You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by pz...@apache.org on 2018/07/13 12:27:58 UTC
[1/2] knox git commit: KNOX-1386 - NiFi service discovery uses
properties which may have templates as values
Repository: knox
Updated Branches:
refs/heads/v1.1.0 d9b569c1f -> 2748f1c04
KNOX-1386 - NiFi service discovery uses properties which may have templates as values
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/d0de3d59
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/d0de3d59
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/d0de3d59
Branch: refs/heads/v1.1.0
Commit: d0de3d599c1553fc5494d6339f3c6a8e44d42199
Parents: d9b569c
Author: Phil Zampino <pz...@apache.org>
Authored: Wed Jul 11 17:24:44 2018 -0400
Committer: Phil Zampino <pz...@apache.org>
Committed: Wed Jul 11 17:24:44 2018 -0400
----------------------------------------------------------------------
.../ambari/AmbariServiceDiscovery.java | 5 +-
.../discovery/ambari/NiFiURLCreator.java | 84 ++++++++++++++++++++
....topology.discovery.ambari.ServiceURLCreator | 1 +
.../ambari-service-discovery-url-mappings.xml | 55 -------------
4 files changed, 89 insertions(+), 56 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/d0de3d59/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscovery.java
----------------------------------------------------------------------
diff --git a/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscovery.java b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscovery.java
index 821dc0e..04f3d58 100644
--- a/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscovery.java
+++ b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscovery.java
@@ -283,7 +283,10 @@ class AmbariServiceDiscovery implements ServiceDiscovery {
if (!componentHostNames.containsKey(componentName)) {
componentHostNames.put(componentName, new ArrayList<>());
}
- componentHostNames.get(componentName).add(hostName);
+ // Avoid duplicates
+ if (!componentHostNames.get(componentName).contains(hostName)) {
+ componentHostNames.get(componentName).add(hostName);
+ }
}
}
}
http://git-wip-us.apache.org/repos/asf/knox/blob/d0de3d59/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/NiFiURLCreator.java
----------------------------------------------------------------------
diff --git a/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/NiFiURLCreator.java b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/NiFiURLCreator.java
new file mode 100644
index 0000000..dacd883
--- /dev/null
+++ b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/NiFiURLCreator.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.knox.gateway.topology.discovery.ambari;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+public class NiFiURLCreator implements ServiceURLCreator {
+
+ static final String COMPONENT_NAME = "NIFI_MASTER";
+ static final String CONFIG_SERVICE = "NIFI";
+ static final String CONFIG_TYPE = "nifi-ambari-config";
+ static final String CONFIG_TYPE_SSL = "nifi-ambari-ssl-config";
+
+ static final String SSL_ENABLED_PROPERTY = "nifi.node.ssl.isenabled";
+
+ static final String SCHEME_HTTP = "http";
+ static final String SCHEME_HTTPS = "https";
+
+ static final String PORT_PROPERTY = "nifi.node.port";
+ static final String SSL_PORT_PROPERTY = "nifi.node.ssl.port";
+
+
+ private AmbariCluster cluster = null;
+
+ @Override
+ public String getTargetService() {
+ return CONFIG_SERVICE ;
+ }
+
+ @Override
+ public void init(AmbariCluster cluster) {
+ this.cluster = cluster;
+ }
+
+ @Override
+ public List<String> create(String service, Map<String, String> serviceParams) {
+ List<String> urls = new ArrayList<>();
+
+ AmbariComponent component = cluster.getComponent(COMPONENT_NAME);
+ if (component != null) {
+ AmbariCluster.ServiceConfiguration sc = cluster.getServiceConfiguration(service, CONFIG_TYPE);
+ if (sc != null) {
+ Map<String, String> configProps = sc.getProperties();
+
+ boolean isSSLEnabled = isSSLEnabled(service);
+ String scheme = isSSLEnabled ? SCHEME_HTTPS : SCHEME_HTTP;
+ String port = isSSLEnabled ? configProps.get(SSL_PORT_PROPERTY) : configProps.get(PORT_PROPERTY);
+
+ for (String hostName : component.getHostNames()) {
+ urls.add(scheme + "://" + hostName + ":" + port);
+ }
+ }
+ }
+ return urls;
+ }
+
+ private boolean isSSLEnabled(String service) {
+ boolean isSSLEnabled = false;
+
+ AmbariCluster.ServiceConfiguration config = cluster.getServiceConfiguration(service, CONFIG_TYPE_SSL);
+ if (config != null) {
+ isSSLEnabled = Boolean.valueOf(config.getProperties().getOrDefault(SSL_ENABLED_PROPERTY, "false"));
+ }
+
+ return isSSLEnabled;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/d0de3d59/gateway-discovery-ambari/src/main/resources/META-INF/services/org.apache.knox.gateway.topology.discovery.ambari.ServiceURLCreator
----------------------------------------------------------------------
diff --git a/gateway-discovery-ambari/src/main/resources/META-INF/services/org.apache.knox.gateway.topology.discovery.ambari.ServiceURLCreator b/gateway-discovery-ambari/src/main/resources/META-INF/services/org.apache.knox.gateway.topology.discovery.ambari.ServiceURLCreator
index f385ae6..d1c6af0 100644
--- a/gateway-discovery-ambari/src/main/resources/META-INF/services/org.apache.knox.gateway.topology.discovery.ambari.ServiceURLCreator
+++ b/gateway-discovery-ambari/src/main/resources/META-INF/services/org.apache.knox.gateway.topology.discovery.ambari.ServiceURLCreator
@@ -25,3 +25,4 @@ org.apache.knox.gateway.topology.discovery.ambari.YarnUIV2URLCreator
org.apache.knox.gateway.topology.discovery.ambari.SparkHistoryUIServiceURLCreator
org.apache.knox.gateway.topology.discovery.ambari.LivyServiceURLCreator
org.apache.knox.gateway.topology.discovery.ambari.SparkThriftServerUIServiceURLCreator
+org.apache.knox.gateway.topology.discovery.ambari.NiFiURLCreator
http://git-wip-us.apache.org/repos/asf/knox/blob/d0de3d59/gateway-discovery-ambari/src/main/resources/ambari-service-discovery-url-mappings.xml
----------------------------------------------------------------------
diff --git a/gateway-discovery-ambari/src/main/resources/ambari-service-discovery-url-mappings.xml b/gateway-discovery-ambari/src/main/resources/ambari-service-discovery-url-mappings.xml
index 5609de3..a41bbed 100644
--- a/gateway-discovery-ambari/src/main/resources/ambari-service-discovery-url-mappings.xml
+++ b/gateway-discovery-ambari/src/main/resources/ambari-service-discovery-url-mappings.xml
@@ -569,59 +569,4 @@
</properties>
</service>
- <service name="NIFI">
- <url-pattern>{SCHEME}://{HOST}:{PORT}</url-pattern>
- <properties>
- <property name="COMPONENT_HOST">
- <component>NIFI_MASTER</component>
- <hostname/>
- </property>
- <property name="HTTP_HOST">
- <component>NIFI_MASTER</component>
- <config-property>nifi.web.http.host</config-property>
- </property>
- <property name="HTTPS_HOST">
- <component>NIFI_MASTER</component>
- <config-property>nifi.web.https.host</config-property>
- </property>
- <property name="HTTP_PORT">
- <component>NIFI_MASTER</component>
- <config-property>nifi.web.http.port</config-property>
- </property>
- <property name="HTTPS_PORT">
- <component>NIFI_MASTER</component>
- <config-property>nifi.web.https.port</config-property>
- </property>
- <property name="SCHEME">
- <config-property>
- <if property="HTTPS_PORT">
- <then>https</then>
- <else>http</else>
- </if>
- </config-property>
- </property>
- <property name="HOST">
- <config-property>
- <if property="HTTPS_HOST">
- <then>HTTPS_HOST</then>
- <else>
- <if property="HTTP_HOST">
- <then>HTTP_HOST</then>
- <else>COMPONENT_HOST</else>
- </if>
- </else>
- </if>
- </config-property>
- </property>
- <property name="PORT">
- <config-property>
- <if property="SCHEME" value="https">
- <then>HTTPS_PORT</then>
- <else>HTTP_PORT</else>
- </if>
- </config-property>
- </property>
- </properties>
- </service>
-
</service-discovery-url-mappings>
[2/2] knox git commit: KNOX-1387 - NPE in AclsAuthorizationFilter
Posted by pz...@apache.org.
KNOX-1387 - NPE in AclsAuthorizationFilter
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/2748f1c0
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/2748f1c0
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/2748f1c0
Branch: refs/heads/v1.1.0
Commit: 2748f1c0490bda5bf372fd91ee1588a04fadfacb
Parents: d0de3d5
Author: Phil Zampino <pz...@apache.org>
Authored: Fri Jul 13 08:10:29 2018 -0400
Committer: Phil Zampino <pz...@apache.org>
Committed: Fri Jul 13 08:10:29 2018 -0400
----------------------------------------------------------------------
.../org/apache/knox/gateway/filter/AclParser.java | 16 ++++++----------
1 file changed, 6 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/2748f1c0/gateway-provider-security-authz-acls/src/main/java/org/apache/knox/gateway/filter/AclParser.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-authz-acls/src/main/java/org/apache/knox/gateway/filter/AclParser.java b/gateway-provider-security-authz-acls/src/main/java/org/apache/knox/gateway/filter/AclParser.java
index ceac18e..9df4059 100644
--- a/gateway-provider-security-authz-acls/src/main/java/org/apache/knox/gateway/filter/AclParser.java
+++ b/gateway-provider-security-authz-acls/src/main/java/org/apache/knox/gateway/filter/AclParser.java
@@ -24,11 +24,11 @@ import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.util.IpAddressValidator;
/**
+ *
*/
public class AclParser {
private static AclsAuthorizationMessages log = MessagesFactory.get( AclsAuthorizationMessages.class );
- public String resourceRole;
public ArrayList<String> users;
public ArrayList<String> groups;
public boolean anyUser = true;
@@ -37,6 +37,9 @@ public class AclParser {
public AclParser() {
+ users = new ArrayList<>();
+ groups = new ArrayList<>();
+ ipv = new IpAddressValidator(null);
}
public void parseAcls(String resourceRole, String acls) throws InvalidACLException {
@@ -45,8 +48,7 @@ public class AclParser {
if (parts.length != 3) {
log.invalidAclsFoundForResource(resourceRole);
throw new InvalidACLException("Invalid ACLs specified for requested resource: " + resourceRole);
- }
- else {
+ } else {
log.aclsFoundForResource(resourceRole);
}
parseUserAcls(parts);
@@ -54,17 +56,12 @@ public class AclParser {
parseGroupAcls(parts);
parseIpAddressAcls(parts);
- }
- else {
+ } else {
log.noAclsFoundForResource(resourceRole);
- users = new ArrayList<String>();
- groups = new ArrayList<String>();
- ipv = new IpAddressValidator(null);
}
}
private void parseUserAcls(String[] parts) {
- users = new ArrayList<String>();
Collections.addAll(users, parts[0].split(","));
if (!users.contains("*")) {
anyUser = false;
@@ -72,7 +69,6 @@ public class AclParser {
}
private void parseGroupAcls(String[] parts) {
- groups = new ArrayList<String>();
Collections.addAll(groups, parts[1].split(","));
if (!groups.contains("*")) {
anyGroup = false;