You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ex...@apache.org on 2022/11/09 21:47:20 UTC

[nifi] branch main updated: NIFI-10130 AzureGraphUserGroupProvider handles group with transitive members

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 0643f336e8 NIFI-10130 AzureGraphUserGroupProvider handles group with transitive members
0643f336e8 is described below

commit 0643f336e8266043c4ec01e1c07b8ef5bb38b02a
Author: Seokwon Yang <il...@hotmail.com>
AuthorDate: Fri Jun 17 18:51:34 2022 +0000

    NIFI-10130 AzureGraphUserGroupProvider handles group with transitive members
    
    This closes #6135
    
    Signed-off-by: David Handermann <ex...@apache.org>
---
 .../azure/AzureGraphUserGroupProvider.java         | 26 ++++++++--------------
 1 file changed, 9 insertions(+), 17 deletions(-)

diff --git a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-graph-authorizer/src/main/java/org/apache/nifi/authorization/azure/AzureGraphUserGroupProvider.java b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-graph-authorizer/src/main/java/org/apache/nifi/authorization/azure/AzureGraphUserGroupProvider.java
index fd74b4ad39..6a45cfe1f1 100644
--- a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-graph-authorizer/src/main/java/org/apache/nifi/authorization/azure/AzureGraphUserGroupProvider.java
+++ b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-graph-authorizer/src/main/java/org/apache/nifi/authorization/azure/AzureGraphUserGroupProvider.java
@@ -32,17 +32,16 @@ import java.util.stream.Collectors;
 
 import com.google.gson.JsonObject;
 import com.microsoft.graph.core.ClientException;
-import com.microsoft.graph.models.extensions.DirectoryObject;
 import com.microsoft.graph.models.extensions.IGraphServiceClient;
 import com.microsoft.graph.options.Option;
 import com.microsoft.graph.options.QueryOption;
 import com.microsoft.graph.requests.extensions.GraphServiceClient;
-import com.microsoft.graph.requests.extensions.IDirectoryObjectCollectionWithReferencesPage;
-import com.microsoft.graph.requests.extensions.IDirectoryObjectCollectionWithReferencesRequest;
-import com.microsoft.graph.requests.extensions.IDirectoryObjectCollectionWithReferencesRequestBuilder;
 import com.microsoft.graph.requests.extensions.IGroupCollectionPage;
 import com.microsoft.graph.requests.extensions.IGroupCollectionRequest;
 import com.microsoft.graph.requests.extensions.IGroupCollectionRequestBuilder;
+import com.microsoft.graph.requests.extensions.IUserCollectionWithReferencesPage;
+import com.microsoft.graph.requests.extensions.IUserCollectionWithReferencesRequest;
+import com.microsoft.graph.requests.extensions.IUserCollectionWithReferencesRequestBuilder;
 
 import org.apache.nifi.authorization.AuthorizerConfigurationContext;
 import org.apache.nifi.authorization.Group;
@@ -345,23 +344,16 @@ public class AzureGraphUserGroupProvider implements UserGroupProvider {
                     .identifier(graphGroup.id)
                     .name(graphGroup.displayName);
 
-            IDirectoryObjectCollectionWithReferencesRequest uRequest =
+            IUserCollectionWithReferencesRequest uRequest =
                 graphClient.groups(graphGroup.id)
-                    .members()
+                    .transitiveMembersAsUser()
                     .buildRequest()
                     .select("id, displayName, mail, userPrincipalName");
 
-            if (pageSize > 0) {
-                uRequest = uRequest.top(pageSize);
-            }
-            IDirectoryObjectCollectionWithReferencesPage userpage =
-                graphClient.groups(graphGroup.id)
-                    .members()
-                    .buildRequest()
-                    .select("id, displayName, mail, userPrincipalName").get();
+            IUserCollectionWithReferencesPage userpage = uRequest.get();
 
-            while (userpage.getCurrentPage() != null) {
-                for (DirectoryObject userDO : userpage.getCurrentPage()) {
+            while (userpage != null && userpage.getCurrentPage() != null) {
+                for (com.microsoft.graph.models.extensions.User userDO : userpage.getCurrentPage()) {
                     JsonObject jsonUser = userDO.getRawObject();
                     final String idUser;
                     if (!jsonUser.get("id").isJsonNull()) {
@@ -386,7 +378,7 @@ public class AzureGraphUserGroupProvider implements UserGroupProvider {
                     users.add(user);
                     groupBuilder.addUser(idUser);
                 }
-                IDirectoryObjectCollectionWithReferencesRequestBuilder nextPageRequest = userpage.getNextPage();
+                IUserCollectionWithReferencesRequestBuilder nextPageRequest = userpage.getNextPage();
 
                 if (nextPageRequest != null) {
                     userpage = nextPageRequest.buildRequest().get();