From a88bb38b387b124f2d4340d97876594e4b01f1d1 Mon Sep 17 00:00:00 2001 From: Pierre Villard Date: Mon, 12 Nov 2018 20:22:03 +0100 Subject: [PATCH] NIFI-5815 - PutORC processor 'Restricted' still requires access to restricted components regardless of restriction --- .../main/java/org/apache/nifi/processors/orc/PutORC.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/src/main/java/org/apache/nifi/processors/orc/PutORC.java b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/src/main/java/org/apache/nifi/processors/orc/PutORC.java index 9af566a238c1..8dfbc9632464 100644 --- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/src/main/java/org/apache/nifi/processors/orc/PutORC.java +++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/src/main/java/org/apache/nifi/processors/orc/PutORC.java @@ -25,12 +25,14 @@ import org.apache.nifi.annotation.behavior.InputRequirement; import org.apache.nifi.annotation.behavior.ReadsAttribute; import org.apache.nifi.annotation.behavior.Restricted; +import org.apache.nifi.annotation.behavior.Restriction; import org.apache.nifi.annotation.behavior.WritesAttribute; import org.apache.nifi.annotation.behavior.WritesAttributes; import org.apache.nifi.annotation.documentation.CapabilityDescription; import org.apache.nifi.annotation.documentation.Tags; import org.apache.nifi.components.AllowableValue; import org.apache.nifi.components.PropertyDescriptor; +import org.apache.nifi.components.RequiredPermission; import org.apache.nifi.expression.ExpressionLanguageScope; import org.apache.nifi.flowfile.FlowFile; import org.apache.nifi.processor.DataUnit; @@ -63,7 +65,11 @@ + "the path is the directory that contains this ORC file on HDFS. For example, this processor can send flow files downstream to ReplaceText to set the content " + "to this DDL (plus the LOCATION clause as described), then to PutHiveQL processor to create the table if it doesn't exist.") }) -@Restricted("Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.") +@Restricted(restrictions = { + @Restriction( + requiredPermission = RequiredPermission.WRITE_FILESYSTEM, + explanation = "Provides operator the ability to write to any file that NiFi has access to in HDFS or the local filesystem.") +}) public class PutORC extends AbstractPutHDFSRecord { public static final String HIVE_DDL_ATTRIBUTE = "hive.ddl";