org.apache.nifi.util.NiFiProperties Java Examples

private void testHostnamesAndPorts() {
    Properties nifiProperties = getNifiProperties();

    assertEquals(NifiPropertiesTlsClientConfigWriter.CONF + keyStore, nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE));
    assertEquals(keyStoreType, nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_TYPE));
    assertEquals(keyStorePassword, nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD));
    assertEquals(keyPassword, nifiProperties.getProperty(NiFiProperties.SECURITY_KEY_PASSWD));

    assertEquals(NifiPropertiesTlsClientConfigWriter.CONF + trustStore, nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE));
    assertEquals(trustStoreType, nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_TYPE));
    assertEquals(trustStorePassword, nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD));

    assertEquals("", nifiProperties.getProperty(NiFiProperties.WEB_HTTP_HOST));
    assertEquals("", nifiProperties.getProperty(NiFiProperties.WEB_HTTP_PORT));
    assertEquals(Boolean.toString(true), nifiProperties.getProperty(NiFiProperties.SITE_TO_SITE_SECURE));
    assertEquals(Boolean.toString(true), nifiProperties.getProperty(NiFiProperties.CLUSTER_PROTOCOL_IS_SECURE));

    nifiPropertiesTlsClientConfigWriter.getHostnamePropertyStream().forEach(s -> assertEquals(testHostname, nifiProperties.getProperty(s)));
    nifiPropertiesTlsClientConfigWriter.getIncrementingPropertyMap().entrySet().forEach(propertyToPortEntry -> {
        assertEquals(Integer.toString(propertyToPortEntry.getValue()), nifiProperties.getProperty(propertyToPortEntry.getKey()));
        assertEquals(Integer.parseInt(overlayProperties.getProperty(propertyToPortEntry.getKey())) + hostNum - 1, propertyToPortEntry.getValue().intValue());
    });
}
 

/**
 * Validates that the Processor can be stopped when @OnScheduled blocks
 * indefinitely but written to react to thread interrupts
 */
@Test
public void validateProcessorCanBeStoppedWhenOnScheduledBlocksIndefinitelyInterruptable() throws Exception {
    this.fc = buildFlowControllerForTest(NiFiProperties.PROCESSOR_SCHEDULING_TIMEOUT, "5 sec");
    ProcessGroup testGroup = fc.createProcessGroup(UUID.randomUUID().toString());
    this.setControllerRootGroup(fc, testGroup);
    ProcessorNode testProcNode = fc.createProcessor(TestProcessor.class.getName(), UUID.randomUUID().toString());
    testProcNode.setProperties(properties);
    TestProcessor testProcessor = (TestProcessor) testProcNode.getProcessor();
    // sets the scenario for the processor to run
    this.blockingInterruptableOnUnschedule(testProcessor);
    ProcessScheduler ps = fc.getProcessScheduler();

    ps.startProcessor(testProcNode);
    Thread.sleep(1000);
    assertTrue(testProcNode.getPhysicalScheduledState() == ScheduledState.STARTING);
    Thread.sleep(1000);
    assertTrue(testProcNode.getPhysicalScheduledState() == ScheduledState.STARTING);
    ps.stopProcessor(testProcNode);
    Thread.sleep(100);
    assertTrue(testProcNode.getPhysicalScheduledState() == ScheduledState.STOPPING);
    Thread.sleep(4000);
    assertTrue(testProcNode.getScheduledState() == ScheduledState.STOPPED);
}
 

public Node createNode() {
    final Map<String, String> addProps = new HashMap<>();
    addProps.put(NiFiProperties.ZOOKEEPER_CONNECT_STRING, getZooKeeperConnectString());
    addProps.put(NiFiProperties.CLUSTER_IS_NODE, "true");

    final NiFiProperties nifiProperties = NiFiProperties.createBasicNiFiProperties("src/test/resources/conf/nifi.properties", addProps);

    final String algorithm = nifiProperties.getProperty(NiFiProperties.SENSITIVE_PROPS_ALGORITHM);
    final String provider = nifiProperties.getProperty(NiFiProperties.SENSITIVE_PROPS_PROVIDER);
    final String password = nifiProperties.getProperty(NiFiProperties.SENSITIVE_PROPS_KEY);
    final StringEncryptor encryptor = StringEncryptor.createEncryptor(algorithm, provider, password);
    final ExtensionDiscoveringManager extensionManager = new StandardExtensionDiscoveringManager();
    final FingerprintFactory fingerprintFactory = new FingerprintFactory(encryptor, extensionManager);
    final FlowElection flowElection = new PopularVoteFlowElection(flowElectionTimeoutMillis, TimeUnit.MILLISECONDS, flowElectionMaxNodes, fingerprintFactory);

    final Node node = new Node(nifiProperties, extensionManager, flowElection);
    node.start();
    nodes.add(node);

    return node;
}
 

/**
 * Validates that the Processor can be stopped when @OnScheduled blocks
 * indefinitely but written to react to thread interrupts
 */
@Test
public void validateProcessorCanBeStoppedWhenOnScheduledBlocksIndefinitelyInterruptable() throws Exception {
    final FlowManagerAndSystemBundle fcsb = this.buildFlowControllerForTest(NiFiProperties.PROCESSOR_SCHEDULING_TIMEOUT, "5 sec");
    flowManager = fcsb.getFlowManager();

    ProcessGroup testGroup = flowManager.createProcessGroup(UUID.randomUUID().toString());
    ProcessorNode testProcNode = flowManager.createProcessor(TestProcessor.class.getName(), UUID.randomUUID().toString(),
            fcsb.getSystemBundle().getBundleDetails().getCoordinate());
    testProcNode.setProperties(properties);
    TestProcessor testProcessor = (TestProcessor) testProcNode.getProcessor();
    // sets the scenario for the processor to run
    this.blockingInterruptableOnUnschedule(testProcessor);

    testProcNode.performValidation();
    processScheduler.startProcessor(testProcNode, true);
    assertCondition(() -> ScheduledState.RUNNING == testProcNode.getScheduledState(), SHORT_DELAY_TOLERANCE);
    processScheduler.stopProcessor(testProcNode);
    assertCondition(() -> ScheduledState.STOPPED == testProcNode.getScheduledState(), MEDIUM_DELAY_TOLERANCE);
}
 

@Test
public void testMapIdentityWithMultipleMatchingPatterns() {
    // create two pattern properties that are the same, but the value properties are different
    final Properties properties = new Properties();
    properties.setProperty("nifi.security.identity.mapping.pattern.dn2", "^cn=(.*?),dc=(.*?),dc=(.*?)$");
    properties.setProperty("nifi.security.identity.mapping.value.dn2", "$1_$2_$3");
    properties.setProperty("nifi.security.identity.mapping.pattern.dn1", "^cn=(.*?),dc=(.*?),dc=(.*?)$");
    properties.setProperty("nifi.security.identity.mapping.value.dn1", "$1 $2 $3");

    final NiFiProperties nifiProperties = getNiFiProperties(properties);
    final TestableNiFiAuthenticationProvider provider = new TestableNiFiAuthenticationProvider(nifiProperties);

    // the mapping should always use dn1 because it is sorted
    final String identity = "cn=jsmith,dc=aaa,dc=bbb";
    final String mappedIdentity = provider.mapIdentity(identity);
    assertEquals("jsmith aaa bbb", mappedIdentity);
}
 

@Test
public void testSaslAuthSchemeWithHostNoRealm(){

    final NiFiProperties nifiProperties;
    final CuratorACLProviderFactory factory;
    otherProps.put("nifi.zookeeper.kerberos.removeHostFromPrincipal", "false");
    otherProps.put("nifi.zookeeper.kerberos.removeRealmFromPrincipal", "true");
    nifiProperties = NiFiProperties.createBasicNiFiProperties(propsFile, otherProps);
    factory = new CuratorACLProviderFactory();
    ZooKeeperClientConfig config = ZooKeeperClientConfig.createConfig(nifiProperties);
    ACLProvider provider = factory.create(config);
    assertFalse(provider instanceof DefaultACLProvider);
    List<ACL> acls = provider.getDefaultAcl();
    assertNotNull(acls);
    assertEquals(acls.get(0).getId().toString().trim(),"'sasl,'nifi/host");

}
 

private DataTransferResource getDataTransferResource() {
    final NiFiServiceFacade serviceFacade = mock(NiFiServiceFacade.class);

    final HttpFlowFileServerProtocol serverProtocol = mock(HttpFlowFileServerProtocol.class);
    final DataTransferResource resource = new DataTransferResource(NiFiProperties.createBasicNiFiProperties(null, null)) {
        @Override
        protected void authorizeDataTransfer(AuthorizableLookup lookup, ResourceType resourceType, String identifier) {
        }

        @Override
        HttpFlowFileServerProtocol getHttpFlowFileServerProtocol(VersionNegotiator versionNegotiator) {
            return serverProtocol;
        }
    };
    resource.setProperties(NiFiProperties.createBasicNiFiProperties(null, null));
    resource.setServiceFacade(serviceFacade);
    return resource;
}
 

private OkHttpClient createOkHttpClient(final NiFiProperties properties) {
    final String connectionTimeout = properties.getClusterNodeConnectionTimeout();
    final long connectionTimeoutMs = (long) FormatUtils.getPreciseTimeDuration(connectionTimeout, TimeUnit.MILLISECONDS);
    final String readTimeout = properties.getClusterNodeReadTimeout();
    final long readTimeoutMs = (long) FormatUtils.getPreciseTimeDuration(readTimeout, TimeUnit.MILLISECONDS);

    OkHttpClient.Builder okHttpClientBuilder = new OkHttpClient().newBuilder();
    okHttpClientBuilder.connectTimeout(connectionTimeoutMs, TimeUnit.MILLISECONDS);
    okHttpClientBuilder.readTimeout(readTimeoutMs, TimeUnit.MILLISECONDS);
    okHttpClientBuilder.followRedirects(true);
    final int connectionPoolSize = properties.getClusterNodeMaxConcurrentRequests();
    okHttpClientBuilder.connectionPool(new ConnectionPool(connectionPoolSize, 5, TimeUnit.MINUTES));

    // Apply the TLS configuration, if present
    try {
        TlsConfiguration tlsConfiguration = TlsConfiguration.fromNiFiProperties(properties);
        tlsConfigured = OkHttpClientUtils.applyTlsToOkHttpClientBuilder(tlsConfiguration, okHttpClientBuilder);
    } catch (Exception e) {
        // Legacy expectations around this client are that it does not throw an exception on invalid TLS configuration
        // TODO: The only current use of this class is ThreadPoolRequestReplicatorFactoryBean#getObject() which should be evaluated to see if that can change
        tlsConfigured = false;
    }

    return okHttpClientBuilder.build();
}
 

/**
 * Returns a {@link TlsConfiguration} instantiated from the relevant {@link NiFiProperties} properties.
 *
 * @param niFiProperties the NiFi properties
 * @return a populated TlsConfiguration container object
 */
public static TlsConfiguration fromNiFiProperties(NiFiProperties niFiProperties) {
    if (niFiProperties == null) {
        throw new IllegalArgumentException("The NiFi properties cannot be null");
    }

    String keystorePath = niFiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE);
    String keystorePassword = niFiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD);
    String keyPassword = niFiProperties.getProperty(NiFiProperties.SECURITY_KEY_PASSWD);
    String keystoreType = niFiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_TYPE);
    String truststorePath = niFiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE);
    String truststorePassword = niFiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD);
    String truststoreType = niFiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_TYPE);
    String protocol = TLS_PROTOCOL_VERSION;

    final TlsConfiguration tlsConfiguration = new TlsConfiguration(keystorePath, keystorePassword, keyPassword,
            keystoreType, truststorePath, truststorePassword,
            truststoreType, protocol);
    if (logger.isDebugEnabled()) {
        logger.debug("Instantiating TlsConfiguration from NiFi properties: {}, {}, {}, {}, {}, {}, {}, {}",
                keystorePath, tlsConfiguration.getKeystorePasswordForLogging(), tlsConfiguration.getKeyPasswordForLogging(), keystoreType,
                truststorePath, tlsConfiguration.getTruststorePasswordForLogging(), truststoreType, protocol);
    }

    return tlsConfiguration;
}
 

@Override
public SocketConfiguration getObject() throws Exception {
    if (configuration == null) {
        configuration = new SocketConfiguration();

        final int timeout = (int) FormatUtils.getPreciseTimeDuration(properties.getClusterNodeReadTimeout(), TimeUnit.MILLISECONDS);
        configuration.setSocketTimeout(timeout);
        configuration.setReuseAddress(true);

        // If the cluster protocol is marked as secure
        if (Boolean.parseBoolean(properties.getProperty(NiFiProperties.CLUSTER_PROTOCOL_IS_SECURE))) {
            // Parse the TLS configuration from the properties
            configuration.setTlsConfiguration(TlsConfiguration.fromNiFiProperties(properties));
        }
    }
    return configuration;

}
 

@Test
public void testMapIdentityWithMultipleMatchingPatterns() {
    // create two pattern properties that are the same, but the value properties are different
    final Properties properties = new Properties();
    properties.setProperty("nifi.security.identity.mapping.pattern.dn2", "^cn=(.*?),dc=(.*?),dc=(.*?)$");
    properties.setProperty("nifi.security.identity.mapping.value.dn2", "$1_$2_$3");
    properties.setProperty("nifi.security.identity.mapping.pattern.dn1", "^cn=(.*?),dc=(.*?),dc=(.*?)$");
    properties.setProperty("nifi.security.identity.mapping.value.dn1", "$1 $2 $3");

    final NiFiProperties nifiProperties = getNiFiProperties(properties);
    final TestableNiFiAuthenticationProvider provider = new TestableNiFiAuthenticationProvider(nifiProperties);

    // the mapping should always use dn1 because it is sorted
    final String identity = "cn=jsmith,dc=aaa,dc=bbb";
    final String mappedIdentity = provider.mapIdentity(identity);
    assertEquals("jsmith aaa bbb", mappedIdentity);
}
 

@Before
public void setup() throws IOException {
    System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, "src/test/resources/conf/nifi.properties");

    senderListener = Mockito.mock(ClusterCoordinationProtocolSenderListener.class);
    nodeStatuses = Collections.synchronizedList(new ArrayList<>());
    stateManagerProvider = Mockito.mock(StateManagerProvider.class);

    final StateManager stateManager = Mockito.mock(StateManager.class);
    when(stateManager.getState(any(Scope.class))).thenReturn(new MockStateMap(Collections.emptyMap(), 1));
    when(stateManagerProvider.getStateManager(anyString())).thenReturn(stateManager);


    final EventReporter eventReporter = Mockito.mock(EventReporter.class);
    final RevisionManager revisionManager = Mockito.mock(RevisionManager.class);
    when(revisionManager.getAllRevisions()).thenReturn(Collections.emptyList());

    coordinator = new NodeClusterCoordinator(senderListener, eventReporter, null, new FirstVoteWinsFlowElection(), null, revisionManager, createProperties(), null, stateManagerProvider) {
        @Override
        void notifyOthersOfNodeStatusChange(NodeConnectionStatus updatedStatus, boolean notifyAllNodes, boolean waitForCoordinator) {
            nodeStatuses.add(updatedStatus);
        }
    };

    final FlowService flowService = Mockito.mock(FlowService.class);
    final StandardDataFlow dataFlow = new StandardDataFlow(new byte[50], new byte[50], new byte[50], new HashSet<>());
    when(flowService.createDataFlow()).thenReturn(dataFlow);
    coordinator.setFlowService(flowService);
}
 

public static StandardFlowService createClusteredInstance(
        final FlowController controller,
        final NiFiProperties nifiProperties,
        final NodeProtocolSenderListener senderListener,
        final ClusterCoordinator coordinator,
        final StringEncryptor encryptor,
        final RevisionManager revisionManager,
        final Authorizer authorizer) throws IOException {

    return new StandardFlowService(controller, nifiProperties, senderListener, encryptor, true, coordinator, revisionManager, authorizer);
}
 

@Before
public void setup() throws IOException {
    // needed for calls to UserGroupInformation.setConfiguration() to work when passing in
    // config with Kerberos authentication enabled
    System.setProperty("java.security.krb5.realm", "nifi.com");
    System.setProperty("java.security.krb5.kdc", "nifi.kdc");

    temporaryFile = File.createTempFile("hadoop-test", ".properties");

    // mock properties and return a temporary file for the kerberos configuration
    mockedProperties = mock(NiFiProperties.class);
    when(mockedProperties.getKerberosConfigurationFile()).thenReturn(temporaryFile);
    kerberosProperties = new KerberosProperties(temporaryFile);
}
 

@Test
public void testNiFiPropertiesMaxStorage() throws Exception {

    final NiFiProperties withMaxTime = mock(NiFiProperties.class);
    when(withMaxTime.getFlowConfigurationArchiveMaxCount()).thenReturn(null);
    when(withMaxTime.getFlowConfigurationArchiveMaxTime()).thenReturn(null);
    when(withMaxTime.getFlowConfigurationArchiveMaxStorage()).thenReturn("10 MB");

    final FlowConfigurationArchiveManager archiveManager = new FlowConfigurationArchiveManager(flowFile.toPath(), withMaxTime);

    assertNull(getPrivateFieldValue(archiveManager, "maxCount"));
    assertNull(getPrivateFieldValue(archiveManager, "maxTimeMillis"));
    assertEquals(10L * 1024L * 1024L, getPrivateFieldValue(archiveManager, "maxStorageBytes"));
}
 

private NiFiProperties loadSpecifiedProperties(final String propertiesFile, final Map<String, String> others) {
    String filePath;
    try {
        filePath = NarUnpackerTest.class.getResource(propertiesFile).toURI().getPath();
    } catch (URISyntaxException ex) {
        throw new RuntimeException("Cannot load properties file due to " + ex.getLocalizedMessage(), ex);
    }
    return NiFiProperties.createBasicNiFiProperties(filePath, others);
}
 

@Before
public void setup() throws InitializationException {
    mockNiFiProperties = mock(NiFiProperties.class);
    when(mockNiFiProperties.getKerberosConfigurationFile()).thenReturn(null);
    kerberosProperties = new KerberosProperties(null);

    proc = new ListHDFSWithMockedFileSystem(kerberosProperties);
    mockLogger = spy(new MockComponentLog(UUID.randomUUID().toString(), proc));
    runner = TestRunners.newTestRunner(proc, mockLogger);

    runner.setProperty(ListHDFS.HADOOP_CONFIGURATION_RESOURCES, "src/test/resources/core-site.xml");
    runner.setProperty(ListHDFS.DIRECTORY, "/test");
}
 

private void performMethodInjection(final Authorizer instance, final Class authorizerClass) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
    for (final Method method : authorizerClass.getMethods()) {
        if (method.isAnnotationPresent(AuthorizerContext.class)) {
            // make the method accessible
            final boolean isAccessible = method.isAccessible();
            method.setAccessible(true);

            try {
                final Class<?>[] argumentTypes = method.getParameterTypes();

                // look for setters (single argument)
                if (argumentTypes.length == 1) {
                    final Class<?> argumentType = argumentTypes[0];

                    // look for well known types
                    if (NiFiProperties.class.isAssignableFrom(argumentType)) {
                        // nifi properties injection
                        method.invoke(instance, properties);
                    }
                }
            } finally {
                method.setAccessible(isAccessible);
            }
        }
    }

    final Class parentClass = authorizerClass.getSuperclass();
    if (parentClass != null && Authorizer.class.isAssignableFrom(parentClass)) {
        performMethodInjection(instance, parentClass);
    }
}
 

public StandardRemoteProcessGroup(final String id, final String targetUris, final ProcessGroup processGroup, final ProcessScheduler processScheduler,
                                  final BulletinRepository bulletinRepository, final SSLContext sslContext, final NiFiProperties nifiProperties,
                                  final StateManager stateManager) {
    this.nifiProperties = nifiProperties;
    this.stateManager = stateManager;
    this.id = requireNonNull(id);

    this.targetUris = targetUris;
    this.targetId = null;
    this.processGroup = new AtomicReference<>(processGroup);
    this.sslContext = sslContext;
    this.scheduler = processScheduler;
    this.authorizationIssue = "Establishing connection to " + targetUris;

    final String expirationPeriod = nifiProperties.getProperty(NiFiProperties.REMOTE_CONTENTS_CACHE_EXPIRATION, "30 secs");
    remoteContentsCacheExpiration = FormatUtils.getTimeDuration(expirationPeriod, TimeUnit.MILLISECONDS);

    eventReporter = new EventReporter() {
        private static final long serialVersionUID = 1L;

        @Override
        public void reportEvent(final Severity severity, final String category, final String message) {
            final String groupId = StandardRemoteProcessGroup.this.getProcessGroup().getIdentifier();
            final String groupName = StandardRemoteProcessGroup.this.getProcessGroup().getName();
            final String sourceId = StandardRemoteProcessGroup.this.getIdentifier();
            final String sourceName = StandardRemoteProcessGroup.this.getName();
            bulletinRepository.addBulletin(BulletinFactory.createBulletin(groupId, groupName, sourceId, ComponentType.REMOTE_PROCESS_GROUP,
                    sourceName, category, severity.name(), message));
        }
    };

    backgroundThreadExecutor = new FlowEngine(1, "Remote Process Group " + id, true);
}
 

@Test(expected = IllegalStateException.class)
public void testUnknownVersion() throws Exception {
    final NiFiProperties niFiProperties = NiFiProperties.createBasicNiFiProperties(nifiPropertiesPath, additionalProperties);

    // create db with known version
    try (RocksDBMetronome db = new RocksDBMetronome.Builder().setStoragePath(RocksDBFlowFileRepository.getFlowFileRepoPath(niFiProperties)).build()) {
        db.initialize();
        db.putConfiguration(RocksDBFlowFileRepository.REPOSITORY_VERSION_KEY, "UNKNOWN".getBytes(StandardCharsets.UTF_8));
    }
    try (final RocksDBFlowFileRepository repo = new RocksDBFlowFileRepository(NiFiProperties.createBasicNiFiProperties(nifiPropertiesPath, additionalProperties))) {
        repo.initialize(new StandardResourceClaimManager());
    }
}
 

/**
 * Returns an instance of {@link NiFiProperties} loaded from the provided
 * {@link File}. If any properties are protected, will attempt to use the
 * appropriate {@link SensitivePropertyProvider} to unprotect them
 * transparently.
 *
 * @param file the File containing the serialized properties
 * @return the NiFiProperties instance
 */
public NiFiProperties load(File file) {
    ProtectedNiFiProperties protectedNiFiProperties = readProtectedPropertiesFromDisk(file);
    if (protectedNiFiProperties.hasProtectedKeys()) {
        Security.addProvider(new BouncyCastleProvider());
        protectedNiFiProperties.addSensitivePropertyProvider(getSensitivePropertyProvider());
    }

    return protectedNiFiProperties.getUnprotectedProperties();
}
 

private static int getTimePeriod(final NiFiProperties nifiProperties, final String propertyName, final String defaultValue) {
    final String timeout = nifiProperties.getProperty(propertyName, defaultValue);
    try {
        return (int) FormatUtils.getTimeDuration(timeout, TimeUnit.MILLISECONDS);
    } catch (final Exception e) {
        logger.warn("Value of '" + propertyName + "' property is set to '" + timeout + "', which is not a valid time period. Using default of " + defaultValue);
        return (int) FormatUtils.getTimeDuration(defaultValue, TimeUnit.MILLISECONDS);
    }
}
 

@Test
public void testOnConfiguredWhenInitialAdminProvidedAndFlowIsNull() throws Exception {
    // setup NiFi properties to return a file that does not exist
    properties = mock(NiFiProperties.class);
    when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
    when(properties.getFlowConfigurationFile()).thenReturn(null);
    authorizer.setNiFiProperties(properties);

    final String adminIdentity = "admin-user";
    when(configurationContext.getProperty(Mockito.eq(FileAccessPolicyProvider.PROP_INITIAL_ADMIN_IDENTITY)))
            .thenReturn(new StandardPropertyValue(adminIdentity, null, ParameterLookup.EMPTY));

    writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
    writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
    authorizer.onConfigured(configurationContext);

    final Set<User> users = authorizer.getUsers();
    assertEquals(1, users.size());

    final User adminUser = users.iterator().next();
    assertEquals(adminIdentity, adminUser.getIdentity());

    final Set<AccessPolicy> policies = authorizer.getAccessPolicies();
    assertEquals(8, policies.size());

    final String rootGroupResource = ResourceType.ProcessGroup.getValue() + "/" + ROOT_GROUP_ID;

    boolean foundRootGroupPolicy = false;
    for (AccessPolicy policy : policies) {
        if (policy.getResource().equals(rootGroupResource)) {
            foundRootGroupPolicy = true;
            break;
        }
    }

    assertFalse(foundRootGroupPolicy);
}
 

public SystemDiagnosticsSnapshotDTO.VersionInfoDTO createVersionInfoDTO() {
    final SystemDiagnosticsSnapshotDTO.VersionInfoDTO dto = new SystemDiagnosticsSnapshotDTO.VersionInfoDTO();
    dto.setNiFiVersion(properties.getUiTitle());
    dto.setJavaVendor(System.getProperty("java.vendor"));
    dto.setJavaVersion(System.getProperty("java.version"));
    dto.setOsName(System.getProperty("os.name"));
    dto.setOsVersion(System.getProperty("os.version"));
    dto.setOsArchitecture(System.getProperty("os.arch"));
    dto.setBuildTag(properties.getProperty(NiFiProperties.BUILD_TAG));
    dto.setBuildRevision(properties.getProperty(NiFiProperties.BUILD_REVISION));
    dto.setBuildBranch(properties.getProperty(NiFiProperties.BUILD_BRANCH));
    dto.setBuildTimestamp(properties.getBuildTimestamp());
    return dto;
}
 

public static StandardFlowService createStandaloneInstance(
        final FlowController controller,
        final NiFiProperties nifiProperties,
        final StringEncryptor encryptor,
        final RevisionManager revisionManager,
        final Authorizer authorizer) throws IOException {

    return new StandardFlowService(controller, nifiProperties, null, encryptor, false, null, revisionManager, authorizer);
}
 

public StandardRemoteGroupPort(final String id, final String targetId, final String name, final RemoteProcessGroup remoteGroup,
        final TransferDirection direction, final ConnectableType type, final SSLContext sslContext, final ProcessScheduler scheduler,
    final NiFiProperties nifiProperties) {
    // remote group port id needs to be unique but cannot just be the id of the port
    // in the remote group instance. this supports referencing the same remote
    // instance more than once.
    super(id, name, type, scheduler);

    this.targetId = targetId;
    this.remoteGroup = remoteGroup;
    this.transferDirection = direction;
    this.sslContext = sslContext;
    setScheduldingPeriod(MINIMUM_SCHEDULING_NANOS + " nanos");
}
 

@Test
public void testOnConfiguredWhenInitialAdminProvidedAndNoFlowExists() throws Exception {
    // setup NiFi properties to return a file that does not exist
    properties = mock(NiFiProperties.class);
    when(properties.getRestoreDirectory()).thenReturn(restoreAuthorizations.getParentFile());
    when(properties.getFlowConfigurationFile()).thenReturn(new File("src/test/resources/does-not-exist.xml.gz"));
    authorizer.setNiFiProperties(properties);

    final String adminIdentity = "admin-user";
    when(configurationContext.getProperty(Mockito.eq(FileAccessPolicyProvider.PROP_INITIAL_ADMIN_IDENTITY)))
            .thenReturn(new StandardPropertyValue(adminIdentity, null, ParameterLookup.EMPTY));

    writeFile(primaryAuthorizations, EMPTY_AUTHORIZATIONS_CONCISE);
    writeFile(primaryTenants, EMPTY_TENANTS_CONCISE);
    authorizer.onConfigured(configurationContext);

    final Set<User> users = authorizer.getUsers();
    assertEquals(1, users.size());

    final User adminUser = users.iterator().next();
    assertEquals(adminIdentity, adminUser.getIdentity());

    final Set<AccessPolicy> policies = authorizer.getAccessPolicies();
    assertEquals(8, policies.size());

    final String rootGroupResource = ResourceType.ProcessGroup.getValue() + "/" + ROOT_GROUP_ID;

    boolean foundRootGroupPolicy = false;
    for (AccessPolicy policy : policies) {
        if (policy.getResource().equals(rootGroupResource)) {
            foundRootGroupPolicy = true;
            break;
        }
    }

    assertFalse(foundRootGroupPolicy);
}
 

@Test
public void testConfigureSslContextFactoryWithJksKeyStore() {
    // Expect that we will not set provider for jks keystore
    final Map<String, String> addProps = new HashMap<>();
    String keyStoreType = KeystoreType.JKS.toString();
    addProps.put(NiFiProperties.SECURITY_KEYSTORE_TYPE, keyStoreType);
    NiFiProperties nifiProperties = NiFiProperties.createBasicNiFiProperties(null, addProps);
    SslContextFactory contextFactory = mock(SslContextFactory.class);

    JettyServer.configureSslContextFactory(contextFactory, nifiProperties);

    verify(contextFactory).setKeyStoreType(keyStoreType);
    verify(contextFactory, never()).setKeyStoreProvider(anyString());
}
 

@Test
public void testAnonymousDisabledNotSecure() throws Exception {
    final NiFiProperties nifiProperties = Mockito.mock(NiFiProperties.class);
    when(nifiProperties.isAnonymousAuthenticationAllowed()).thenReturn(false);

    final NiFiAnonymousAuthenticationProvider anonymousAuthenticationProvider = new NiFiAnonymousAuthenticationProvider(nifiProperties, mock(Authorizer.class));

    final NiFiAnonymousAuthenticationRequestToken authenticationRequest = new NiFiAnonymousAuthenticationRequestToken(false, StringUtils.EMPTY);

    final NiFiAuthenticationToken authentication = (NiFiAuthenticationToken) anonymousAuthenticationProvider.authenticate(authenticationRequest);
    final NiFiUserDetails userDetails = (NiFiUserDetails) authentication.getDetails();
    assertTrue(userDetails.getNiFiUser().isAnonymous());
}
 

@Test
public void testNiFiPropertiesMaxStorage() throws Exception {

    final NiFiProperties withMaxTime = mock(NiFiProperties.class);
    when(withMaxTime.getFlowConfigurationArchiveMaxCount()).thenReturn(null);
    when(withMaxTime.getFlowConfigurationArchiveMaxTime()).thenReturn(null);
    when(withMaxTime.getFlowConfigurationArchiveMaxStorage()).thenReturn("10 MB");

    final FlowConfigurationArchiveManager archiveManager = new FlowConfigurationArchiveManager(flowFile.toPath(), withMaxTime);

    assertNull(getPrivateFieldValue(archiveManager, "maxCount"));
    assertNull(getPrivateFieldValue(archiveManager, "maxTimeMillis"));
    assertEquals(10L * 1024L * 1024L, getPrivateFieldValue(archiveManager, "maxStorageBytes"));
}