Example 1 with NFSSecurityStyle
use of com.iwave.ext.netappc.NFSSecurityStyle in project coprhd-controller by CoprHD.
the class FlexFileShare method changeNFSShare.
public void changeNFSShare(String fsName, String qtreeName, ExportRule oldRule, ExportRule newRule, String exportPath) {
String policyName = "";
if (qtreeName == null || qtreeName.isEmpty()) {
policyName = getExportPolicyOfVolume(exportPath, fsName);
} else {
policyName = getExportPolicyOfQtree(exportPath, fsName, qtreeName);
}
NaElement result = null;
try {
List<String> rootHosts = new ArrayList<String>();
List<String> rwHosts = new ArrayList<String>();
List<String> roHosts = new ArrayList<String>();
int rootMappingUid = getAnonId(newRule.getAnon());
List<NFSSecurityStyle> securityStyleList = new ArrayList<NFSSecurityStyle>();
securityStyleList.add(NFSSecurityStyle.valueOfName(newRule.getSecFlavor()));
// Collects all the hosts from export rule after modification
Set<String> hosts = new HashSet<String>();
if (newRule.getReadOnlyHosts() != null) {
hosts.addAll(newRule.getReadOnlyHosts());
roHosts.addAll(newRule.getReadOnlyHosts());
}
if (newRule.getReadWriteHosts() != null) {
hosts.addAll(newRule.getReadWriteHosts());
rwHosts.addAll(newRule.getReadWriteHosts());
}
if (newRule.getRootHosts() != null) {
hosts.addAll(newRule.getRootHosts());
rootHosts.addAll(newRule.getRootHosts());
}
if (oldRule != null) {
// Collects all the hosts from export rule before modification
Set<String> oldHosts = new HashSet<String>();
if (oldRule.getReadOnlyHosts() != null) {
oldHosts.addAll(oldRule.getReadOnlyHosts());
}
if (oldRule.getReadWriteHosts() != null) {
oldHosts.addAll(oldRule.getReadWriteHosts());
}
if (oldRule.getRootHosts() != null) {
oldHosts.addAll(oldRule.getRootHosts());
}
// Handles removing endpoint from export rule during modify.
Set<String> hostsToRemove = com.google.common.collect.Sets.difference(oldHosts, hosts);
for (String host : hostsToRemove) {
List<String> permission = new ArrayList<String>();
if (oldRule.getReadOnlyHosts() != null && oldRule.getReadOnlyHosts().contains(host)) {
permission.add(RO_PERMISSION);
}
if (oldRule.getReadWriteHosts() != null && oldRule.getReadWriteHosts().contains(host)) {
permission.add(RW_PERMISSION);
}
if (oldRule.getRootHosts() != null && oldRule.getRootHosts().contains(host)) {
permission.add(ROOT_PERMISSION);
}
String ruleIndex = getMatchingRule(host, policyName, permission, oldRule.getSecFlavor(), exportPath);
NaElement ruleElem = null;
if (!ruleIndex.isEmpty()) {
deleteExportRule(ruleIndex, policyName, fsName);
}
}
}
for (String host : hosts) {
String ruleIndex = "";
if (oldRule != null) {
List<String> permission = new ArrayList<String>();
if (oldRule.getReadOnlyHosts() != null && oldRule.getReadOnlyHosts().contains(host)) {
permission.add(RO_PERMISSION);
}
if (oldRule.getReadWriteHosts() != null && oldRule.getReadWriteHosts().contains(host)) {
permission.add(RW_PERMISSION);
}
if (oldRule.getRootHosts() != null && oldRule.getRootHosts().contains(host)) {
permission.add(ROOT_PERMISSION);
}
ruleIndex = getMatchingRule(host, policyName, permission, oldRule.getSecFlavor(), exportPath);
} else {
ruleIndex = getMatchingRule(host, policyName, null, null, exportPath);
}
NaElement ruleElem = null;
if (!ruleIndex.isEmpty()) {
ruleElem = new NaElement("export-rule-modify");
ruleElem.addNewChild("rule-index", ruleIndex);
} else {
ruleElem = new NaElement("export-rule-create");
}
ruleElem.addNewChild("anonymous-user-id", String.valueOf(rootMappingUid));
ruleElem.addNewChild("policy-name", policyName);
ruleElem.addNewChild("client-match", host);
setSecurityStyle(host, securityStyleList, roHosts, rwHosts, rootHosts, ruleElem);
result = server.invokeElem(ruleElem);
}
} catch (IllegalArgumentException e) {
String msg = "Failed to create export rule for file system: " + fsName;
log.error(msg, e);
throw new NetAppCException(msg, e);
} catch (Exception e) {
String msg = "Failed to create export rule for file system: " + fsName;
log.error(msg, e);
throw new NetAppCException(msg, e);
}
}
Also used :
NFSSecurityStyle(com.iwave.ext.netappc.NFSSecurityStyle)
ArrayList(java.util.ArrayList)
NaElement(netapp.manage.NaElement)
NaAPIFailedException(netapp.manage.NaAPIFailedException)
HashSet(java.util.HashSet)
Example 2 with NFSSecurityStyle
use of com.iwave.ext.netappc.NFSSecurityStyle in project coprhd-controller by CoprHD.
the class FlexFileShare method deleteNFSShare.
public void deleteNFSShare(String fsName, String qtreeName, ExportRule oldRule, String exportPath) {
String policyName = "";
if (qtreeName == null || qtreeName.isEmpty()) {
policyName = getExportPolicyOfVolume(exportPath, fsName);
} else {
policyName = getExportPolicyOfQtree(exportPath, fsName, qtreeName);
}
NaElement result = null;
try {
List<String> rootHosts = new ArrayList<String>();
List<String> rwHosts = new ArrayList<String>();
List<String> roHosts = new ArrayList<String>();
List<NFSSecurityStyle> secruityStyleList = new ArrayList<NFSSecurityStyle>();
secruityStyleList.add(NFSSecurityStyle.valueOfName(oldRule.getSecFlavor()));
// Collects all the hosts from export rule before modification
Set<String> hosts = new HashSet<String>();
if (oldRule.getReadOnlyHosts() != null) {
hosts.addAll(oldRule.getReadOnlyHosts());
roHosts.addAll(oldRule.getReadOnlyHosts());
}
if (oldRule.getReadWriteHosts() != null) {
hosts.addAll(oldRule.getReadWriteHosts());
rwHosts.addAll(oldRule.getReadWriteHosts());
}
if (oldRule.getRootHosts() != null) {
hosts.addAll(oldRule.getRootHosts());
rootHosts.addAll(oldRule.getRootHosts());
}
for (String host : hosts) {
List<String> permission = new ArrayList<String>();
if (oldRule.getReadOnlyHosts() != null && oldRule.getReadOnlyHosts().contains(host)) {
permission.add(RO_PERMISSION);
}
if (oldRule.getReadWriteHosts() != null && oldRule.getReadWriteHosts().contains(host)) {
permission.add(RW_PERMISSION);
}
if (oldRule.getRootHosts() != null && oldRule.getRootHosts().contains(host)) {
permission.add(ROOT_PERMISSION);
}
String ruleIndex = getMatchingRule(host, policyName, permission, oldRule.getSecFlavor(), exportPath);
NaElement ruleElem = null;
if (!ruleIndex.isEmpty()) {
deleteExportRule(ruleIndex, policyName, fsName);
}
}
} catch (IllegalArgumentException e) {
String msg = "Failed to create export rule for file system: " + fsName;
log.error(msg, e);
throw new NetAppCException(msg, e);
} catch (Exception e) {
String msg = "Failed to create export rule for file system: " + fsName;
log.error(msg, e);
throw new NetAppCException(msg, e);
}
}
Also used :
NFSSecurityStyle(com.iwave.ext.netappc.NFSSecurityStyle)
ArrayList(java.util.ArrayList)
NaElement(netapp.manage.NaElement)
NaAPIFailedException(netapp.manage.NaAPIFailedException)
HashSet(java.util.HashSet)
Example 3 with NFSSecurityStyle
use of com.iwave.ext.netappc.NFSSecurityStyle in project coprhd-controller by CoprHD.
the class FlexFileShare method setSecurityStyle.
private void setSecurityStyle(String host, List<NFSSecurityStyle> securityStyleList, List<String> roHosts, List<String> rwHosts, List<String> rootHosts, NaElement ruleElem) {
NaElement roRule = new NaElement("ro-rule");
NaElement rwRule = new NaElement("rw-rule");
NaElement rootRule = new NaElement("super-user-security");
boolean hasRootPermission = false;
boolean hasRWPermission = false;
boolean hasROPermission = false;
if (roHosts.contains(host)) {
hasROPermission = true;
}
if (rwHosts.contains(host)) {
hasRWPermission = true;
hasROPermission = true;
}
if (rootHosts.contains(host)) {
hasRootPermission = true;
hasRWPermission = true;
hasROPermission = true;
}
if (hasRootPermission) {
// Add security style
for (NFSSecurityStyle s : securityStyleList) {
rootRule.addNewChild("security-flavor", s.name());
rwRule.addNewChild("security-flavor", s.name());
roRule.addNewChild("security-flavor", s.name());
}
} else {
if (hasRWPermission) {
rootRule.addNewChild("security-flavor", SEC_FLAVOR_NONE);
// Add security style
for (NFSSecurityStyle s : securityStyleList) {
rwRule.addNewChild("security-flavor", s.name());
roRule.addNewChild("security-flavor", s.name());
}
} else {
rootRule.addNewChild("security-flavor", SEC_FLAVOR_NONE);
rwRule.addNewChild("security-flavor", SEC_FLAVOR_NEVER);
if (hasROPermission) {
// Add security style
for (NFSSecurityStyle s : securityStyleList) {
roRule.addNewChild("security-flavor", s.name());
}
} else {
roRule.addNewChild("security-flavor", SEC_FLAVOR_NEVER);
}
}
}
ruleElem.addChildElem(rootRule);
ruleElem.addChildElem(rwRule);
ruleElem.addChildElem(roRule);
}
Also used :
NFSSecurityStyle(com.iwave.ext.netappc.NFSSecurityStyle)
NaElement(netapp.manage.NaElement)
Example 4 with NFSSecurityStyle
use of com.iwave.ext.netappc.NFSSecurityStyle in project coprhd-controller by CoprHD.
the class NetAppClusterApi method exportFS.
public Boolean exportFS(String fsName, String qtreeName, String mountPath, String exportPath, List<String> rootHosts, List<String> rwHosts, List<String> roHosts, String root_user, String securityStyle) throws NetAppCException {
try {
if ((null == roHosts) && (null == rwHosts) && (null == rootHosts)) {
_logger.debug("End points list is null...");
return false;
} else {
// Add all root hosts to rw hosts as well (currently NTP GUI
// takes care of this).
addRootToHosts(rootHosts, rwHosts);
// TODO: Handle multiple security Types here
List<NFSSecurityStyle> secruityStyleList = new ArrayList<NFSSecurityStyle>();
String lcaseSecruityStyle = securityStyle.toLowerCase();
secruityStyleList.add(NFSSecurityStyle.valueOfName(lcaseSecruityStyle));
// TODO: Handle all root and anonymous user mappings here.
int rootMappingUid = 0;
if (root_user.equals(ROOT_USER)) {
rootMappingUid = 0;
} else if (root_user.equals(NO_ROOT_USERS)) {
rootMappingUid = DISABLE_ROOT_ACCESS_CODE;
} else {
// If UID is specified other than root or nobody default it
// to this value.
rootMappingUid = DEFAULT_ANONMOUS_ROOT_ACCESS;
}
// Finally fire up export.
netAppClusterFacade = new NetAppClusterFacade(_ipAddress, _portNumber, _userName, _password, _https, true, _svmName);
netAppClusterFacade.addNFSShare(fsName, qtreeName, null, mountPath, rootMappingUid, roHosts, rwHosts, rootHosts, secruityStyleList);
}
} catch (IllegalArgumentException e) {
String msg = "Failed to create NFS share on path: " + (mountPath != null ? mountPath : exportPath);
_logger.error(msg, e);
throw NetAppCException.exceptions.exportFSFailed(mountPath, exportPath, e.getMessage());
} catch (Exception e) {
throw NetAppCException.exceptions.exportFSFailed(mountPath, exportPath, e.getMessage());
}
return true;
}
Also used :
NFSSecurityStyle(com.iwave.ext.netappc.NFSSecurityStyle)
ArrayList(java.util.ArrayList)
NetAppClusterFacade(com.iwave.ext.netappc.NetAppClusterFacade)
Aggregations
NFSSecurityStyle (com.iwave.ext.netappc.NFSSecurityStyle)4
ArrayList (java.util.ArrayList)3
NaElement (netapp.manage.NaElement)3
HashSet (java.util.HashSet)2
NaAPIFailedException (netapp.manage.NaAPIFailedException)2
NetAppClusterFacade (com.iwave.ext.netappc.NetAppClusterFacade)1
