use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class KeystoneService method listOpenstackTenants.
/**
* Get a list of OpenStack Tenants.
* Uses data from Keystone Authentication Provider to connect Keystone and retrieve Tenants information.
*
* @brief Show OpenStack Tenants.
* @return OpenStack Tenants details.
* @see TenantListRestResp
*/
@GET
@Path("/tenants")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.SECURITY_ADMIN })
public TenantListRestResp listOpenstackTenants() {
_log.debug("Keystone Service - listOpenstackTenants");
StorageOSUser user = getUserFromContext();
if (!_permissionsHelper.userHasGivenRoleInAnyTenant(user, Role.SECURITY_ADMIN, Role.TENANT_ADMIN)) {
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
AuthnProvider keystoneProvider = _keystoneUtils.getKeystoneProvider();
// Get OpenStack Tenants only when Keystone Provider exists.
if (keystoneProvider != null) {
KeystoneApiClient keystoneApiClient = _keystoneUtils.getKeystoneApi(keystoneProvider.getManagerDN(), keystoneProvider.getServerUrls(), keystoneProvider.getManagerPassword());
List<KeystoneTenant> OSTenantList = new ArrayList<>(Arrays.asList(keystoneApiClient.getKeystoneTenants().getTenants()));
TenantListRestResp response = new TenantListRestResp();
response.setOpenstackTenants(OSTenantList);
return response;
}
throw APIException.internalServerErrors.targetIsNullOrEmpty("Keystone Authentication Provider");
}
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class MigrationService method cancelMigration.
/**
* Cancel a migration that has yet to be committed.
*
* @prereq none
*
* @param id the URN of a ViPR migration.
*
* @brief Cancel an uncommitted migration.
* @return A TaskResourceRep
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/cancel")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep cancelMigration(@PathParam("id") URI id) {
ArgValidator.checkFieldUriType(id, Migration.class, "id");
Migration migration = queryResource(id);
if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
StorageOSUser user = getUserFromContext();
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
if (migration == null || migration.getInactive()) {
throw APIException.badRequests.cancelMigrationFailed(id.toString(), "The migration is invalid");
}
String status = migration.getMigrationStatus();
String migrationName = migration.getLabel();
URI volId = migration.getVolume();
Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
if (vplexVol == null || vplexVol.getInactive()) {
throw APIException.badRequests.cancelMigrationFailed(migrationName, "The migrating volume is not valid");
}
// Don't allow cancel operation if the vplex volume is in a CG
URI cgURI = vplexVol.getConsistencyGroup();
if (!NullColumnValueGetter.isNullURI(cgURI)) {
throw APIException.badRequests.cancelMigrationFailed(migrationName, "Migration cancellation is not supported for the volumes in consistency group");
}
if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
throw APIException.badRequests.migrationHasntStarted(id.toString());
}
if (status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.COMMITTED.getStatusValue())) {
throw APIException.badRequests.migrationCantBeCancelled(migrationName, status);
}
// Create a unique task id.
String taskId = UUID.randomUUID().toString();
Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.CANCEL_MIGRATION);
TaskResourceRep task = toTask(vplexVol, taskId, op);
if (status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.CANCELLED.getStatusValue()) || status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.PARTIALLY_CANCELLED.getStatusValue())) {
// it has been cancelled
s_logger.info("Migration {} has been cancelled", id);
op.ready();
vplexVol.getOpStatus().createTaskStatus(taskId, op);
_dbClient.persistObject(vplexVol);
return task;
}
try {
VPlexController controller = _vplexBlockServiceApi.getController();
controller.cancelMigration(vplexVol.getStorageController(), id, taskId);
} catch (InternalException e) {
s_logger.error("Controller Error", e);
String errMsg = String.format("Controller Error: %s", e.getMessage());
task.setState(Operation.Status.error.name());
task.setMessage(errMsg);
op.error(e);
vplexVol.getOpStatus().updateTaskStatus(taskId, op);
_dbClient.persistObject(vplexVol);
}
return task;
}
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class MigrationService method deleteMigration.
/**
* Delete a migration that has been committed or cancelled
*
* @param id the URN of a ViPR migration.
*
* @brief Delete a committed or cancelled migration.
* @return A TaskResourceRep
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/deactivate")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep deleteMigration(@PathParam("id") URI id) {
ArgValidator.checkFieldUriType(id, Migration.class, "id");
Migration migration = queryResource(id);
if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
StorageOSUser user = getUserFromContext();
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
String status = migration.getMigrationStatus();
String migrationName = migration.getLabel();
if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
throw APIException.badRequests.migrationHasntStarted(id.toString());
}
if (!status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.COMMITTED.getStatusValue()) && !status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.CANCELLED.getStatusValue()) && !status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.ERROR.getStatusValue())) {
throw VPlexApiException.exceptions.cantRemoveMigrationInvalidState(migrationName);
}
URI volId = migration.getVolume();
Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
// Create a unique task id.
String taskId = UUID.randomUUID().toString();
Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.DELETE_MIGRATION);
TaskResourceRep task = toTask(vplexVol, taskId, op);
if (migration.getInactive()) {
s_logger.info("Migration {} has been deleted", id);
op.ready();
vplexVol.getOpStatus().createTaskStatus(taskId, op);
_dbClient.persistObject(vplexVol);
return task;
}
try {
VPlexController controller = _vplexBlockServiceApi.getController();
controller.deleteMigration(vplexVol.getStorageController(), id, taskId);
} catch (InternalException e) {
s_logger.error("Error", e);
String errMsg = String.format("Error: %s", e.getMessage());
task.setState(Operation.Status.error.name());
task.setMessage(errMsg);
op.error(e);
vplexVol.getOpStatus().updateTaskStatus(taskId, op);
_dbClient.persistObject(vplexVol);
}
return task;
}
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class MigrationService method resumeMigration.
/**
* Resume a migration that was previously paused.
*
* @prereq The migration is paused
*
* @param id the URN of a ViPR migration.
*
* @brief Resume a paused migration.
* @return A TaskResourceRep
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/resume")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep resumeMigration(@PathParam("id") URI id) {
ArgValidator.checkFieldUriType(id, Migration.class, "id");
Migration migration = queryResource(id);
if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
StorageOSUser user = getUserFromContext();
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
String status = migration.getMigrationStatus();
String migrationName = migration.getLabel();
if (status == null || status.isEmpty() || migrationName == null || migrationName.isEmpty()) {
throw APIException.badRequests.migrationHasntStarted(id.toString());
}
if (!status.equalsIgnoreCase(VPlexMigrationInfo.MigrationStatus.PAUSED.getStatusValue())) {
throw APIException.badRequests.migrationCantBeResumed(migrationName, status);
}
URI volId = migration.getVolume();
Volume vplexVol = _dbClient.queryObject(Volume.class, volId);
// Create a unique task id.
String taskId = UUID.randomUUID().toString();
// Create a task for the virtual volume being migrated and set the
// initial task state to pending.
Operation op = _dbClient.createTaskOpStatus(Volume.class, volId, taskId, ResourceOperationTypeEnum.RESUME_MIGRATION);
TaskResourceRep task = toTask(vplexVol, taskId, op);
try {
VPlexController controller = _vplexBlockServiceApi.getController();
controller.resumeMigration(vplexVol.getStorageController(), id, taskId);
} catch (InternalException e) {
s_logger.error("Error", e);
String errMsg = String.format("Error: %s", e.getMessage());
task.setState(Operation.Status.error.name());
task.setMessage(errMsg);
op.error(e);
vplexVol.getOpStatus().updateTaskStatus(taskId, op);
_dbClient.persistObject(vplexVol);
}
return task;
}
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class MigrationService method getMigration.
/**
* Returns the data for the migration with the id specified in the request.
*
* @prereq none
*
* @param id the URN of a ViPR migration.
*
* @brief Show data for a migration.
* @return A MigrationRestRep instance specifying the information about the
* migration.
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}")
@CheckPermission(roles = { Role.TENANT_ADMIN, Role.SYSTEM_ADMIN, Role.SYSTEM_MONITOR })
public MigrationRestRep getMigration(@PathParam("id") URI id) {
// Return the migration or throw an exception when the user is
// not authorized or the migration is not found.
ArgValidator.checkFieldUriType(id, Migration.class, "id");
Migration migration = queryResource(id);
if (!BulkList.MigrationFilter.isUserAuthorizedForMigration(migration, getUserFromContext(), _permissionsHelper)) {
StorageOSUser user = getUserFromContext();
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
} else {
return map(migration);
}
}
Aggregations