Examples with StorageOSUser com.emc.storageos.security.authentication.StorageOSUser used on opensource projects

Example 1 with StorageOSUser

use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.

the class KeystoneService method listOpenstackTenants.

/**
 * Get a list of OpenStack Tenants.
 * Uses data from Keystone Authentication Provider to connect Keystone and retrieve Tenants information.
 *
 * @brief Show OpenStack Tenants.
 * @return OpenStack Tenants details.
 * @see TenantListRestResp
 */
@GET
@Path("/tenants")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.SECURITY_ADMIN })
public TenantListRestResp listOpenstackTenants() {
    _log.debug("Keystone Service - listOpenstackTenants");
    StorageOSUser user = getUserFromContext();
    if (!_permissionsHelper.userHasGivenRoleInAnyTenant(user, Role.SECURITY_ADMIN, Role.TENANT_ADMIN)) {
        throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
    }
    AuthnProvider keystoneProvider = _keystoneUtils.getKeystoneProvider();
    // Get OpenStack Tenants only when Keystone Provider exists.
    if (keystoneProvider != null) {
        KeystoneApiClient keystoneApiClient = _keystoneUtils.getKeystoneApi(keystoneProvider.getManagerDN(), keystoneProvider.getServerUrls(), keystoneProvider.getManagerPassword());
        List<KeystoneTenant> OSTenantList = new ArrayList<>(Arrays.asList(keystoneApiClient.getKeystoneTenants().getTenants()));
        TenantListRestResp response = new TenantListRestResp();
        response.setOpenstackTenants(OSTenantList);
        return response;
    }
    throw APIException.internalServerErrors.targetIsNullOrEmpty("Keystone Authentication Provider");
}

Example 2 with StorageOSUser

use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.

the class MigrationService method cancelMigration.

/**
 * Cancel a migration that has yet to be committed.
 *
 * @prereq none
 *
 * @param id the URN of a ViPR migration.
 *
 * @brief Cancel an uncommitted migration.
 * @return A TaskResourceRep
 */
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/cancel")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep cancelMigration(@PathParam("id") URI id) {
    ArgValidator.checkFieldUriType(id, Migration.class, "id");
    Migration migration = queryResource(id);
    if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
        StorageOSUser user = getUserFromContext();
        throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
    }
    if (migration == null || migration.getInactive()) {
        throw APIException.badRequests.cancelMigrationFailed(id.toString(), "The migration is invalid");
    }
    String status = migration.getMigrationStatus();
    String migrationName = migration.getLabel();
    URI volId = migration.getVolume();
    Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
    if (vplexVol == null || vplexVol.getInactive()) {
        throw APIException.badRequests.cancelMigrationFailed(migrationName, "The migrating volume is not valid");
    }
    // Don't allow cancel operation if the vplex volume is in a CG
    URI cgURI = vplexVol.getConsistencyGroup();
    if (!NullColumnValueGetter.isNullURI(cgURI)) {
        throw APIException.badRequests.cancelMigrationFailed(migrationName, "Migration cancellation is not supported for the volumes in consistency group");
    }
    if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
        throw APIException.badRequests.migrationHasntStarted(id.toString());
    }
    if (status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.COMMITTED.getStatusValue())) {
        throw APIException.badRequests.migrationCantBeCancelled(migrationName, status);
    }
    // Create a unique task id.
    String taskId = UUID.randomUUID().toString();
    Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.CANCEL_MIGRATION);
    TaskResourceRep task = toTask(vplexVol, taskId, op);
    if (status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.CANCELLED.getStatusValue()) || status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.PARTIALLY_CANCELLED.getStatusValue())) {
        // it has been cancelled
        s_logger.info("Migration {} has been cancelled", id);
        op.ready();
        vplexVol.getOpStatus().createTaskStatus(taskId, op);
        _dbClient.persistObject(vplexVol);
        return task;
    }
    try {
        VPlexController controller = _vplexBlockServiceApi.getController();
        controller.cancelMigration(vplexVol.getStorageController(), id, taskId);
    } catch (InternalException e) {
        s_logger.error("Controller Error", e);
        String errMsg = String.format("Controller Error: %s", e.getMessage());
        task.setState(Operation.Status.error.name());
        task.setMessage(errMsg);
        op.error(e);
        vplexVol.getOpStatus().updateTaskStatus(taskId, op);
        _dbClient.persistObject(vplexVol);
    }
    return task;
}

Example 3 with StorageOSUser

use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.

the class MigrationService method deleteMigration.

/**
 * Delete a migration that has been committed or cancelled
 *
 * @param id the URN of a ViPR migration.
 *
 * @brief Delete a committed or cancelled migration.
 * @return A TaskResourceRep
 */
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/deactivate")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep deleteMigration(@PathParam("id") URI id) {
    ArgValidator.checkFieldUriType(id, Migration.class, "id");
    Migration migration = queryResource(id);
    if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
        StorageOSUser user = getUserFromContext();
        throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
    }
    String status = migration.getMigrationStatus();
    String migrationName = migration.getLabel();
    if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
        throw APIException.badRequests.migrationHasntStarted(id.toString());
    }
    if (!status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.COMMITTED.getStatusValue()) && !status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.CANCELLED.getStatusValue()) && !status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.ERROR.getStatusValue())) {
        throw VPlexApiException.exceptions.cantRemoveMigrationInvalidState(migrationName);
    }
    URI volId = migration.getVolume();
    Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
    // Create a unique task id.
    String taskId = UUID.randomUUID().toString();
    Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.DELETE_MIGRATION);
    TaskResourceRep task = toTask(vplexVol, taskId, op);
    if (migration.getInactive()) {
        s_logger.info("Migration {} has been deleted", id);
        op.ready();
        vplexVol.getOpStatus().createTaskStatus(taskId, op);
        _dbClient.persistObject(vplexVol);
        return task;
    }
    try {
        VPlexController controller = _vplexBlockServiceApi.getController();
        controller.deleteMigration(vplexVol.getStorageController(), id, taskId);
    } catch (InternalException e) {
        s_logger.error("Error", e);
        String errMsg = String.format("Error: %s", e.getMessage());
        task.setState(Operation.Status.error.name());
        task.setMessage(errMsg);
        op.error(e);
        vplexVol.getOpStatus().updateTaskStatus(taskId, op);
        _dbClient.persistObject(vplexVol);
    }
    return task;
}

Example 4 with StorageOSUser

use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.

the class MigrationService method resumeMigration.

/**
 * Resume a migration that was previously paused.
 *
 * @prereq The migration is paused
 *
 * @param id the URN of a ViPR migration.
 *
 * @brief Resume a paused migration.
 * @return A TaskResourceRep
 */
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/resume")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep resumeMigration(@PathParam("id") URI id) {
    ArgValidator.checkFieldUriType(id, Migration.class, "id");
    Migration migration = queryResource(id);
    if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
        StorageOSUser user = getUserFromContext();
        throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
    }
    String status = migration.getMigrationStatus();
    String migrationName = migration.getLabel();
    if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
        throw APIException.badRequests.migrationHasntStarted(id.toString());
    }
    if (!status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.PAUSED.getStatusValue())) {
        throw APIException.badRequests.migrationCantBeResumed(migrationName, status);
    }
    URI volId = migration.getVolume();
    Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
    // Create a unique task id.
    String taskId = UUID.randomUUID().toString();
    // Create a task for the virtual volume being migrated and set the
    // initial task state to pending.
    Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.RESUME_MIGRATION);
    TaskResourceRep task = toTask(vplexVol, taskId, op);
    try {
        VPlexController controller = _vplexBlockServiceApi.getController();
        controller.resumeMigration(vplexVol.getStorageController(), id, taskId);
    } catch (InternalException e) {
        s_logger.error("Error", e);
        String errMsg = String.format("Error: %s", e.getMessage());
        task.setState(Operation.Status.error.name());
        task.setMessage(errMsg);
        op.error(e);
        vplexVol.getOpStatus().updateTaskStatus(taskId, op);
        _dbClient.persistObject(vplexVol);
    }
    return task;
}

Example 5 with StorageOSUser

use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.

the class MigrationService method getMigration.

/**
 * Returns the data for the migration with the id specified in the request.
 *
 * @prereq none
 *
 * @param id the URN of a ViPR migration.
 *
 * @brief Show data for a migration.
 * @return A MigrationRestRep instance specifying the information about the
 *         migration.
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}")
@CheckPermission(roles = { Role.TENANT_ADMIN, Role.SYSTEM_ADMIN, Role.SYSTEM_MONITOR })
public MigrationRestRep getMigration(@PathParam("id") URI id) {
    // Return the migration or throw an exception when the user is
    // not authorized or the migration is not found.
    ArgValidator.checkFieldUriType(id, Migration.class, "id");
    Migration migration = queryResource(id);
    if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
        StorageOSUser user = getUserFromContext();
        throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
    } else {
        return map(migration);
    }
}