@Override protected QuotaDirectory queryResource(URI id) { ArgValidator.checkUri(id); QuotaDirectory qd = _permissionsHelper.getObjectById(id, QuotaDirectory.class); ArgValidator.checkEntityNotNull(qd, id, isIdEmbeddedInURL(id)); return qd; }
/** * Deactivate Quota directory of file system, this will move the Quota directory to a * "marked-for-delete" state * * <p>NOTE: This is an asynchronous operation. * * @param id the URN of the QuotaDirectory * @param param QuotaDirectory delete param for optional force delete * @brief Delete file system Quota Dir * @return Task resource representation * @throws com.emc.storageos.svcs.errorhandling.resources.InternalException */ @POST @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/deactivate") @CheckPermission( roles = {Role.TENANT_ADMIN}, acls = {ACL.OWN, ACL.ALL}) public TaskResourceRep deactivateQuotaDirectory( @PathParam("id") URI id, QuotaDirectoryDeleteParam param) throws InternalException { _log.info("FileService::deactivateQtree Request recieved {}", id); String task = UUID.randomUUID().toString(); ArgValidator.checkFieldUriType(id, QuotaDirectory.class, "id"); QuotaDirectory quotaDirectory = queryResource(id); FileShare fs = queryFileShareResource(quotaDirectory.getParent().getURI()); ArgValidator.checkFieldNotNull(fs, "filesystem"); // <TODO> Implement Force delete option when shares and exports for Quota Directory are // supported Operation op = new Operation(); op.setResourceType(ResourceOperationTypeEnum.DELETE_FILE_SYSTEM_QUOTA_DIR); quotaDirectory.getOpStatus().createTaskStatus(task, op); fs.setOpStatus(new OpStatusMap()); fs.getOpStatus().createTaskStatus(task, op); _dbClient.persistObject(fs); _dbClient.persistObject(quotaDirectory); // Now get ready to make calls into the controller StorageSystem device = _dbClient.queryObject(StorageSystem.class, fs.getStorageDevice()); FileController controller = getController(FileController.class, device.getSystemType()); try { controller.deleteQuotaDirectory(device.getId(), quotaDirectory.getId(), fs.getId(), task); // If delete operation is successful, then remove obj from ViPR db by setting inactive=true quotaDirectory.setInactive(true); _dbClient.persistObject(quotaDirectory); } catch (InternalException e) { // treating all controller exceptions as internal error for now. controller // should discriminate between validation problems vs. internal errors throw e; } auditOp( OperationTypeEnum.DELETE_FILE_SYSTEM_QUOTA_DIR, true, AuditLogManager.AUDITOP_BEGIN, quotaDirectory.getLabel(), quotaDirectory.getId().toString(), fs.getId().toString()); fs = _dbClient.queryObject(FileShare.class, fs.getId()); _log.debug( "FileService::Quota directory Before sending response, FS ID : {}, Taks : {} ; Status {}", fs.getOpStatus().get(task), fs.getOpStatus().get(task).getStatus()); return toTask(quotaDirectory, task, op); }
/* * GET filesystem by id */ @GET @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}") public FileShareRestRep getFileSystemInternal(@PathParam("id") URI id) { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); return map(fs); }
/* * GET task status */ @GET @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/tasks/{op_id}/") public TaskResourceRep getTaskInternal(@PathParam("id") URI id, @PathParam("op_id") URI op_id) throws DatabaseException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); return toTask(fs, op_id.toString()); }
/** * Get info for file system quota directory * * @param id the URN of a ViPR Quota directory * @brief Show file system quota directory * @return File system quota directory details */ @GET @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}") @CheckPermission( roles = {Role.SYSTEM_MONITOR, Role.TENANT_ADMIN}, acls = {ACL.ANY}) public QuotaDirectoryRestRep getQuotaDirectory(@PathParam("id") URI id) { ArgValidator.checkFieldUriType(id, QuotaDirectory.class, "id"); QuotaDirectory quotaDir = queryResource(id); return map(quotaDir); }
/* * POST to create a new export */ @POST @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/exports") public TaskResourceRep exportInternal(@PathParam("id") URI id, FileSystemExportParam param) throws InternalException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); return _fileService.export(id, param); }
/** * Undo the release of a file system * * @param id the URN of a ViPR file system to undo * @return the updated file system * @throws InternalException */ @POST @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/release/undo") public FileShareRestRep undoReleaseFileSystemInternal(@PathParam("id") URI id) throws InternalException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); URI releasedProject = fs.getOriginalProject(); if (releasedProject == null) { throw APIException.forbidden.onlyPreviouslyReleasedFileSystemsCanBeUndone(); } Project project = _permissionsHelper.getObjectById(releasedProject, Project.class); ArgValidator.checkEntity(project, releasedProject, false); ArgValidator.checkFieldNotNull(project.getTenantOrg(), "tenantOrg"); ArgValidator.checkFieldNotNull(project.getTenantOrg().getURI(), "tenantOrg"); fs.setTenant(new NamedURI(project.getTenantOrg().getURI(), fs.getLabel())); fs.setProject(new NamedURI(releasedProject, fs.getLabel())); fs.setOriginalProject(null); fs.clearInternalFlags(INTERNAL_FILESHARE_FLAGS); _dbClient.updateAndReindexObject(fs); // audit against the new project, not the old dummy internal project auditOp( OperationTypeEnum.UNDO_RELEASE_FILE_SYSTEM, true, null, fs.getId().toString(), project.getId().toString()); return map(fs); }
/* * POST to deactivate filesystem */ @POST @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/deactivate") public TaskResourceRep deactivateFileSystemInternal( @PathParam("id") URI id, FileSystemDeleteParam param) throws InternalException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); TenantOrg tenant = _permissionsHelper.getRootTenant(); if (!_permissionsHelper.userHasGivenRole( getUserFromContext(), tenant.getId(), Role.SYSTEM_ADMIN, Role.TENANT_ADMIN)) { throw APIException.forbidden.onlyAdminsCanDeactivateFileSystems( Role.SYSTEM_ADMIN.toString(), Role.TENANT_ADMIN.toString()); } return _fileService.deactivateFileSystem(id, param); }
/* * DELETE filesystem export */ @DELETE @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/exports/{protocol},{secType},{perm},{root_mapping}") public TaskResourceRep unexportInternal( @PathParam("id") URI id, @PathParam("protocol") String protocol, @PathParam("secType") String securityType, @PathParam("perm") String permissions, @PathParam("root_mapping") String rootUserMapping, @QueryParam("subDirectory") String subDirectory) throws InternalException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); checkFileShareInternal(fs); return _fileService.unexport( id, protocol, securityType, permissions, rootUserMapping, subDirectory); }
/** * Update Quota Directory for a file share * * <p>NOTE: This is an asynchronous operation. * * @param id the URN of a ViPR Quota directory * @param param File system Quota directory update parameters * @brief Update file system Quota directory * @return Task resource representation * @throws com.emc.storageos.svcs.errorhandling.resources.InternalException */ @POST @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}") @CheckPermission( roles = {Role.TENANT_ADMIN}, acls = {ACL.OWN, ACL.ALL}) public TaskResourceRep updateQuotaDirectory( @PathParam("id") URI id, QuotaDirectoryUpdateParam param) throws InternalException { _log.info("FileService::Update Quota directory Request recieved {}", id); QuotaDirectory quotaDir = queryResource(id); String task = UUID.randomUUID().toString(); if (param.getSecurityStyle() != null) { ArgValidator.checkFieldValueFromEnum( param.getSecurityStyle(), "security_style", EnumSet.allOf(QuotaDirectory.SecurityStyles.class)); } // Get the FileSystem object FileShare fs = queryFileShareResource(quotaDir.getParent().getURI()); ArgValidator.checkFieldNotNull(fs, "filesystem"); // Update the quota directory object to store in ViPR database quotaDir.setOpStatus(new OpStatusMap()); // Set all other optional parameters too. if (param.getOpLock() != null) { quotaDir.setOpLock(param.getOpLock()); } if (param.getSecurityStyle() != null) { quotaDir.setSecurityStyle(param.getSecurityStyle()); } if (param.getSize() != null) { Long quotaSize = SizeUtil.translateSize(param.getSize()); if (quotaSize > 0) { ArgValidator.checkFieldMaximum(quotaSize, fs.getCapacity(), " Bytes", "size"); quotaDir.setSize(quotaSize); } } Operation op = new Operation(); op.setResourceType(ResourceOperationTypeEnum.UPDATE_FILE_SYSTEM_QUOTA_DIR); quotaDir.getOpStatus().createTaskStatus(task, op); fs.setOpStatus(new OpStatusMap()); fs.getOpStatus().createTaskStatus(task, op); _dbClient.persistObject(fs); _dbClient.persistObject(quotaDir); // Create an object of type "FileShareQtree" to be passed into the south-bound layers. FileShareQuotaDirectory qt = new FileShareQuotaDirectory(quotaDir); // Now get ready to make calls into the controller StorageSystem device = _dbClient.queryObject(StorageSystem.class, fs.getStorageDevice()); FileController controller = getController(FileController.class, device.getSystemType()); try { controller.updateQuotaDirectory(device.getId(), qt, fs.getId(), task); } catch (InternalException e) { _log.error("Error during update of Quota Directory {}", e); // treating all controller exceptions as internal error for now. controller // should discriminate between validation problems vs. internal errors throw e; } auditOp( OperationTypeEnum.UPDATE_FILE_SYSTEM_QUOTA_DIR, true, AuditLogManager.AUDITOP_BEGIN, quotaDir.getLabel(), quotaDir.getId().toString(), fs.getId().toString()); fs = _dbClient.queryObject(FileShare.class, fs.getId()); _log.debug( "FileService::Quota directory Before sending response, FS ID : {}, Taks : {} ; Status {}", fs.getOpStatus().get(task), fs.getOpStatus().get(task).getStatus()); return toTask(quotaDir, task, op); }
protected FileShare queryFileShareResource(URI id) { ArgValidator.checkUri(id); FileShare fs = _permissionsHelper.getObjectById(id, FileShare.class); ArgValidator.checkEntityNotNull(fs, id, isIdEmbeddedInURL(id)); return fs; }
/** * Release a file system from its current tenant & project for internal object usage * * @param id the URN of a ViPR file system to be released * @return the updated file system * @throws InternalException */ @POST @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Path("/{id}/release") public FileShareRestRep releaseFileSystemInternal(@PathParam("id") URI id) throws InternalException { ArgValidator.checkFieldUriType(id, FileShare.class, "id"); FileShare fs = _fileService.queryResource(id); // if the FS is already marked as internal, we can skip all this logic // and just return success down at the bottom if (!fs.checkInternalFlags(Flag.INTERNAL_OBJECT)) { URI tenantURI = fs.getTenant().getURI(); if (!_permissionsHelper.userHasGivenRole( getUserFromContext(), tenantURI, Role.TENANT_ADMIN)) { throw APIException.forbidden.onlyAdminsCanReleaseFileSystems(Role.TENANT_ADMIN.toString()); } // we can't release a fs that has exports FSExportMap exports = fs.getFsExports(); if ((exports != null) && (!exports.isEmpty())) { throw APIException.badRequests.cannotReleaseFileSystemExportExists( exports.keySet().toString()); } // we can't release a fs that has shares SMBShareMap shares = fs.getSMBFileShares(); if ((shares != null) && (!shares.isEmpty())) { throw APIException.badRequests.cannotReleaseFileSystemSharesExists( shares.keySet().toString()); } // files systems with pending operations can't be released if (fs.getOpStatus() != null) { for (String opId : fs.getOpStatus().keySet()) { Operation op = fs.getOpStatus().get(opId); if (Operation.Status.pending.name().equals(op.getStatus())) { throw APIException.badRequests.cannotReleaseFileSystemWithTasksPending(); } } } // file systems with snapshots can't be released Integer snapCount = _fileService.getNumSnapshots(fs); if (snapCount > 0) { throw APIException.badRequests.cannotReleaseFileSystemSnapshotExists(snapCount); } TenantOrg rootTenant = _permissionsHelper.getRootTenant(); // we can't release the file system to the root tenant if the root tenant has no access // to the filesystem's virtual pool ArgValidator.checkFieldNotNull(fs.getVirtualPool(), "virtualPool"); VirtualPool virtualPool = _permissionsHelper.getObjectById(fs.getVirtualPool(), VirtualPool.class); ArgValidator.checkEntity(virtualPool, fs.getVirtualPool(), false); if (!_permissionsHelper.tenantHasUsageACL(rootTenant.getId(), virtualPool)) { throw APIException.badRequests.cannotReleaseFileSystemRootTenantLacksVPoolACL( virtualPool.getId().toString()); } fs.setOriginalProject(fs.getProject().getURI()); fs.setTenant(new NamedURI(rootTenant.getId(), fs.getLabel())); fs.setProject(new NamedURI(_internalProject.getId(), fs.getLabel())); fs.addInternalFlags(INTERNAL_FILESHARE_FLAGS); _dbClient.updateAndReindexObject(fs); // audit against the source project, not the new dummy internal project auditOp( OperationTypeEnum.RELEASE_FILE_SYSTEM, true, null, fs.getId().toString(), fs.getOriginalProject().toString()); } return map(fs); }