Example 1 with ExportSecurityType
use of com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType in project coprhd-controller by CoprHD.
the class NetAppClusterModeCommIntf method applyAllSecurityRules.
/**
* check Pre Existing Storage File Export Rules exists in DB
*
* @param nativeGuid
* @return unManageFileExport Rule
* @throws IOException
*/
// TODO:Account for multiple security rules and security flavors
private List<UnManagedFileExportRule> applyAllSecurityRules(ExportsRuleInfo export, String storagePortAddress, URI fileSystemId) {
List<UnManagedFileExportRule> expRules = new ArrayList<UnManagedFileExportRule>();
for (SecurityRuleInfo deviceSecurityRule : export.getSecurityRuleInfos()) {
ExportSecurityType[] securityFlavors = ExportSecurityType.values();
boolean secFlavorSupported = false;
for (ExportSecurityType sec : securityFlavors) {
if (sec.name().equalsIgnoreCase(deviceSecurityRule.getSecFlavor())) {
secFlavorSupported = true;
break;
}
}
if (secFlavorSupported) {
UnManagedFileExportRule expRule = new UnManagedFileExportRule();
expRule.setFileSystemId(fileSystemId);
expRule.setExportPath(export.getPathname());
expRule.setSecFlavor(deviceSecurityRule.getSecFlavor());
expRule.setMountPoint(storagePortAddress + ":" + export.getPathname());
String anon = deviceSecurityRule.getAnon();
// TODO: This functionality has to be revisited to handle uids for anon.
if ((null != anon) && (anon.equals(ROOT_UID))) {
anon = ROOT_USER_ACCESS;
} else {
anon = DEFAULT_ANONMOUS_ACCESS;
}
expRule.setAnon(anon);
if ((null != deviceSecurityRule.getRoot()) && !(deviceSecurityRule.getRoot()).isEmpty()) {
StringSet rootHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getRoot()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
rootHosts.add(exportHost.getName());
}
}
}
expRule.setRootHosts(rootHosts);
}
if ((null != deviceSecurityRule.getReadWrite()) && !(deviceSecurityRule.getReadWrite()).isEmpty()) {
StringSet readWriteHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadWrite()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
if (expRule.getRootHosts() != null) {
if (!expRule.getRootHosts().contains(exportHost.getName())) {
readWriteHosts.add(exportHost.getName());
}
} else {
readWriteHosts.add(exportHost.getName());
}
}
}
}
expRule.setReadWriteHosts(readWriteHosts);
}
if ((null != deviceSecurityRule.getReadOnly()) && !(deviceSecurityRule.getReadOnly()).isEmpty()) {
StringSet readOnlyHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadOnly()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
boolean checkRWPermissions = false;
if (expRule.getRootHosts() != null) {
if (!expRule.getRootHosts().contains(exportHost.getName())) {
checkRWPermissions = true;
}
} else {
checkRWPermissions = true;
}
if (checkRWPermissions) {
if (expRule.getReadWriteHosts() != null) {
if (!expRule.getReadWriteHosts().contains(exportHost.getName())) {
readOnlyHosts.add(exportHost.getName());
}
} else {
readOnlyHosts.add(exportHost.getName());
}
}
}
}
}
expRule.setReadOnlyHosts(readOnlyHosts);
}
if (!((expRule.getReadOnlyHosts() == null || expRule.getReadOnlyHosts().isEmpty()) && (expRule.getReadWriteHosts() == null || expRule.getReadWriteHosts().isEmpty()) && (expRule.getRootHosts() == null || expRule.getRootHosts().isEmpty()))) {
expRules.add(expRule);
}
}
}
return expRules;
}
Also used :
UnManagedFileExportRule(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedFileExportRule)
ArrayList(java.util.ArrayList)
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
StringSet(com.emc.storageos.db.client.model.StringSet)
ExportSecurityType(com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Example 2 with ExportSecurityType
use of com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType in project coprhd-controller by CoprHD.
the class ExportVerificationUtility method verifyExportSecurity.
/**
* Verifying the validity of secflavor. If any new in future, verify them at
* here.
*
* @param exportRule
*/
private void verifyExportSecurity(ExportRule exportRule) {
_log.info("Validating Export Security");
try {
List<String> secTypes = new ArrayList<String>();
exportRule.setIsToProceed(true, ExportOperationErrorType.NO_ERROR);
for (String securityType : exportRule.getSecFlavor().split(",")) {
if (!securityType.trim().isEmpty()) {
secTypes.add(securityType.trim());
ExportSecurityType secType = ExportSecurityType.valueOf(securityType.trim().toUpperCase());
if (secType == null) {
exportRule.setIsToProceed(false, ExportOperationErrorType.INVALID_SECURITY_TYPE);
}
}
}
// Multiple security types in a single rule allowed for Isilon storage only!!!
if (secTypes.size() > 1) {
StorageSystem system = null;
if (fs != null) {
system = _dbClient.queryObject(StorageSystem.class, fs.getStorageDevice());
} else if (snapshot != null) {
FileShare fileSystem = _dbClient.queryObject(FileShare.class, snapshot.getParent());
system = _dbClient.queryObject(StorageSystem.class, fileSystem.getStorageDevice());
}
if (!DiscoveredDataObject.Type.isilon.name().equals(system.getSystemType())) {
exportRule.setIsToProceed(false, ExportOperationErrorType.STORAGE_SYSTEM_NOT_SUPPORT_MUL_SECS);
}
}
} catch (Exception e) {
_log.info("Invalid Security Type found in Request {}", exportRule.getSecFlavor());
exportRule.setIsToProceed(false, ExportOperationErrorType.INVALID_SECURITY_TYPE);
}
}
Also used :
ArrayList(java.util.ArrayList)
FileShare(com.emc.storageos.db.client.model.FileShare)
URISyntaxException(java.net.URISyntaxException)
APIException(com.emc.storageos.svcs.errorhandling.resources.APIException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
ExportSecurityType(com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType)
StorageSystem(com.emc.storageos.db.client.model.StorageSystem)
Aggregations
ExportSecurityType (com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType)2
ArrayList (java.util.ArrayList)2
FileShare (com.emc.storageos.db.client.model.FileShare)1
StorageSystem (com.emc.storageos.db.client.model.StorageSystem)1
StringSet (com.emc.storageos.db.client.model.StringSet)1
UnManagedFileExportRule (com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedFileExportRule)1
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)1
ExportsHostnameInfo (com.iwave.ext.netapp.model.ExportsHostnameInfo)1
SecurityRuleInfo (com.iwave.ext.netapp.model.SecurityRuleInfo)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
URISyntaxException (java.net.URISyntaxException)1
