Search in sources :

Example 1 with IsilonGroup

use of com.emc.storageos.isilon.restapi.IsilonGroup in project coprhd-controller by CoprHD.

the class IsilonFileStorageDevice method getIdForDomainUserOrGroup.

/**
 * It search all the provider configured in NASServer and gives sid for the user/group and Domain
 * if checkUidRange is enable and uid value is between 1,000,000-2,000,000 return sid,.Otherwise uid or gid
 *
 * @param isi Isilon Api to connect with Isilon
 * @param nas - NASServer object to get all the provider info.
 * @param domain -domain should be in FQDN format
 * @param user name of the user
 * @param type can be user or group
 * @param checkUidRangeEnable to enable the uid range check
 * @return sidOrUid if found or else empty String
 */
private String getIdForDomainUserOrGroup(IsilonApi isi, NASServer nas, String domain, String user, String type, boolean checkUidRangeEnable) {
    // we can get all auth providers and zone name from NASServer
    String sidOrUid = "";
    boolean sidOrUidfound = false;
    try {
        String zone = nas.getNasName();
        List<String> authProviders = new ArrayList<String>();
        CifsServerMap cifsServersMap = nas.getCifsServersMap();
        authProviders = getAuthProviderListFromCifsServerMap(cifsServersMap);
        _log.info("Auth providers for NASServer {} are {} ", nas.getNasName(), authProviders);
        for (String provider : authProviders) {
            if ("user".equals(type)) {
                // no need of resume token as we are expecting only one result.
                List<IsilonUser> userDetails = isi.getUsersDetail(zone, provider, domain, user, "");
                if (!CollectionUtils.isEmpty(userDetails)) {
                    IsilonIdentity sid = userDetails.get(0).getSid();
                    sidOrUid = sid.getId();
                    sidOrUidfound = true;
                    // Range check is only done for nfsacl, should be true for it.
                    if (checkUidRangeEnable) {
                        // For gid, check what range it�s in. If it�s 1,000,000-2,000,000,
                        // it�s generated by OneFS and you should use the SID. Otherwise you should use the unix gid.
                        IsilonIdentity uid = userDetails.get(0).getUid();
                        if (isUidInRange(uid)) {
                            _log.debug("using uid {} instead of sid {} ", uid.getId(), sidOrUid);
                            sidOrUid = uid.getId();
                        }
                    }
                    _log.info("For user name {} and domain {} sid/uid is {}", user, domain, sidOrUid);
                    break;
                }
            } else {
                List<IsilonGroup> groupDetails = isi.getGroupsDetail(zone, provider, domain, user, "");
                // no need of resume token as we are expecting only one result.
                if (!CollectionUtils.isEmpty(groupDetails)) {
                    IsilonIdentity id = groupDetails.get(0).getSid();
                    sidOrUid = id.getId();
                    sidOrUidfound = true;
                    if (checkUidRangeEnable) {
                        // For gid, check what range it�s in. If it�s 1,000,000-2,000,000,
                        // it�s generated by OneFS and you should use the SID. Otherwise you should use the unix gid.
                        IsilonIdentity gid = groupDetails.get(0).getGid();
                        if (isUidInRange(gid)) {
                            _log.debug("using gid {} instead of sid {} ", gid.getId(), sidOrUid);
                            sidOrUid = gid.getId();
                        }
                    }
                    _log.info("For group name {} and domain {} sid is {}", user, domain, sidOrUid);
                    break;
                }
            }
        }
    } catch (IsilonException e) {
        _log.error("Error while finding sid/uid for name {} and domain {} ", user, domain, e);
    }
    if (sidOrUidfound) {
        _log.info("Sid/uid for user name {}, type {} and domain {} is {}", user, type, domain, sidOrUid);
    } else {
        _log.error("No sid/uid found for user name {}, type {} and domain {} ", user, type, domain);
    }
    return sidOrUid;
}
Also used : CifsServerMap(com.emc.storageos.db.client.model.CifsServerMap) ArrayList(java.util.ArrayList) IsilonUser(com.emc.storageos.isilon.restapi.IsilonUser) IsilonIdentity(com.emc.storageos.isilon.restapi.IsilonIdentity) IsilonGroup(com.emc.storageos.isilon.restapi.IsilonGroup) IsilonException(com.emc.storageos.isilon.restapi.IsilonException)

Aggregations

CifsServerMap (com.emc.storageos.db.client.model.CifsServerMap)1 IsilonException (com.emc.storageos.isilon.restapi.IsilonException)1 IsilonGroup (com.emc.storageos.isilon.restapi.IsilonGroup)1 IsilonIdentity (com.emc.storageos.isilon.restapi.IsilonIdentity)1 IsilonUser (com.emc.storageos.isilon.restapi.IsilonUser)1 ArrayList (java.util.ArrayList)1