org.apache.nifi.audit.ProcessorAuditor.java Source code

Java tutorial

Introduction

Here is the source code for org.apache.nifi.audit.ProcessorAuditor.java

Source

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.nifi.audit;

import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.action.Action;
import org.apache.nifi.action.Component;
import org.apache.nifi.action.FlowChangeAction;
import org.apache.nifi.action.Operation;
import org.apache.nifi.action.component.details.FlowChangeExtensionDetails;
import org.apache.nifi.action.details.ActionDetails;
import org.apache.nifi.action.details.FlowChangeConfigureDetails;
import org.apache.nifi.authorization.user.NiFiUser;
import org.apache.nifi.authorization.user.NiFiUserUtils;
import org.apache.nifi.components.PropertyDescriptor;
import org.apache.nifi.controller.ProcessorNode;
import org.apache.nifi.controller.ScheduledState;
import org.apache.nifi.processor.Relationship;
import org.apache.nifi.web.api.dto.ProcessorConfigDTO;
import org.apache.nifi.web.api.dto.ProcessorDTO;
import org.apache.nifi.web.dao.ProcessorDAO;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.text.Collator;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;

/**
 * Audits processor creation/removal and configuration changes.
 */
@Aspect
public class ProcessorAuditor extends NiFiAuditor {

    private static final Logger logger = LoggerFactory.getLogger(ProcessorAuditor.class);

    private static final String COMMENTS = "Comments";
    private static final String PENALTY_DURATION = "Penalty Duration";
    private static final String YIELD_DURATION = "Yield Duration";
    private static final String CONCURRENTLY_SCHEDULABLE_TASKS = "Concurrent Tasks";
    private static final String NAME = "Name";
    private static final String BULLETIN_LEVEL = "Bulletin Level";
    private static final String ANNOTATION_DATA = "Annotation Data";
    private static final String AUTO_TERMINATED_RELATIONSHIPS = "Auto Terminated Relationships";
    private static final String SCHEDULING_PERIOD = "Run Schedule";
    private static final String SCHEDULING_STRATEGY = "Scheduling Strategy";
    private static final String EXECUTION_NODE = "Execution Node";

    /**
     * Audits the creation of processors via createProcessor().
     *
     * This method only needs to be run 'after returning'. However, in Java 7 the order in which these methods are returned from Class.getDeclaredMethods (even though there is no order guaranteed)
     * seems to differ from Java 6. SpringAOP depends on this ordering to determine advice precedence. By normalizing all advice into Around advice we can alleviate this issue.
     *
     * @param proceedingJoinPoint join point
     * @return node
     * @throws java.lang.Throwable ex
     */
    @Around("within(org.apache.nifi.web.dao.ProcessorDAO+) && "
            + "execution(org.apache.nifi.controller.ProcessorNode createProcessor(java.lang.String, org.apache.nifi.web.api.dto.ProcessorDTO))")
    public ProcessorNode createProcessorAdvice(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        // update the processor state
        ProcessorNode processor = (ProcessorNode) proceedingJoinPoint.proceed();

        // if no exceptions were thrown, add the processor action...
        final Action action = generateAuditRecord(processor, Operation.Add);

        // save the actions
        if (action != null) {
            saveAction(action, logger);
        }

        return processor;
    }

    /**
     * Audits the configuration of a single processor.
     *
     * @param proceedingJoinPoint join point
     * @param processorDTO dto
     * @param processorDAO dao
     * @return node
     * @throws Throwable ex
     */
    @Around("within(org.apache.nifi.web.dao.ProcessorDAO+) && "
            + "execution(org.apache.nifi.controller.ProcessorNode updateProcessor(org.apache.nifi.web.api.dto.ProcessorDTO)) && "
            + "args(processorDTO) && " + "target(processorDAO)")
    public ProcessorNode updateProcessorAdvice(ProceedingJoinPoint proceedingJoinPoint, ProcessorDTO processorDTO,
            ProcessorDAO processorDAO) throws Throwable {
        // determine the initial values for each property/setting that's changing
        ProcessorNode processor = processorDAO.getProcessor(processorDTO.getId());
        final Map<String, String> values = extractConfiguredPropertyValues(processor, processorDTO);
        final ScheduledState scheduledState = processor.getScheduledState();

        // update the processor state
        final ProcessorNode updatedProcessor = (ProcessorNode) proceedingJoinPoint.proceed();

        // if no exceptions were thrown, add the processor action...
        processor = processorDAO.getProcessor(updatedProcessor.getIdentifier());

        // get the current user
        NiFiUser user = NiFiUserUtils.getNiFiUser();

        // ensure the user was found
        if (user != null) {
            // determine the updated values
            Map<String, String> updatedValues = extractConfiguredPropertyValues(processor, processorDTO);

            // create the processor details
            FlowChangeExtensionDetails processorDetails = new FlowChangeExtensionDetails();
            processorDetails.setType(processor.getComponentType());

            // create a processor action
            Date actionTimestamp = new Date();
            Collection<Action> actions = new ArrayList<>();

            // go through each updated value
            for (String property : updatedValues.keySet()) {
                String newValue = updatedValues.get(property);
                String oldValue = values.get(property);
                Operation operation = null;

                // determine the type of operation
                if (oldValue == null || newValue == null || !newValue.equals(oldValue)) {
                    operation = Operation.Configure;
                }

                // create a configuration action accordingly
                if (operation != null) {
                    // clear the value if this property is sensitive
                    final PropertyDescriptor propertyDescriptor = processor.getProcessor()
                            .getPropertyDescriptor(property);
                    if (propertyDescriptor != null && propertyDescriptor.isSensitive()) {
                        if (newValue != null) {
                            newValue = "********";
                        }
                        if (oldValue != null) {
                            oldValue = "********";
                        }
                    } else if (ANNOTATION_DATA.equals(property)) {
                        if (newValue != null) {
                            newValue = "<annotation data not shown>";
                        }
                        if (oldValue != null) {
                            oldValue = "<annotation data not shown>";
                        }
                    }

                    final FlowChangeConfigureDetails actionDetails = new FlowChangeConfigureDetails();
                    actionDetails.setName(property);
                    actionDetails.setValue(newValue);
                    actionDetails.setPreviousValue(oldValue);

                    // create a configuration action
                    FlowChangeAction configurationAction = new FlowChangeAction();
                    configurationAction.setUserIdentity(user.getIdentity());
                    configurationAction.setOperation(operation);
                    configurationAction.setTimestamp(actionTimestamp);
                    configurationAction.setSourceId(processor.getIdentifier());
                    configurationAction.setSourceName(processor.getName());
                    configurationAction.setSourceType(Component.Processor);
                    configurationAction.setComponentDetails(processorDetails);
                    configurationAction.setActionDetails(actionDetails);
                    actions.add(configurationAction);
                }
            }

            // determine the new executing state
            final ScheduledState updatedScheduledState = processor.getScheduledState();

            // determine if the running state has changed and its not disabled
            if (scheduledState != updatedScheduledState) {
                // create a processor action
                FlowChangeAction processorAction = new FlowChangeAction();
                processorAction.setUserIdentity(user.getIdentity());
                processorAction.setTimestamp(new Date());
                processorAction.setSourceId(processor.getIdentifier());
                processorAction.setSourceName(processor.getName());
                processorAction.setSourceType(Component.Processor);
                processorAction.setComponentDetails(processorDetails);

                // set the operation accordingly
                if (ScheduledState.RUNNING.equals(updatedScheduledState)) {
                    processorAction.setOperation(Operation.Start);
                } else if (ScheduledState.DISABLED.equals(updatedScheduledState)) {
                    processorAction.setOperation(Operation.Disable);
                } else {
                    // state is now stopped... consider the previous state
                    if (ScheduledState.RUNNING.equals(scheduledState)) {
                        processorAction.setOperation(Operation.Stop);
                    } else if (ScheduledState.DISABLED.equals(scheduledState)) {
                        processorAction.setOperation(Operation.Enable);
                    }
                }
                actions.add(processorAction);
            }

            // ensure there are actions to record
            if (!actions.isEmpty()) {
                // save the actions
                saveActions(actions, logger);
            }
        }

        return updatedProcessor;
    }

    /**
     * Audits the removal of a processor via deleteProcessor().
     *
     * @param proceedingJoinPoint join point
     * @param processorId processor id
     * @param processorDAO dao
     * @throws Throwable ex
     */
    @Around("within(org.apache.nifi.web.dao.ProcessorDAO+) && "
            + "execution(void deleteProcessor(java.lang.String)) && " + "args(processorId) && "
            + "target(processorDAO)")
    public void removeProcessorAdvice(ProceedingJoinPoint proceedingJoinPoint, String processorId,
            ProcessorDAO processorDAO) throws Throwable {
        // get the processor before removing it
        ProcessorNode processor = processorDAO.getProcessor(processorId);

        // remove the processor
        proceedingJoinPoint.proceed();

        // if no exceptions were thrown, add removal actions...
        // audit the processor removal
        final Action action = generateAuditRecord(processor, Operation.Remove);

        // save the actions
        if (action != null) {
            saveAction(action, logger);
        }
    }

    /**
     * Generates an audit record for the creation of a processor.
     *
     * @param processor processor
     * @param operation operation
     * @return action
     */
    public Action generateAuditRecord(ProcessorNode processor, Operation operation) {
        return generateAuditRecord(processor, operation, null);
    }

    /**
     * Generates an audit record for the creation of a processor.
     *
     * @param processor processor
     * @param operation operation
     * @param actionDetails details
     * @return action
     */
    public Action generateAuditRecord(ProcessorNode processor, Operation operation, ActionDetails actionDetails) {
        FlowChangeAction action = null;

        // get the current user
        NiFiUser user = NiFiUserUtils.getNiFiUser();

        // ensure the user was found
        if (user != null) {
            // create the processor details
            FlowChangeExtensionDetails processorDetails = new FlowChangeExtensionDetails();
            processorDetails.setType(processor.getComponentType());

            // create the processor action for adding this processor
            action = new FlowChangeAction();
            action.setUserIdentity(user.getIdentity());
            action.setOperation(operation);
            action.setTimestamp(new Date());
            action.setSourceId(processor.getIdentifier());
            action.setSourceName(processor.getName());
            action.setSourceType(Component.Processor);
            action.setComponentDetails(processorDetails);

            if (actionDetails != null) {
                action.setActionDetails(actionDetails);
            }
        }

        return action;
    }

    /**
     * Extracts the values for the configured properties from the specified Processor.
     */
    private Map<String, String> extractConfiguredPropertyValues(ProcessorNode processor,
            ProcessorDTO processorDTO) {
        Map<String, String> values = new HashMap<>();

        if (processorDTO.getName() != null) {
            values.put(NAME, processor.getName());
        }
        if (processorDTO.getConfig() != null) {
            ProcessorConfigDTO newConfig = processorDTO.getConfig();
            if (newConfig.getConcurrentlySchedulableTaskCount() != null) {
                values.put(CONCURRENTLY_SCHEDULABLE_TASKS, String.valueOf(processor.getMaxConcurrentTasks()));
            }
            if (newConfig.getPenaltyDuration() != null) {
                values.put(PENALTY_DURATION, processor.getPenalizationPeriod());
            }
            if (newConfig.getYieldDuration() != null) {
                values.put(YIELD_DURATION, processor.getYieldPeriod());
            }
            if (newConfig.getBulletinLevel() != null) {
                values.put(BULLETIN_LEVEL, processor.getBulletinLevel().name());
            }
            if (newConfig.getAnnotationData() != null) {
                values.put(ANNOTATION_DATA, processor.getAnnotationData());
            }
            if (newConfig.getSchedulingPeriod() != null) {
                values.put(SCHEDULING_PERIOD, String.valueOf(processor.getSchedulingPeriod()));
            }
            if (newConfig.getAutoTerminatedRelationships() != null) {
                // get each of the auto terminated relationship names
                final Set<Relationship> autoTerminatedRelationships = processor.getAutoTerminatedRelationships();
                final List<String> autoTerminatedRelationshipNames = new ArrayList<>(
                        autoTerminatedRelationships.size());
                for (final Relationship relationship : autoTerminatedRelationships) {
                    autoTerminatedRelationshipNames.add(relationship.getName());
                }

                // sort them and include in the configuration
                Collections.sort(autoTerminatedRelationshipNames, Collator.getInstance(Locale.US));
                values.put(AUTO_TERMINATED_RELATIONSHIPS, StringUtils.join(autoTerminatedRelationshipNames, ", "));
            }
            if (newConfig.getProperties() != null) {
                // for each property specified, extract its configured value
                Map<String, String> properties = newConfig.getProperties();
                Map<PropertyDescriptor, String> configuredProperties = processor.getProperties();
                for (String propertyName : properties.keySet()) {
                    // build a descriptor for getting the configured value
                    PropertyDescriptor propertyDescriptor = new PropertyDescriptor.Builder().name(propertyName)
                            .build();
                    String configuredPropertyValue = configuredProperties.get(propertyDescriptor);

                    // if the configured value couldn't be found, use the default value from the actual descriptor
                    if (configuredPropertyValue == null) {
                        propertyDescriptor = locatePropertyDescriptor(configuredProperties.keySet(),
                                propertyDescriptor);
                        configuredPropertyValue = propertyDescriptor.getDefaultValue();
                    }
                    values.put(propertyName, configuredPropertyValue);
                }
            }
            if (newConfig.getComments() != null) {
                values.put(COMMENTS, processor.getComments());
            }
            if (newConfig.getSchedulingStrategy() != null) {
                values.put(SCHEDULING_STRATEGY, processor.getSchedulingStrategy().name());
            }
            if (newConfig.getExecutionNode() != null) {
                values.put(EXECUTION_NODE, processor.getExecutionNode().name());
            }
        }

        return values;
    }

    /**
     * Locates the actual property descriptor for the given spec property descriptor.
     *
     * @param propertyDescriptors properties
     * @param specDescriptor example property
     * @return property
     */
    private PropertyDescriptor locatePropertyDescriptor(Set<PropertyDescriptor> propertyDescriptors,
            PropertyDescriptor specDescriptor) {
        for (PropertyDescriptor propertyDescriptor : propertyDescriptors) {
            if (propertyDescriptor.equals(specDescriptor)) {
                return propertyDescriptor;
            }
        }
        return specDescriptor;
    }

}