use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class FileService method unAssignFilePolicy.
/**
* Unassign existing file system to file policy.
*
* @param id
* the URN of a ViPR fileSystem
* @param filePolicyUri
* the URN of a Policy
* @brief Update file system with Policy detail
* @return Task resource representation
* @throws InternalException
*/
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/unassign-file-policy/{filePolicyUri}")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public TaskResourceRep unAssignFilePolicy(@PathParam("id") URI id, @PathParam("filePolicyUri") URI filePolicyUri) throws InternalException {
// log input received.
_log.info("Unassign Policy on File System : request received for {} with {}", id, filePolicyUri);
String task = UUID.randomUUID().toString();
// Validate the FS id.
ArgValidator.checkFieldUriType(id, FileShare.class, "id");
FileShare fs = queryResource(id);
ArgValidator.checkEntity(fs, id, isIdEmbeddedInURL(id));
ArgValidator.checkFieldUriType(filePolicyUri, FilePolicy.class, "filePolicyUri");
ArgValidator.checkUri(filePolicyUri);
FilePolicy fp = _permissionsHelper.getObjectById(filePolicyUri, FilePolicy.class);
ArgValidator.checkEntityNotNull(fp, filePolicyUri, isIdEmbeddedInURL(filePolicyUri));
// verify the schedule policy is associated with file system or not.
if (!fs.getFilePolicies().isEmpty() && !fs.getFilePolicies().contains(filePolicyUri.toString())) {
throw APIException.badRequests.cannotFindAssociatedPolicy(filePolicyUri);
}
StorageSystem device = _dbClient.queryObject(StorageSystem.class, fs.getStorageDevice());
FileOrchestrationController controller = getController(FileOrchestrationController.class, FileOrchestrationController.FILE_ORCHESTRATION_DEVICE);
Operation op = _dbClient.createTaskOpStatus(FilePolicy.class, fp.getId(), task, ResourceOperationTypeEnum.UNASSIGN_FILE_POLICY);
op.setDescription("Filesystem unassign policy");
// As the action done by tenant admin
// Set current tenant as task's tenant!!!
Task taskObj = op.getTask(fp.getId());
FilePolicyServiceUtils.updateTaskTenant(_dbClient, fp, "unassign", taskObj, fs.getTenant().getURI());
try {
Set<URI> unassignFrom = new HashSet<URI>();
unassignFrom.add(id);
_log.info("No Errors found proceeding further {}, {}, {}", new Object[] { _dbClient, fs, fp });
controller.unassignFilePolicy(filePolicyUri, unassignFrom, task);
auditOp(OperationTypeEnum.UNASSIGN_FILE_POLICY, true, "BEGIN", fp.getId().toString(), fp.getFilePolicyName());
} catch (BadRequestException e) {
op = _dbClient.error(FilePolicy.class, fp.getId(), task, e);
_log.error("Error Unassigning File policy {}, {}", e.getMessage(), e);
throw e;
} catch (Exception e) {
_log.error("Error Unassigning Filesystem policy {}, {}", e.getMessage(), e);
throw APIException.badRequests.unableToProcessRequest(e.getMessage());
}
return toTask(fp, task, op);
}
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class FileService method getFSExportRules.
/**
* Get FS Export Rules
*
* @param id
* the URN of a ViPR fileSystem
* @param subDir
* sub-directory within a filesystem
* @param allDirs
* All Dirs within a filesystem
* @brief Show export rules for a file system
* @return ExportRules
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/export")
@CheckPermission(roles = { Role.SYSTEM_MONITOR, Role.TENANT_ADMIN }, acls = { ACL.ANY })
public ExportRules getFSExportRules(@PathParam("id") URI id, @QueryParam("allDirs") boolean allDirs, @QueryParam("subDir") String subDir) {
_log.info("Request recieved for Exports with Id : {} allDirs : {} subDir : {}", new Object[] { id, allDirs, subDir });
// Validate the FS id.
ArgValidator.checkFieldUriType(id, FileShare.class, "id");
// validate the subDir,no need to check return value as it is optional.
ArgValidator.checkSubDirName("subDir", subDir);
List<ExportRule> exportRule = FileOperationUtils.getExportRules(id, allDirs, subDir, _dbClient);
ExportRules rules = new ExportRules();
if (!exportRule.isEmpty()) {
rules.setExportRules(exportRule);
}
return rules;
}
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class FileService method resumeContinuousCopies.
/**
* Resume continuous copies.
*
* @prereq none
* @param id the URN of a ViPR Source file share
* @brief Resume the replication session between source and target file system.
* @return TaskList
* @throws ControllerException
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/protection/continuous-copies/resume")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public TaskList resumeContinuousCopies(@PathParam("id") URI id, FileReplicationParam param) throws ControllerException {
doMirrorOperationValidation(id, ProtectionOp.RESUME.toString());
String task = UUID.randomUUID().toString();
FileShare sourceFileShare = queryResource(id);
Operation op = _dbClient.createTaskOpStatus(FileShare.class, id, task, ResourceOperationTypeEnum.FILE_PROTECTION_ACTION_RESUME);
op.setDescription("resume the replication link between source and target");
StorageSystem system = _dbClient.queryObject(StorageSystem.class, sourceFileShare.getStorageDevice());
FileController controller = getController(FileController.class, system.getSystemType());
controller.performFileReplicationOperation(system.getId(), id, ProtectionOp.RESUME.toString().toLowerCase(), task);
TaskList taskList = new TaskList();
TaskResourceRep taskResp = toTask(sourceFileShare, task, op);
taskList.getTaskList().add(taskResp);
return taskList;
}
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class FileService method failbackProtection.
/**
* Request to fail Back the protection link associated with the param.copyID.
*
* NOTE: This is an asynchronous operation.
*
* @prereq none
*
* @param id
* the URN of a ViPR Source files hare
* @param param
* FileReplicationParam to fail Back to
*
* @brief Fail Back the fileShare protection link
* @return TaskList
*
* @throws ControllerException
*/
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/protection/continuous-copies/failback")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public TaskList failbackProtection(@PathParam("id") URI id, FileReplicationParam param) throws ControllerException {
doMirrorOperationValidation(id, ProtectionOp.FAILBACK.toString());
TaskResourceRep taskResp = null;
StoragePort storageportNFS = null;
StoragePort storageportCIFS = null;
TaskList taskList = new TaskList();
String task = UUID.randomUUID().toString();
FileShare sourceFileShare = queryResource(id);
Operation op = _dbClient.createTaskOpStatus(FileShare.class, id, task, ResourceOperationTypeEnum.FILE_PROTECTION_ACTION_FAILBACK);
op.setDescription("failback to source file system from target system");
boolean replicateConfiguration = param.isReplicateConfiguration();
if (replicateConfiguration) {
List<String> targetfileUris = new ArrayList<String>();
targetfileUris.addAll(sourceFileShare.getMirrorfsTargets());
FileShare targetFileShare = _dbClient.queryObject(FileShare.class, URI.create(targetfileUris.get(0)));
SMBShareMap smbShareMap = targetFileShare.getSMBFileShares();
if (smbShareMap != null) {
storageportCIFS = _fileScheduler.placeFileShareExport(sourceFileShare, StorageProtocol.File.CIFS.name(), null);
}
FSExportMap nfsExportMap = targetFileShare.getFsExports();
if (nfsExportMap != null) {
storageportNFS = _fileScheduler.placeFileShareExport(sourceFileShare, StorageProtocol.File.NFS.name(), null);
}
}
FileServiceApi fileServiceApi = getFileShareServiceImpl(sourceFileShare, _dbClient);
try {
fileServiceApi.failbackFileShare(sourceFileShare.getId(), storageportNFS, storageportCIFS, replicateConfiguration, task);
} catch (InternalException e) {
if (_log.isErrorEnabled()) {
_log.error("", e);
}
op = sourceFileShare.getOpStatus().get(task);
op.error(e);
sourceFileShare.getOpStatus().updateTaskStatus(task, op);
_dbClient.updateObject(sourceFileShare);
throw e;
}
taskResp = toTask(sourceFileShare, task, op);
taskList.getTaskList().add(taskResp);
return taskList;
}
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class FileService method expand.
/**
* Expand file system.
* <p>
* NOTE: This is an asynchronous operation.
*
* @param param
* File system expansion parameters
* @param id
* the URN of a ViPR File system
* @brief Expand file system
* @return Task resource representation
* @throws InternalException
*/
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/expand")
@CheckPermission(roles = { Role.TENANT_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public TaskResourceRep expand(@PathParam("id") URI id, FileSystemExpandParam param) throws InternalException {
_log.info(String.format("FileShareExpand --- FileShare id: %1$s, New Size: %2$s", id, param.getNewSize()));
// check file System
ArgValidator.checkFieldUriType(id, FileShare.class, "id");
FileShare fs = queryResource(id);
Long newFSsize = SizeUtil.translateSize(param.getNewSize());
ArgValidator.checkEntity(fs, id, isIdEmbeddedInURL(id));
if (newFSsize <= 0) {
throw APIException.badRequests.parameterMustBeGreaterThan("new_size", 0);
}
// checkQuota
long expand = newFSsize - fs.getCapacity();
final long MIN_EXPAND_SIZE = SizeUtil.translateSize("1MB") + 1;
if (expand < MIN_EXPAND_SIZE) {
throw APIException.badRequests.invalidParameterBelowMinimum("new_size", newFSsize, fs.getCapacity() + MIN_EXPAND_SIZE, "bytes");
}
Project project = _dbClient.queryObject(Project.class, fs.getProject().getURI());
TenantOrg tenant = _dbClient.queryObject(TenantOrg.class, fs.getTenant().getURI());
VirtualPool vpool = _dbClient.queryObject(VirtualPool.class, fs.getVirtualPool());
CapacityUtils.validateQuotasForProvisioning(_dbClient, vpool, project, tenant, expand, "filesystem");
String task = UUID.randomUUID().toString();
Operation op = _dbClient.createTaskOpStatus(FileShare.class, fs.getId(), task, ResourceOperationTypeEnum.EXPAND_FILE_SYSTEM);
op.setDescription("Filesystem expand");
FileServiceApi fileServiceApi = getFileShareServiceImpl(fs, _dbClient);
try {
fileServiceApi.expandFileShare(fs, newFSsize, task);
} catch (InternalException e) {
if (_log.isErrorEnabled()) {
_log.error("Expand File Size error", e);
}
FileShare fileShare = _dbClient.queryObject(FileShare.class, fs.getId());
op = fs.getOpStatus().get(task);
op.error(e);
fileShare.getOpStatus().updateTaskStatus(task, op);
_dbClient.updateObject(fs);
throw e;
}
return toTask(fs, task, op);
}
Aggregations