use of com.emc.storageos.model.project.ProjectRestRep in project coprhd-controller by CoprHD.
the class ApiTestUserGroup method testUserGroupCreateWithProjectAclALL.
@Test
public void testUserGroupCreateWithProjectAclALL() throws NoSuchAlgorithmException {
final String testName = "testUserGroupCreateWithProjectAclALL - ";
createDefaultAuthnProvider(testName + DEFAULT_AUTH_PROVIDER_CREATION);
// Create a test tenant.
URI testTenantId = createTestTenant();
// Remove the group just created tenant user mapping.
// So that, all the users in the domain can be assigned with
// tenant roles. Here getting the ldapGroup(2) as that is the
// one used as default one for creating the tenant.
removeUserMappingGroups(testTenantId, getLDAPGroup(2));
// Create a test project for the just created tenant.
URI projectId = createTestProject(testTenantId);
String aclAssignmentsApi = getProjectACLAssignmentApi(projectId);
boolean isGroup = false;
// Assigning all the project acls ALL to the user ldapViPRUser5
List<String> acls = new ArrayList<String>();
acls.add(getACL(0));
String userNameWithDomain = getUserWithDomain(4);
ACLEntry aclAssignmentEntry1 = getACLAssignmentEntry(userNameWithDomain, acls, isGroup);
ACLAssignmentChanges aclAssignmentChanges = getDefaultACLAssignmentChanges();
aclAssignmentChanges.getAdd().add(aclAssignmentEntry1);
ACLAssignments aclAssignments = rSys.path(aclAssignmentsApi).put(ACLAssignments.class, aclAssignmentChanges);
validateACLAssignmentsSuccess(aclAssignments, userNameWithDomain, isGroup);
// Create a user ldapViPRUser5.
BalancedWebResource ldapViPRUser5 = getHttpsClient(userNameWithDomain, getLDAPUserPassword());
ProjectRestRep ldapViPRUser5ProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ProjectRestRep.class);
Assert.assertEquals(projectId, ldapViPRUser5ProjectInfo.getId());
UserGroupCreateParam createParam = getDefaultUserGroupCreateParam();
// Try to create a user group by non security admin user (ldapViPRUser5).
ClientResponse clientResponseUserGroupCreate = ldapViPRUser5.path(getTestApi()).post(ClientResponse.class, createParam);
String partialErrorMessage = ERROR_INSUFFICIENT_PERMISSION_FOR_USER;
partialErrorMessage = String.format(partialErrorMessage, userNameWithDomain.toLowerCase());
validateUserGroupBadRequest(HttpStatus.SC_FORBIDDEN, partialErrorMessage, clientResponseUserGroupCreate);
// Only Tenant Admin and Project owner has a readonly access.
clientResponseUserGroupCreate = ldapViPRUser5.path(getTestApi()).get(ClientResponse.class);
validateUserGroupBadRequest(HttpStatus.SC_FORBIDDEN, partialErrorMessage, clientResponseUserGroupCreate);
// Test the bulk api. Here expecting false for get, as ldapViPRUser5
// is not a sysadmin or sysmonitor and expecting true for post, as
// ldapViPRUser5 has all project acl.
testUserGroupBulkApi(ldapViPRUser5, false, false);
// Now remove the user group from the acl assignments.
aclAssignmentChanges.getAdd().clear();
aclAssignmentChanges.getRemove().add(aclAssignmentEntry1);
aclAssignments = rSys.path(aclAssignmentsApi).put(ACLAssignments.class, aclAssignmentChanges);
validateACLAssignmentsRemove(aclAssignments, userNameWithDomain, isGroup);
// Now the user should not have any acls.
ClientResponse clientResponseProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ClientResponse.class);
Assert.assertEquals(HttpStatus.SC_FORBIDDEN, clientResponseProjectInfo.getStatus());
}
use of com.emc.storageos.model.project.ProjectRestRep in project coprhd-controller by CoprHD.
the class ApiTestUserGroup method testUserGroupCreateWithProjectOwner.
@Test
public void testUserGroupCreateWithProjectOwner() throws NoSuchAlgorithmException {
final String testName = "testUserGroupCreateWithProjectOwner - ";
createDefaultAuthnProvider(testName + DEFAULT_AUTH_PROVIDER_CREATION);
// Create a test tenant.
URI testTenantId = createTestTenant();
// Remove the group just created tenant user mapping.
// So that, all the users in the domain can be assigned with
// tenant roles. Here getting the ldapGroup(2) as that is the
// one used as default one for creating the tenant.
removeUserMappingGroups(testTenantId, getLDAPGroup(2));
// Create a test project for the just created tenant.
URI projectId = createTestProject(testTenantId);
String userNameWithDomain = getUserWithDomain(4);
// Change the owner of the project to ldapViPRUser5 from rSys.
String projectEditApi = getProjectApi(projectId);
ProjectUpdateParam updateParam = new ProjectUpdateParam();
updateParam.setOwner(userNameWithDomain);
ClientResponse clientResponseProjectEdit = rSys.path(projectEditApi).put(ClientResponse.class, updateParam);
Assert.assertEquals(HttpStatus.SC_OK, clientResponseProjectEdit.getStatus());
// Create a user ldapViPRUser5.
BalancedWebResource ldapViPRUser5 = getHttpsClient(userNameWithDomain, getLDAPUserPassword());
ProjectRestRep ldapViPRUser5ProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ProjectRestRep.class);
Assert.assertEquals(projectId, ldapViPRUser5ProjectInfo.getId());
UserGroupCreateParam createParam = getDefaultUserGroupCreateParam();
// Try to create a user group by non security admin user (ldapViPRUser5).
ClientResponse clientResponseUserGroupCreate = ldapViPRUser5.path(getTestApi()).post(ClientResponse.class, createParam);
String partialErrorMessage = ERROR_INSUFFICIENT_PERMISSION_FOR_USER;
partialErrorMessage = String.format(partialErrorMessage, userNameWithDomain.toLowerCase());
validateUserGroupBadRequest(HttpStatus.SC_FORBIDDEN, partialErrorMessage, clientResponseUserGroupCreate);
// Tenant Admin and Project owner has a readonly access.
clientResponseUserGroupCreate = ldapViPRUser5.path(getTestApi()).get(ClientResponse.class);
Assert.assertEquals(HttpStatus.SC_OK, clientResponseUserGroupCreate.getStatus());
// Test the bulk api. Here expecting false for get, as ldapViPRUser5
// is not a sysadmin or sysmonitor and expecting true for post, as
// ldapViPRUser5 is project owner.
testUserGroupBulkApi(ldapViPRUser5, false, true);
ProjectRestRep ProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ProjectRestRep.class);
Assert.assertEquals(projectId, ProjectInfo.getId());
}
use of com.emc.storageos.model.project.ProjectRestRep in project coprhd-controller by CoprHD.
the class ApiTestUserGroup method testUserGroupWithProjectACLAssignment.
@Test
public void testUserGroupWithProjectACLAssignment() throws NoSuchAlgorithmException {
final String testName = "testUserGroupWithProjectACLAssignment - ";
createDefaultAuthnProvider(testName + DEFAULT_AUTH_PROVIDER_CREATION);
UserGroupCreateParam createParam = getDefaultUserGroupCreateParam();
ClientResponse clientUserGroupCreateResp = rSys.path(getTestApi()).post(ClientResponse.class, createParam);
UserGroupRestRep userGroupCreateResp = validateUserGroupCreateSuccess(createParam, clientUserGroupCreateResp);
// Create a test tenant.
URI testTenantId = createTestTenant();
// Update the provider tenant user mapping with the
// just created user group "Depart_Dev".
updateTenantGroups(testTenantId, userGroupCreateResp.getName());
// Create a test project for the just created tenant.
URI projectId = createTestProject(testTenantId);
boolean isGroup = true;
String aclAssignmentsApi = getProjectACLAssignmentApi(projectId);
// Assigning all the project acls to Depart_Dev user group
// (with attributes department = [ENG, DEV] and l = [Boston]
List<String> acls = new ArrayList<String>();
acls.add(getACL(1));
ACLEntry aclAssignmentEntry1 = getACLAssignmentEntry(userGroupCreateResp.getName(), acls, isGroup);
ACLAssignmentChanges aclAssignmentChanges = getDefaultACLAssignmentChanges();
aclAssignmentChanges.getAdd().add(aclAssignmentEntry1);
ACLAssignments aclAssignments = rSys.path(aclAssignmentsApi).put(ACLAssignments.class, aclAssignmentChanges);
validateACLAssignmentsSuccess(aclAssignments, userGroupCreateResp.getName(), isGroup);
// Create a user whose attributes matches with the above created
// user group "Depart_Dev". Matching LDAP user is ldapViPRUser5.
BalancedWebResource ldapViPRUser5 = getHttpsClient(getUserWithDomain(4), getLDAPUserPassword());
ProjectRestRep ldapViPRUser5ProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ProjectRestRep.class);
Assert.assertEquals(projectId, ldapViPRUser5ProjectInfo.getId());
// Now try to delete the user group "Depart_Dev".
// It should fail, as it is associated with the project acls assignments and
// tenant user mappings.
deleteUserGroupAndExpectFailure(userGroupCreateResp.getId());
// Now try to change the domain the of the user group "Depart_Dev".
// It should fail, as it is associated with the project acls assignments and
// tenant user mappings.
changeUserGroupDomainAndExpectFailure(userGroupCreateResp);
// Edit the user group but dont change any properties in the group.
// This should be successful irrespective of whether it is used in
// any role or acl or user mapping assignments.
editUserGroupWithoutAnyChangeAndExpectSuccess(userGroupCreateResp);
// Now remove the user group from the acl assignments.
aclAssignmentChanges.getAdd().clear();
aclAssignmentChanges.getRemove().add(aclAssignmentEntry1);
aclAssignments = rSys.path(aclAssignmentsApi).put(ACLAssignments.class, aclAssignmentChanges);
validateACLAssignmentsRemove(aclAssignments, userGroupCreateResp.getName(), isGroup);
// Now the user should not have any acls associated with the
// user group "Depart_Dev". This is done by just
// querying about the just created project. Since user
// does not have any project role or tenant roles, the request
// will fail.
ClientResponse clientResponseProjectInfo = ldapViPRUser5.path(getProjectApi(projectId)).get(ClientResponse.class);
Assert.assertEquals(HttpStatus.SC_FORBIDDEN, clientResponseProjectInfo.getStatus());
// Now remove the user group from the tenant user mappings.
removeTenantUserMapping(testTenantId, userGroupCreateResp.getName());
}
use of com.emc.storageos.model.project.ProjectRestRep in project coprhd-controller by CoprHD.
the class HostClusters method itemDetails.
public static void itemDetails(String id) {
ClusterRestRep cluster = ClusterUtils.getCluster(uri(id));
if (cluster == null) {
error(MessagesUtils.get(UNKNOWN, id));
}
ProjectRestRep project = ProjectUtils.getProject(ResourceUtils.id(cluster.getProject()));
List<HostRestRep> hosts = ClusterUtils.getHosts(uri(id));
VcenterDataCenterRestRep dataCenter = VCenterUtils.getDataCenter(ResourceUtils.id(cluster.getVcenterDataCenter()));
VcenterRestRep vcenter = VCenterUtils.getVCenter(dataCenter);
render(cluster, project, hosts, dataCenter, vcenter);
}
use of com.emc.storageos.model.project.ProjectRestRep in project coprhd-controller by CoprHD.
the class ConsistencyGroups method list.
public static void list() {
BlockConsistencyGroupDataTable dataTable = new BlockConsistencyGroupDataTable();
List<ProjectRestRep> projects = ProjectUtils.getProjects(Models.currentAdminTenant());
Collections.sort(projects, new Comparator<ProjectRestRep>() {
public int compare(ProjectRestRep proj1, ProjectRestRep proj2) {
return proj1.getName().compareTo(proj2.getName());
}
});
String activeProjectId = flash.get(ACTIVE_PROJECT_ID);
if (activeProjectId == null && !projects.isEmpty()) {
activeProjectId = projects.get(0).getId().toString();
}
TenantSelector.addRenderArgs();
render(dataTable, projects, activeProjectId);
}
Aggregations