Search in sources :

Example 6 with CifsShareACL

use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method verifyModifyShareACLs.

private void verifyModifyShareACLs(List<ShareACL> shareAclList) {
    if (shareAclList == null) {
        return;
    }
    _log.info("Number of share ACL(s) to modify {} ", shareAclList.size());
    for (ShareACL acl : shareAclList) {
        acl.proceedToNextStep();
        _log.info("Verifying ACL {}", acl.toString());
        // Are there same user or group found in other acls. If so, report
        // error
        verifyUserGroup(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        validatePermissions(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        // Verify with existing ACL
        CifsShareACL dbShareAcl = getExistingACL(acl);
        // If same acl exists, allow to modify
        if (dbShareAcl != null) {
            _log.info("Existing ACL in modify request: {}", dbShareAcl);
            acl.proceedToNextStep();
        } else {
            // If not found, don't allow to proceed further
            if (acl.canProceedToNextStep()) {
                _log.error("No existing ACL found in DB to modify {}", acl);
                acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
            }
        }
    }
}
Also used : ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 7 with CifsShareACL

use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method verifyAddShareACLs.

private void verifyAddShareACLs(List<ShareACL> shareAclList) {
    if (shareAclList == null) {
        return;
    }
    _log.info("Number of share ACL(s) to add {} ", shareAclList.size());
    for (ShareACL acl : shareAclList) {
        acl.proceedToNextStep();
        _log.info("Verifying ACL {}", acl.toString());
        // Are there same user or group found in other acls. If so, report
        // error
        verifyUserGroup(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        validatePermissions(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        // Verify with existing ACL
        CifsShareACL dbShareAcl = getExistingACL(acl);
        // If same acl exists, don't allow to add again.
        if (dbShareAcl != null) {
            _log.error("Duplicate ACL in add request. User/group in ACL for share already exists: {}", dbShareAcl);
            acl.cancelNextStep(ShareACLOperationErrorType.ACL_EXISTS);
            break;
        } else // If not found proceed for further verifications.
        {
            if (acl.canProceedToNextStep()) {
                _log.info("No existing ACL found in DB {}", acl);
            }
        }
    }
}
Also used : ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 8 with CifsShareACL

use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.

the class CifsShareACLMigration method process.

@Override
public void process() throws MigrationCallbackException {
    logger.info("Migration started");
    DbClient dbClient = getDbClient();
    try {
        List<URI> fileSystemURIList = dbClient.queryByType(FileShare.class, true);
        Iterator<FileShare> fileSystemList = dbClient.queryIterativeObjects(FileShare.class, fileSystemURIList, true);
        while (fileSystemList.hasNext()) {
            FileShare fs = fileSystemList.next();
            SMBShareMap smbShareMap = fs.getSMBFileShares();
            Collection<SMBFileShare> smbShares = new ArrayList<SMBFileShare>();
            if (smbShareMap != null) {
                smbShares = smbShareMap.values();
                for (SMBFileShare smbShare : smbShares) {
                    if (smbShare.getPermissionType().equalsIgnoreCase(PERMISSION_TYPE_ALLOW)) {
                        CifsShareACL acl = new CifsShareACL();
                        acl.setId(URIUtil.createId(CifsShareACL.class));
                        acl.setShareName(smbShare.getName());
                        acl.setPermission(smbShare.getPermission());
                        acl.setUser(USER_EVERYONE);
                        acl.setFileSystemId(fs.getId());
                        logger.debug("Persisting new ACE into DB: {}", acl);
                        dbClient.createObject(acl);
                    }
                }
            }
        }
        // File snapshots
        List<URI> fileSnapshotURIList = dbClient.queryByType(Snapshot.class, true);
        Iterator<Snapshot> fileSnapshotList = dbClient.queryIterativeObjects(Snapshot.class, fileSnapshotURIList, true);
        while (fileSnapshotList.hasNext()) {
            Snapshot snapshot = fileSnapshotList.next();
            SMBShareMap smbShareMap = snapshot.getSMBFileShares();
            Collection<SMBFileShare> smbShares = new ArrayList<SMBFileShare>();
            if (smbShareMap != null) {
                smbShares = smbShareMap.values();
                for (SMBFileShare smbShare : smbShares) {
                    if (smbShare.getPermissionType().equalsIgnoreCase(PERMISSION_TYPE_ALLOW)) {
                        CifsShareACL acl = new CifsShareACL();
                        acl.setId(URIUtil.createId(CifsShareACL.class));
                        acl.setShareName(smbShare.getName());
                        acl.setPermission(getFormattedPermissionText(smbShare.getPermission()));
                        acl.setUser(USER_EVERYONE);
                        acl.setSnapshotId(snapshot.getId());
                        logger.debug("Persisting new ACE into DB: {}", acl);
                        dbClient.createObject(acl);
                    }
                }
            }
        }
        logger.info("Migration completed successfully");
    } catch (Exception e) {
        logger.error("Exception occured while migrating cifs share access control settings");
        logger.error(e.getMessage(), e);
    }
}
Also used : DbClient(com.emc.storageos.db.client.DbClient) SMBShareMap(com.emc.storageos.db.client.model.SMBShareMap) ArrayList(java.util.ArrayList) URI(java.net.URI) FileShare(com.emc.storageos.db.client.model.FileShare) SMBFileShare(com.emc.storageos.db.client.model.SMBFileShare) MigrationCallbackException(com.emc.storageos.svcs.errorhandling.resources.MigrationCallbackException) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) Snapshot(com.emc.storageos.db.client.model.Snapshot) SMBFileShare(com.emc.storageos.db.client.model.SMBFileShare)

Example 9 with CifsShareACL

use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.

the class VNXeCreateShareJob method createDefaultACEForShare.

private void createDefaultACEForShare(DbClient dbClient, URI id, FileSMBShare fileShare) {
    SMBFileShare share = fileShare.getSMBFileShare();
    CifsShareACL ace = new CifsShareACL();
    ace.setUser(FileControllerConstants.CIFS_SHARE_USER_EVERYONE);
    String permission = null;
    switch(share.getPermission()) {
        case "read":
            permission = FileControllerConstants.CIFS_SHARE_PERMISSION_READ;
            break;
        case "change":
            permission = FileControllerConstants.CIFS_SHARE_PERMISSION_CHANGE;
            break;
        case "full":
            permission = FileControllerConstants.CIFS_SHARE_PERMISSION_FULLCONTROL;
            break;
    }
    ace.setPermission(permission);
    ace.setId(URIUtil.createId(CifsShareACL.class));
    ace.setShareName(share.getName());
    if (URIUtil.isType(id, FileShare.class)) {
        ace.setFileSystemId(id);
    } else {
        ace.setSnapshotId(id);
    }
    _logger.info("Creating default ACE for the share: {}", ace);
    dbClient.createObject(ace);
}
Also used : SMBFileShare(com.emc.storageos.db.client.model.SMBFileShare) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 10 with CifsShareACL

use of com.emc.storageos.db.client.model.CifsShareACL in project coprhd-controller by CoprHD.

the class VNXeDeleteShareJob method deleteShareACLsFromDB.

private void deleteShareACLsFromDB(DbClient dbClient, FileObject fsObj) {
    try {
        ContainmentConstraint containmentConstraint = null;
        if (isFile && fsObj != null) {
            _logger.info("Querying DB for Share ACLs of share {} of filesystemId {} ", smbShare.getName(), fsObj.getId());
            containmentConstraint = ContainmentConstraint.Factory.getFileCifsShareAclsConstraint(fsObj.getId());
        } else if (!isFile && fsObj != null) {
            URI snapshotId = fsObj.getId();
            _logger.info("Querying DB for Share ACLs of share {} of SnapshotId {} ", smbShare.getName(), fsObj.getId());
            containmentConstraint = ContainmentConstraint.Factory.getSnapshotCifsShareAclsConstraint(snapshotId);
        }
        List<CifsShareACL> shareAclList = CustomQueryUtility.queryActiveResourcesByConstraint(dbClient, CifsShareACL.class, containmentConstraint);
        List<CifsShareACL> deleteAclList = new ArrayList<CifsShareACL>();
        if (!shareAclList.isEmpty()) {
            Iterator<CifsShareACL> shareAclIter = shareAclList.iterator();
            while (shareAclIter.hasNext()) {
                CifsShareACL shareAcl = shareAclIter.next();
                if (smbShare.getName().equals(shareAcl.getShareName())) {
                    shareAcl.setInactive(true);
                    deleteAclList.add(shareAcl);
                }
            }
            if (!deleteAclList.isEmpty()) {
                _logger.info("Deleting ACLs of share {} of filesystem {}", smbShare.getName(), fsObj.getLabel());
                dbClient.persistObject(deleteAclList);
            }
        }
    } catch (Exception e) {
        _logger.error("Error while querying DB for ACL(s) of a share {}", e);
    }
}
Also used : ContainmentConstraint(com.emc.storageos.db.client.constraint.ContainmentConstraint) ArrayList(java.util.ArrayList) URI(java.net.URI) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Aggregations

CifsShareACL (com.emc.storageos.db.client.model.CifsShareACL)20 ArrayList (java.util.ArrayList)8 ShareACL (com.emc.storageos.model.file.ShareACL)7 URI (java.net.URI)6 ContainmentConstraint (com.emc.storageos.db.client.constraint.ContainmentConstraint)5 APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)5 NFSShareACL (com.emc.storageos.db.client.model.NFSShareACL)4 SMBFileShare (com.emc.storageos.db.client.model.SMBFileShare)4 DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)4 InternalException (com.emc.storageos.svcs.errorhandling.resources.InternalException)4 FileShare (com.emc.storageos.db.client.model.FileShare)3 UnManagedCifsShareACL (com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedCifsShareACL)3 DeviceControllerException (com.emc.storageos.exceptions.DeviceControllerException)3 ControllerException (com.emc.storageos.volumecontroller.ControllerException)3 WorkflowException (com.emc.storageos.workflow.WorkflowException)3 URISyntaxException (java.net.URISyntaxException)3 URIQueryResultList (com.emc.storageos.db.client.constraint.URIQueryResultList)2 StorageSystem (com.emc.storageos.db.client.model.StorageSystem)2 DbClient (com.emc.storageos.db.client.DbClient)1 AlternateIdConstraint (com.emc.storageos.db.client.constraint.AlternateIdConstraint)1