use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method verifyModifyShareACLs.
private void verifyModifyShareACLs(List<ShareACL> shareAclList) {
if (shareAclList == null) {
return;
}
_log.info("Number of share ACL(s) to modify {} ", shareAclList.size());
for (ShareACL acl : shareAclList) {
acl.proceedToNextStep();
_log.info("Verifying ACL {}", acl.toString());
// Are there same user or group found in other acls. If so, report
// error
verifyUserGroup(acl);
if (!acl.canProceedToNextStep()) {
break;
}
validatePermissions(acl);
if (!acl.canProceedToNextStep()) {
break;
}
// Verify with existing ACL
CifsShareACL dbShareAcl = getExistingACL(acl);
// If same acl exists, allow to modify
if (dbShareAcl != null) {
_log.info("Existing ACL in modify request: {}", dbShareAcl);
acl.proceedToNextStep();
} else {
// If not found, don't allow to proceed further
if (acl.canProceedToNextStep()) {
_log.error("No existing ACL found in DB to modify {}", acl);
acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
}
}
}
}
use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method verifyAddShareACLs.
private void verifyAddShareACLs(List<ShareACL> shareAclList) {
if (shareAclList == null) {
return;
}
_log.info("Number of share ACL(s) to add {} ", shareAclList.size());
for (ShareACL acl : shareAclList) {
acl.proceedToNextStep();
_log.info("Verifying ACL {}", acl.toString());
// Are there same user or group found in other acls. If so, report
// error
verifyUserGroup(acl);
if (!acl.canProceedToNextStep()) {
break;
}
validatePermissions(acl);
if (!acl.canProceedToNextStep()) {
break;
}
// Verify with existing ACL
CifsShareACL dbShareAcl = getExistingACL(acl);
// If same acl exists, don't allow to add again.
if (dbShareAcl != null) {
_log.error("Duplicate ACL in add request. User/group in ACL for share already exists: {}", dbShareAcl);
acl.cancelNextStep(ShareACLOperationErrorType.ACL_EXISTS);
break;
} else // If not found proceed for further verifications.
{
if (acl.canProceedToNextStep()) {
_log.info("No existing ACL found in DB {}", acl);
}
}
}
}
use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.
the class CifsShareACLMigration method process.
@Override
public void process() throws MigrationCallbackException {
logger.info("Migration started");
DbClient dbClient = getDbClient();
try {
List<URI> fileSystemURIList = dbClient.queryByType(FileShare.class, true);
Iterator<FileShare> fileSystemList = dbClient.queryIterativeObjects(FileShare.class, fileSystemURIList, true);
while (fileSystemList.hasNext()) {
FileShare fs = fileSystemList.next();
SMBShareMap smbShareMap = fs.getSMBFileShares();
Collection<SMBFileShare> smbShares = new ArrayList<SMBFileShare>();
if (smbShareMap != null) {
smbShares = smbShareMap.values();
for (SMBFileShare smbShare : smbShares) {
if (smbShare.getPermissionType().equalsIgnoreCase(PERMISSION_TYPE_ALLOW)) {
CifsShareACL acl = new CifsShareACL();
acl.setId(URIUtil.createId(CifsShareACL.class));
acl.setShareName(smbShare.getName());
acl.setPermission(smbShare.getPermission());
acl.setUser(USER_EVERYONE);
acl.setFileSystemId(fs.getId());
logger.debug("Persisting new ACE into DB: {}", acl);
dbClient.createObject(acl);
}
}
}
}
// File snapshots
List<URI> fileSnapshotURIList = dbClient.queryByType(Snapshot.class, true);
Iterator<Snapshot> fileSnapshotList = dbClient.queryIterativeObjects(Snapshot.class, fileSnapshotURIList, true);
while (fileSnapshotList.hasNext()) {
Snapshot snapshot = fileSnapshotList.next();
SMBShareMap smbShareMap = snapshot.getSMBFileShares();
Collection<SMBFileShare> smbShares = new ArrayList<SMBFileShare>();
if (smbShareMap != null) {
smbShares = smbShareMap.values();
for (SMBFileShare smbShare : smbShares) {
if (smbShare.getPermissionType().equalsIgnoreCase(PERMISSION_TYPE_ALLOW)) {
CifsShareACL acl = new CifsShareACL();
acl.setId(URIUtil.createId(CifsShareACL.class));
acl.setShareName(smbShare.getName());
acl.setPermission(getFormattedPermissionText(smbShare.getPermission()));
acl.setUser(USER_EVERYONE);
acl.setSnapshotId(snapshot.getId());
logger.debug("Persisting new ACE into DB: {}", acl);
dbClient.createObject(acl);
}
}
}
}
logger.info("Migration completed successfully");
} catch (Exception e) {
logger.error("Exception occured while migrating cifs share access control settings");
logger.error(e.getMessage(), e);
}
}
use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.
the class VNXeCreateShareJob method createDefaultACEForShare.
private void createDefaultACEForShare(DbClient dbClient, URI id, FileSMBShare fileShare) {
SMBFileShare share = fileShare.getSMBFileShare();
CifsShareACL ace = new CifsShareACL();
ace.setUser(FileControllerConstants.CIFS_SHARE_USER_EVERYONE);
String permission = null;
switch(share.getPermission()) {
case "read":
permission = FileControllerConstants.CIFS_SHARE_PERMISSION_READ;
break;
case "change":
permission = FileControllerConstants.CIFS_SHARE_PERMISSION_CHANGE;
break;
case "full":
permission = FileControllerConstants.CIFS_SHARE_PERMISSION_FULLCONTROL;
break;
}
ace.setPermission(permission);
ace.setId(URIUtil.createId(CifsShareACL.class));
ace.setShareName(share.getName());
if (URIUtil.isType(id, FileShare.class)) {
ace.setFileSystemId(id);
} else {
ace.setSnapshotId(id);
}
_logger.info("Creating default ACE for the share: {}", ace);
dbClient.createObject(ace);
}
use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.
the class VNXeDeleteShareJob method deleteShareACLsFromDB.
private void deleteShareACLsFromDB(DbClient dbClient, FileObject fsObj) {
try {
ContainmentConstraint containmentConstraint = null;
if (isFile && fsObj != null) {
_logger.info("Querying DB for Share ACLs of share {} of filesystemId {} ", smbShare.getName(), fsObj.getId());
containmentConstraint = ContainmentConstraint.Factory.getFileCifsShareAclsConstraint(fsObj.getId());
} else if (!isFile && fsObj != null) {
URI snapshotId = fsObj.getId();
_logger.info("Querying DB for Share ACLs of share {} of SnapshotId {} ", smbShare.getName(), fsObj.getId());
containmentConstraint = ContainmentConstraint.Factory.getSnapshotCifsShareAclsConstraint(snapshotId);
}
List<CifsShareACL> shareAclList = CustomQueryUtility.queryActiveResourcesByConstraint(dbClient, CifsShareACL.class, containmentConstraint);
List<CifsShareACL> deleteAclList = new ArrayList<CifsShareACL>();
if (!shareAclList.isEmpty()) {
Iterator<CifsShareACL> shareAclIter = shareAclList.iterator();
while (shareAclIter.hasNext()) {
CifsShareACL shareAcl = shareAclIter.next();
if (smbShare.getName().equals(shareAcl.getShareName())) {
shareAcl.setInactive(true);
deleteAclList.add(shareAcl);
}
}
if (!deleteAclList.isEmpty()) {
_logger.info("Deleting ACLs of share {} of filesystem {}", smbShare.getName(), fsObj.getLabel());
dbClient.persistObject(deleteAclList);
}
}
} catch (Exception e) {
_logger.error("Error while querying DB for ACL(s) of a share {}", e);
}
}
Aggregations