use of com.emc.storageos.isilon.restapi.IsilonGroup in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method getIdForDomainUserOrGroup.
/**
* It search all the provider configured in NASServer and gives sid for the user/group and Domain
* if checkUidRange is enable and uid value is between 1,000,000-2,000,000 return sid,.Otherwise uid or gid
*
* @param isi Isilon Api to connect with Isilon
* @param nas - NASServer object to get all the provider info.
* @param domain -domain should be in FQDN format
* @param user name of the user
* @param type can be user or group
* @param checkUidRangeEnable to enable the uid range check
* @return sidOrUid if found or else empty String
*/
private String getIdForDomainUserOrGroup(IsilonApi isi, NASServer nas, String domain, String user, String type, boolean checkUidRangeEnable) {
// we can get all auth providers and zone name from NASServer
String sidOrUid = "";
boolean sidOrUidfound = false;
try {
String zone = nas.getNasName();
List<String> authProviders = new ArrayList<String>();
CifsServerMap cifsServersMap = nas.getCifsServersMap();
authProviders = getAuthProviderListFromCifsServerMap(cifsServersMap);
_log.info("Auth providers for NASServer {} are {} ", nas.getNasName(), authProviders);
for (String provider : authProviders) {
if ("user".equals(type)) {
// no need of resume token as we are expecting only one result.
List<IsilonUser> userDetails = isi.getUsersDetail(zone, provider, domain, user, "");
if (!CollectionUtils.isEmpty(userDetails)) {
IsilonIdentity sid = userDetails.get(0).getSid();
sidOrUid = sid.getId();
sidOrUidfound = true;
// Range check is only done for nfsacl, should be true for it.
if (checkUidRangeEnable) {
// For gid, check what range it�s in. If it�s 1,000,000-2,000,000,
// it�s generated by OneFS and you should use the SID. Otherwise you should use the unix gid.
IsilonIdentity uid = userDetails.get(0).getUid();
if (isUidInRange(uid)) {
_log.debug("using uid {} instead of sid {} ", uid.getId(), sidOrUid);
sidOrUid = uid.getId();
}
}
_log.info("For user name {} and domain {} sid/uid is {}", user, domain, sidOrUid);
break;
}
} else {
List<IsilonGroup> groupDetails = isi.getGroupsDetail(zone, provider, domain, user, "");
// no need of resume token as we are expecting only one result.
if (!CollectionUtils.isEmpty(groupDetails)) {
IsilonIdentity id = groupDetails.get(0).getSid();
sidOrUid = id.getId();
sidOrUidfound = true;
if (checkUidRangeEnable) {
// For gid, check what range it�s in. If it�s 1,000,000-2,000,000,
// it�s generated by OneFS and you should use the SID. Otherwise you should use the unix gid.
IsilonIdentity gid = groupDetails.get(0).getGid();
if (isUidInRange(gid)) {
_log.debug("using gid {} instead of sid {} ", gid.getId(), sidOrUid);
sidOrUid = gid.getId();
}
}
_log.info("For group name {} and domain {} sid is {}", user, domain, sidOrUid);
break;
}
}
}
} catch (IsilonException e) {
_log.error("Error while finding sid/uid for name {} and domain {} ", user, domain, e);
}
if (sidOrUidfound) {
_log.info("Sid/uid for user name {}, type {} and domain {} is {}", user, type, domain, sidOrUid);
} else {
_log.error("No sid/uid found for user name {}, type {} and domain {} ", user, type, domain);
}
return sidOrUid;
}
Aggregations