Search in sources :

Example 1 with ShareACL

use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.

the class FileSnapshotService method getSnapshotShareACLs.

/**
 * Get Snapshot Share ACLs
 *
 * @param id
 *            the file system URI
 * @param shareName
 *            name of the share
 * @brief List snapshot share ACLs
 * @return
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/shares/{shareName}/acl")
@CheckPermission(roles = { Role.SYSTEM_MONITOR, Role.TENANT_ADMIN }, acls = { ACL.ANY })
public ShareACLs getSnapshotShareACLs(@PathParam("id") URI id, @PathParam("shareName") String shareName) {
    _log.info("Request recieved to get ACLs with Id: {}  shareName: {}", id, shareName);
    // Validate the FS id
    ArgValidator.checkFieldUriType(id, Snapshot.class, "id");
    ArgValidator.checkFieldNotNull(shareName, "shareName");
    Snapshot snapshot = queryResource(id);
    ArgValidator.checkEntity(snapshot, id, isIdEmbeddedInURL(id));
    if (!CifsShareUtility.doesShareExist(snapshot, shareName)) {
        _log.error("CIFS share does not exist {}", shareName);
        throw APIException.notFound.invalidParameterObjectHasNoSuchShare(snapshot.getId(), shareName);
    }
    ShareACLs acls = new ShareACLs();
    CifsShareUtility util = new CifsShareUtility(_dbClient, null, snapshot, shareName);
    List<ShareACL> shareAclList = util.queryExistingShareACLs();
    _log.info("Number of existing ACLs found : {} ", shareAclList.size());
    if (!shareAclList.isEmpty()) {
        acls.setShareACLs(shareAclList);
    }
    return acls;
}
Also used : MapFileSnapshot(com.emc.storageos.api.mapper.functions.MapFileSnapshot) Snapshot(com.emc.storageos.db.client.model.Snapshot) ShareACLs(com.emc.storageos.model.file.ShareACLs) CifsShareUtility(com.emc.storageos.api.service.impl.resource.utils.CifsShareUtility) ShareACL(com.emc.storageos.model.file.ShareACL) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) CheckPermission(com.emc.storageos.security.authorization.CheckPermission)

Example 2 with ShareACL

use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method verifyAddShareACLs.

private void verifyAddShareACLs(List<ShareACL> shareAclList) {
    if (shareAclList == null) {
        return;
    }
    _log.info("Number of share ACL(s) to add {} ", shareAclList.size());
    for (ShareACL acl : shareAclList) {
        acl.proceedToNextStep();
        _log.info("Verifying ACL {}", acl.toString());
        // Are there same user or group found in other acls. If so, report
        // error
        verifyUserGroup(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        validatePermissions(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        // Verify with existing ACL
        CifsShareACL dbShareAcl = getExistingACL(acl);
        // If same acl exists, don't allow to add again.
        if (dbShareAcl != null) {
            _log.error("Duplicate ACL in add request. User/group in ACL for share already exists: {}", dbShareAcl);
            acl.cancelNextStep(ShareACLOperationErrorType.ACL_EXISTS);
            break;
        } else // If not found proceed for further verifications.
        {
            if (acl.canProceedToNextStep()) {
                _log.info("No existing ACL found in DB {}", acl);
            }
        }
    }
}
Also used : ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 3 with ShareACL

use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method verifyDeleteShareACLs.

private void verifyDeleteShareACLs(List<ShareACL> shareAclList) {
    if (shareAclList == null) {
        return;
    }
    _log.info("Number of share ACL(s) to delete {} ", shareAclList.size());
    for (ShareACL acl : shareAclList) {
        acl.proceedToNextStep();
        _log.info("Verifying ACL {}", acl.toString());
        // Are there same user or group found in other acls. If so, report
        // error
        verifyUserGroup(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        // Verify with existing ACL
        CifsShareACL dbShareAcl = getExistingACL(acl);
        // If same acl exists, allow to modify
        if (dbShareAcl != null) {
            _log.info("Existing ACL found in delete request: {}", dbShareAcl);
            acl.proceedToNextStep();
        } else {
            // If not found, don't allow to proceed further
            if (acl.canProceedToNextStep()) {
                _log.error("No existing ACL found in DB to delete {}", acl);
                acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
            }
        }
    }
}
Also used : ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 4 with ShareACL

use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method reportModifyErrors.

private void reportModifyErrors(CifsShareACLUpdateParams param) {
    String opName = ShareACLOperationType.MODIFY.name();
    // Report Add ACL Errors
    ShareACLs shareAcls = param.getAclsToModify();
    if (shareAcls == null || shareAcls.getShareACLs().isEmpty()) {
        return;
    }
    List<ShareACL> shareAclList = shareAcls.getShareACLs();
    for (ShareACL acl : shareAclList) {
        if (!acl.canProceedToNextStep()) {
            ShareACLOperationErrorType error = acl.getErrorType();
            switch(error) {
                case SNAPSHOT_SHARE_SHOULD_BE_READ_ONLY:
                    {
                        throw APIException.badRequests.snapshotSMBSharePermissionReadOnly();
                    }
                case INVALID_PERMISSION:
                    {
                        if (acl.getPermission() != null) {
                            throw APIException.badRequests.invalidPermissionForACL(acl.getPermission());
                        } else {
                            throw APIException.badRequests.missingValueInACE(opName, REQUEST_PARAM_PERMISSION);
                        }
                    }
                case USER_AND_GROUP_PROVIDED:
                    {
                        throw APIException.badRequests.bothUserAndGroupInACLFound(acl.getUser(), acl.getGroup());
                    }
                case USER_OR_GROUP_NOT_PROVIDED:
                    {
                        throw APIException.badRequests.missingUserOrGroupInACE(opName);
                    }
                case MULTIPLE_ACES_WITH_SAME_USER_OR_GROUP:
                    {
                        String userOrGroup = acl.getUser() == null ? acl.getGroup() : acl.getUser();
                        throw APIException.badRequests.multipleACLsWithUserOrGroupFound(opName, userOrGroup);
                    }
                case ACL_NOT_FOUND:
                    {
                        throw APIException.badRequests.shareACLNotFoundFound(opName, acl.toString());
                    }
                case MULTIPLE_DOMAINS_FOUND:
                    {
                        String domain1 = acl.getDomain();
                        String userOrGroup = acl.getUser() == null ? acl.getGroup() : acl.getUser();
                        String domain2 = userOrGroup.substring(0, userOrGroup.indexOf("\\"));
                        throw APIException.badRequests.multipleDomainsFound(opName, domain1, domain2);
                    }
                case ACL_EXISTS:
                default:
                    break;
            }
        }
    }
}
Also used : ShareACLOperationErrorType(com.emc.storageos.model.file.CifsShareACLUpdateParams.ShareACLOperationErrorType) ShareACLs(com.emc.storageos.model.file.ShareACLs) ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Example 5 with ShareACL

use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.

the class CifsShareUtility method verifyModifyShareACLs.

private void verifyModifyShareACLs(List<ShareACL> shareAclList) {
    if (shareAclList == null) {
        return;
    }
    _log.info("Number of share ACL(s) to modify {} ", shareAclList.size());
    for (ShareACL acl : shareAclList) {
        acl.proceedToNextStep();
        _log.info("Verifying ACL {}", acl.toString());
        // Are there same user or group found in other acls. If so, report
        // error
        verifyUserGroup(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        validatePermissions(acl);
        if (!acl.canProceedToNextStep()) {
            break;
        }
        // Verify with existing ACL
        CifsShareACL dbShareAcl = getExistingACL(acl);
        // If same acl exists, allow to modify
        if (dbShareAcl != null) {
            _log.info("Existing ACL in modify request: {}", dbShareAcl);
            acl.proceedToNextStep();
        } else {
            // If not found, don't allow to proceed further
            if (acl.canProceedToNextStep()) {
                _log.error("No existing ACL found in DB to modify {}", acl);
                acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
            }
        }
    }
}
Also used : ShareACL(com.emc.storageos.model.file.ShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL) CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)

Aggregations

ShareACL (com.emc.storageos.model.file.ShareACL)36 ArrayList (java.util.ArrayList)22 DeviceControllerException (com.emc.storageos.exceptions.DeviceControllerException)13 ShareACLs (com.emc.storageos.model.file.ShareACLs)13 ControllerException (com.emc.storageos.volumecontroller.ControllerException)13 CifsShareACL (com.emc.storageos.db.client.model.CifsShareACL)10 NetAppException (com.emc.storageos.netapp.NetAppException)9 ServiceError (com.emc.storageos.svcs.errorhandling.model.ServiceError)7 BiosCommandResult (com.emc.storageos.volumecontroller.impl.BiosCommandResult)7 ViPRCoreClient (com.emc.vipr.client.ViPRCoreClient)5 NetAppCException (com.emc.storageos.netappc.NetAppCException)4 CifsAcl (com.iwave.ext.netapp.model.CifsAcl)4 NFSShareACL (com.emc.storageos.db.client.model.NFSShareACL)3 IsilonApi (com.emc.storageos.isilon.restapi.IsilonApi)3 IsilonSMBShare (com.emc.storageos.isilon.restapi.IsilonSMBShare)3 Permission (com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)3 ShareACLOperationErrorType (com.emc.storageos.model.file.CifsShareACLUpdateParams.ShareACLOperationErrorType)3 FileCifsShareACLUpdateParams (com.emc.storageos.model.file.FileCifsShareACLUpdateParams)3 NetAppApi (com.emc.storageos.netapp.NetAppApi)3 NetAppClusterApi (com.emc.storageos.netappc.NetAppClusterApi)3