use of com.emc.storageos.model.object.BucketACE in project coprhd-controller by CoprHD.
the class ECSObjectStorageDevice method doSyncBucketACL.
/*
* (non-Javadoc)
*
* @see com.emc.storageos.volumecontroller.ObjectStorageDevice#doSyncBucketACL(com.emc.storageos.db.client.model.StorageSystem,
* com.emc.storageos.db.client.model.Bucket, com.emc.storageos.volumecontroller.ObjectDeviceInputOutput, java.lang.String)
*
* Gets the ACl for the bucket from ECS and persist in coprhd DB.
*/
@Override
public BiosCommandResult doSyncBucketACL(StorageSystem storageObj, Bucket bucket, ObjectDeviceInputOutput objectArgs, String taskId) throws ControllerException {
ECSApi objectAPI = getAPI(storageObj);
try {
String aclResponse = objectAPI.getBucketAclFromECS(objectArgs.getName(), objectArgs.getNamespace());
_log.info("aclResponse {} " + aclResponse);
ECSBucketACL bucketACl = new Gson().fromJson(SecurityUtils.sanitizeJsonString(aclResponse), ECSBucketACL.class);
ECSBucketACL.Acl acl = bucketACl.getAcl();
List<ECSBucketACL.UserAcl> user_acl = acl.getUseAcl();
List<ECSBucketACL.GroupAcl> group_acl = acl.getGroupAcl();
List<ECSBucketACL.CustomGroupAcl> customgroup_acl = acl.getCustomgroupAcl();
List<BucketACE> aclToAdd = Lists.newArrayList();
final String _VERSION = "acl_supported";
final String DELIMETER = "@";
for (ECSBucketACL.UserAcl userAce : user_acl) {
String userWithDomain = userAce.getUser();
String[] usrDomain = userWithDomain.split(DELIMETER);
BucketACE bucketAce = new BucketACE();
if (usrDomain.length > 1) {
bucketAce.setDomain(usrDomain[1]);
bucketAce.setUser(usrDomain[0]);
} else if (usrDomain.length == 1) {
// username without domain
bucketAce.setUser(usrDomain[0]);
}
String[] permArray = userAce.getPermission();
String permissions = formatPermissions(permArray);
bucketAce.setPermissions(permissions);
aclToAdd.add(bucketAce);
}
for (ECSBucketACL.GroupAcl groupAce : group_acl) {
String groupWithDomain = groupAce.getGroup();
String[] grpDomain = groupWithDomain.split(DELIMETER);
BucketACE bucketAce = new BucketACE();
if (grpDomain.length > 1) {
bucketAce.setDomain(grpDomain[1]);
bucketAce.setGroup(grpDomain[0]);
} else if (grpDomain.length == 1) {
// group without domain
bucketAce.setGroup(grpDomain[0]);
}
String[] permArray = groupAce.getPermission();
String permissions = formatPermissions(permArray);
bucketAce.setPermissions(permissions);
aclToAdd.add(bucketAce);
}
for (ECSBucketACL.CustomGroupAcl customGroupAce : customgroup_acl) {
String customGroupWithDomain = customGroupAce.getCustomgroup();
String[] grpDomain = customGroupWithDomain.split(DELIMETER);
BucketACE bucketAce = new BucketACE();
if (grpDomain.length > 1) {
bucketAce.setDomain(grpDomain[1]);
bucketAce.setCustomGroup(grpDomain[0]);
} else if (grpDomain.length == 1) {
// custom group without domain
bucketAce.setCustomGroup(grpDomain[0]);
}
String[] permArray = customGroupAce.getPermission();
String permissions = formatPermissions(permArray);
bucketAce.setPermissions(permissions);
aclToAdd.add(bucketAce);
}
BucketACLUpdateParams param = new BucketACLUpdateParams();
BucketACL aclForAddition = new BucketACL();
aclForAddition.setBucketACL(aclToAdd);
param.setAclToAdd(aclForAddition);
updateBucketACLInDB(param, objectArgs, bucket);
bucket.setVersion(_VERSION);
_dbClient.updateObject(bucket);
} catch (ECSException e) {
_log.error("Sync ACL for Bucket : {} failed.", objectArgs.getName(), e);
completeTask(bucket.getId(), taskId, e);
return BiosCommandResult.createErrorResult(e);
}
completeTask(bucket.getId(), taskId, "Bucket ACL Sync Successful.");
return BiosCommandResult.createSuccessfulResult();
}
use of com.emc.storageos.model.object.BucketACE in project coprhd-controller by CoprHD.
the class ObjectStorageUtils method createBucketACLs.
public static BucketACL createBucketACLs(ObjectStorageACL acl) {
BucketACL aclsToAdd = new BucketACL();
List<BucketACE> aclList = new ArrayList<BucketACE>();
BucketACE bucketAce = new BucketACE();
if (acl.aclType.equalsIgnoreCase("GROUP")) {
bucketAce.setGroup(acl.aclName);
} else if (acl.aclType.equalsIgnoreCase("USER")) {
bucketAce.setUser(acl.aclName);
} else {
bucketAce.setCustomGroup(acl.aclName);
}
if (!StringUtils.isEmpty(acl.aclDomain)) {
bucketAce.setDomain(acl.aclDomain);
}
bucketAce.setPermissions(StringUtils.join(acl.aclPermission, "|").toLowerCase());
aclList.add(bucketAce);
aclsToAdd.setBucketACL(aclList);
return aclsToAdd;
}
use of com.emc.storageos.model.object.BucketACE in project coprhd-controller by CoprHD.
the class ObjectBuckets method createObjectBucketACLUpdateParams.
private static ObjectBucketACLUpdateParams createObjectBucketACLUpdateParams(String formData) {
String[] uiAcls = formData.split(",");
List<BucketACE> aces = Lists.newArrayList();
for (String uiAce : uiAcls) {
String[] uiData = uiAce.split("~~~");
String uiType = uiData[0];
String uiName = uiData[1];
String uiDomain = uiData[2];
String uiPermissions = uiData[3];
BucketACE bucketAce = new BucketACE();
if (uiDomain != null && !uiDomain.isEmpty() && !"null".equals(uiDomain)) {
bucketAce.setDomain(uiDomain);
}
if (GROUP.equalsIgnoreCase(uiType.trim())) {
bucketAce.setGroup(uiName.trim());
} else if (CUSTOMGROUP.equalsIgnoreCase(uiType.trim())) {
bucketAce.setCustomGroup(uiName.trim());
} else {
bucketAce.setUser(uiName.trim());
}
if (uiPermissions != null && !"".equals(uiPermissions) && !"null".equals(uiPermissions)) {
bucketAce.setPermissions(uiPermissions);
}
aces.add(bucketAce);
}
BucketACL aclToAdd = new BucketACL();
aclToAdd.setBucketACL(aces);
ObjectBucketACLUpdateParams input = new ObjectBucketACLUpdateParams();
input.setAclToAdd(aclToAdd);
return input;
}
use of com.emc.storageos.model.object.BucketACE in project coprhd-controller by CoprHD.
the class ObjectBuckets method listBucketACLJson.
public static void listBucketACLJson(String id) {
ViPRCoreClient client = BourneUtil.getViprClient();
List<BucketACE> bucketAcl = client.objectBuckets().getBucketACL(uri(id));
List<BucketACLDataTable.AclInfo> acl = Lists.newArrayList();
for (BucketACE ace : bucketAcl) {
String userOrGroupOrCustomgroup = ace.getUser();
String type = USER;
if (ace.getGroup() != null && !ace.getGroup().isEmpty()) {
type = GROUP;
userOrGroupOrCustomgroup = ace.getGroup();
} else if (ace.getCustomGroup() != null && !ace.getCustomGroup().isEmpty()) {
type = CUSTOMGROUP;
userOrGroupOrCustomgroup = ace.getCustomGroup();
}
acl.add(new BucketACLDataTable.AclInfo(userOrGroupOrCustomgroup, type, ace.getPermissions(), id, ace.getDomain()));
}
renderJSON(DataTablesSupport.createJSON(acl, params));
}
use of com.emc.storageos.model.object.BucketACE in project coprhd-controller by CoprHD.
the class ECSObjectStorageDevice method toJsonString.
private String toJsonString(ObjectDeviceInputOutput objectArgs, List<BucketACE> aclsToProcess) {
ECSBucketACL ecsBucketAcl = new ECSBucketACL();
List<ECSBucketACL.UserAcl> user_acl = Lists.newArrayList();
List<ECSBucketACL.GroupAcl> group_acl = Lists.newArrayList();
List<ECSBucketACL.CustomGroupAcl> customgroup_acl = Lists.newArrayList();
String PERMISSION_DELEMITER = "\\|";
for (BucketACE aceToAdd : aclsToProcess) {
ECSBucketACL.UserAcl userAcl = ecsBucketAcl.new UserAcl();
ECSBucketACL.GroupAcl groupAcl = ecsBucketAcl.new GroupAcl();
ECSBucketACL.CustomGroupAcl customgroupAcl = ecsBucketAcl.new CustomGroupAcl();
String type = "user";
String userOrGroupOrCustomgroup = aceToAdd.getUser();
if (userOrGroupOrCustomgroup == null) {
userOrGroupOrCustomgroup = aceToAdd.getGroup() != null ? aceToAdd.getGroup() : aceToAdd.getCustomGroup();
type = aceToAdd.getGroup() != null ? "group" : "customgroup";
}
if (aceToAdd.getDomain() != null && !aceToAdd.getDomain().isEmpty()) {
// ECS accepts username@domain format.
userOrGroupOrCustomgroup = userOrGroupOrCustomgroup + "@" + aceToAdd.getDomain();
}
switch(type) {
case "user":
userAcl.setUser(userOrGroupOrCustomgroup);
if (aceToAdd.getPermissions() != null) {
userAcl.setPermission(aceToAdd.getPermissions().split(PERMISSION_DELEMITER));
}
user_acl.add(userAcl);
break;
case "group":
groupAcl.setGroup(userOrGroupOrCustomgroup);
if (aceToAdd.getPermissions() != null) {
groupAcl.setPermission(aceToAdd.getPermissions().split(PERMISSION_DELEMITER));
}
group_acl.add(groupAcl);
break;
case "customgroup":
customgroupAcl.setCustomgroup(userOrGroupOrCustomgroup);
if (aceToAdd.getPermissions() != null) {
customgroupAcl.setPermission(aceToAdd.getPermissions().split(PERMISSION_DELEMITER));
}
customgroup_acl.add(customgroupAcl);
break;
}
}
ecsBucketAcl.setBucket(objectArgs.getName());
ecsBucketAcl.setNamespace(objectArgs.getNamespace());
ECSBucketACL.Acl acl = ecsBucketAcl.new Acl();
if (!user_acl.isEmpty()) {
acl.setUserAcl(user_acl);
}
if (!group_acl.isEmpty()) {
acl.setGroupAcl(group_acl);
}
if (!customgroup_acl.isEmpty()) {
acl.setCustomgroupAcl(customgroup_acl);
}
ecsBucketAcl.setAcl(acl);
return new Gson().toJson(ecsBucketAcl);
}
Aggregations