userId);
-
- // ensure the user exists
- if (user == null) {
- throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", userId));
- }
-
- // set the user group
- user.setUserGroup(null);
-
- // update the user locally
- userDao.updateUser(user);
-
- try {
- // update the authority provider
- authorityProvider.ungroupUser(user.getDn());
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to ungroup user '%s': %s", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to ungroup user '%s': %s", user.getDn(), aae.getMessage()), aae);
- }
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserGroupAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserGroupAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserGroupAction.java
deleted file mode 100644
index fa24fbe..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UngroupUserGroupAction.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-
-/**
- *
- */
-public class UngroupUserGroupAction extends AbstractUserAction<Void> {
-
- private final String group;
-
- public UngroupUserGroupAction(String group) {
- this.group = group;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) {
- final UserDAO userDao = daoFactory.getUserDAO();
-
- // update the user locally
- userDao.ungroup(group);
-
- try {
- // update the authority provider
- authorityProvider.ungroup(group);
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to ungroup '%s': %s", group, uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to ungroup '%s': %s", group, aae.getMessage()), aae);
- }
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAction.java
deleted file mode 100644
index cef21d7..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAction.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Date;
-import java.util.Set;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.user.AccountStatus;
-import org.apache.nifi.user.NiFiUser;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Sets user authorities.
- */
-public class UpdateUserAction extends AbstractUserAction<NiFiUser> {
-
- private static final Logger logger = LoggerFactory.getLogger(UpdateUserAction.class);
-
- private final String id;
- private final Set<Authority> authorities;
-
- public UpdateUserAction(String id, Set<Authority> authorities) {
- this.id = id;
- this.authorities = authorities;
- }
-
- @Override
- public NiFiUser execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException, AdministrationException {
- UserDAO userDao = daoFactory.getUserDAO();
-
- // get the user
- NiFiUser user = userDao.findUserById(id);
-
- // ensure the user exists
- if (user == null) {
- throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", id));
- }
-
- // determine whether this users exists
- boolean doesDnExist = false;
- try {
- doesDnExist = authorityProvider.doesDnExist(user.getDn());
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authority details: %s", aae.getMessage()), aae);
- }
-
- // if the user already doesn't exist, add them
- if (!doesDnExist) {
- try {
- // add the account account and group if necessary
- authorityProvider.addUser(user.getDn(), user.getUserGroup());
- } catch (final IdentityAlreadyExistsException iaee) {
- logger.warn(String.format("User '%s' already exists in the authority provider. Continuing with user update.", user.getDn()));
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authorities for '%s': %s", user.getDn(), aae.getMessage()), aae);
- }
- }
-
- try {
- // update the authority provider as approprivate
- authorityProvider.setAuthorities(user.getDn(), authorities);
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to modify authorities for '%s': %s.", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authorities for '%s': %s.", user.getDn(), aae.getMessage()), aae);
- }
-
- try {
- // get the user group
- user.setUserGroup(authorityProvider.getGroupForUser(user.getDn()));
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to determine the group for '%s': %s.", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access the group for '%s': %s.", user.getDn(), aae.getMessage()), aae);
- }
-
- // since all the authorities were updated accordingly, set the authorities
- user.getAuthorities().clear();
- user.getAuthorities().addAll(authorities);
-
- // update the users status in case they were previously pending or disabled
- user.setStatus(AccountStatus.ACTIVE);
-
- // update the users last verified time - this timestamp shouldn't be recorded
- // until the both the user's authorities and group have been synced
- Date now = new Date();
- user.setLastVerified(now);
-
- // persist the user's updates
- UpdateUserCacheAction updateUser = new UpdateUserCacheAction(user);
- updateUser.execute(daoFactory, authorityProvider);
-
- // persist the user's authorities
- UpdateUserAuthoritiesCacheAction updateUserAuthorities = new UpdateUserAuthoritiesCacheAction(user);
- updateUserAuthorities.execute(daoFactory, authorityProvider);
-
- // return the user
- return user;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAuthoritiesCacheAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAuthoritiesCacheAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAuthoritiesCacheAction.java
deleted file mode 100644
index 89661b2..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserAuthoritiesCacheAction.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Set;
-import org.apache.nifi.admin.dao.AuthorityDAO;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.user.NiFiUser;
-import org.apache.commons.collections4.CollectionUtils;
-
-/**
- * Updates a NiFiUser's authorities. Prior to invoking this action, the user's
- * authorities should be set according to the business logic of the service in
- * question. This should not be invoked directly when attempting to set user
- * authorities as the authorityProvider is not called from this action.
- */
-public class UpdateUserAuthoritiesCacheAction extends AbstractUserAction<Void> {
-
- private final NiFiUser user;
-
- public UpdateUserAuthoritiesCacheAction(NiFiUser user) {
- this.user = user;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
- AuthorityDAO authorityDao = daoFactory.getAuthorityDAO();
-
- // get the user
- NiFiUser currentUser = userDao.findUserById(user.getId());
-
- // ensure the user exists
- if (currentUser == null) {
- throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", user.getId()));
- }
-
- // determine what authorities need to be added/removed
- Set<Authority> authorities = user.getAuthorities();
- Set<Authority> authoritiesToAdd = determineAuthoritiesToAdd(currentUser, authorities);
- Set<Authority> authoritiesToRemove = determineAuthoritiesToRemove(currentUser, authorities);
-
- // update the user authorities locally
- if (CollectionUtils.isNotEmpty(authoritiesToAdd)) {
- authorityDao.createAuthorities(authoritiesToAdd, user.getId());
- }
- if (CollectionUtils.isNotEmpty(authoritiesToRemove)) {
- authorityDao.deleteAuthorities(authoritiesToRemove, user.getId());
- }
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserCacheAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserCacheAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserCacheAction.java
deleted file mode 100644
index 288e297..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserCacheAction.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.user.NiFiUser;
-
-/**
- * Updates a NiFiUser. This will not update the user authorities, they must be
- * updated with the UpdateUserAuthoritiesAction.
- */
-public class UpdateUserCacheAction extends AbstractUserAction<Void> {
-
- private final NiFiUser user;
-
- public UpdateUserCacheAction(NiFiUser user) {
- this.user = user;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- UserDAO userDao = daoFactory.getUserDAO();
-
- // update the user
- userDao.updateUser(user);
-
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
deleted file mode 100644
index 56b214c..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Set;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.user.AccountStatus;
-import org.apache.nifi.user.NiFiUser;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Updates all NiFiUser authorities in a specified group.
- */
-public class UpdateUserGroupAction extends AbstractUserAction<Void> {
-
- private static final Logger logger = LoggerFactory.getLogger(UpdateUserGroupAction.class);
-
- private final String group;
- private final Set<String> userIds;
- private final Set<Authority> authorities;
-
- public UpdateUserGroupAction(String group, Set<String> userIds, Set<Authority> authorities) {
- this.group = group;
- this.userIds = userIds;
- this.authorities = authorities;
- }
-
- @Override
- public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
- if (userIds == null && authorities == null) {
- throw new IllegalArgumentException("Must specify user Ids or authorities.");
- }
-
- UserDAO userDao = daoFactory.getUserDAO();
-
- // record the new users being added to this group
- final Set<NiFiUser> newUsers = new HashSet<>();
- final Set<String> newUserDns = new HashSet<>();
-
- // if the user ids have been specified we need to create/update a group using the specified group name
- if (userIds != null) {
- if (userIds.isEmpty()) {
- throw new IllegalArgumentException("When creating a group, at least one user id must be specified.");
- }
-
- // going to create a group using the specified user ids
- for (final String userId : userIds) {
- // get the user in question
- final NiFiUser user = userDao.findUserById(userId);
-
- // ensure the user exists
- if (user == null) {
- throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", userId));
- }
-
- try {
- // if the user is unknown to the authority provider we cannot continue
- if (!authorityProvider.doesDnExist(user.getDn()) || AccountStatus.DISABLED.equals(user.getStatus())) {
- throw new IllegalStateException(String.format("Unable to group these users because access for '%s' is not %s.", user.getDn(), AccountStatus.ACTIVE.toString()));
- }
-
- // record the user being added to this group
- newUsers.add(user);
- newUserDns.add(user.getDn());
- } catch (final AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authority details: %s", aae.getMessage()), aae);
- }
- }
-
- try {
- // update the authority provider
- authorityProvider.setUsersGroup(newUserDns, group);
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to set user group '%s': %s", StringUtils.join(newUserDns, ", "), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to set user group '%s': %s", StringUtils.join(newUserDns, ", "), aae.getMessage()), aae);
- }
- }
-
- // get all the users that need to be updated
- final Set<NiFiUser> users = new HashSet<>(userDao.findUsersForGroup(group));
- users.addAll(newUsers);
-
- // ensure the user exists
- if (users.isEmpty()) {
- throw new AccountNotFoundException(String.format("Unable to find user accounts with group id %s.", group));
- }
-
- // update each user in this group
- for (final NiFiUser user : users) {
- // if there are new authorities set them, otherwise refresh them according to the provider
- if (authorities != null) {
- try {
- // update the authority provider as approprivate
- authorityProvider.setAuthorities(user.getDn(), authorities);
-
- // since all the authorities were updated accordingly, set the authorities
- user.getAuthorities().clear();
- user.getAuthorities().addAll(authorities);
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to modify authorities for '%s': %s.", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authorities for '%s': %s.", user.getDn(), aae.getMessage()), aae);
- }
- } else {
- try {
- // refresh the authorities according to the provider
- user.getAuthorities().clear();
- user.getAuthorities().addAll(authorityProvider.getAuthorities(user.getDn()));
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to determine the authorities for '%s': %s.", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access authorities for '%s': %s.", user.getDn(), aae.getMessage()), aae);
- }
- }
-
- try {
- // get the user group
- user.setUserGroup(authorityProvider.getGroupForUser(user.getDn()));
- } catch (UnknownIdentityException uie) {
- throw new AccountNotFoundException(String.format("Unable to determine the group for '%s': %s.", user.getDn(), uie.getMessage()), uie);
- } catch (AuthorityAccessException aae) {
- throw new AdministrationException(String.format("Unable to access the group for '%s': %s.", user.getDn(), aae.getMessage()), aae);
- }
-
- // update the users status in case they were previously pending or disabled
- user.setStatus(AccountStatus.ACTIVE);
-
- // update the users last verified time - this timestamp shouldn't be recorded
- // until the both the user's authorities and group have been synced
- Date now = new Date();
- user.setLastVerified(now);
-
- // persist the user's updates
- UpdateUserCacheAction updateUser = new UpdateUserCacheAction(user);
- updateUser.execute(daoFactory, authorityProvider);
-
- // persist the user's authorities
- UpdateUserAuthoritiesCacheAction updateUserAuthorities = new UpdateUserAuthoritiesCacheAction(user);
- updateUserAuthorities.execute(daoFactory, authorityProvider);
- }
-
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardAuditService.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardAuditService.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardAuditService.java
deleted file mode 100644
index 127f1df..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardAuditService.java
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.impl;
-
-import java.io.IOException;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
-import org.apache.nifi.action.Action;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.admin.service.AuditService;
-import org.apache.nifi.admin.service.action.AddActionsAction;
-import org.apache.nifi.admin.service.action.GetActionAction;
-import org.apache.nifi.admin.service.action.GetActionsAction;
-import org.apache.nifi.admin.service.action.GetPreviousValues;
-import org.apache.nifi.admin.service.action.PurgeActionsAction;
-import org.apache.nifi.admin.service.transaction.Transaction;
-import org.apache.nifi.admin.service.transaction.TransactionBuilder;
-import org.apache.nifi.admin.service.transaction.TransactionException;
-import org.apache.nifi.history.History;
-import org.apache.nifi.history.HistoryQuery;
-import org.apache.nifi.history.PreviousValue;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- *
- */
-public class StandardAuditService implements AuditService {
-
- private static final Logger logger = LoggerFactory.getLogger(StandardAuditService.class);
-
- private final ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
- private final ReentrantReadWriteLock.ReadLock readLock = lock.readLock();
- private final ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
-
- private TransactionBuilder transactionBuilder;
-
- @Override
- public void addActions(Collection<Action> actions) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // seed the accounts
- AddActionsAction addActions = new AddActionsAction(actions);
- transaction.execute(addActions);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public Map<String, List<PreviousValue>> getPreviousValues(String processorId) {
- Transaction transaction = null;
- Map<String, List<PreviousValue>> previousValues = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // seed the accounts
- GetPreviousValues getActions = new GetPreviousValues(processorId);
- previousValues = transaction.execute(getActions);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
-
- return previousValues;
- }
-
- @Override
- public History getActions(HistoryQuery query) {
- Transaction transaction = null;
- History history = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // seed the accounts
- GetActionsAction getActions = new GetActionsAction(query);
- history = transaction.execute(getActions);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
-
- return history;
- }
-
- @Override
- public Action getAction(Integer actionId) {
- Transaction transaction = null;
- Action action = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // seed the accounts
- GetActionAction getAction = new GetActionAction(actionId);
- action = transaction.execute(getAction);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
-
- return action;
- }
-
- @Override
- public void purgeActions(Date end, Action purgeAction) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // purge the action database
- PurgeActionsAction purgeActions = new PurgeActionsAction(end, purgeAction);
- transaction.execute(purgeActions);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- /**
- * Rolls back the specified transaction.
- *
- * @param transaction
- */
- private void rollback(Transaction transaction) {
- if (transaction != null) {
- transaction.rollback();
- }
- }
-
- /**
- * Closes the specified transaction.
- *
- * @param transaction
- */
- private void closeQuietly(final Transaction transaction) {
- if (transaction != null) {
- try {
- transaction.close();
- } catch (final IOException ioe) {
- }
- }
- }
-
- /* setters */
- public void setTransactionBuilder(TransactionBuilder transactionBuilder) {
- this.transactionBuilder = transactionBuilder;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/f6d9354b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
----------------------------------------------------------------------
diff --git a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java b/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
deleted file mode 100644
index 5c9af4b..0000000
--- a/nifi/nar-bundles/framework-bundle/framework/administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
+++ /dev/null
@@ -1,663 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.impl;
-
-import java.io.IOException;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
-
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.service.AccountDisabledException;
-import org.apache.nifi.admin.service.AccountPendingException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.admin.service.UserService;
-import org.apache.nifi.admin.service.action.AuthorizeDownloadAction;
-import org.apache.nifi.admin.service.action.AuthorizeUserAction;
-import org.apache.nifi.admin.service.action.DeleteUserAction;
-import org.apache.nifi.admin.service.action.DisableUserAction;
-import org.apache.nifi.admin.service.action.DisableUserGroupAction;
-import org.apache.nifi.admin.service.action.FindUserByDnAction;
-import org.apache.nifi.admin.service.action.FindUserByIdAction;
-import org.apache.nifi.admin.service.action.GetUserGroupAction;
-import org.apache.nifi.admin.service.action.GetUsersAction;
-import org.apache.nifi.admin.service.action.HasPendingUserAccounts;
-import org.apache.nifi.admin.service.action.InvalidateUserAccountAction;
-import org.apache.nifi.admin.service.action.InvalidateUserGroupAccountsAction;
-import org.apache.nifi.admin.service.action.RequestUserAccountAction;
-import org.apache.nifi.admin.service.action.SeedUserAccountsAction;
-import org.apache.nifi.admin.service.action.UpdateUserAction;
-import org.apache.nifi.admin.service.action.UpdateUserGroupAction;
-import org.apache.nifi.admin.service.action.UngroupUserAction;
-import org.apache.nifi.admin.service.action.UngroupUserGroupAction;
-import org.apache.nifi.admin.service.transaction.Transaction;
-import org.apache.nifi.admin.service.transaction.TransactionBuilder;
-import org.apache.nifi.admin.service.transaction.TransactionException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.DownloadAuthorization;
-import org.apache.nifi.user.NiFiUser;
-import org.apache.nifi.user.NiFiUserGroup;
-import org.apache.nifi.util.FormatUtils;
-import org.apache.nifi.util.NiFiProperties;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- *
- */
-public class StandardUserService implements UserService {
-
- private static final Logger logger = LoggerFactory.getLogger(StandardUserService.class);
-
- private final ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
- private final ReentrantReadWriteLock.ReadLock readLock = lock.readLock();
- private final ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
-
- private TransactionBuilder transactionBuilder;
- private NiFiProperties properties;
-
- /**
- * Seed any users from the authority provider that are not already present.
- */
- public void seedUserAccounts() {
- // do not seed node's user cache. when/if the node disconnects its
- // cache will be populated lazily (as needed)
- if (properties.isNode()) {
- return;
- }
-
- Transaction transaction = null;
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // seed the accounts
- SeedUserAccountsAction seedUserAccounts = new SeedUserAccountsAction();
- transaction.execute(seedUserAccounts);
-
- // commit the transaction
- transaction.commit();
- } catch (AdministrationException ae) {
- rollback(transaction);
- throw ae;
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUser createPendingUserAccount(String dn, String justification) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // create the account request
- RequestUserAccountAction requestUserAccount = new RequestUserAccountAction(dn, justification);
- NiFiUser user = transaction.execute(requestUserAccount);
-
- // commit the transaction
- transaction.commit();
-
- // return the nifi user
- return user;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUserGroup updateGroup(final String group, final Set<String> userIds, final Set<Authority> authorities) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // if user ids have been specified, invalidate the user accounts before performing
- // the desired updates. if case of an error, this will ensure that these users are
- // authorized the next time the access the application
- if (userIds != null) {
- for (final String userId : userIds) {
- invalidateUserAccount(userId);
- }
- }
-
- // start the transaction
- transaction = transactionBuilder.start();
-
- // set the authorities for each user in this group if specified
- final UpdateUserGroupAction updateUserGroup = new UpdateUserGroupAction(group, userIds, authorities);
- transaction.execute(updateUserGroup);
-
- // get all the users that are now in this group
- final GetUserGroupAction getUserGroup = new GetUserGroupAction(group);
- final NiFiUserGroup userGroup = transaction.execute(getUserGroup);
-
- // commit the transaction
- transaction.commit();
-
- return userGroup;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public void ungroupUser(String id) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // ungroup the specified user
- final UngroupUserAction ungroupUser = new UngroupUserAction(id);
- transaction.execute(ungroupUser);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public void ungroup(String group) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // ungroup the specified user
- final UngroupUserGroupAction ungroupUserGroup = new UngroupUserGroupAction(group);
- transaction.execute(ungroupUserGroup);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUser checkAuthorization(String dn) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // create the connection
- transaction = transactionBuilder.start();
-
- // determine how long the cache is valid for
- final int cacheSeconds;
- try {
- cacheSeconds = (int) FormatUtils.getTimeDuration(properties.getUserCredentialCacheDuration(), TimeUnit.SECONDS);
- } catch (IllegalArgumentException iae) {
- throw new AdministrationException("User credential cache duration is not configured correctly.");
- }
-
- // attempt to authorize the user
- AuthorizeUserAction authorizeUser = new AuthorizeUserAction(dn, cacheSeconds);
- NiFiUser user = transaction.execute(authorizeUser);
-
- // commit the transaction
- transaction.commit();
-
- // return the nifi user
- return user;
- } catch (DataAccessException | TransactionException dae) {
- rollback(transaction);
- throw new AdministrationException(dae);
- } catch (AccountDisabledException | AccountPendingException ade) {
- rollback(transaction);
- throw ade;
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public void deleteUser(String id) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // create the connection
- transaction = transactionBuilder.start();
-
- // delete the user
- DeleteUserAction deleteUser = new DeleteUserAction(id);
- transaction.execute(deleteUser);
-
- // commit the transaction
- transaction.commit();
- } catch (DataAccessException | TransactionException dae) {
- rollback(transaction);
- throw new AdministrationException(dae);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUser disable(String id) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // create the connection
- transaction = transactionBuilder.start();
-
- // disable the user
- DisableUserAction disableUser = new DisableUserAction(id);
- NiFiUser user = transaction.execute(disableUser);
-
- // commit the transaction
- transaction.commit();
-
- // return the user
- return user;
- } catch (DataAccessException | TransactionException dae) {
- rollback(transaction);
- throw new AdministrationException(dae);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUserGroup disableGroup(String group) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // create the connection
- transaction = transactionBuilder.start();
-
- // disable the user
- DisableUserGroupAction disableUser = new DisableUserGroupAction(group);
- NiFiUserGroup userGroup = transaction.execute(disableUser);
-
- // commit the transaction
- transaction.commit();
-
- // return the user
- return userGroup;
- } catch (DataAccessException | TransactionException dae) {
- rollback(transaction);
- throw new AdministrationException(dae);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- @Override
- public NiFiUser update(String id, Set<Authority> authorities) {
- Transaction transaction = null;
-
- // may be empty but not null
- if (authorities == null) {
- throw new IllegalArgumentException("The specified authorities cannot be null.");
- }
-
- writeLock.lock();
- try {
- // invalidate the user account in preparation for potential subsequent errors
- invalidateUserAccount(id);
-
- // at this point the current user account has been invalidated so we will
- // attempt to update the account. if any part fails we are assured the
- // user will be need to be given approval before they access the system at
- // a later time
- // start the transaction
- transaction = transactionBuilder.start();
-
- // update the user authorities
- UpdateUserAction setUserAuthorities = new UpdateUserAction(id, authorities);
- NiFiUser user = transaction.execute(setUserAuthorities);
-
- // commit the transaction
- transaction.commit();
-
- // return the user
- return user;
- } catch (TransactionException | DataAccessException e) {
- rollback(transaction);
- throw new AdministrationException(e);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- /**
- * Invalidates the user with the specified id. This is done to ensure a user
- * account will need to be re-validated in case an error occurs while
- * modifying a user account. This method should only be invoked from within
- * a write lock.
- *
- * @param id
- */
- @Override
- public void invalidateUserAccount(String id) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // invalidate the user account
- InvalidateUserAccountAction invalidateUserAccount = new InvalidateUserAccountAction(id);
- transaction.execute(invalidateUserAccount);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- /**
- * Invalidates the user with the specified id. This is done to ensure a user
- * account will need to be re-validated in case an error occurs while
- * modifying a user account. This method should only be invoked from within
- * a write lock.
- *
- * @param group
- */
- @Override
- public void invalidateUserGroupAccount(String group) {
- Transaction transaction = null;
-
- writeLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // invalidate the user account
- InvalidateUserGroupAccountsAction invalidateUserGroupAccounts = new InvalidateUserGroupAccountsAction(group);
- transaction.execute(invalidateUserGroupAccounts);
-
- // commit the transaction
- transaction.commit();
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- writeLock.unlock();
- }
- }
-
- // -----------------
- // read only methods
- // -----------------
- @Override
- public Boolean hasPendingUserAccount() {
- Transaction transaction = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- final HasPendingUserAccounts hasPendingAccounts = new HasPendingUserAccounts();
- final Boolean hasPendingUserAccounts = transaction.execute(hasPendingAccounts);
-
- // commit the transaction
- transaction.commit();
-
- return hasPendingUserAccounts;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
- }
-
- @Override
- public DownloadAuthorization authorizeDownload(final List<String> dnChain, final Map<String, String> attributes) {
- Transaction transaction = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // authorize the download
- AuthorizeDownloadAction authorizeDownload = new AuthorizeDownloadAction(dnChain, attributes);
- DownloadAuthorization downloadAuthorization = transaction.execute(authorizeDownload);
-
- // commit the transaction
- transaction.commit();
-
- // return the authorization
- return downloadAuthorization;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
- }
-
- @Override
- public Collection<NiFiUser> getUsers() {
- Transaction transaction = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // get all users
- GetUsersAction getUsers = new GetUsersAction();
- Collection<NiFiUser> users = transaction.execute(getUsers);
-
- // commit the transaction
- transaction.commit();
-
- // return the users
- return users;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
- }
-
- @Override
- public NiFiUser getUserById(String id) {
- Transaction transaction = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // return the desired user
- FindUserByIdAction findUserById = new FindUserByIdAction(id);
- NiFiUser user = transaction.execute(findUserById);
-
- // commit the transaction
- transaction.commit();
-
- // return the user
- return user;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
- }
-
- @Override
- public NiFiUser getUserByDn(String dn) {
- Transaction transaction = null;
-
- readLock.lock();
- try {
- // start the transaction
- transaction = transactionBuilder.start();
-
- // return the desired user
- FindUserByDnAction findUserByDn = new FindUserByDnAction(dn);
- NiFiUser user = transaction.execute(findUserByDn);
-
- // commit the transaction
- transaction.commit();
-
- // return the user
- return user;
- } catch (TransactionException | DataAccessException te) {
- rollback(transaction);
- throw new AdministrationException(te);
- } catch (Throwable t) {
- rollback(transaction);
- throw t;
- } finally {
- closeQuietly(transaction);
- readLock.unlock();
- }
- }
-
- /**
- * Rolls back the specified transaction.
- *
- * @param transaction
- */
- private void rollback(final Transaction transaction) {
- if (transaction != null) {
- transaction.rollback();
- }
- }
-
- /**
- * Closes the specified transaction.
- *
- * @param transaction
- */
- private void closeQuietly(final Transaction transaction) {
- if (transaction != null) {
- try {
- transaction.close();
- } catch (final IOException ioe) {
- }
- }
- }
-
- /*
- * setters
- */
- public void setTransactionBuilder(TransactionBuilder transactionBuilder) {
- this.transactionBuilder = transactionBuilder;
- }
-
- public void setProperties(NiFiProperties properties) {
- this.properties = properties;
- }
-
-}