Examples with Project com.emc.storageos.db.client.model.Project used on opensource projects

Example 6 with Project

use of com.emc.storageos.db.client.model.Project in project coprhd-controller by CoprHD.

the class TenantsService method createProject.

/**
 * Worker method for create project. Allows external requests (REST) as well as
 * internal requests that may not have a security context.
 *
 * @param id tenant id
 * @param param project params
 * @param owner name of owner of the request
 * @param ownerTenantId tenant id of the owner
 * @return project details
 */
public ProjectElement createProject(URI id, ProjectParam param, String owner, String ownerTenantId) {
    TenantOrg tenant = getTenantById(id, true);
    if (param.getName() != null && !param.getName().isEmpty()) {
        checkForDuplicateName(param.getName(), Project.class, id, "tenantOrg", _dbClient);
    }
    Project project = new Project();
    project.setId(URIUtil.createId(Project.class));
    project.setLabel(param.getName());
    project.setTenantOrg(new NamedURI(tenant.getId(), project.getLabel()));
    project.setOwner(owner);
    // set owner acl
    project.addAcl(new PermissionsKey(PermissionsKey.Type.SID, owner, ownerTenantId).toString(), ACL.OWN.toString());
    _dbClient.createObject(project);
    recordTenantEvent(OperationTypeEnum.CREATE_PROJECT, tenant.getId(), project.getId());
    return new ProjectElement(project.getId(), toLink(ResourceTypeEnum.PROJECT, project.getId()), project.getLabel());
}

Example 7 with Project

use of com.emc.storageos.db.client.model.Project in project coprhd-controller by CoprHD.

the class TenantsService method listProjects.

/**
 * List projects the user is authorized to see
 *
 * @param id the URN of a ViPR Tenant/Subtenant
 * @prereq none
 * @brief List projects
 * @return List of projects
 */
@GET
@Path("/{id}/projects")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public ProjectList listProjects(@PathParam("id") URI id) {
    TenantOrg tenant = getTenantById(id, false);
    StorageOSUser user = getUserFromContext();
    NamedElementQueryResultList projects = new NamedElementQueryResultList();
    if (_permissionsHelper.userHasGivenRole(user, tenant.getId(), Role.SYSTEM_MONITOR, Role.TENANT_ADMIN, Role.SECURITY_ADMIN)) {
        // list all
        _dbClient.queryByConstraint(ContainmentConstraint.Factory.getTenantOrgProjectConstraint(tenant.getId()), projects);
    } else {
        // list only projects that the user has access to
        if (!id.equals(URI.create(user.getTenantId()))) {
            throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
        }
        Map<URI, Set<String>> allMyProjects = _permissionsHelper.getAllPermissionsForUser(user, tenant.getId(), null, false);
        if (!allMyProjects.keySet().isEmpty()) {
            List<Project> project_list = _dbClient.queryObjectField(Project.class, "label", new ArrayList<URI>(allMyProjects.keySet()));
            List<NamedElementQueryResultList.NamedElement> elements = new ArrayList<NamedElementQueryResultList.NamedElement>(project_list.size());
            for (Project p : project_list) {
                elements.add(NamedElementQueryResultList.NamedElement.createElement(p.getId(), p.getLabel()));
            }
            projects.setResult(elements.iterator());
        } else {
            // empty list
            projects.setResult(new ArrayList<NamedElementQueryResultList.NamedElement>().iterator());
        }
    }
    ProjectList list = new ProjectList();
    for (NamedElementQueryResultList.NamedElement el : projects) {
        list.getProjects().add(toNamedRelatedResource(ResourceTypeEnum.PROJECT, el.getId(), el.getName()));
    }
    return list;
}

Example 8 with Project

use of com.emc.storageos.db.client.model.Project in project coprhd-controller by CoprHD.

the class InternalFileResource method undoReleaseFileSystemInternal.

/**
 * Undo the release of a file system
 *
 * @param id the URN of a ViPR file system to undo
 * @return the updated file system
 * @throws InternalException
 */
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/release/undo")
public FileShareRestRep undoReleaseFileSystemInternal(@PathParam("id") URI id) throws InternalException {
    ArgValidator.checkFieldUriType(id, FileShare.class, "id");
    FileShare fs = _fileService.queryResource(id);
    checkFileShareInternal(fs);
    URI releasedProject = fs.getOriginalProject();
    if (releasedProject == null) {
        throw APIException.forbidden.onlyPreviouslyReleasedFileSystemsCanBeUndone();
    }
    Project project = _permissionsHelper.getObjectById(releasedProject, Project.class);
    ArgValidator.checkEntity(project, releasedProject, false);
    ArgValidator.checkFieldNotNull(project.getTenantOrg(), "tenantOrg");
    ArgValidator.checkFieldNotNull(project.getTenantOrg().getURI(), "tenantOrg");
    fs.setTenant(new NamedURI(project.getTenantOrg().getURI(), fs.getLabel()));
    fs.setProject(new NamedURI(releasedProject, fs.getLabel()));
    fs.setOriginalProject(null);
    fs.clearInternalFlags(INTERNAL_FILESHARE_FLAGS);
    _dbClient.updateAndReindexObject(fs);
    // audit against the new project, not the old dummy internal project
    auditOp(OperationTypeEnum.UNDO_RELEASE_FILE_SYSTEM, true, null, fs.getId().toString(), project.getId().toString());
    return map(fs);
}

Example 9 with Project

use of com.emc.storageos.db.client.model.Project in project coprhd-controller by CoprHD.

the class MigrationService method getVirtualPoolForMigrationTarget.

/**
 * Gets the VirtualPool for the migration target.
 *
 * @param requestedCosURI The VirtualPool specified in the migration request.
 * @param vplexVolume A reference to the VPlex virtual volume.
 * @param migrationSrc A reference to the migration source.
 *
 * @return A reference to the VirtualPool for the migration target volume.
 */
private VirtualPool getVirtualPoolForMigrationTarget(URI requestedCosURI, Volume vplexVolume, Volume migrationSrc) {
    // Get the VirtualPool for the migration source.
    VirtualPool cosForMigrationSrc = _permissionsHelper.getObjectById(migrationSrc.getVirtualPool(), VirtualPool.class);
    // Determine the VirtualPool for the migration target based on
    // the VirtualPool specified in the request, if any. Note that the
    // VirtualPool specified in the request should be the new VirtualPool for
    // the passed VPlex volume after the migration is complete.
    VirtualPool cosForMigrationTgt = null;
    if (requestedCosURI != null) {
        // Get the new VirtualPool for the virtual volume verifying
        // that the VirtualPool is valid for the project's tenant and
        // set it initially as the VirtualPool for the migration
        // target.
        Project vplexVolumeProject = _permissionsHelper.getObjectById(vplexVolume.getProject(), Project.class);
        cosForMigrationTgt = BlockService.getVirtualPoolForRequest(vplexVolumeProject, requestedCosURI, _dbClient, _permissionsHelper);
        // Now get the VirtualArray of the migration source volume.
        // We need to know if this is the primary volume or the HA
        // volume.
        URI migrationNhURI = migrationSrc.getVirtualArray();
        if (!migrationNhURI.toString().equals(vplexVolume.getVirtualArray().toString())) {
            // The HA backend volume is being migrated.
            // The VirtualPool for the HA volume is potentially
            // specified by the HA VirtualPool map in the requested
            // VirtualPool. If not, then the VirtualPool for the HA volume
            // is the same as that of the VPlex volume.
            StringMap haNhCosMap = cosForMigrationTgt.getHaVarrayVpoolMap();
            if ((haNhCosMap != null) && (haNhCosMap.containsKey(migrationNhURI.toString()))) {
                cosForMigrationTgt = BlockService.getVirtualPoolForRequest(vplexVolumeProject, URI.create(haNhCosMap.get(migrationNhURI.toString())), _dbClient, _permissionsHelper);
            }
            // Now verify the VirtualPool change is legitimate.
            VirtualPoolChangeAnalyzer.verifyVirtualPoolChangeForTechRefresh(cosForMigrationSrc, cosForMigrationTgt);
        } else {
            // The primary or source volume is being migrated.
            // The VirtualPool for the primary volume is the same as
            // that for the VPlex volume. We still need to verify
            // this is a legitimate VirtualPool change.
            VirtualPoolChangeAnalyzer.verifyVirtualPoolChangeForTechRefresh(cosForMigrationSrc, cosForMigrationTgt);
        }
    } else {
        // A new VirtualPool was not specified for the virtual volume, so
        // the VirtualPool for the migration target will be the same as that
        // for the migration source.
        cosForMigrationTgt = cosForMigrationSrc;
    }
    return cosForMigrationTgt;
}

Example 10 with Project

use of com.emc.storageos.db.client.model.Project in project coprhd-controller by CoprHD.

the class ProjectService method updateProject.

/**
 * Update info for project including project name and owner
 *
 * @param projectUpdate Project update parameters
 * @param id the URN of a ViPR Project
 * @prereq none
 * @brief Update project
 * @return No data returned in response body
 */
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN })
public Response updateProject(@PathParam("id") URI id, ProjectUpdateParam projectUpdate) {
    Project project = getProjectById(id, true);
    if (null != projectUpdate.getName() && !projectUpdate.getName().isEmpty() && !project.getLabel().equalsIgnoreCase(projectUpdate.getName())) {
        // check if any filepolicies are assigned to project
        if ((project.getFilePolicies() != null) && !(project.getFilePolicies().isEmpty())) {
            _log.error(String.format("Failed to update the name of project %s as a policy is assigned", project.getLabel()));
            throw APIException.badRequests.cannotUpdateProjectNameAssignedFilePolicy(project.getLabel());
        }
        checkForDuplicateName(projectUpdate.getName(), Project.class, project.getTenantOrg().getURI(), "tenantOrg", _dbClient);
        project.setLabel(projectUpdate.getName());
        NamedURI tenant = project.getTenantOrg();
        if (tenant != null) {
            tenant.setName(projectUpdate.getName());
            project.setTenantOrg(tenant);
        }
    }
    if (null != projectUpdate.getOwner() && !projectUpdate.getOwner().isEmpty() && !projectUpdate.getOwner().equalsIgnoreCase(project.getOwner())) {
        StringBuilder error = new StringBuilder();
        if (!Validator.isValidPrincipal(new StorageOSPrincipal(projectUpdate.getOwner(), StorageOSPrincipal.Type.User), project.getTenantOrg().getURI(), error)) {
            throw APIException.forbidden.specifiedOwnerIsNotValidForProjectTenant(error.toString());
        }
        // in GEO scenario, root can't be assigned as project owner
        boolean isRootInGeo = (projectUpdate.getOwner().equalsIgnoreCase("root") && !VdcUtil.isLocalVdcSingleSite());
        if (isRootInGeo) {
            throw APIException.forbidden.specifiedOwnerIsNotValidForProjectTenant("in GEO scenario, root can't be assigned as project owner");
        }
        // set owner acl
        project.removeAcl(new PermissionsKey(PermissionsKey.Type.SID, project.getOwner(), project.getTenantOrg().getURI()).toString(), ACL.OWN.toString());
        project.setOwner(projectUpdate.getOwner());
        // set owner acl
        project.addAcl(new PermissionsKey(PermissionsKey.Type.SID, project.getOwner(), project.getTenantOrg().getURI()).toString(), ACL.OWN.toString());
    }
    _dbClient.updateAndReindexObject(project);
    recordOperation(OperationTypeEnum.UPDATE_PROJECT, true, project);
    return Response.ok().build();
}