Example 76 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class OrderService method getUserOrders.
/**
* Gets the list of orders within a time range for current user
*
* @brief List Orders
* @param startTimeStr start time of the query
* @param endTimeStr end time of the query
* @param maxCount The max number of orders this API returns
* @param ordersOnlyStr if ture, only returns orders info, other info such as OrderParameter
* will not be returned
* @return a list of orders
* @throws DatabaseException when a DB error occurs
*/
@GET
@Path("/my-orders")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public OrderBulkRep getUserOrders(@DefaultValue("") @QueryParam(SearchConstants.START_TIME_PARAM) String startTimeStr, @DefaultValue("") @QueryParam(SearchConstants.END_TIME_PARAM) String endTimeStr, @DefaultValue("-1") @QueryParam(SearchConstants.ORDER_MAX_COUNT) String maxCount, @DefaultValue("false") @QueryParam(SearchConstants.ORDERS_ONLY) String ordersOnlyStr) throws DatabaseException {
long startTimeInMS = getTime(startTimeStr, 0);
long endTimeInMS = getTime(endTimeStr, System.currentTimeMillis());
if (startTimeInMS > endTimeInMS) {
throw APIException.badRequests.endTimeBeforeStartTime(startTimeStr, endTimeStr);
}
int max = Integer.parseInt(maxCount);
boolean ordersOnly = Boolean.parseBoolean(ordersOnlyStr);
log.info("start={} end={} max={}", startTimeInMS, endTimeInMS, max);
StorageOSUser user = getUserFromContext();
List<Order> orders = orderManager.getUserOrders(user, startTimeInMS, endTimeInMS, max);
List<OrderRestRep> list = toOrders(orders, user, ordersOnly);
OrderBulkRep rep = new OrderBulkRep(list);
return rep;
}
Also used :
Order(com.emc.storageos.db.client.model.uimodels.Order)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
OrderBulkRep(com.emc.vipr.model.catalog.OrderBulkRep)
OrderRestRep(com.emc.vipr.model.catalog.OrderRestRep)
TimeSeriesConstraint(com.emc.storageos.db.client.constraint.TimeSeriesConstraint)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 77 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class HostService method listHosts.
/**
* Lists the id and name for all the hosts that belong to the given tenant organization.
*
* @param tid
* the URN of a ViPR tenant organization
* @prereq none
* @brief List hosts
* @return a list of hosts that belong to the tenant organization.
* @throws DatabaseException
* when a DB error occurs
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public HostList listHosts(@QueryParam("tenant") final URI tid) throws DatabaseException {
URI tenantId;
StorageOSUser user = getUserFromContext();
if (tid == null || StringUtils.isBlank(tid.toString())) {
tenantId = URI.create(user.getTenantId());
} else {
tenantId = tid;
}
// this call validates the tenant id
TenantOrg tenant = _permissionsHelper.getObjectById(tenantId, TenantOrg.class);
ArgValidator.checkEntity(tenant, tenantId, isIdEmbeddedInURL(tenantId), true);
// check the user permissions for this tenant org
verifyAuthorizedInTenantOrg(tenantId, user);
// get all host children
HostList list = new HostList();
list.setHosts(map(ResourceTypeEnum.HOST, listChildren(tenantId, Host.class, "label", "tenant")));
return list;
}Example 78 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class ExportGroupService method changePortGroup.
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/change-port-group")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public TaskResourceRep changePortGroup(@PathParam("id") URI id, ChangePortGroupParam param) throws ControllerException {
// Make sure the user is having TENANT_ADMIN alone
StorageOSUser user = getUserFromContext();
if (!(_permissionsHelper.userHasGivenRole(user, URI.create(user.getTenantId()), Role.TENANT_ADMIN))) {
_log.error("This operation is forbidden for the user who is not having: {}", Role.TENANT_ADMIN.name());
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
// Basic validation of ExportGroup and the request
param.logParameters(_log);
ExportGroup exportGroup = queryObject(ExportGroup.class, id, true);
if (exportGroup.checkInternalFlags(DataObject.Flag.DELETION_IN_PROGRESS)) {
throw BadRequestException.badRequests.deletionInProgress(exportGroup.getClass().getSimpleName(), exportGroup.getLabel());
}
validateExportGroupNoPendingEvents(exportGroup);
Boolean wait = new Boolean(param.getWaitBeforeRemovePaths());
validateSuspendSetForNonDiscoverableHosts(exportGroup, wait, true);
if (RPHelper.validateForRPVolumes(exportGroup, _dbClient)) {
_log.error(String.format("Export Group %s has RP-tagged volume, unable to perform change-port group operation.", exportGroup.getLabel()));
throw APIException.badRequests.operationNotAllowedOnRPVolumes();
}
ArgValidator.checkUri(param.getNewPortGroup());
StoragePortGroup newPortGroup = queryObject(StoragePortGroup.class, param.getNewPortGroup(), true);
if (!newPortGroup.isUsable()) {
throw APIException.badRequests.portGroupInvalid(newPortGroup.getNativeGuid());
}
URI systemURI = newPortGroup.getStorageDevice();
StorageSystem system = queryObject(StorageSystem.class, systemURI, true);
// Get the virtual array, default to Export Group varray. Validate it matches.
URI varray = exportGroup.getVirtualArray();
String value = customConfigHandler.getComputedCustomConfigValue(CustomConfigConstants.VMAX_USE_PORT_GROUP_ENABLED, Type.vmax.name(), null);
if (!Boolean.TRUE.toString().equalsIgnoreCase(value)) {
throw APIException.badRequests.portGroupSettingIsOff();
}
com.emc.storageos.api.service.impl.resource.utils.ExportUtils.validatePortGroupWithVirtualArray(newPortGroup, varray, _dbClient);
URI currentPortGroup = param.getCurrentPortGroup();
if (currentPortGroup != null && currentPortGroup.equals(newPortGroup.getId())) {
throw APIException.badRequests.changePortGroupSameNewPortGroup(newPortGroup.getNativeGuid());
}
URI exportMaskURI = param.getExportMask();
ExportMask mask = null;
if (exportMaskURI != null) {
mask = queryObject(ExportMask.class, exportMaskURI, true);
if (mask != null) {
if (!exportGroup.getExportMasks().contains(exportMaskURI.toString())) {
throw APIException.badRequests.changePortGroupInvalidExportMask(mask.getMaskName());
}
if (!systemURI.equals(mask.getStorageDevice())) {
throw APIException.badRequests.changePortGroupInvalidExportMask(mask.getMaskName());
}
if (currentPortGroup != null && !currentPortGroup.equals(mask.getPortGroup())) {
throw APIException.badRequests.changePortGroupInvalidExportMask(mask.getMaskName());
}
}
}
List<ExportMask> exportMasks = new ArrayList<ExportMask>();
if (mask != null) {
exportMasks.add(mask);
} else {
exportMasks = ExportMaskUtils.getExportMasks(_dbClient, exportGroup, system.getId(), currentPortGroup);
}
if (exportMasks.isEmpty()) {
throw APIException.badRequests.noValidExportMaskInExportGroup(exportGroup.getLabel());
}
List<URI> affectedMasks = new ArrayList<URI>();
for (ExportMask exportMask : exportMasks) {
URI currentPGUri = exportMask.getPortGroup();
StringSet newPorts = newPortGroup.getStoragePorts();
if (!newPortGroup.getId().equals(currentPGUri)) {
StoragePortGroup currentPG = queryObject(StoragePortGroup.class, currentPGUri, false);
StringSet currentPorts = currentPG.getStoragePorts();
if (!Collections.disjoint(newPorts, currentPorts)) {
throw APIException.badRequests.changePortGroupPortGroupNoOverlap(newPortGroup.getLabel());
}
// because we could not add use the same storage group and a new port group to create the new masking view
if (system.checkIfVmax3()) {
String volumeWithHostIO = ExportUtils.getVolumeHasHostIOLimitSet(_dbClient, exportMask.getVolumes());
if (volumeWithHostIO != null) {
throw APIException.badRequests.changePortGroupNotSupportedforHostIOLimit(volumeWithHostIO);
}
}
if (exportMask.getExistingInitiators() != null && !exportMask.getExistingInitiators().isEmpty()) {
throw APIException.badRequests.changePortGroupExistingInitiators(exportMask.getMaskName(), Joiner.on(',').join(exportMask.getExistingInitiators()));
}
affectedMasks.add(exportMask.getId());
} else {
_log.info(String.format("The export mask %s uses the same port group %s", exportMask.getMaskName(), newPortGroup.getLabel()));
}
}
String task = UUID.randomUUID().toString();
if (affectedMasks.isEmpty()) {
_log.info("No export mask to change port group, do nothing");
Operation op = new Operation();
op.setResourceType(ResourceOperationTypeEnum.EXPORT_CHANGE_PORT_GROUP);
op.setMessage("No port group change is needed for this export group");
op.ready();
exportGroup.getOpStatus().createTaskStatus(task, op);
_dbClient.updateObject(exportGroup);
return toTask(exportGroup, task, op);
}
Operation op = initTaskStatus(exportGroup, task, Operation.Status.pending, ResourceOperationTypeEnum.EXPORT_CHANGE_PORT_GROUP);
TaskResourceRep taskRes = toTask(exportGroup, task, op);
// persist the export group to the database
_dbClient.updateObject(exportGroup);
auditOp(OperationTypeEnum.EXPORT_CHANGE_PORT_GROUP, true, AuditLogManager.AUDITOP_BEGIN, exportGroup.getLabel(), exportGroup.getId().toString(), exportGroup.getVirtualArray().toString(), exportGroup.getProject().toString());
BlockExportController exportController = getExportController();
_log.info(String.format("Submitting change port group %s request.", newPortGroup.getNativeGuid()));
exportController.exportGroupChangePortGroup(systemURI, id, newPortGroup.getId(), affectedMasks, wait, task);
return taskRes;
}
Also used :
MapStoragePortGroup(com.emc.storageos.api.mapper.functions.MapStoragePortGroup)
StoragePortGroup(com.emc.storageos.db.client.model.StoragePortGroup)
ExportMask(com.emc.storageos.db.client.model.ExportMask)
ArrayList(java.util.ArrayList)
TaskResourceRep(com.emc.storageos.model.TaskResourceRep)
Operation(com.emc.storageos.db.client.model.Operation)
NamedURI(com.emc.storageos.db.client.model.NamedURI)
URI(java.net.URI)
ExportGroup(com.emc.storageos.db.client.model.ExportGroup)
BlockExportController(com.emc.storageos.volumecontroller.BlockExportController)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
StringSet(com.emc.storageos.db.client.model.StringSet)
StorageSystem(com.emc.storageos.db.client.model.StorageSystem)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
PUT(javax.ws.rs.PUT)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 79 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class EventService method listEvents.
/**
* List Events
*
* @param tid
* @brief List events for the queried tenant.
* @return
* @throws DatabaseException
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public EventList listEvents(@QueryParam("tenant") final URI tid) throws DatabaseException {
URI tenantId;
StorageOSUser user = getUserFromContext();
if (tid == null || StringUtils.isBlank(tid.toString())) {
tenantId = URI.create(user.getTenantId());
} else {
tenantId = tid;
}
// this call validates the tenant id
TenantOrg tenant = _permissionsHelper.getObjectById(tenantId, TenantOrg.class);
ArgValidator.checkEntity(tenant, tenantId, isIdEmbeddedInURL(tenantId), true);
// check the user permissions for this tenant org
verifyAuthorizedInTenantOrg(tenantId, user);
// get all host children
EventList list = new EventList();
list.setEvents(DbObjectMapper.map(ResourceTypeEnum.EVENT, listChildren(tenantId, ActionableEvent.class, "label", "tenant")));
return list;
}Example 80 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class FilePolicyService method updateFilePolicy.
/**
* @brief Update the file policy
*
* @param id
* the URI of a ViPR FilePolicy
* @param param
* FilePolicyUpdateParam
* @return FilePolicyCreateResp
*/
@PUT
@Path("/{id}")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep updateFilePolicy(@PathParam("id") URI id, FilePolicyUpdateParam param) {
ArgValidator.checkFieldUriType(id, FilePolicy.class, "id");
FilePolicy filePolicy = this._dbClient.queryObject(FilePolicy.class, id);
ArgValidator.checkEntity(filePolicy, id, true);
_log.info("validate and update file policy parameters started -- ");
if (filePolicy.getFilePolicyType().equals(FilePolicyType.file_replication.name())) {
updateFileReplicationPolicy(filePolicy, param);
} else if (filePolicy.getFilePolicyType().equals(FilePolicyType.file_snapshot.name())) {
updateFileSnapshotPolicy(filePolicy, param);
}
// if No storage resource, update the original policy template!!
_dbClient.updateObject(filePolicy);
String task = UUID.randomUUID().toString();
Operation op = _dbClient.createTaskOpStatus(FilePolicy.class, filePolicy.getId(), task, ResourceOperationTypeEnum.UPDATE_FILE_POLICY_BY_POLICY_STORAGE_RESOURCE);
op.setDescription("update file protection policy by policy storage resource");
// As the action done by system admin
// Set system uri as task's tenant!!!
Task taskObj = op.getTask(filePolicy.getId());
StorageOSUser user = getUserFromContext();
URI userTenantUri = URI.create(user.getTenantId());
FilePolicyServiceUtils.updateTaskTenant(_dbClient, filePolicy, "update", taskObj, userTenantUri);
if (filePolicy.getPolicyStorageResources() != null && !filePolicy.getPolicyStorageResources().isEmpty()) {
_log.info("Updating the storage system policy started..");
updateStorageSystemFileProtectionPolicy(filePolicy, param, task);
return toTask(filePolicy, task, op);
} else {
op = _dbClient.ready(FilePolicy.class, filePolicy.getId(), task);
return toTask(filePolicy, task, op);
}
}
Also used :
Task(com.emc.storageos.db.client.model.Task)
TaskMapper.toTask(com.emc.storageos.api.mapper.TaskMapper.toTask)
FilePolicy(com.emc.storageos.db.client.model.FilePolicy)
MapFilePolicy(com.emc.storageos.api.mapper.functions.MapFilePolicy)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
Operation(com.emc.storageos.db.client.model.Operation)
URI(java.net.URI)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
PUT(javax.ws.rs.PUT)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Aggregations
StorageOSUser (com.emc.storageos.security.authentication.StorageOSUser)105
Produces (javax.ws.rs.Produces)59
Path (javax.ws.rs.Path)53
URI (java.net.URI)50
GET (javax.ws.rs.GET)36
CheckPermission (com.emc.storageos.security.authorization.CheckPermission)31
Consumes (javax.ws.rs.Consumes)24
POST (javax.ws.rs.POST)15
ArrayList (java.util.ArrayList)13
Order (com.emc.storageos.db.client.model.uimodels.Order)12
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)12
TenantOrg (com.emc.storageos.db.client.model.TenantOrg)11
NamedURI (com.emc.storageos.db.client.model.NamedURI)10
TaskResourceRep (com.emc.storageos.model.TaskResourceRep)10
PUT (javax.ws.rs.PUT)10
Operation (com.emc.storageos.db.client.model.Operation)9
VirtualPool (com.emc.storageos.db.client.model.VirtualPool)9
HashSet (java.util.HashSet)9
StringSet (com.emc.storageos.db.client.model.StringSet)8
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)8
