Example 1 with ShareACL
use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.
the class FileSnapshotService method getSnapshotShareACLs.
/**
* Get Snapshot Share ACLs
*
* @param id
* the file system URI
* @param shareName
* name of the share
* @brief List snapshot share ACLs
* @return
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/shares/{shareName}/acl")
@CheckPermission(roles = { Role.SYSTEM_MONITOR, Role.TENANT_ADMIN }, acls = { ACL.ANY })
public ShareACLs getSnapshotShareACLs(@PathParam("id") URI id, @PathParam("shareName") String shareName) {
_log.info("Request recieved to get ACLs with Id: {} shareName: {}", id, shareName);
// Validate the FS id
ArgValidator.checkFieldUriType(id, Snapshot.class, "id");
ArgValidator.checkFieldNotNull(shareName, "shareName");
Snapshot snapshot = queryResource(id);
ArgValidator.checkEntity(snapshot, id, isIdEmbeddedInURL(id));
if (!CifsShareUtility.doesShareExist(snapshot, shareName)) {
_log.error("CIFS share does not exist {}", shareName);
throw APIException.notFound.invalidParameterObjectHasNoSuchShare(snapshot.getId(), shareName);
}
ShareACLs acls = new ShareACLs();
CifsShareUtility util = new CifsShareUtility(_dbClient, null, snapshot, shareName);
List<ShareACL> shareAclList = util.queryExistingShareACLs();
_log.info("Number of existing ACLs found : {} ", shareAclList.size());
if (!shareAclList.isEmpty()) {
acls.setShareACLs(shareAclList);
}
return acls;
}
Also used :
MapFileSnapshot(com.emc.storageos.api.mapper.functions.MapFileSnapshot)
Snapshot(com.emc.storageos.db.client.model.Snapshot)
ShareACLs(com.emc.storageos.model.file.ShareACLs)
CifsShareUtility(com.emc.storageos.api.service.impl.resource.utils.CifsShareUtility)
ShareACL(com.emc.storageos.model.file.ShareACL)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 2 with ShareACL
use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method verifyAddShareACLs.
private void verifyAddShareACLs(List<ShareACL> shareAclList) {
if (shareAclList == null) {
return;
}
_log.info("Number of share ACL(s) to add {} ", shareAclList.size());
for (ShareACL acl : shareAclList) {
acl.proceedToNextStep();
_log.info("Verifying ACL {}", acl.toString());
// Are there same user or group found in other acls. If so, report
// error
verifyUserGroup(acl);
if (!acl.canProceedToNextStep()) {
break;
}
validatePermissions(acl);
if (!acl.canProceedToNextStep()) {
break;
}
// Verify with existing ACL
CifsShareACL dbShareAcl = getExistingACL(acl);
// If same acl exists, don't allow to add again.
if (dbShareAcl != null) {
_log.error("Duplicate ACL in add request. User/group in ACL for share already exists: {}", dbShareAcl);
acl.cancelNextStep(ShareACLOperationErrorType.ACL_EXISTS);
break;
} else // If not found proceed for further verifications.
{
if (acl.canProceedToNextStep()) {
_log.info("No existing ACL found in DB {}", acl);
}
}
}
}
Also used :
ShareACL(com.emc.storageos.model.file.ShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
Example 3 with ShareACL
use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method verifyDeleteShareACLs.
private void verifyDeleteShareACLs(List<ShareACL> shareAclList) {
if (shareAclList == null) {
return;
}
_log.info("Number of share ACL(s) to delete {} ", shareAclList.size());
for (ShareACL acl : shareAclList) {
acl.proceedToNextStep();
_log.info("Verifying ACL {}", acl.toString());
// Are there same user or group found in other acls. If so, report
// error
verifyUserGroup(acl);
if (!acl.canProceedToNextStep()) {
break;
}
// Verify with existing ACL
CifsShareACL dbShareAcl = getExistingACL(acl);
// If same acl exists, allow to modify
if (dbShareAcl != null) {
_log.info("Existing ACL found in delete request: {}", dbShareAcl);
acl.proceedToNextStep();
} else {
// If not found, don't allow to proceed further
if (acl.canProceedToNextStep()) {
_log.error("No existing ACL found in DB to delete {}", acl);
acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
}
}
}
}
Also used :
ShareACL(com.emc.storageos.model.file.ShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
Example 4 with ShareACL
use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method reportModifyErrors.
private void reportModifyErrors(CifsShareACLUpdateParams param) {
String opName = ShareACLOperationType.MODIFY.name();
// Report Add ACL Errors
ShareACLs shareAcls = param.getAclsToModify();
if (shareAcls == null || shareAcls.getShareACLs().isEmpty()) {
return;
}
List<ShareACL> shareAclList = shareAcls.getShareACLs();
for (ShareACL acl : shareAclList) {
if (!acl.canProceedToNextStep()) {
ShareACLOperationErrorType error = acl.getErrorType();
switch(error) {
case SNAPSHOT_SHARE_SHOULD_BE_READ_ONLY:
{
throw APIException.badRequests.snapshotSMBSharePermissionReadOnly();
}
case INVALID_PERMISSION:
{
if (acl.getPermission() != null) {
throw APIException.badRequests.invalidPermissionForACL(acl.getPermission());
} else {
throw APIException.badRequests.missingValueInACE(opName, REQUEST_PARAM_PERMISSION);
}
}
case USER_AND_GROUP_PROVIDED:
{
throw APIException.badRequests.bothUserAndGroupInACLFound(acl.getUser(), acl.getGroup());
}
case USER_OR_GROUP_NOT_PROVIDED:
{
throw APIException.badRequests.missingUserOrGroupInACE(opName);
}
case MULTIPLE_ACES_WITH_SAME_USER_OR_GROUP:
{
String userOrGroup = acl.getUser() == null ? acl.getGroup() : acl.getUser();
throw APIException.badRequests.multipleACLsWithUserOrGroupFound(opName, userOrGroup);
}
case ACL_NOT_FOUND:
{
throw APIException.badRequests.shareACLNotFoundFound(opName, acl.toString());
}
case MULTIPLE_DOMAINS_FOUND:
{
String domain1 = acl.getDomain();
String userOrGroup = acl.getUser() == null ? acl.getGroup() : acl.getUser();
String domain2 = userOrGroup.substring(0, userOrGroup.indexOf("\\"));
throw APIException.badRequests.multipleDomainsFound(opName, domain1, domain2);
}
case ACL_EXISTS:
default:
break;
}
}
}
}
Also used :
ShareACLOperationErrorType(com.emc.storageos.model.file.CifsShareACLUpdateParams.ShareACLOperationErrorType)
ShareACLs(com.emc.storageos.model.file.ShareACLs)
ShareACL(com.emc.storageos.model.file.ShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
Example 5 with ShareACL
use of com.emc.storageos.model.file.ShareACL in project coprhd-controller by CoprHD.
the class CifsShareUtility method verifyModifyShareACLs.
private void verifyModifyShareACLs(List<ShareACL> shareAclList) {
if (shareAclList == null) {
return;
}
_log.info("Number of share ACL(s) to modify {} ", shareAclList.size());
for (ShareACL acl : shareAclList) {
acl.proceedToNextStep();
_log.info("Verifying ACL {}", acl.toString());
// Are there same user or group found in other acls. If so, report
// error
verifyUserGroup(acl);
if (!acl.canProceedToNextStep()) {
break;
}
validatePermissions(acl);
if (!acl.canProceedToNextStep()) {
break;
}
// Verify with existing ACL
CifsShareACL dbShareAcl = getExistingACL(acl);
// If same acl exists, allow to modify
if (dbShareAcl != null) {
_log.info("Existing ACL in modify request: {}", dbShareAcl);
acl.proceedToNextStep();
} else {
// If not found, don't allow to proceed further
if (acl.canProceedToNextStep()) {
_log.error("No existing ACL found in DB to modify {}", acl);
acl.cancelNextStep(ShareACLOperationErrorType.ACL_NOT_FOUND);
}
}
}
}
Also used :
ShareACL(com.emc.storageos.model.file.ShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
CifsShareACL(com.emc.storageos.db.client.model.CifsShareACL)
Aggregations
ShareACL (com.emc.storageos.model.file.ShareACL)36
ArrayList (java.util.ArrayList)22
DeviceControllerException (com.emc.storageos.exceptions.DeviceControllerException)13
ShareACLs (com.emc.storageos.model.file.ShareACLs)13
ControllerException (com.emc.storageos.volumecontroller.ControllerException)13
CifsShareACL (com.emc.storageos.db.client.model.CifsShareACL)10
NetAppException (com.emc.storageos.netapp.NetAppException)9
ServiceError (com.emc.storageos.svcs.errorhandling.model.ServiceError)7
BiosCommandResult (com.emc.storageos.volumecontroller.impl.BiosCommandResult)7
ViPRCoreClient (com.emc.vipr.client.ViPRCoreClient)5
NetAppCException (com.emc.storageos.netappc.NetAppCException)4
CifsAcl (com.iwave.ext.netapp.model.CifsAcl)4
NFSShareACL (com.emc.storageos.db.client.model.NFSShareACL)3
IsilonApi (com.emc.storageos.isilon.restapi.IsilonApi)3
IsilonSMBShare (com.emc.storageos.isilon.restapi.IsilonSMBShare)3
Permission (com.emc.storageos.isilon.restapi.IsilonSMBShare.Permission)3
ShareACLOperationErrorType (com.emc.storageos.model.file.CifsShareACLUpdateParams.ShareACLOperationErrorType)3
FileCifsShareACLUpdateParams (com.emc.storageos.model.file.FileCifsShareACLUpdateParams)3
NetAppApi (com.emc.storageos.netapp.NetAppApi)3
NetAppClusterApi (com.emc.storageos.netappc.NetAppClusterApi)3
