Example 16 with CheckPermission
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class StorageSystemService method addUserSecretKey.
/**
* Create a secret key for an object storage array
*
* @param param secret key
* @param id storage system URN
* @param userId user in array
* @brief Add a secret key for a storage system user
* @return secret key details
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/object-user/{userId}/secret-keys")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.SYSTEM_MONITOR })
public ObjectUserSecretKeyAddRestRep addUserSecretKey(ObjectUserSecretKeyRequestParam param, @PathParam("id") URI id, @PathParam("userId") String userId) throws InternalException {
// Make sure storage system is registered and object storage
ArgValidator.checkFieldUriType(id, StorageSystem.class, "id");
StorageSystem system = queryResource(id);
ArgValidator.checkEntity(system, id, isIdEmbeddedInURL(id));
if (!StorageSystem.Type.ecs.toString().equals(system.getSystemType())) {
throw APIException.badRequests.invalidParameterURIInvalid("id", id);
}
ObjectController controller = getController(ObjectController.class, system.getSystemType());
String secretKey = null;
if (param != null && !StringUtil.isBlank(param.getSecretkey())) {
secretKey = param.getSecretkey();
}
ObjectUserSecretKey secretKeyRes = controller.addUserSecretKey(id, userId, secretKey);
// Return key details as this is synchronous call
return map(secretKeyRes, true);
}
Also used :
ObjectController(com.emc.storageos.volumecontroller.ObjectController)
ObjectUserSecretKey(com.emc.storageos.db.client.model.ObjectUserSecretKey)
StorageSystem(com.emc.storageos.db.client.model.StorageSystem)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 17 with CheckPermission
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class StorageSystemService method deleteStoragePortGroup.
/**
* Delete a storage port group
*
* @param id
* the URN of a ViPR storage port.
*
* @brief Delete a storage port group
* @return The pending task
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/storage-port-groups/{pgId}/deactivate")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public TaskResourceRep deleteStoragePortGroup(@PathParam("id") URI id, @PathParam("pgId") URI pgId) {
ArgValidator.checkFieldUriType(id, StorageSystem.class, "id");
StorageSystem system = queryResource(id);
// Only support for VMAX
if (!DiscoveredDataObject.Type.vmax.name().equals(system.getSystemType())) {
APIException.badRequests.operationNotSupportedForSystemType(OperationTypeEnum.CREATE_STORAGE_PORT_GROUP.name(), system.getSystemType());
}
ArgValidator.checkFieldUriType(pgId, StoragePortGroup.class, "portGroupId");
StoragePortGroup portGroup = _dbClient.queryObject(StoragePortGroup.class, pgId);
String task = UUID.randomUUID().toString();
Operation op = null;
if (portGroup == null || portGroup.getInactive()) {
// The port group has been deleted
op = _dbClient.createTaskOpStatus(StoragePortGroup.class, portGroup.getId(), task, ResourceOperationTypeEnum.DELETE_STORAGE_PORT_GROUP);
op.ready();
} else {
// Check if the port group is used by any export mask
URIQueryResultList queryResult = new URIQueryResultList();
_dbClient.queryByConstraint(AlternateIdConstraint.Factory.getExportMasksByPortGroup(portGroup.getId().toString()), queryResult);
Iterator<URI> maskIt = queryResult.iterator();
if (maskIt.hasNext()) {
URI maskURI = maskIt.next();
// The port group is used by at least one export mask, throw error
ArgValidator.checkReference(StoragePortGroup.class, pgId, maskURI.toString());
}
op = _dbClient.createTaskOpStatus(StoragePortGroup.class, portGroup.getId(), task, ResourceOperationTypeEnum.DELETE_STORAGE_PORT_GROUP);
_dbClient.updateObject(portGroup);
BlockController controller = getController(BlockController.class, system.getSystemType());
controller.deleteStoragePortGroup(system.getId(), portGroup.getId(), task);
}
auditOp(OperationTypeEnum.DELETE_STORAGE_PORT_GROUP, true, null, portGroup.getNativeGuid(), pgId.toString());
recordStoragePoolPortEvent(OperationTypeEnum.DELETE_STORAGE_PORT_GROUP, OperationTypeEnum.DELETE_STORAGE_PORT_GROUP.getDescription(), portGroup.getId(), "StoragePortGroup");
return toTask(portGroup, task, op);
}
Also used :
MapStoragePortGroup(com.emc.storageos.api.mapper.functions.MapStoragePortGroup)
StoragePortGroup(com.emc.storageos.db.client.model.StoragePortGroup)
BlockController(com.emc.storageos.volumecontroller.BlockController)
Operation(com.emc.storageos.db.client.model.Operation)
URI(java.net.URI)
URIQueryResultList(com.emc.storageos.db.client.constraint.URIQueryResultList)
StorageSystem(com.emc.storageos.db.client.model.StorageSystem)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 18 with CheckPermission
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class StorageSystemService method registerStoragePort.
/**
* Manually register the discovered storage port with the passed id on the
* registered storage system with the passed id.
*
* @param id the URN of a ViPR storage system.
* @param portId The id of the storage port.
*
* @brief Register storage system storage port
* @return A reference to a StoragePortRestRep specifying the data for the
* registered storage port.
*/
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
@Path("/{id}/storage-ports/{portId}/register")
public StoragePortRestRep registerStoragePort(@PathParam("id") URI id, @PathParam("portId") URI portId) {
// Make sure the storage system is registered.
ArgValidator.checkFieldUriType(id, StorageSystem.class, "id");
queryRegisteredSystem(id);
ArgValidator.checkFieldUriType(portId, StoragePort.class, "portId");
StoragePort port = _dbClient.queryObject(StoragePort.class, portId);
ArgValidator.checkEntity(port, portId, isIdEmbeddedInURL(portId));
if (!id.equals(port.getStorageDevice())) {
throw APIException.badRequests.portNotBelongingToSystem(portId, id);
}
// register port if not registered. Otherwise, do nothing
if (RegistrationStatus.UNREGISTERED.toString().equalsIgnoreCase(port.getRegistrationStatus())) {
registerStoragePort(port);
}
return MapStoragePort.getInstance(_dbClient).toStoragePortRestRep(port);
}
Also used :
MapStoragePort(com.emc.storageos.api.mapper.functions.MapStoragePort)
StoragePort(com.emc.storageos.db.client.model.StoragePort)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 19 with CheckPermission
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class StorageSystemService method deregisterStoragePortGroup.
/**
* Allows the user to deregister a registered storage port group so that it
* is no longer used for future export. This simply sets the
* registration_status of the storage port group to UNREGISTERED.
*
* @param id
* the URN of a ViPR storage port.
*
* @brief Unregister storage port
* @return Status response indicating success or failure
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/storage-port-groups/{portGroupId}/deregister")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public StoragePortGroupRestRep deregisterStoragePortGroup(@PathParam("portGroupId") URI portGroupId) {
ArgValidator.checkFieldUriType(portGroupId, StoragePortGroup.class, "portGroupId");
StoragePortGroup portGroup = _dbClient.queryObject(StoragePortGroup.class, portGroupId);
if (portGroup.checkInternalFlags(Flag.INTERNAL_OBJECT)) {
// internal port group
throw APIException.badRequests.internalPortGroup(portGroup.getNativeGuid());
}
if (RegistrationStatus.REGISTERED.toString().equalsIgnoreCase(portGroup.getRegistrationStatus())) {
// Setting status to UNREGISTERED.
portGroup.setRegistrationStatus(RegistrationStatus.UNREGISTERED.toString());
portGroup.setMutable(true);
_dbClient.updateObject(portGroup);
// Record the storage port group deregister event.
recordStoragePoolPortEvent(OperationTypeEnum.DEREGISTER_STORAGE_PORT_GROUP, OperationTypeEnum.DEREGISTER_STORAGE_PORT_GROUP.getDescription(), portGroup.getId(), "StoragePortGroup");
auditOp(OperationTypeEnum.DEREGISTER_STORAGE_PORT_GROUP, true, null, portGroup.getLabel(), portGroup.getId().toString());
}
return MapStoragePortGroup.getInstance(_dbClient).toStoragePortGroupRestRep(portGroup);
}
Also used :
MapStoragePortGroup(com.emc.storageos.api.mapper.functions.MapStoragePortGroup)
StoragePortGroup(com.emc.storageos.db.client.model.StoragePortGroup)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Example 20 with CheckPermission
use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.
the class StorageSystemService method deregisterStorageSystem.
/**
* Allows the user register the storage system with the passed id.
*
* @param id the URN of a ViPR storage system.
*
* @brief Deregister storage system
* @return A StorageSystemRestRep reference specifying the data for the
* updated storage system.
* @throws ControllerException
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}/deregister")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN })
public StorageSystemRestRep deregisterStorageSystem(@PathParam("id") URI id) throws ControllerException {
// Validate the storage system.
ArgValidator.checkFieldUriType(id, StorageSystem.class, "id");
StorageSystem storageSystem = _dbClient.queryObject(StorageSystem.class, id);
ArgValidator.checkEntity(storageSystem, id, isIdEmbeddedInURL(id));
if (!RegistrationStatus.UNREGISTERED.toString().equalsIgnoreCase(storageSystem.getRegistrationStatus())) {
storageSystem.setRegistrationStatus(RegistrationStatus.UNREGISTERED.toString());
_dbClient.updateObject(storageSystem);
stopStorageSystem(storageSystem);
}
// Deregister all Pools.
URIQueryResultList storagePoolURIs = new URIQueryResultList();
_dbClient.queryByConstraint(ContainmentConstraint.Factory.getStorageDeviceStoragePoolConstraint(id), storagePoolURIs);
Iterator<URI> storagePoolIter = storagePoolURIs.iterator();
List<StoragePool> modifiedPools = new ArrayList<StoragePool>();
while (storagePoolIter.hasNext()) {
StoragePool pool = _dbClient.queryObject(StoragePool.class, storagePoolIter.next());
modifiedPools.add(pool);
if (pool.getInactive() || DiscoveredDataObject.RegistrationStatus.UNREGISTERED.toString().equals(pool.getRegistrationStatus())) {
continue;
}
// Setting status to UNREGISTERED.
pool.setRegistrationStatus(RegistrationStatus.UNREGISTERED.toString());
_dbClient.updateObject(pool);
auditOp(OperationTypeEnum.DEREGISTER_STORAGE_POOL, true, null, id.toString());
}
// Deregister all Ports.
URIQueryResultList storagePortURIs = new URIQueryResultList();
_dbClient.queryByConstraint(ContainmentConstraint.Factory.getStorageDeviceStoragePortConstraint(id), storagePortURIs);
Iterator<URI> storagePortIter = storagePortURIs.iterator();
while (storagePortIter.hasNext()) {
StoragePort port = _dbClient.queryObject(StoragePort.class, storagePortIter.next());
if (port.getInactive() || DiscoveredDataObject.RegistrationStatus.UNREGISTERED.toString().equals(port.getRegistrationStatus())) {
continue;
}
// Setting status to UNREGISTERED.
port.setRegistrationStatus(RegistrationStatus.UNREGISTERED.toString());
_dbClient.updateObject(port);
auditOp(OperationTypeEnum.DEREGISTER_STORAGE_PORT, true, null, port.getLabel(), port.getId().toString());
}
StringBuffer errorMessage = new StringBuffer();
ImplicitPoolMatcher.matchModifiedStoragePoolsWithAllVirtualPool(modifiedPools, _dbClient, _coordinator, errorMessage);
auditOp(OperationTypeEnum.DEREGISTER_STORAGE_SYSTEM, true, null, storageSystem.getId().toString(), id.toString());
return map(storageSystem);
}
Also used :
StoragePool(com.emc.storageos.db.client.model.StoragePool)
ArrayList(java.util.ArrayList)
MapStoragePort(com.emc.storageos.api.mapper.functions.MapStoragePort)
StoragePort(com.emc.storageos.db.client.model.StoragePort)
URI(java.net.URI)
URIQueryResultList(com.emc.storageos.db.client.constraint.URIQueryResultList)
StorageSystem(com.emc.storageos.db.client.model.StorageSystem)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
CheckPermission(com.emc.storageos.security.authorization.CheckPermission)
Aggregations
CheckPermission (com.emc.storageos.security.authorization.CheckPermission)566
Produces (javax.ws.rs.Produces)512
Path (javax.ws.rs.Path)487
POST (javax.ws.rs.POST)240
Consumes (javax.ws.rs.Consumes)215
GET (javax.ws.rs.GET)194
URI (java.net.URI)185
Operation (com.emc.storageos.db.client.model.Operation)105
ArrayList (java.util.ArrayList)97
StorageSystem (com.emc.storageos.db.client.model.StorageSystem)93
PUT (javax.ws.rs.PUT)85
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)69
Volume (com.emc.storageos.db.client.model.Volume)68
URIQueryResultList (com.emc.storageos.db.client.constraint.URIQueryResultList)65
TaskList (com.emc.storageos.model.TaskList)61
FileShare (com.emc.storageos.db.client.model.FileShare)56
SMBFileShare (com.emc.storageos.db.client.model.SMBFileShare)54
TaskResourceRep (com.emc.storageos.model.TaskResourceRep)53
NamedURI (com.emc.storageos.db.client.model.NamedURI)47
InternalException (com.emc.storageos.svcs.errorhandling.resources.InternalException)46
