Example 21 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class BlockFullCopyManager method auditOp.
/**
* Record audit log for services.
*
* @param opType audit event type (e.g. CREATE_VPOOL|TENANT etc.)
* @param operationalStatus Status of operation (true|false)
* @param operationStage Stage of operation. For sync operation, it should
* be null; For async operation, it should be "BEGIN" or "END";
* @param descparams Description parameters
*/
private void auditOp(OperationTypeEnum opType, boolean operationalStatus, String operationStage, Object... descparams) {
URI tenantId;
URI username;
if (!BlockServiceUtils.hasValidUserInContext(_securityContext) && InterNodeHMACAuthFilter.isInternalRequest(_request)) {
// Use default values for internal datasvc requests that lack a user
// context
tenantId = _permissionsHelper.getRootTenant().getId();
username = ResourceService.INTERNAL_DATASVC_USER;
} else {
StorageOSUser user = BlockServiceUtils.getUserFromContext(_securityContext);
tenantId = URI.create(user.getTenantId());
username = URI.create(user.getName());
}
_auditLogManager.recordAuditLog(tenantId, username, BlockService.EVENT_SERVICE_TYPE, opType, System.currentTimeMillis(), operationalStatus ? AuditLogManager.AUDITLOG_SUCCESS : AuditLogManager.AUDITLOG_FAILURE, operationStage, descparams);
}
Also used :
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
URI(java.net.URI)
Example 22 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class InternalApiTest method testFSReleaseUsingInternalClient.
@Test
public void testFSReleaseUsingInternalClient() throws Exception {
// get tenant
TenantResponse tenant = rSys.path("/tenant").get(TenantResponse.class);
Assert.assertNotNull(tenant);
// create a project to host a normal file system
ProjectParam projectParam = new ProjectParam();
projectParam.setName("test-internalapi-" + System.currentTimeMillis());
ProjectElement projectResp = rSys.path("/tenants/" + tenant.getTenant().toString() + "/projects").post(ProjectElement.class, projectParam);
Assert.assertNotNull(projectResp);
// create a normal file system which we can then release
FileSystemParam fsparam = new FileSystemParam();
fsparam.setVpool(_cosId);
fsparam.setLabel("test-internalapi-" + System.currentTimeMillis());
fsparam.setVarray(_nhId);
fsparam.setSize("20971520");
TaskResourceRep taskResp = rSys.path("/file/filesystems").queryParam("project", projectResp.getId().toString()).post(TaskResourceRep.class, fsparam);
Assert.assertTrue(taskResp != null);
Assert.assertNotNull(taskResp.getOpId());
Assert.assertNotNull(taskResp.getResource());
URI fsId = taskResp.getResource().getId();
String opId = taskResp.getOpId();
// get the file system object we just created
ClientResponse response = rSys.path("/file/filesystems/" + fsId.toString()).get(ClientResponse.class);
Assert.assertTrue(response != null);
Assert.assertEquals(200, response.getStatus());
// wait for for the file system create to complete
int checkCount = 1200;
String status;
do {
// wait upto ~2 minute for fs creation
Thread.sleep(100);
taskResp = rSys.path("/file/filesystems/" + fsId + "/tasks/" + opId).get(TaskResourceRep.class);
status = taskResp.getState();
} while (status.equals("pending") && checkCount-- > 0);
if (!status.equals("ready")) {
Assert.assertTrue("Fileshare create timed out", false);
}
// a normal file system should be present in the bulk results
BulkIdParam bulkIds = rSys.path("/file/filesystems/bulk").get(BulkIdParam.class);
Assert.assertNotNull("bulk ids should not be null", bulkIds);
FileShareBulkRep bulkFileShares = rSys.path("/file/filesystems/bulk").post(FileShareBulkRep.class, bulkIds);
Assert.assertNotNull("bulk response should not be null", bulkFileShares);
boolean found = false;
for (FileShareRestRep fs : bulkFileShares.getFileShares()) {
if (fs.getId().equals(fsId)) {
found = true;
}
}
Assert.assertTrue("unable to find public FileShare in the bulk results", found);
// only token is used in release file system operation and hence
// setting dummy strings for username and tenant ID do not matter
StorageOSUser user = new StorageOSUser("dummyUserName", "dummyTeneatId");
user.setToken(_rootToken);
FileShareRestRep fileShareResponse = _internalFileClient.releaseFileSystem(fsId, user);
Assert.assertNotNull(fileShareResponse);
// after release, the file system should no longer be present in the bulk results
bulkFileShares = rSys.path("/file/filesystems/bulk").post(FileShareBulkRep.class, bulkIds);
Assert.assertNotNull("bulk response should not be null", bulkFileShares);
found = false;
for (FileShareRestRep fs : bulkFileShares.getFileShares()) {
if (fs.getId().equals(fsId)) {
found = true;
}
}
Assert.assertFalse("found internal FileShare in the bulk results", found);
// undo the release of the file system
fileShareResponse = _internalFileClient.undoReleaseFileSystem(fsId);
Assert.assertNotNull(fileShareResponse);
// release it again
fileShareResponse = _internalFileClient.releaseFileSystem(fsId, user);
Assert.assertNotNull(fileShareResponse);
// delete the file system via the internal api
FileSystemDeleteParam deleteParam = new FileSystemDeleteParam();
deleteParam.setForceDelete(false);
taskResp = _internalFileClient.deactivateFileSystem(fsId, _rootToken, deleteParam);
Assert.assertNotNull(taskResp);
}
Also used :
ClientResponse(com.sun.jersey.api.client.ClientResponse)
FileSystemParam(com.emc.storageos.model.file.FileSystemParam)
ProjectParam(com.emc.storageos.model.project.ProjectParam)
BulkIdParam(com.emc.storageos.model.BulkIdParam)
FileShareBulkRep(com.emc.storageos.model.file.FileShareBulkRep)
TaskResourceRep(com.emc.storageos.model.TaskResourceRep)
FileShareRestRep(com.emc.storageos.model.file.FileShareRestRep)
FileSystemDeleteParam(com.emc.storageos.model.file.FileSystemDeleteParam)
URI(java.net.URI)
ProjectElement(com.emc.storageos.model.project.ProjectElement)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
TenantResponse(com.emc.storageos.model.tenant.TenantResponse)
Test(org.junit.Test)
Example 23 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class FilePolicyService method assignFilePolicyToVpools.
/**
* Assigning policy at vpool level
*
* @param param
* @param filepolicy
*/
private TaskResourceRep assignFilePolicyToVpools(FilePolicyAssignParam param, FilePolicy filePolicy) {
StringBuilder errorMsg = new StringBuilder();
StringBuilder recommendationErrorMsg = new StringBuilder();
ArgValidator.checkFieldNotNull(param.getVpoolAssignParams(), "vpool_assign_param");
// Policy has to be applied on specified file vpools..
ArgValidator.checkFieldNotEmpty(param.getVpoolAssignParams().getAssigntoVpools(), "assign_to_vpools");
Set<URI> vpoolURIs = param.getVpoolAssignParams().getAssigntoVpools();
Map<URI, List<URI>> vpoolToStorageSystemMap = new HashMap<URI, List<URI>>();
List<URI> filteredVpoolURIs = new ArrayList<URI>();
StringBuffer vPoolWithNoStoragePools = new StringBuffer();
for (URI vpoolURI : vpoolURIs) {
ArgValidator.checkFieldUriType(vpoolURI, VirtualPool.class, "vpool");
VirtualPool virtualPool = _permissionsHelper.getObjectById(vpoolURI, VirtualPool.class);
ArgValidator.checkEntity(virtualPool, vpoolURI, false);
if (filePolicy.getAssignedResources() != null && filePolicy.getAssignedResources().contains(virtualPool.getId().toString())) {
_log.info("File policy: {} has already been assigned to vpool: {} ", filePolicy.getFilePolicyName(), virtualPool.getLabel());
continue;
}
// only single replication policy per vpool.
if (filePolicy.getFilePolicyType().equalsIgnoreCase(FilePolicyType.file_replication.name()) && (FilePolicyServiceUtils.vPoolHasReplicationPolicy(_dbClient, vpoolURI) || FilePolicyServiceUtils.vPoolHasReplicationPolicyAtProjectLevel(_dbClient, vpoolURI))) {
errorMsg.append("Provided vpool : " + virtualPool.getLabel() + " already assigned with replication policy");
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
if (filePolicy.getFilePolicyType().equalsIgnoreCase(FilePolicyType.file_snapshot.name()) && FilePolicyServiceUtils.vPoolHasSnapshotPolicyWithSameSchedule(_dbClient, vpoolURI, filePolicy)) {
errorMsg.append("Snapshot policy with similar schedule is already present on vpool " + virtualPool.getLabel());
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
FilePolicyServiceUtils.validateVpoolSupportPolicyType(filePolicy, virtualPool);
List<URI> storageSystems = getAssociatedStorageSystemsByVPool(virtualPool);
if (storageSystems != null && !storageSystems.isEmpty()) {
vpoolToStorageSystemMap.put(vpoolURI, storageSystems);
filteredVpoolURIs.add(vpoolURI);
} else {
vPoolWithNoStoragePools.append(virtualPool.getLabel()).append(",");
}
}
if (filteredVpoolURIs.isEmpty()) {
String errorMessage = "No matching storage pools exists for given vpools ";
_log.error(errorMessage);
throw APIException.badRequests.noStoragePoolsExists(vPoolWithNoStoragePools.toString());
}
if (param.getApplyOnTargetSite() != null) {
filePolicy.setApplyOnTargetSite(param.getApplyOnTargetSite());
}
FileServiceApi fileServiceApi = getDefaultFileServiceApi();
FilePolicyType policyType = FilePolicyType.valueOf(filePolicy.getFilePolicyType());
String task = UUID.randomUUID().toString();
TaskResourceRep taskResponse = null;
switch(policyType) {
case file_snapshot:
taskResponse = createAssignFilePolicyTask(filePolicy, task);
AssignFileSnapshotPolicyToVpoolSchedulingThread.executeApiTask(this, _asyncTaskService.getExecutorService(), _dbClient, filePolicy.getId(), vpoolToStorageSystemMap, fileServiceApi, taskResponse, task);
break;
case file_replication:
// update replication topology info
updateFileReplicationTopologyInfo(param, filePolicy);
List<URI> validRecommendationVpools = new ArrayList<URI>();
List<FileStorageSystemAssociation> associations = new ArrayList<FileStorageSystemAssociation>();
for (URI vpoolURI : filteredVpoolURIs) {
VirtualPool vpool = _permissionsHelper.getObjectById(vpoolURI, VirtualPool.class);
StringSet sourceVArraysSet = getSourceVArraySet(vpool, filePolicy);
VirtualPoolCapabilityValuesWrapper capabilities = new VirtualPoolCapabilityValuesWrapper();
updatePolicyCapabilities(_dbClient, sourceVArraysSet, vpool, filePolicy, capabilities, errorMsg);
// Replication policy has to be created on each applicable source storage system!!
List<URI> storageSystems = getAssociatedStorageSystemsByVPool(vpool);
if (storageSystems != null && !storageSystems.isEmpty()) {
List<FileStorageSystemAssociation> vpoolAssociations = new ArrayList<FileStorageSystemAssociation>();
for (URI storageSystem : storageSystems) {
capabilities.put(VirtualPoolCapabilityValuesWrapper.FILE_PROTECTION_SOURCE_STORAGE_SYSTEM, storageSystem);
for (Iterator<String> iterator = sourceVArraysSet.iterator(); iterator.hasNext(); ) {
String vArrayURI = iterator.next();
VirtualArray srcVarray = _dbClient.queryObject(VirtualArray.class, URI.create(vArrayURI));
try {
List<FileRecommendation> newRecs = _filePlacementManager.getRecommendationsForFileCreateRequest(srcVarray, null, vpool, capabilities);
if (newRecs != null && !newRecs.isEmpty()) {
vpoolAssociations.addAll(convertRecommendationsToStorageSystemAssociations(newRecs, filePolicy.getApplyAt(), vpool.getId(), null));
}
} catch (Exception ex) {
_log.error("No recommendations found for storage system {} and virtualArray {} with error {} ", storageSystem, srcVarray.getLabel(), ex.getMessage());
if (ex.getMessage() != null) {
recommendationErrorMsg.append(ex.getMessage());
}
// Continue to get the recommendations for next storage system!!
continue;
}
}
}
if (!vpoolAssociations.isEmpty()) {
validRecommendationVpools.add(vpoolURI);
associations.addAll(vpoolAssociations);
}
} else {
String errorMessage = "No matching storage pools exists for vpool " + vpool.getLabel();
_log.error(errorMessage);
recommendationErrorMsg.append(errorMessage);
}
}
// Throw an exception!!
if (associations == null || associations.isEmpty()) {
// If no other resources are assigned to replication policy
// Remove the replication topology from the policy
FileOrchestrationUtils.removeTopologyInfo(filePolicy, _dbClient);
_log.error("No matching storage pools recommendations found for policy {} with due to {}", filePolicy.getFilePolicyName(), recommendationErrorMsg.toString());
throw APIException.badRequests.noFileStorageRecommendationsFound(filePolicy.getFilePolicyName());
}
taskResponse = createAssignFilePolicyTask(filePolicy, task);
fileServiceApi.assignFileReplicationPolicyToVirtualPools(associations, validRecommendationVpools, filePolicy.getId(), task);
break;
default:
break;
}
auditOp(OperationTypeEnum.ASSIGN_FILE_POLICY, true, AuditLogManager.AUDITOP_BEGIN, filePolicy.getLabel());
if (taskResponse != null) {
// As the action done by system admin
// Set system uri as task's tenant!!!
Task taskObj = _dbClient.queryObject(Task.class, taskResponse.getId());
StorageOSUser user = getUserFromContext();
URI userTenantUri = URI.create(user.getTenantId());
FilePolicyServiceUtils.updateTaskTenant(_dbClient, filePolicy, "assign", taskObj, userTenantUri);
}
return taskResponse;
}
Also used :
VirtualPoolCapabilityValuesWrapper(com.emc.storageos.volumecontroller.impl.utils.VirtualPoolCapabilityValuesWrapper)
VirtualArray(com.emc.storageos.db.client.model.VirtualArray)
Task(com.emc.storageos.db.client.model.Task)
TaskMapper.toTask(com.emc.storageos.api.mapper.TaskMapper.toTask)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
URI(java.net.URI)
FileStorageSystemAssociation(com.emc.storageos.fileorchestrationcontroller.FileStorageSystemAssociation)
FilePolicyType(com.emc.storageos.db.client.model.FilePolicy.FilePolicyType)
FileRecommendation(com.emc.storageos.api.service.impl.placement.FileRecommendation)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
StringSet(com.emc.storageos.db.client.model.StringSet)
List(java.util.List)
ArrayList(java.util.ArrayList)
BulkList(com.emc.storageos.api.service.impl.response.BulkList)
TaskResourceRep(com.emc.storageos.model.TaskResourceRep)
VirtualPool(com.emc.storageos.db.client.model.VirtualPool)
APIException(com.emc.storageos.svcs.errorhandling.resources.APIException)
BadRequestException(com.emc.storageos.svcs.errorhandling.resources.BadRequestException)
Example 24 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class FilePolicyService method assignFilePolicyToProjects.
/**
* Assign policy at project level
*
* @param param
* @param filepolicy
*/
private TaskResourceRep assignFilePolicyToProjects(FilePolicyAssignParam param, FilePolicy filePolicy) {
StringBuilder errorMsg = new StringBuilder();
StringBuilder recommendationErrorMsg = new StringBuilder();
ArgValidator.checkFieldNotNull(param.getProjectAssignParams(), "project_assign_param");
ArgValidator.checkFieldUriType(param.getProjectAssignParams().getVpool(), VirtualPool.class, "vpool");
URI vpoolURI = param.getProjectAssignParams().getVpool();
VirtualPool vpool = null;
if (NullColumnValueGetter.isNullURI(filePolicy.getFilePolicyVpool())) {
ArgValidator.checkFieldUriType(vpoolURI, VirtualPool.class, "vpool");
vpool = _permissionsHelper.getObjectById(vpoolURI, VirtualPool.class);
ArgValidator.checkEntity(vpool, vpoolURI, false);
// Check if the vpool supports provided policy type..
FilePolicyServiceUtils.validateVpoolSupportPolicyType(filePolicy, vpool);
// Check if the vpool supports policy at project level..
if (!vpool.getAllowFilePolicyAtProjectLevel()) {
errorMsg.append("Provided vpool :" + vpool.getLabel() + " doesn't support policy at project level");
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
} else if (vpoolURI != null) {
vpool = _dbClient.queryObject(VirtualPool.class, filePolicy.getFilePolicyVpool());
if (!vpoolURI.equals(filePolicy.getFilePolicyVpool())) {
errorMsg.append("File policy: " + filePolicy.getFilePolicyName() + " is already assigned at project level under the vpool: " + vpool.getLabel());
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
}
ArgValidator.checkFieldNotEmpty(param.getProjectAssignParams().getAssigntoProjects(), "assign_to_projects");
Set<URI> projectURIs = param.getProjectAssignParams().getAssigntoProjects();
List<URI> filteredProjectURIs = new ArrayList<URI>();
for (URI projectURI : projectURIs) {
ArgValidator.checkFieldUriType(projectURI, Project.class, "project");
Project project = _permissionsHelper.getObjectById(projectURI, Project.class);
ArgValidator.checkEntity(project, projectURI, false);
if (filePolicy.getAssignedResources() != null && filePolicy.getAssignedResources().contains(project.getId().toString())) {
_log.info("Policy {} is already assigned to project {} ", filePolicy.getFilePolicyName(), project.getLabel());
continue;
}
// only single replication policy per vpool-project combination.
if (filePolicy.getFilePolicyType().equalsIgnoreCase(FilePolicyType.file_replication.name()) && FilePolicyServiceUtils.projectHasReplicationPolicy(_dbClient, projectURI, vpool.getId())) {
errorMsg.append("Virtual pool " + vpool.getLabel() + " project " + project.getLabel() + "pair is already assigned with replication policy.");
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
if (filePolicy.getFilePolicyType().equalsIgnoreCase(FilePolicyType.file_snapshot.name()) && FilePolicyServiceUtils.projectHasSnapshotPolicyWithSameSchedule(_dbClient, projectURI, vpool.getId(), filePolicy)) {
errorMsg.append("Snapshot policy with similar schedule is already present on project " + project.getLabel());
_log.error(errorMsg.toString());
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), errorMsg.toString());
}
filteredProjectURIs.add(projectURI);
}
if (param.getApplyOnTargetSite() != null) {
filePolicy.setApplyOnTargetSite(param.getApplyOnTargetSite());
}
// Verify the virtual pool has storage pools!!!
List<URI> storageSystems = getAssociatedStorageSystemsByVPool(vpool);
if (storageSystems == null || storageSystems.isEmpty()) {
String errorMessage = "No matching storage pools exists for given vpools ";
_log.error(errorMessage);
throw APIException.badRequests.noStoragePoolsExists(vpool.getLabel());
}
String task = UUID.randomUUID().toString();
TaskResourceRep taskResponse = createAssignFilePolicyTask(filePolicy, task);
FileServiceApi fileServiceApi = getDefaultFileServiceApi();
FilePolicyType policyType = FilePolicyType.valueOf(filePolicy.getFilePolicyType());
switch(policyType) {
case file_snapshot:
Map<URI, List<URI>> vpoolToStorageSystemMap = new HashMap<URI, List<URI>>();
vpoolToStorageSystemMap.put(vpoolURI, getAssociatedStorageSystemsByVPool(vpool));
AssignFileSnapshotPolicyToProjectSchedulingThread.executeApiTask(this, _asyncTaskService.getExecutorService(), _dbClient, filePolicy.getId(), vpoolToStorageSystemMap, filteredProjectURIs, fileServiceApi, taskResponse, task);
break;
case file_replication:
if (filteredProjectURIs.isEmpty()) {
throw APIException.badRequests.invalidFilePolicyAssignParam(filePolicy.getFilePolicyName(), "No projects to assign to policy.");
}
// update replication topology info
updateFileReplicationTopologyInfo(param, filePolicy);
List<URI> validRecommendationProjects = new ArrayList<URI>();
List<FileStorageSystemAssociation> associations = new ArrayList<FileStorageSystemAssociation>();
VirtualPoolCapabilityValuesWrapper capabilities = new VirtualPoolCapabilityValuesWrapper();
StringSet sourceVArraysSet = getSourceVArraySet(vpool, filePolicy);
updatePolicyCapabilities(_dbClient, sourceVArraysSet, vpool, filePolicy, capabilities, errorMsg);
// Replication policy has to be created on each applicable source storage system!!
if (storageSystems != null && !storageSystems.isEmpty()) {
for (Iterator<String> iterator = sourceVArraysSet.iterator(); iterator.hasNext(); ) {
String vArrayURI = iterator.next();
for (URI projectURI : filteredProjectURIs) {
List<FileStorageSystemAssociation> projectAssociations = new ArrayList<FileStorageSystemAssociation>();
Project project = _dbClient.queryObject(Project.class, projectURI);
VirtualArray srcVarray = _dbClient.queryObject(VirtualArray.class, URI.create(vArrayURI));
for (URI storageSystem : storageSystems) {
capabilities.put(VirtualPoolCapabilityValuesWrapper.FILE_PROTECTION_SOURCE_STORAGE_SYSTEM, storageSystem);
try {
List<FileRecommendation> newRecs = _filePlacementManager.getRecommendationsForFileCreateRequest(srcVarray, project, vpool, capabilities);
if (newRecs != null && !newRecs.isEmpty()) {
projectAssociations.addAll(convertRecommendationsToStorageSystemAssociations(newRecs, filePolicy.getApplyAt(), vpool.getId(), projectURI));
}
} catch (Exception ex) {
_log.error("No recommendations found for storage system {} and virtualArray {} with error {} ", storageSystem, srcVarray.getLabel(), ex.getMessage());
if (ex.getMessage() != null) {
recommendationErrorMsg.append(ex.getMessage());
}
// Continue to get the recommedations for next storage system!!
continue;
}
}
if (!projectAssociations.isEmpty()) {
associations.addAll(projectAssociations);
validRecommendationProjects.add(projectURI);
}
}
}
} else {
String errorMessage = "No matching storage pools exists for vpool " + vpool.getLabel();
_log.error(errorMessage);
recommendationErrorMsg.append(errorMessage);
}
// Throw an exception!!
if (associations == null || associations.isEmpty()) {
// If no other resources are assigned to replication policy
// Remove the replication topology from the policy
FileOrchestrationUtils.removeTopologyInfo(filePolicy, _dbClient);
_log.error("No matching storage pools recommendations found for policy {} with due to {}", filePolicy.getFilePolicyName(), recommendationErrorMsg.toString());
throw APIException.badRequests.noFileStorageRecommendationsFound(filePolicy.getFilePolicyName());
}
fileServiceApi.assignFileReplicationPolicyToProjects(associations, vpoolURI, validRecommendationProjects, filePolicy.getId(), task);
break;
default:
break;
}
auditOp(OperationTypeEnum.ASSIGN_FILE_POLICY, true, AuditLogManager.AUDITOP_BEGIN, filePolicy.getLabel());
if (taskResponse != null) {
// As the action done by system admin
// Set system uri as task's tenant!!!
Task taskObj = _dbClient.queryObject(Task.class, taskResponse.getId());
StorageOSUser user = getUserFromContext();
URI userTenantUri = URI.create(user.getTenantId());
FilePolicyServiceUtils.updateTaskTenant(_dbClient, filePolicy, "assign", taskObj, userTenantUri);
}
return taskResponse;
}
Also used :
VirtualPoolCapabilityValuesWrapper(com.emc.storageos.volumecontroller.impl.utils.VirtualPoolCapabilityValuesWrapper)
VirtualArray(com.emc.storageos.db.client.model.VirtualArray)
Task(com.emc.storageos.db.client.model.Task)
TaskMapper.toTask(com.emc.storageos.api.mapper.TaskMapper.toTask)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
URI(java.net.URI)
FileStorageSystemAssociation(com.emc.storageos.fileorchestrationcontroller.FileStorageSystemAssociation)
FilePolicyType(com.emc.storageos.db.client.model.FilePolicy.FilePolicyType)
FileRecommendation(com.emc.storageos.api.service.impl.placement.FileRecommendation)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
StringSet(com.emc.storageos.db.client.model.StringSet)
List(java.util.List)
ArrayList(java.util.ArrayList)
BulkList(com.emc.storageos.api.service.impl.response.BulkList)
TaskResourceRep(com.emc.storageos.model.TaskResourceRep)
VirtualPool(com.emc.storageos.db.client.model.VirtualPool)
APIException(com.emc.storageos.svcs.errorhandling.resources.APIException)
BadRequestException(com.emc.storageos.svcs.errorhandling.resources.BadRequestException)
Project(com.emc.storageos.db.client.model.Project)
Example 25 with StorageOSUser
use of com.emc.storageos.security.authentication.StorageOSUser in project coprhd-controller by CoprHD.
the class AuthnConfigurationService method listProviders.
/**
* List authentication providers in the zone.
*
* @brief List authentication providers
* @return List of authentication providers
*/
@GET
// no id, just "/"
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public AuthnProviderList listProviders() {
// TODO: if you need to copy/paste this code, please modify the AbstractPermissionFilter class instead and
// related CheckPermission annotation code to support "TENANT_ADMIN_IN_ANY_TENANT" permission.
StorageOSUser user = getUserFromContext();
if (!_permissionsHelper.userHasGivenRoleInAnyTenant(user, Role.SECURITY_ADMIN, Role.TENANT_ADMIN)) {
throw APIException.forbidden.insufficientPermissionsForUser(user.getName());
}
NamedElementQueryResultList providers = new NamedElementQueryResultList();
List<URI> uris = _dbClient.queryByType(AuthnProvider.class, true);
List<AuthnProvider> configs = _dbClient.queryObject(AuthnProvider.class, uris);
List<NamedElementQueryResultList.NamedElement> elements = new ArrayList<NamedElementQueryResultList.NamedElement>(configs.size());
for (AuthnProvider p : configs) {
elements.add(NamedElementQueryResultList.NamedElement.createElement(p.getId(), p.getLabel()));
}
providers.setResult(elements.iterator());
AuthnProviderList list = new AuthnProviderList();
list.getProviders().addAll(map(ResourceTypeEnum.AUTHN_PROVIDER, providers));
return list;
}
Also used :
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
NamedElementQueryResultList(com.emc.storageos.db.client.constraint.NamedElementQueryResultList)
AuthnProviderList(com.emc.storageos.model.auth.AuthnProviderList)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
StorageOSUser (com.emc.storageos.security.authentication.StorageOSUser)105
Produces (javax.ws.rs.Produces)59
Path (javax.ws.rs.Path)53
URI (java.net.URI)50
GET (javax.ws.rs.GET)36
CheckPermission (com.emc.storageos.security.authorization.CheckPermission)31
Consumes (javax.ws.rs.Consumes)24
POST (javax.ws.rs.POST)15
ArrayList (java.util.ArrayList)13
Order (com.emc.storageos.db.client.model.uimodels.Order)12
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)12
TenantOrg (com.emc.storageos.db.client.model.TenantOrg)11
NamedURI (com.emc.storageos.db.client.model.NamedURI)10
TaskResourceRep (com.emc.storageos.model.TaskResourceRep)10
PUT (javax.ws.rs.PUT)10
Operation (com.emc.storageos.db.client.model.Operation)9
VirtualPool (com.emc.storageos.db.client.model.VirtualPool)9
HashSet (java.util.HashSet)9
StringSet (com.emc.storageos.db.client.model.StringSet)8
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)8
