/** * Retrieves the specified access policy. * * @return An accessPolicyEntity. */ @GET @Consumes(MediaType.WILDCARD) @Produces(MediaType.APPLICATION_JSON) @Path("{action}/{resource: .+}") // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')") @ApiOperation( value = "Gets an access policy", response = AccessPolicyEntity.class, authorizations = { @Authorization(value = "Read Only", type = "ROLE_MONITOR"), @Authorization(value = "Data Flow Manager", type = "ROLE_DFM"), @Authorization(value = "Administrator", type = "ROLE_ADMIN") }) @ApiResponses( value = { @ApiResponse( code = 400, message = "NiFi was unable to complete the request because it was invalid. The request should not be retried without modification."), @ApiResponse(code = 401, message = "Client could not be authenticated."), @ApiResponse(code = 403, message = "Client is not authorized to make this request."), @ApiResponse(code = 404, message = "The specified resource could not be found."), @ApiResponse( code = 409, message = "The request was valid but NiFi was not in the appropriate state to process it. Retrying the same request later may be successful.") }) public Response getAccessPolicyForResource( @ApiParam(value = "The request action.", allowableValues = "read, write", required = true) @PathParam("action") final String action, @ApiParam(value = "The resource of the policy.", required = true) @PathParam("resource") String rawResource) { // parse the action and resource type final RequestAction requestAction = RequestAction.valueOfValue(action); final String resource = "/" + rawResource; if (isReplicateRequest()) { return replicate(HttpMethod.GET); } // authorize access serviceFacade.authorizeAccess( lookup -> { final Authorizable accessPolicy = lookup.getAccessPolicyByResource(resource); accessPolicy.authorize(authorizer, RequestAction.READ, NiFiUserUtils.getNiFiUser()); }); // get the access policy final AccessPolicyEntity entity = serviceFacade.getAccessPolicy(requestAction, resource); populateRemainingAccessPolicyEntityContent(entity); return clusterContext(generateOkResponse(entity)).build(); }