Example 1 with SecurityRuleInfo
use of com.iwave.ext.netapp.model.SecurityRuleInfo in project coprhd-controller by CoprHD.
the class NetAppClusterModeCommIntf method applyAllSecurityRules.
/**
* check Pre Existing Storage File Export Rules exists in DB
*
* @param nativeGuid
* @return unManageFileExport Rule
* @throws IOException
*/
// TODO:Account for multiple security rules and security flavors
private List<UnManagedFileExportRule> applyAllSecurityRules(ExportsRuleInfo export, String storagePortAddress, URI fileSystemId) {
List<UnManagedFileExportRule> expRules = new ArrayList<UnManagedFileExportRule>();
for (SecurityRuleInfo deviceSecurityRule : export.getSecurityRuleInfos()) {
ExportSecurityType[] securityFlavors = ExportSecurityType.values();
boolean secFlavorSupported = false;
for (ExportSecurityType sec : securityFlavors) {
if (sec.name().equalsIgnoreCase(deviceSecurityRule.getSecFlavor())) {
secFlavorSupported = true;
break;
}
}
if (secFlavorSupported) {
UnManagedFileExportRule expRule = new UnManagedFileExportRule();
expRule.setFileSystemId(fileSystemId);
expRule.setExportPath(export.getPathname());
expRule.setSecFlavor(deviceSecurityRule.getSecFlavor());
expRule.setMountPoint(storagePortAddress + ":" + export.getPathname());
String anon = deviceSecurityRule.getAnon();
// TODO: This functionality has to be revisited to handle uids for anon.
if ((null != anon) && (anon.equals(ROOT_UID))) {
anon = ROOT_USER_ACCESS;
} else {
anon = DEFAULT_ANONMOUS_ACCESS;
}
expRule.setAnon(anon);
if ((null != deviceSecurityRule.getRoot()) && !(deviceSecurityRule.getRoot()).isEmpty()) {
StringSet rootHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getRoot()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
rootHosts.add(exportHost.getName());
}
}
}
expRule.setRootHosts(rootHosts);
}
if ((null != deviceSecurityRule.getReadWrite()) && !(deviceSecurityRule.getReadWrite()).isEmpty()) {
StringSet readWriteHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadWrite()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
if (expRule.getRootHosts() != null) {
if (!expRule.getRootHosts().contains(exportHost.getName())) {
readWriteHosts.add(exportHost.getName());
}
} else {
readWriteHosts.add(exportHost.getName());
}
}
}
}
expRule.setReadWriteHosts(readWriteHosts);
}
if ((null != deviceSecurityRule.getReadOnly()) && !(deviceSecurityRule.getReadOnly()).isEmpty()) {
StringSet readOnlyHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadOnly()) {
boolean negate = false;
if (exportHost.getNegate() != null) {
negate = exportHost.getNegate();
}
if (!negate) {
if (null != exportHost.getName()) {
boolean checkRWPermissions = false;
if (expRule.getRootHosts() != null) {
if (!expRule.getRootHosts().contains(exportHost.getName())) {
checkRWPermissions = true;
}
} else {
checkRWPermissions = true;
}
if (checkRWPermissions) {
if (expRule.getReadWriteHosts() != null) {
if (!expRule.getReadWriteHosts().contains(exportHost.getName())) {
readOnlyHosts.add(exportHost.getName());
}
} else {
readOnlyHosts.add(exportHost.getName());
}
}
}
}
}
expRule.setReadOnlyHosts(readOnlyHosts);
}
if (!((expRule.getReadOnlyHosts() == null || expRule.getReadOnlyHosts().isEmpty()) && (expRule.getReadWriteHosts() == null || expRule.getReadWriteHosts().isEmpty()) && (expRule.getRootHosts() == null || expRule.getRootHosts().isEmpty()))) {
expRules.add(expRule);
}
}
}
return expRules;
}
Also used :
UnManagedFileExportRule(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedFileExportRule)
ArrayList(java.util.ArrayList)
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
StringSet(com.emc.storageos.db.client.model.StringSet)
ExportSecurityType(com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Example 2 with SecurityRuleInfo
use of com.iwave.ext.netapp.model.SecurityRuleInfo in project coprhd-controller by CoprHD.
the class NetAppFileCommunicationInterface method applyAllSecurityRules.
/**
* check Pre Existing Storage File Export Rules exists in DB
*
* @param nativeGuid
* @return unManageFileExport Rule
* @throws IOException
*/
// TODO:Account for multiple security rules and security flavors
private List<UnManagedFileExportRule> applyAllSecurityRules(ExportsRuleInfo export, String storagePortAddress, URI fileSystemId) {
List<UnManagedFileExportRule> expRules = new ArrayList<UnManagedFileExportRule>();
for (SecurityRuleInfo deviceSecurityRule : export.getSecurityRuleInfos()) {
UnManagedFileExportRule expRule = new UnManagedFileExportRule();
expRule.setFileSystemId(fileSystemId);
expRule.setExportPath(export.getPathname());
expRule.setSecFlavor(deviceSecurityRule.getSecFlavor());
expRule.setMountPoint(storagePortAddress + ":" + export.getPathname());
String anon = deviceSecurityRule.getAnon();
// TODO: This functionality has to be revisited to handle uids for anon.
if ((null != anon) && (anon.equals(ROOT_UID))) {
anon = ROOT_USER_ACCESS;
} else {
anon = DEFAULT_ANONMOUS_ACCESS;
}
expRule.setAnon(anon);
if ((null != deviceSecurityRule.getReadOnly()) && !deviceSecurityRule.getReadOnly().isEmpty()) {
StringSet readOnlyHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadOnly()) {
if (null != exportHost.getName()) {
readOnlyHosts.add(exportHost.getName());
}
}
expRule.setReadOnlyHosts(readOnlyHosts);
}
if ((null != deviceSecurityRule.getReadWrite()) && !deviceSecurityRule.getReadWrite().isEmpty()) {
StringSet readWriteHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getReadWrite()) {
if (null != exportHost.getName()) {
readWriteHosts.add(exportHost.getName());
}
}
expRule.setReadWriteHosts(readWriteHosts);
}
if ((null != deviceSecurityRule.getRoot()) && !deviceSecurityRule.getRoot().isEmpty()) {
StringSet rootHosts = new StringSet();
for (ExportsHostnameInfo exportHost : deviceSecurityRule.getRoot()) {
if (null != exportHost.getName()) {
rootHosts.add(exportHost.getName());
}
}
expRule.setRootHosts(rootHosts);
}
expRules.add(expRule);
}
return expRules;
}
Also used :
UnManagedFileExportRule(com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedFileExportRule)
ArrayList(java.util.ArrayList)
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
StringSet(com.emc.storageos.db.client.model.StringSet)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Example 3 with SecurityRuleInfo
use of com.iwave.ext.netapp.model.SecurityRuleInfo in project coprhd-controller by CoprHD.
the class FlexFileShare method listNFSExportRules.
@SuppressWarnings("unchecked")
List<ExportsRuleInfo> listNFSExportRules(String pathName) {
List<ExportsRuleInfo> exports = Lists.newArrayList();
NaElement elem = new NaElement("nfs-exportfs-list-rules-2");
// if true, returns entries from exports file; else from memory. For Cluster mode, it is always true.
elem.addNewChild("persistent", String.valueOf(true));
if (StringUtils.isNotBlank(pathName)) {
elem.addNewChild("pathname", pathName);
}
try {
NaElement results = server.invokeElem(elem);
List<NaElement> rules = results.getChildByName("rules").getChildren();
for (NaElement rule : rules) {
ExportsRuleInfo exportsRuleInfo = new ExportsRuleInfo();
exportsRuleInfo.setActualPathname(rule.getChildContent("actual-pathname"));
exportsRuleInfo.setPathname(rule.getChildContent("pathname"));
for (NaElement securityRule : (List<NaElement>) rule.getChildByName("security-rules").getChildren()) {
SecurityRuleInfo securityRuleInfo = new SecurityRuleInfo();
securityRuleInfo.setAnon(securityRule.getChildContent("anon"));
// String nonsuid = securityRule.getChildContent("nonsuid"); // This is not correct.. Modified by [Gopi] as per API.
String nonsuid = securityRule.getChildContent("nosuid");
if (StringUtils.isNotBlank(nonsuid)) {
securityRuleInfo.setNosuid(Boolean.parseBoolean(nonsuid));
}
List<NaElement> secFlavors = (List<NaElement>) securityRule.getChildByName("sec-flavor").getChildren();
for (NaElement secFlavor : secFlavors) {
if (secFlavor != null) {
if (securityRuleInfo.getSecFlavor() != null) {
securityRuleInfo.setSecFlavor(securityRuleInfo.getSecFlavor() + "," + secFlavor.getChildContent("flavor"));
} else {
securityRuleInfo.setSecFlavor(secFlavor.getChildContent("flavor"));
}
}
}
List<ExportsHostnameInfo> readOnly = extractExportsHostnameInfos(securityRule.getChildByName("read-only"));
securityRuleInfo.getReadOnly().addAll(readOnly);
List<ExportsHostnameInfo> readWrite = extractExportsHostnameInfos(securityRule.getChildByName("read-write"));
securityRuleInfo.getReadWrite().addAll(readWrite);
List<ExportsHostnameInfo> root = extractExportsHostnameInfos(securityRule.getChildByName("root"));
securityRuleInfo.getRoot().addAll(root);
exportsRuleInfo.getSecurityRuleInfos().add(securityRuleInfo);
}
exports.add(exportsRuleInfo);
}
return exports;
} catch (Exception e) {
String msg = "Failed to list NFS exports.";
log.error(msg, e);
throw new NetAppCException(msg, e);
}
}
Also used :
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
ArrayList(java.util.ArrayList)
List(java.util.List)
ExportsRuleInfo(com.iwave.ext.netapp.model.ExportsRuleInfo)
NaElement(netapp.manage.NaElement)
NaAPIFailedException(netapp.manage.NaAPIFailedException)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Example 4 with SecurityRuleInfo
use of com.iwave.ext.netapp.model.SecurityRuleInfo in project coprhd-controller by CoprHD.
the class FileShare method listNFSExportRules.
@SuppressWarnings("unchecked")
List<ExportsRuleInfo> listNFSExportRules(String pathName) {
List<ExportsRuleInfo> exports = Lists.newArrayList();
NaElement elem = new NaElement("nfs-exportfs-list-rules-2");
// if true, returns entries from exports file; else from memory
elem.addNewChild("persistent", String.valueOf(false));
if (StringUtils.isNotBlank(pathName)) {
elem.addNewChild("pathname", pathName);
}
try {
NaElement results = server.invokeElem(elem);
List<NaElement> rules = results.getChildByName("rules").getChildren();
for (NaElement rule : rules) {
ExportsRuleInfo exportsRuleInfo = new ExportsRuleInfo();
exportsRuleInfo.setActualPathname(rule.getChildContent("actual-pathname"));
exportsRuleInfo.setPathname(rule.getChildContent("pathname"));
for (NaElement securityRule : (List<NaElement>) rule.getChildByName("security-rules").getChildren()) {
SecurityRuleInfo securityRuleInfo = new SecurityRuleInfo();
securityRuleInfo.setAnon(securityRule.getChildContent("anon"));
// String nonsuid = securityRule.getChildContent("nonsuid"); // This is not correct.. Modified by [Gopi] as per API.
String nonsuid = securityRule.getChildContent("nosuid");
if (StringUtils.isNotBlank(nonsuid)) {
securityRuleInfo.setNosuid(Boolean.parseBoolean(nonsuid));
}
List<NaElement> secFlavors = (List<NaElement>) securityRule.getChildByName("sec-flavor").getChildren();
for (NaElement secFlavor : secFlavors) {
if (secFlavor != null) {
if (securityRuleInfo.getSecFlavor() != null) {
securityRuleInfo.setSecFlavor(securityRuleInfo.getSecFlavor() + "," + secFlavor.getChildContent("flavor"));
} else {
securityRuleInfo.setSecFlavor(secFlavor.getChildContent("flavor"));
}
}
}
List<ExportsHostnameInfo> readOnly = extractExportsHostnameInfos(securityRule.getChildByName("read-only"));
securityRuleInfo.getReadOnly().addAll(readOnly);
List<ExportsHostnameInfo> readWrite = extractExportsHostnameInfos(securityRule.getChildByName("read-write"));
securityRuleInfo.getReadWrite().addAll(readWrite);
List<ExportsHostnameInfo> root = extractExportsHostnameInfos(securityRule.getChildByName("root"));
securityRuleInfo.getRoot().addAll(root);
exportsRuleInfo.getSecurityRuleInfos().add(securityRuleInfo);
}
exports.add(exportsRuleInfo);
}
return exports;
} catch (Exception e) {
String msg = "Failed to list NFS exports.";
log.error(msg, e);
throw new NetAppException(msg, e);
}
}
Also used :
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
ArrayList(java.util.ArrayList)
List(java.util.List)
ExportsRuleInfo(com.iwave.ext.netapp.model.ExportsRuleInfo)
NaElement(netapp.manage.NaElement)
NaAPIFailedException(netapp.manage.NaAPIFailedException)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Example 5 with SecurityRuleInfo
use of com.iwave.ext.netapp.model.SecurityRuleInfo in project coprhd-controller by CoprHD.
the class MiscTests method test2.
@Test
public void test2() {
// NaElement result = server.invoke("nfs-exportfs-list-rules");
// NetAppUtils.output(result);
List<ExportsRuleInfo> bla = netAppFacade.listNFSExportRules(null);
for (ExportsRuleInfo exportsRuleInfo : bla) {
System.out.println("Pathname: " + exportsRuleInfo.getPathname());
System.out.println("Actual Pathname: " + exportsRuleInfo.getActualPathname());
for (SecurityRuleInfo securityRuleInfo : exportsRuleInfo.getSecurityRuleInfos()) {
System.out.println(" -- anon: " + securityRuleInfo.getAnon());
System.out.println(" -- nosuid: " + securityRuleInfo.getNosuid());
System.out.println(" -- sec-flavor: " + securityRuleInfo.getSecFlavor());
for (ExportsHostnameInfo exportsHostnameInfo : securityRuleInfo.getReadOnly()) {
System.out.println(" ---- ReadOnly: " + exportsHostnameInfo.getAllHosts() + " " + exportsHostnameInfo.getName() + " " + exportsHostnameInfo.getNegate());
}
for (ExportsHostnameInfo exportsHostnameInfo : securityRuleInfo.getReadWrite()) {
System.out.println(" ---- ReadWrite: " + exportsHostnameInfo.getAllHosts() + " " + exportsHostnameInfo.getName() + " " + exportsHostnameInfo.getNegate());
}
for (ExportsHostnameInfo exportsHostnameInfo : securityRuleInfo.getRoot()) {
System.out.println(" ---- Root: " + exportsHostnameInfo.getAllHosts() + " " + exportsHostnameInfo.getName() + " " + exportsHostnameInfo.getNegate());
}
}
}
}
Also used :
SecurityRuleInfo(com.iwave.ext.netapp.model.SecurityRuleInfo)
ExportsRuleInfo(com.iwave.ext.netapp.model.ExportsRuleInfo)
ExportsHostnameInfo(com.iwave.ext.netapp.model.ExportsHostnameInfo)
Test(org.junit.Test)
Aggregations
ExportsHostnameInfo (com.iwave.ext.netapp.model.ExportsHostnameInfo)5
SecurityRuleInfo (com.iwave.ext.netapp.model.SecurityRuleInfo)5
ArrayList (java.util.ArrayList)4
ExportsRuleInfo (com.iwave.ext.netapp.model.ExportsRuleInfo)3
StringSet (com.emc.storageos.db.client.model.StringSet)2
UnManagedFileExportRule (com.emc.storageos.db.client.model.UnManagedDiscoveredObjects.UnManagedFileExportRule)2
List (java.util.List)2
NaAPIFailedException (netapp.manage.NaAPIFailedException)2
NaElement (netapp.manage.NaElement)2
ExportSecurityType (com.emc.storageos.model.file.FileExportUpdateParams.ExportSecurityType)1
Test (org.junit.Test)1
