コード例 #1
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  /** Seed any users from the authority provider that are not already present. */
  public void seedUserAccounts() {
    // do not seed node's user cache. when/if the node disconnects its
    // cache will be populated lazily (as needed)
    if (properties.isNode()) {
      return;
    }

    Transaction transaction = null;
    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // seed the accounts
      SeedUserAccountsAction seedUserAccounts = new SeedUserAccountsAction();
      transaction.execute(seedUserAccounts);

      // commit the transaction
      transaction.commit();
    } catch (AdministrationException ae) {
      rollback(transaction);
      throw ae;
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #2
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public Key getOrCreateKey(String identity) {
    Transaction transaction = null;
    Key key = null;

    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // get or create a key
      GetOrCreateKeyAction addActions = new GetOrCreateKeyAction(identity);
      key = transaction.execute(addActions);

      // commit the transaction
      transaction.commit();
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }

    return key;
  }
コード例 #3
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public void deleteKey(String identity) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // delete the keys
      DeleteKeysAction deleteKeys = new DeleteKeysAction(identity);
      transaction.execute(deleteKeys);

      // commit the transaction
      transaction.commit();
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #4
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUser getUserByDn(String dn) {
    Transaction transaction = null;

    readLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // return the desired user
      FindUserByDnAction findUserByDn = new FindUserByDnAction(dn);
      NiFiUser user = transaction.execute(findUserByDn);

      // commit the transaction
      transaction.commit();

      // return the user
      return user;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      readLock.unlock();
    }
  }
コード例 #5
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public Key getKey(int id) {
    Transaction transaction = null;
    Key key = null;

    readLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // get the key
      GetKeyByIdAction addActions = new GetKeyByIdAction(id);
      key = transaction.execute(addActions);

      // commit the transaction
      transaction.commit();
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      readLock.unlock();
    }

    return key;
  }
コード例 #6
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public DownloadAuthorization authorizeDownload(
      final List<String> dnChain, final Map<String, String> attributes) {
    Transaction transaction = null;

    readLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // authorize the download
      AuthorizeDownloadAction authorizeDownload = new AuthorizeDownloadAction(dnChain, attributes);
      DownloadAuthorization downloadAuthorization = transaction.execute(authorizeDownload);

      // commit the transaction
      transaction.commit();

      // return the authorization
      return downloadAuthorization;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      readLock.unlock();
    }
  }
コード例 #7
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public Collection<NiFiUser> getUsers() {
    Transaction transaction = null;

    readLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // get all users
      GetUsersAction getUsers = new GetUsersAction();
      Collection<NiFiUser> users = transaction.execute(getUsers);

      // commit the transaction
      transaction.commit();

      // return the users
      return users;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      readLock.unlock();
    }
  }
コード例 #8
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public void invalidateUserGroupAccount(String group) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // invalidate the user account
      InvalidateUserGroupAccountsAction invalidateUserGroupAccounts =
          new InvalidateUserGroupAccountsAction(group);
      transaction.execute(invalidateUserGroupAccounts);

      // commit the transaction
      transaction.commit();
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #9
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  // -----------------
  // read only methods
  // -----------------
  @Override
  public Boolean hasPendingUserAccount() {
    Transaction transaction = null;

    readLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      final HasPendingUserAccounts hasPendingAccounts = new HasPendingUserAccounts();
      final Boolean hasPendingUserAccounts = transaction.execute(hasPendingAccounts);

      // commit the transaction
      transaction.commit();

      return hasPendingUserAccounts;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      readLock.unlock();
    }
  }
コード例 #10
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUserGroup disableGroup(String group) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // create the connection
      transaction = transactionBuilder.start();

      // disable the user
      DisableUserGroupAction disableUser = new DisableUserGroupAction(group);
      NiFiUserGroup userGroup = transaction.execute(disableUser);

      // commit the transaction
      transaction.commit();

      // return the user
      return userGroup;
    } catch (DataAccessException | TransactionException dae) {
      rollback(transaction);
      throw new AdministrationException(dae);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #11
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public void deleteUser(String id) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // create the connection
      transaction = transactionBuilder.start();

      // delete the user
      DeleteUserAction deleteUser = new DeleteUserAction(id);
      transaction.execute(deleteUser);

      // commit the transaction
      transaction.commit();
    } catch (DataAccessException | TransactionException dae) {
      rollback(transaction);
      throw new AdministrationException(dae);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #12
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public void ungroup(String group) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // ungroup the specified user
      final UngroupUserGroupAction ungroupUserGroup = new UngroupUserGroupAction(group);
      transaction.execute(ungroupUserGroup);

      // commit the transaction
      transaction.commit();
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #13
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUser createPendingUserAccount(String dn, String justification) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // start the transaction
      transaction = transactionBuilder.start();

      // create the account request
      RequestUserAccountAction requestUserAccount = new RequestUserAccountAction(dn, justification);
      NiFiUser user = transaction.execute(requestUserAccount);

      // commit the transaction
      transaction.commit();

      // return the nifi user
      return user;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #14
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUser checkAuthorization(String dn) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // create the connection
      transaction = transactionBuilder.start();

      // determine how long the cache is valid for
      final int cacheSeconds;
      try {
        cacheSeconds =
            (int)
                FormatUtils.getTimeDuration(
                    properties.getUserCredentialCacheDuration(), TimeUnit.SECONDS);
      } catch (IllegalArgumentException iae) {
        throw new AdministrationException(
            "User credential cache duration is not configured correctly.");
      }

      // attempt to authorize the user
      AuthorizeUserAction authorizeUser = new AuthorizeUserAction(dn, cacheSeconds);
      NiFiUser user = transaction.execute(authorizeUser);

      // commit the transaction
      transaction.commit();

      // return the nifi user
      return user;
    } catch (DataAccessException | TransactionException dae) {
      rollback(transaction);
      throw new AdministrationException(dae);
    } catch (AccountDisabledException | AccountPendingException ade) {
      rollback(transaction);
      throw ade;
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #15
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUserGroup updateGroup(
      final String group, final Set<String> userIds, final Set<Authority> authorities) {
    Transaction transaction = null;

    writeLock.lock();
    try {
      // if user ids have been specified, invalidate the user accounts before performing
      // the desired updates. if case of an error, this will ensure that these users are
      // authorized the next time the access the application
      if (userIds != null) {
        for (final String userId : userIds) {
          invalidateUserAccount(userId);
        }
      }

      // start the transaction
      transaction = transactionBuilder.start();

      // set the authorities for each user in this group if specified
      final UpdateUserGroupAction updateUserGroup =
          new UpdateUserGroupAction(group, userIds, authorities);
      transaction.execute(updateUserGroup);

      // get all the users that are now in this group
      final GetUserGroupAction getUserGroup = new GetUserGroupAction(group);
      final NiFiUserGroup userGroup = transaction.execute(getUserGroup);

      // commit the transaction
      transaction.commit();

      return userGroup;
    } catch (TransactionException | DataAccessException te) {
      rollback(transaction);
      throw new AdministrationException(te);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }
コード例 #16
0
ファイル: StandardUserService.java プロジェクト: Ianwww/nifi
  @Override
  public NiFiUser update(String id, Set<Authority> authorities) {
    Transaction transaction = null;

    // may be empty but not null
    if (authorities == null) {
      throw new IllegalArgumentException("The specified authorities cannot be null.");
    }

    writeLock.lock();
    try {
      // invalidate the user account in preparation for potential subsequent errors
      invalidateUserAccount(id);

      // at this point the current user account has been invalidated so we will
      // attempt to update the account. if any part fails we are assured the
      // user will be need to be given approval before they access the system at
      // a later time
      // start the transaction
      transaction = transactionBuilder.start();

      // update the user authorities
      UpdateUserAction setUserAuthorities = new UpdateUserAction(id, authorities);
      NiFiUser user = transaction.execute(setUserAuthorities);

      // commit the transaction
      transaction.commit();

      // return the user
      return user;
    } catch (TransactionException | DataAccessException e) {
      rollback(transaction);
      throw new AdministrationException(e);
    } catch (Throwable t) {
      rollback(transaction);
      throw t;
    } finally {
      closeQuietly(transaction);
      writeLock.unlock();
    }
  }