Example 6 with IsilonSMBShare
use of com.emc.storageos.isilon.restapi.IsilonSMBShare in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method extraShareACLFromArray.
/**
* Get the Share ACL which are present in array but not in CoprHD Database.
*
* @param storage
* @param args
* @return Map with domain+ group or username with ShareACL
*/
private Map<String, ShareACL> extraShareACLFromArray(StorageSystem storage, FileDeviceInputOutput args) {
// get all Share ACL from CoprHD data base
List<ShareACL> existingDBShareACL = args.getExistingShareAcls();
Map<String, ShareACL> arrayShareACLMap = new HashMap<>();
// get the all the Share ACL from the storage system.
IsilonApi isi = getIsilonDevice(storage);
String zoneName = getZoneName(args.getvNAS());
IsilonSMBShare share = null;
if (zoneName != null) {
share = isi.getShare(args.getShareName(), zoneName);
} else {
share = isi.getShare(args.getShareName());
}
if (share != null) {
List<Permission> permissions = share.getPermissions();
for (Permission perm : permissions) {
if (perm.getPermissionType().equalsIgnoreCase(Permission.PERMISSION_TYPE_ALLOW)) {
ShareACL shareACL = new ShareACL();
shareACL.setPermission(perm.getPermission());
String userAndDomain = perm.getTrustee().getName();
String[] trustees = new String[2];
trustees = userAndDomain.split("\\\\");
String trusteesType = perm.getTrustee().getType();
if (trustees.length > 1) {
shareACL.setDomain(trustees[0]);
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[1]);
} else {
shareACL.setUser(trustees[1]);
}
} else {
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[0]);
} else {
shareACL.setUser(trustees[0]);
}
}
arrayShareACLMap.put(perm.getTrustee().getName(), shareACL);
}
}
for (Iterator iterator = existingDBShareACL.iterator(); iterator.hasNext(); ) {
ShareACL shareACL = (ShareACL) iterator.next();
String key = "";
String domain = "";
String user = shareACL.getUser();
String group = shareACL.getGroup();
if (shareACL.getDomain() != null && !shareACL.getDomain().isEmpty()) {
domain = shareACL.getDomain() + "\\";
}
if (user != null && !user.isEmpty()) {
key = domain + user;
} else if (group != null && !group.isEmpty()) {
key = domain + group;
}
if (arrayShareACLMap.containsKey(key)) {
arrayShareACLMap.remove(key);
}
}
}
return arrayShareACLMap;
}
Also used :
HashMap(java.util.HashMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
Iterator(java.util.Iterator)
IsilonApi(com.emc.storageos.isilon.restapi.IsilonApi)
ShareACL(com.emc.storageos.model.file.ShareACL)
Example 7 with IsilonSMBShare
use of com.emc.storageos.isilon.restapi.IsilonSMBShare in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method isiShare.
/**
* Create/modify Isilon SMB share.
*
* @param isi
* @param args
* @param smbFileShare
* @throws IsilonException
*/
private void isiShare(IsilonApi isi, FileDeviceInputOutput args, SMBFileShare smbFileShare) throws IsilonException {
IsilonSMBShare isilonSMBShare = new IsilonSMBShare(smbFileShare.getName(), smbFileShare.getPath(), smbFileShare.getDescription());
// Check if this is a new share or update of the existing share
SMBShareMap smbShareMap = args.getFileObjShares();
SMBFileShare existingShare = (smbShareMap == null) ? null : smbShareMap.get(smbFileShare.getName());
String shareId;
String zoneName = getZoneName(args.getvNAS());
if (existingShare != null) {
shareId = existingShare.getNativeId();
// modify share
if (zoneName != null) {
isi.modifyShare(shareId, zoneName, isilonSMBShare);
} else {
isi.modifyShare(shareId, isilonSMBShare);
}
} else {
/**
* inheritablePathAcl - true: Apply Windows Default ACLs false: Do
* not change existing permissions.
*/
boolean inheritablePathAcl = true;
if (configinfo != null && configinfo.containsKey("inheritablePathAcl")) {
inheritablePathAcl = Boolean.parseBoolean(configinfo.get("inheritablePathAcl"));
isilonSMBShare.setInheritablePathAcl(inheritablePathAcl);
}
// new share
if (zoneName != null) {
_log.debug("Share will be created in zone: {}", zoneName);
shareId = isi.createShare(isilonSMBShare, zoneName);
} else {
shareId = isi.createShare(isilonSMBShare);
}
}
smbFileShare.setNativeId(shareId);
// Set Mount Point
smbFileShare.setMountPoint(smbFileShare.getStoragePortNetworkId(), smbFileShare.getStoragePortName(), smbFileShare.getName());
// int file share map
if (args.getFileObjShares() == null) {
args.initFileObjShares();
}
args.getFileObjShares().put(smbFileShare.getName(), smbFileShare);
}
Also used :
SMBShareMap(com.emc.storageos.db.client.model.SMBShareMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
SMBFileShare(com.emc.storageos.db.client.model.SMBFileShare)
Example 8 with IsilonSMBShare
use of com.emc.storageos.isilon.restapi.IsilonSMBShare in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method processAclsForShare.
/**
* Sets permissions on Isilon SMB share.
*
* @param isi
* the isilon API handle
* @param args
* in which the attribute <code>shareName</code> must be set
* @param aclsToProcess
* the ACEs to set on Isilon SMB share. If this value is null,
* then no permissions (ACEs) will be set
*/
private void processAclsForShare(IsilonApi isi, FileDeviceInputOutput args, List<ShareACL> aclsToProcess) {
_log.info("Start processAclsForShare to set ACL for share {}: ACL: {}", args.getShareName(), aclsToProcess);
IsilonSMBShare isilonSMBShare = new IsilonSMBShare(args.getShareName());
ArrayList<Permission> permissions = new ArrayList<Permission>();
String permissionValue = null;
String permissionTypeValue = null;
if (aclsToProcess != null) {
for (ShareACL acl : aclsToProcess) {
String domain = acl.getDomain();
if (domain == null) {
domain = "";
}
domain = domain.toLowerCase();
String userOrGroup = acl.getUser() == null ? acl.getGroup().toLowerCase() : acl.getUser().toLowerCase();
if (domain.length() > 0) {
userOrGroup = domain + "\\" + userOrGroup;
}
permissionValue = acl.getPermission().toLowerCase();
if (permissionValue.startsWith("full")) {
permissionValue = Permission.PERMISSION_FULL;
}
permissionTypeValue = Permission.PERMISSION_TYPE_ALLOW;
Permission permission = isilonSMBShare.new Permission(permissionTypeValue, permissionValue, userOrGroup);
permissions.add(permission);
}
}
/*
* If permissions array list is empty, it means to remove all ACEs on
* the share.
*/
isilonSMBShare.setPermissions(permissions);
_log.info("Calling Isilon API: modifyShare. Share {}, permissions {}", isilonSMBShare, permissions);
String zoneName = getZoneName(args.getvNAS());
if (zoneName != null) {
isi.modifyShare(args.getShareName(), zoneName, isilonSMBShare);
} else {
isi.modifyShare(args.getShareName(), isilonSMBShare);
}
_log.info("End processAclsForShare");
}
Also used :
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
ArrayList(java.util.ArrayList)
ShareACL(com.emc.storageos.model.file.ShareACL)
Example 9 with IsilonSMBShare
use of com.emc.storageos.isilon.restapi.IsilonSMBShare in project coprhd-controller by CoprHD.
the class IsilonFileStorageDevice method extraShareACLBySidFromArray.
/**
* By using Sid get the CIFS Share ACL which are present in array but not in CoprHD Database .
*
* @param storage
* @param args
* @return Map with user sid with ShareACL
*/
private Map<String, ShareACL> extraShareACLBySidFromArray(StorageSystem storage, FileDeviceInputOutput args) {
// get all Share ACL from CoprHD data base
List<ShareACL> existingDBShareACL = args.getExistingShareAcls();
NASServer nas = getNasServerForFileSystem(args, storage);
Map<String, ShareACL> arrayShareACLMap = new HashMap<>();
// get the all the Share ACL from the storage system.
IsilonApi isi = getIsilonDevice(storage);
String zoneName = getZoneName(args.getvNAS());
IsilonSMBShare share = null;
if (zoneName != null) {
share = isi.getShare(args.getShareName(), zoneName);
} else {
share = isi.getShare(args.getShareName());
}
if (share != null) {
List<Permission> permissions = share.getPermissions();
for (Permission perm : permissions) {
if (perm.getPermissionType().equalsIgnoreCase(Permission.PERMISSION_TYPE_ALLOW)) {
ShareACL shareACL = new ShareACL();
shareACL.setPermission(perm.getPermission());
String userAndDomain = perm.getTrustee().getName();
String[] trustees = new String[2];
trustees = userAndDomain.split("\\\\");
String trusteesType = perm.getTrustee().getType();
if (trustees.length > 1) {
shareACL.setDomain(trustees[0]);
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[1]);
} else {
shareACL.setUser(trustees[1]);
}
} else {
if (trusteesType.equals("group")) {
shareACL.setGroup(trustees[0]);
} else {
shareACL.setUser(trustees[0]);
}
}
arrayShareACLMap.put(perm.getTrustee().getId(), shareACL);
}
}
for (Iterator<ShareACL> iterator = existingDBShareACL.iterator(); iterator.hasNext(); ) {
ShareACL shareACL = iterator.next();
String name = "";
String domain = shareACL.getDomain();
String user = shareACL.getUser();
String group = shareACL.getGroup();
String type = "user";
if (user != null && !user.isEmpty()) {
name = user;
} else if (group != null && !group.isEmpty()) {
name = group;
type = "group";
}
String sid = getIdForDomainUserOrGroup(isi, nas, domain, name, type, false);
if (arrayShareACLMap.containsKey(sid)) {
arrayShareACLMap.remove(sid);
}
}
}
return arrayShareACLMap;
}
Also used :
NASServer(com.emc.storageos.db.client.model.NASServer)
HashMap(java.util.HashMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
Permission(com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)
IsilonApi(com.emc.storageos.isilon.restapi.IsilonApi)
ShareACL(com.emc.storageos.model.file.ShareACL)
Example 10 with IsilonSMBShare
use of com.emc.storageos.isilon.restapi.IsilonSMBShare in project coprhd-controller by CoprHD.
the class IsilonCommunicationInterface method setUnmanagedCifsShareACL.
/**
* get UnManaged Cifs Shares and their ACLs
*
* @param unManagedFileSystem
* @param smbShares
* @param unManagedCifsShareACLList
* @param fsPath
* @param isilonApi
*/
private void setUnmanagedCifsShareACL(UnManagedFileSystem unManagedFileSystem, HashSet<String> smbShares, List<UnManagedCifsShareACL> unManagedCifsShareACLList, StoragePort storagePort, String fsname, String zoneName, StorageSystem storageSystem, IsilonApi isilonApi, List<UnManagedCifsShareACL> oldUnManagedCifsShareACLList) {
_log.debug("Set CIFS shares and their respective ACL of UMFS: {} from Isilon SMB share details - start", fsname);
if (null != smbShares && !smbShares.isEmpty()) {
UnManagedSMBShareMap unManagedSmbShareMap = null;
if (null == unManagedFileSystem.getUnManagedSmbShareMap()) {
unManagedSmbShareMap = new UnManagedSMBShareMap();
unManagedFileSystem.setUnManagedSmbShareMap(unManagedSmbShareMap);
}
unManagedSmbShareMap = unManagedFileSystem.getUnManagedSmbShareMap();
UnManagedSMBFileShare unManagedSMBFileShare = null;
for (String shareId : smbShares) {
// get smb share details
IsilonSMBShare isilonSMBShare = getIsilonSMBShare(isilonApi, shareId, zoneName);
if (null != isilonSMBShare) {
unManagedSMBFileShare = new UnManagedSMBFileShare();
unManagedSMBFileShare.setName(isilonSMBShare.getName());
unManagedSMBFileShare.setDescription(isilonSMBShare.getDescription());
unManagedSMBFileShare.setNativeId(shareId);
unManagedSMBFileShare.setMountPoint("\\\\" + storagePort.getPortNetworkId() + "\\" + isilonSMBShare.getName());
unManagedSMBFileShare.setPath(isilonSMBShare.getPath());
unManagedSMBFileShare.setMaxUsers(-1);
// setting the dummy permission.This is not used by isilon, but used by other storage system
unManagedSMBFileShare.setPermission(FileControllerConstants.CIFS_SHARE_PERMISSION_CHANGE);
unManagedSMBFileShare.setPermissionType(FileControllerConstants.CIFS_SHARE_PERMISSION_TYPE_ALLOW);
// set Unmanaged SMB Share
unManagedSmbShareMap.put(isilonSMBShare.getName(), unManagedSMBFileShare);
_log.info("SMB share id {} ", shareId);
_log.info("SMB share name {} and fs mount point {} ", unManagedSMBFileShare.getName(), unManagedSMBFileShare.getMountPoint());
// process ACL permission
UnManagedCifsShareACL unManagedCifsShareACL = null;
int aclSize = 0;
List<IsilonSMBShare.Permission> permissionList = isilonSMBShare.getPermissions();
for (IsilonSMBShare.Permission permission : permissionList) {
if (FileControllerConstants.CIFS_SHARE_PERMISSION_TYPE_ALLOW.equalsIgnoreCase(permission.getPermissionType())) {
aclSize++;
_log.debug("IsilonSMBShare: [{}] permission details: {}", isilonSMBShare.getName(), permission.toString());
unManagedCifsShareACL = new UnManagedCifsShareACL();
// Set share name
unManagedCifsShareACL.setShareName(isilonSMBShare.getName());
// Set permission
unManagedCifsShareACL.setPermission(permission.getPermission());
// We take only username and we can ignore type and id
// Set user
unManagedCifsShareACL.setUser(permission.getTrustee().getName());
// Set filesystem id
unManagedCifsShareACL.setFileSystemId(unManagedFileSystem.getId());
unManagedCifsShareACL.setId(URIUtil.createId(UnManagedCifsShareACL.class));
String fsShareNativeId = unManagedCifsShareACL.getFileSystemShareACLIndex();
_log.info("UMFS Share ACL index {}", fsShareNativeId);
String fsUnManagedFileShareNativeGuid = NativeGUIDGenerator.generateNativeGuidForPreExistingFileShare(storageSystem, fsShareNativeId);
_log.info("Native GUID {}", fsUnManagedFileShareNativeGuid);
// set native guid, so each entry unique
unManagedCifsShareACL.setNativeGuid(fsUnManagedFileShareNativeGuid);
// Check whether the CIFS share ACL was present in ViPR DB.
UnManagedCifsShareACL existingCifsShareACL = checkUnManagedFsCifsACLExistsInDB(_dbClient, unManagedCifsShareACL.getNativeGuid());
if (existingCifsShareACL != null) {
// delete the existing acl
existingCifsShareACL.setInactive(true);
oldUnManagedCifsShareACLList.add(existingCifsShareACL);
}
unManagedCifsShareACLList.add(unManagedCifsShareACL);
}
}
_log.debug("ACL size of share: [{}] is {}", isilonSMBShare.getName(), aclSize);
}
}
if (!unManagedSmbShareMap.isEmpty()) {
unManagedFileSystem.setHasShares(true);
}
}
}
Also used :
UnManagedCifsShareACL(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedCifsShareACL)
UnManagedSMBFileShare(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedSMBFileShare)
UnManagedSMBShareMap(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedSMBShareMap)
IsilonSMBShare(com.emc.storageos.isilon.restapi.IsilonSMBShare)
AlternateIdConstraint(com.emc.storageos.db.client.constraint.AlternateIdConstraint)
ContainmentConstraint(com.emc.storageos.db.client.constraint.ContainmentConstraint)
Aggregations
IsilonSMBShare (com.emc.storageos.isilon.restapi.IsilonSMBShare)10
IsilonApi (com.emc.storageos.isilon.restapi.IsilonApi)4
IsilonException (com.emc.storageos.isilon.restapi.IsilonException)4
IsilonCollectionException (com.emc.storageos.plugins.metering.isilon.IsilonCollectionException)4
URISyntaxException (java.net.URISyntaxException)4
Permission (com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)3
ShareACL (com.emc.storageos.model.file.ShareACL)3
HashMap (java.util.HashMap)3
AlternateIdConstraint (com.emc.storageos.db.client.constraint.AlternateIdConstraint)2
ContainmentConstraint (com.emc.storageos.db.client.constraint.ContainmentConstraint)2
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)2
DeviceControllerException (com.emc.storageos.exceptions.DeviceControllerException)2
BaseCollectionException (com.emc.storageos.plugins.BaseCollectionException)2
ControllerException (com.emc.storageos.volumecontroller.ControllerException)2
IOException (java.io.IOException)2
URI (java.net.URI)2
JSONException (org.codehaus.jettison.json.JSONException)2
NASServer (com.emc.storageos.db.client.model.NASServer)1
NamedURI (com.emc.storageos.db.client.model.NamedURI)1
SMBFileShare (com.emc.storageos.db.client.model.SMBFileShare)1
