Examples with CheckPermission com.emc.storageos.security.authorization.CheckPermission used on opensource projects

Example 31 with CheckPermission

use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.

the class StorageSystemService method getStorageSystems.

/**
 * Gets the id, name, and self link for all registered storage systems.
 *
 * @brief List storage systems
 * @return A reference to a StorageSystemList.
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.SYSTEM_MONITOR })
public StorageSystemList getStorageSystems() {
    StorageSystemList systemsList = new StorageSystemList();
    List<URI> ids = _dbClient.queryByType(StorageSystem.class, true);
    Iterator<StorageSystem> iter = _dbClient.queryIterativeObjects(StorageSystem.class, ids);
    while (iter.hasNext()) {
        systemsList.getStorageSystems().add(toNamedRelatedResource(iter.next()));
    }
    return systemsList;
}

Example 32 with CheckPermission

use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.

the class StorageSystemService method getStorageSystem.

/**
 * Get information about the registered storage system with the passed id.
 *
 * @param id the URN of a ViPR storage system.
 *
 * @brief Show storage system
 * @return A reference to a StorageSystemRestRep
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{id}")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.SYSTEM_MONITOR })
public StorageSystemRestRep getStorageSystem(@PathParam("id") URI id) {
    ArgValidator.checkFieldUriType(id, StorageSystem.class, "id");
    StorageSystem system = queryResource(id);
    StorageSystemRestRep restRep = map(system);
    restRep.setNumResources(getNumResources(system, _dbClient));
    return restRep;
}

Example 33 with CheckPermission

use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.

the class TaskService method resumeTask.

/**
 * Resumes a task. This can only be performed on a Task that has status of: suspended_no_error
 * Retries a task. This can only be performed on a Task that has status of: suspended_error
 *
 * In the case of retry, we will retry the controller workflow starting at the failed step.
 *
 * @brief Resumes a task
 * @param taskId
 *            ID of the task to be resumed
 */
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{taskId}/resume")
@CheckPermission(roles = { Role.TENANT_ADMIN, Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN }, acls = { ACL.OWN, ACL.ALL })
public Response resumeTask(@PathParam("taskId") URI taskId) {
    Task task = queryResource(taskId);
    // Permission Check
    if (task.getTenant().equals(TenantOrg.SYSTEM_TENANT)) {
        verifySystemAdmin();
    } else {
        verifyUserHasAccessToTenants(Lists.newArrayList(task.getTenant()));
    }
    Workflow workflow = validateWorkflow(task);
    String opId = UUID.randomUUID().toString();
    // Resume the workflow
    WorkflowService.initTaskStatus(_dbClient, workflow, opId, Operation.Status.pending, ResourceOperationTypeEnum.WORKFLOW_RESUME);
    getWorkflowController().resumeWorkflow(workflow.getId(), opId);
    return Response.ok().build();
}

Example 34 with CheckPermission

use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.

the class TaskService method deleteTask.

/**
 * Deletes the specified task. After this operation has been called, the task will no longer be accessible.
 *
 * @brief Deletes a task
 * @param taskId
 *            ID of the task to be deleted
 */
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Path("/{taskId}/delete")
@CheckPermission(roles = { Role.SYSTEM_ADMIN, Role.RESTRICTED_SYSTEM_ADMIN }, acls = { ACL.OWN })
public Response deleteTask(@PathParam("taskId") URI taskId) {
    Task task = queryResource(taskId);
    // Permission Check
    if (task.getTenant().equals(TenantOrg.SYSTEM_TENANT)) {
        verifySystemAdmin();
    } else {
        verifyUserHasAccessToTenants(Lists.newArrayList(task.getTenant()));
    }
    _dbClient.removeObject(task);
    auditOp(OperationTypeEnum.DELETE_TASK, true, null, task.getId().toString(), task.getLabel());
    return Response.ok().build();
}

Example 35 with CheckPermission

use of com.emc.storageos.security.authorization.CheckPermission in project coprhd-controller by CoprHD.

the class TenantsService method createHost.

/**
 * Creates a new host for the tenant organization. Discovery is initiated
 * after the host is created.
 * <p>
 * This method is deprecated. Use /compute/hosts instead
 *
 * @param tid
 *            the tenant organization id
 * @param createParam
 *            the parameter that has the type and attribute of the host to be created.
 * @prereq none
 * @deprecated use {@link HostService#createHost(HostCreateParam,Boolean)}
 * @brief Create tenant host
 * @return the host discovery async task representation.
 */
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@CheckPermission(roles = { Role.TENANT_ADMIN })
@Path("/{id}/hosts")
@Deprecated
public TaskResourceRep createHost(@PathParam("id") URI tid, HostCreateParam createParam, @QueryParam("validate_connection") @DefaultValue("false") final Boolean validateConnection) {
    // This is mostly to validate the tenant
    TenantOrg tenant = getTenantById(tid, true);
    HostService hostService = _hostService;
    hostService.validateHostData(createParam, tid, null, validateConnection);
    // Create the host
    return hostService.createNewHost(tenant, createParam);
}