Example 1 with Permission
use of com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method extraShareACLFromArray.
/**
* Get the Share ACL which are present in array but not in CoprHD Database.
*
* @param storage
* @param args
* @return Map with domain+ group or username with ShareACL
*/
private Map<String, ShareACL> extraShareACLFromArray(StorageSystem storage, FileDeviceInputOutput args) {
// get all Share ACL from CoprHD data base
List<ShareACL> existingDBShareACL = args.getExistingShareAcls();
Map<String, ShareACL> arrayShareACLMap = new HashMap<>();
// get the all the Share ACL from the storage system.
IsilonApi isi = getIsilonDevice(storage);
String zoneName = getZoneName(args.getvNAS());
IsilonSMBShare share = null;
if (zoneName != null) {
share = isi.getShare(args.getShareName(), zoneName);
} else {
share = isi.getShare(args.getShareName());
}
if (share != null) {
List<Permission> permissions = share.getPermissions();
for (Permission perm : permissions) {
if (perm.getPermissionType().equalsIgnoreCase(Permission.PERMISSION_TYPE_ALLOW)) {
ShareACL shareACL = new ShareACL();
shareACL.setPermission(perm.getPermission());
String userAndDomain = perm.getTrustee().getName();
String[] trustees = new String[2];
trustees = userAndDomain.split("\\\\");
String trusteesType = perm.getTrustee().getType();
if (trustees.length > 1) {
shareACL.setDomain(trustees[0]);
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[1]);
} else {
shareACL.setUser(trustees[1]);
}
} else {
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[0]);
} else {
shareACL.setUser(trustees[0]);
}
}
arrayShareACLMap.put(perm.getTrustee().getName(), shareACL);
}
}
for (Iterator iterator = existingDBShareACL.iterator(); iterator.hasNext(); ) {
ShareACL shareACL = (ShareACL) iterator.next();
String key = "";
String domain = "";
String user = shareACL.getUser();
String group = shareACL.getGroup();
if (shareACL.getDomain() != null && !shareACL.getDomain().isEmpty()) {
domain = shareACL.getDomain() + "\\";
}
if (user != null && !user.isEmpty()) {
key = domain + user;
} else if (group != null && !group.isEmpty()) {
key = domain + group;
}
if (arrayShareACLMap.containsKey(key)) {
arrayShareACLMap.remove(key);
}
}
}
return arrayShareACLMap;
}
Also used :
HashMap(java.util.HashMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
Iterator(java.util.Iterator)
IsilonApi(com.emc.storageos.isilon.restapi.IsilonApi)
ShareACL(com.emc.storageos.model.file.ShareACL)
Example 2 with Permission
use of com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method processAclsForShare.
/**
* Sets permissions on Isilon SMB share.
*
* @param isi
* the isilon API handle
* @param args
* in which the attribute <code>shareName</code> must be set
* @param aclsToProcess
* the ACEs to set on Isilon SMB share. If this value is null,
* then no permissions (ACEs) will be set
*/
private void processAclsForShare(IsilonApi isi, FileDeviceInputOutput args, List<ShareACL> aclsToProcess) {
_log.info("Start processAclsForShare to set ACL for share {}: ACL: {}", args.getShareName(), aclsToProcess);
IsilonSMBShare isilonSMBShare = new IsilonSMBShare(args.getShareName());
ArrayList<Permission> permissions = new ArrayList<Permission>();
String permissionValue = null;
String permissionTypeValue = null;
if (aclsToProcess != null) {
for (ShareACL acl : aclsToProcess) {
String domain = acl.getDomain();
if (domain == null) {
domain = "";
}
domain = domain.toLowerCase();
String userOrGroup = acl.getUser() == null ? acl.getGroup().toLowerCase() : acl.getUser().toLowerCase();
if (domain.length() > 0) {
userOrGroup = domain + "\\" + userOrGroup;
}
permissionValue = acl.getPermission().toLowerCase();
if (permissionValue.startsWith("full")) {
permissionValue = Permission.PERMISSION_FULL;
}
permissionTypeValue = Permission.PERMISSION_TYPE_ALLOW;
Permission permission = isilonSMBShare.new Permission(permissionTypeValue, permissionValue, userOrGroup);
permissions.add(permission);
}
}
/*
* If permissions array list is empty, it means to remove all ACEs on
* the share.
*/
isilonSMBShare.setPermissions(permissions);
_log.info("Calling Isilon API: modifyShare. Share {}, permissions {}", isilonSMBShare, permissions);
String zoneName = getZoneName(args.getvNAS());
if (zoneName != null) {
isi.modifyShare(args.getShareName(), zoneName, isilonSMBShare);
} else {
isi.modifyShare(args.getShareName(), isilonSMBShare);
}
_log.info("End processAclsForShare");
}
Also used :
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
ArrayList(java.util.ArrayList)
ShareACL(com.emc.storageos.model.file.ShareACL)
Example 3 with Permission
use of com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method extraShareACLBySidFromArray.
/**
* By using Sid get the CIFS Share ACL which are present in array but not in CoprHD Database .
*
* @param storage
* @param args
* @return Map with user sid with ShareACL
*/
private Map<String, ShareACL> extraShareACLBySidFromArray(StorageSystem storage, FileDeviceInputOutput args) {
// get all Share ACL from CoprHD data base
List<ShareACL> existingDBShareACL = args.getExistingShareAcls();
NASServer nas = getNasServerForFileSystem(args, storage);
Map<String, ShareACL> arrayShareACLMap = new HashMap<>();
// get the all the Share ACL from the storage system.
IsilonApi isi = getIsilonDevice(storage);
String zoneName = getZoneName(args.getvNAS());
IsilonSMBShare share = null;
if (zoneName != null) {
share = isi.getShare(args.getShareName(), zoneName);
} else {
share = isi.getShare(args.getShareName());
}
if (share != null) {
List<Permission> permissions = share.getPermissions();
for (Permission perm : permissions) {
if (perm.getPermissionType().equalsIgnoreCase(Permission.PERMISSION_TYPE_ALLOW)) {
ShareACL shareACL = new ShareACL();
shareACL.setPermission(perm.getPermission());
String userAndDomain = perm.getTrustee().getName();
String[] trustees = new String[2];
trustees = userAndDomain.split("\\\\");
String trusteesType = perm.getTrustee().getType();
if (trustees.length > 1) {
shareACL.setDomain(trustees[0]);
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[1]);
} else {
shareACL.setUser(trustees[1]);
}
} else {
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[0]);
} else {
shareACL.setUser(trustees[0]);
}
}
arrayShareACLMap.put(perm.getTrustee().getId(), shareACL);
}
}
for (Iterator<ShareACL> iterator = existingDBShareACL.iterator(); iterator.hasNext(); ) {
ShareACL shareACL = iterator.next();
String name = "";
String domain = shareACL.getDomain();
String user = shareACL.getUser();
String group = shareACL.getGroup();
String type = "user";
if (user != null && !user.isEmpty()) {
name = user;
} else if (group != null && !group.isEmpty()) {
name = group;
type = "group";
}
String sid = getIdForDomainUserOrGroup(isi, nas, domain, name, type, false);
if (arrayShareACLMap.containsKey(sid)) {
arrayShareACLMap.remove(sid);
}
}
}
return arrayShareACLMap;
}
Also used :
NASServer(com.emc.storageos.db.client.model.NASServer)
HashMap(java.util.HashMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
IsilonApi(com.emc.storageos.isilon.restapi.IsilonApi)
ShareACL(com.emc.storageos.model.file.ShareACL)
Aggregations
IsilonSMBShare (com.emc.storageos.isilon.restapi.IsilonSMBShare)3
Permission (com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)3
ShareACL (com.emc.storageos.model.file.ShareACL)3
IsilonApi (com.emc.storageos.isilon.restapi.IsilonApi)2
HashMap (java.util.HashMap)2
NASServer (com.emc.storageos.db.client.model.NASServer)1
ArrayList (java.util.ArrayList)1
Iterator (java.util.Iterator)1
