NIFI-11744 Add Required Permission to Reference Remote Resources

[exceptionfactory]

Summary

NIFI-11744 Adds reference-remote-resources as new value for the RequiredPermission enumeration and applies the restriction to components that support retrieving configuration information from a remote URL.

Remote resource retrieval is a useful configuration option for shared resources, but configuring an HTTP URL instructs the framework to make an HTTP request to a remote location. This should be a restricted operation so that fine-grained access controls can be applied when necessary, along the lines of other similar required permissions for performing privileged actions.

Changes include applying the new permission to the following components:

• CaptureChangeMySQL
• ConsumeJMS
• DBCPConnectionPool
• ExtractGrok
• GrokReader
• HikariCPConnectionPool
• HadoopDBCPConnectionPool
• HBase_2_ClientService
• JMSConnectionFactoryProvider
• PublishJMS
• ValidateJson
• ValidateXml

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

• Apache NiFi Jira issue created

Pull Request Tracking

• Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
• Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

• Pull Request based on current revision of the main branch
• Pull Request refers to a feature branch with one commit containing changes

Verification

Please indicate the verification steps performed prior to pull request creation.

Build

• Build completed using mvn clean install -P contrib-check
  • JDK 17

Licensing

• New dependencies are compatible with the Apache License 2.0 according to the License Policy
• New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

• Documentation formatting appears as expected in rendered files

[mattyb149]

+1 LGTM, thanks for the improvement! Merging to support/nifi-1.x and main