mirror of
https://github.com/xcp-ng/xenadmin.git
synced 2025-01-22 00:00:40 +01:00
21d6080464
Signed-off-by: Konstantina Chremmou <konstantina.chremmou@citrix.com>
501 lines
20 KiB
C#
501 lines
20 KiB
C#
/* Copyright (c) Citrix Systems, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms,
|
|
* with or without modification, are permitted provided
|
|
* that the following conditions are met:
|
|
*
|
|
* * Redistributions of source code must retain the above
|
|
* copyright notice, this list of conditions and the
|
|
* following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the
|
|
* following disclaimer in the documentation and/or other
|
|
* materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
|
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
|
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
|
|
using XenAPI;
|
|
|
|
using XenAdmin.Core;
|
|
using XenAdmin.Model;
|
|
using XenAdmin.Network;
|
|
|
|
|
|
namespace XenAdmin.Actions
|
|
{
|
|
public abstract class FolderAction : AsyncAction
|
|
{
|
|
// CA-34379 Many folder operations do not work well with RBAC, because they operate across multiple connections.
|
|
// Our strategy is roughly as follows:
|
|
//
|
|
// * As always, each Action has a designated Session. This may be an escalated Session in the case that we have
|
|
// sudo'ed, or passed in an escalated Session through RunExternal(). Sometimes, for example adding several
|
|
// objects to a folder, we can break the work down into several actions which can be escalated separately.
|
|
//
|
|
// * However, many actions, such as deleting or renaming a whole folder, inevitably operate across multiple
|
|
// connections. In that case we use this.Session for the relevant connection, and build up a dictionary of
|
|
// sessions for other connections using DuplicateSession(). However, these sessions are not escalated, so
|
|
// we block any such actions in the UI if we would need to operate on a read-only connection: otherwise we
|
|
// would sudo and then the action would still fail on the non-primary connection. (We could in principle
|
|
// escalate a whole collection of Sessions and pass them in, but it doesn't seem necessary, and perhaps
|
|
// it would be a bit odd because when renaming a folder, you feel you're operating on that folder, not really
|
|
// on the objects within it. For consistency, we even block the operation when all the objects are on a
|
|
// single read-only connection).
|
|
//
|
|
// * It's not actually quite true that adding an object to a folder only operates on that object's connection. If
|
|
// the folder was empty before, we should also now remove it from the empty folders list. But it's harmless to
|
|
// leave extra empty folders in the list, so we just catch the RBAC error and fail silently.
|
|
//
|
|
// * For safety, destructive operations are called last: duplication is not as bad as destructive failure.
|
|
//
|
|
// * When this action is used to move or delete multiple objects across multiple connections,
|
|
// the action can not be sudo'ed as it does not have a single session that can be escalated. In this the action
|
|
// would fail if any of the connections does not have sufficient roles.
|
|
//
|
|
|
|
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
|
|
|
|
private readonly Dictionary<IXenConnection, Session> Sessions = new Dictionary<IXenConnection, Session>();
|
|
|
|
protected FolderAction(IXenConnection connection, string title)
|
|
: base(connection, title)
|
|
{
|
|
if (connection != null)
|
|
{
|
|
ApiMethodsToRoleCheck.Add("pool.remove_from_other_config", Folders.EMPTY_FOLDERS);
|
|
ApiMethodsToRoleCheck.Add("pool.add_to_other_config", Folders.EMPTY_FOLDERS);
|
|
}
|
|
}
|
|
|
|
public override void RecomputeCanCancel()
|
|
{
|
|
// CanCancel is always true.
|
|
}
|
|
|
|
private readonly Dictionary<IXenConnection, List<string>> emptyFolders = new Dictionary<IXenConnection, List<string>>();
|
|
|
|
/// <summary>
|
|
/// Mark a folder as empty. The folder will be added to a collection of empty folders that will be used later to update the server
|
|
/// </summary>
|
|
protected void MarkEmptyFolder(IXenConnection connection, string folder)
|
|
{
|
|
if (!emptyFolders.ContainsKey(connection))
|
|
emptyFolders.Add(connection, new List<string>());
|
|
emptyFolders[connection].Add(folder);
|
|
}
|
|
|
|
private readonly List<string> nonEmptyFolders = new List<string>();
|
|
|
|
/// <summary>
|
|
/// Mark a folder as non-empty. The folder will be added to a collection of non-empty folders that will be used later to update the server
|
|
/// </summary>
|
|
protected void MarkNonEmptyFolder(string folder)
|
|
{
|
|
nonEmptyFolders.Add(folder);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Update the EMPTY_FOLDERS property on all servers, using the emptyFolders and nonEmptyFolders collections
|
|
/// </summary>
|
|
protected void UpdateEmptyFolders(Func<bool> cancelling)
|
|
{
|
|
foreach (var con in emptyFolders.Keys)
|
|
{
|
|
AddFoldersToEmptyList(con, cancelling, emptyFolders[con].ToArray());
|
|
}
|
|
RemoveFoldersFromEmptyList(nonEmptyFolders.ToArray(), cancelling);
|
|
}
|
|
|
|
protected void DeleteOrMove(List<IXenObject> objects, Folder folder, Func<bool> cancelling)
|
|
{
|
|
IXenConnection connection = null;
|
|
if (objects.Count > 0)
|
|
connection = objects[0].Connection;
|
|
|
|
if (connection != null)
|
|
((XenConnection)connection).OnBeforeMajorChange(true);
|
|
try
|
|
{
|
|
foreach(var obj in objects)
|
|
{
|
|
DeleteOrMove(obj, folder, cancelling);
|
|
}
|
|
|
|
// Update EMPTY_FOLDERS on all servers
|
|
UpdateEmptyFolders(cancelling);
|
|
}
|
|
finally
|
|
{
|
|
if (connection != null)
|
|
((XenConnection)connection).OnAfterMajorChange(true);
|
|
}
|
|
}
|
|
|
|
protected void DeleteOrMove(IXenObject obj, Folder folder, Func<bool> cancelling)
|
|
{
|
|
// if, by moving candidate, we make its parent
|
|
// empty, then we must add from's parent to the empty list
|
|
// CA-34379: Folder actions do not work with sudo. Make sure destructive operations are called last.
|
|
|
|
string parent = obj.Path;
|
|
if (!string.IsNullOrEmpty(parent))
|
|
{
|
|
if (new List<IXenObject>(Folders.Children(parent)).Count == 1)
|
|
{
|
|
MarkEmptyFolder(obj.Connection, parent);
|
|
}
|
|
}
|
|
|
|
MoveContents(obj, folder == null ? null : folder.opaque_ref, cancelling);
|
|
}
|
|
|
|
protected void Rename(IXenObject obj, string path, Func<bool> cancelling)
|
|
{
|
|
// do the whole thing in a BackgroundMajorChange so the treeview doesn't get updated while the update
|
|
// is only partially completed.
|
|
|
|
((XenConnection)obj.Connection).OnBeforeMajorChange(true);
|
|
try
|
|
{
|
|
// CA-34379: Folder actions do not work with sudo. Make sure destructive operations are called last.
|
|
if (obj.opaque_ref != path)
|
|
{
|
|
MarkEmptyFolder(obj.Connection, path);
|
|
|
|
foreach (IXenObject ixmo in Folders.Children(obj.opaque_ref))
|
|
MoveContents(ixmo, path, cancelling);
|
|
|
|
MarkNonEmptyFolder(obj.opaque_ref);
|
|
// Update EMPTY_FOLDERS
|
|
UpdateEmptyFolders(cancelling);
|
|
}
|
|
}
|
|
finally
|
|
{
|
|
((XenConnection)obj.Connection).OnAfterMajorChange(true);
|
|
}
|
|
}
|
|
|
|
protected void MoveContents(IXenObject from, string to, Func<bool> cancelling)
|
|
{
|
|
// CA-34379: Folder actions do not work with sudo. Make sure destructive operations are called last.
|
|
if (cancelling())
|
|
throw new CancelledException();
|
|
|
|
Folder folder = from as Folder;
|
|
if (folder == null)
|
|
{
|
|
log.DebugFormat("Moving {0} to {1}", Helpers.GetName(from), to ?? "<null>");
|
|
SetFolder(from, to, cancelling);
|
|
MarkNonEmptyFolder(to);
|
|
return;
|
|
}
|
|
|
|
string newLocation = to == null ? null : Folders.AppendPath(to, folder.name_label);
|
|
|
|
log.DebugFormat("Moving contents of {0} to {1}", folder, newLocation ?? "<null>");
|
|
|
|
bool empty = true;
|
|
foreach (IXenObject ixmo in Folders.Children(folder.opaque_ref))
|
|
{
|
|
empty = false;
|
|
|
|
MoveContents(ixmo, newLocation, cancelling);
|
|
}
|
|
|
|
MarkNonEmptyFolder(from.opaque_ref);
|
|
|
|
if (empty && newLocation != null)
|
|
{
|
|
MarkEmptyFolder(from.Connection, newLocation);
|
|
}
|
|
}
|
|
|
|
// WARNING: This function isn't thread safe. It can't be called twice in quick succession
|
|
// on separate threads, because we have to wait for the new empty folders list to come back
|
|
// from the server in between. Each thread does that in WaitForEmptyFoldersCacheChange(),
|
|
// but that won't stop another thread getting the wrong list.
|
|
//Returns true if anyfolder was add to the empty list
|
|
protected bool AddFoldersToEmptyList(IXenConnection connection, Func<bool> cancelling, params string[] paths)
|
|
{
|
|
if (connection == null)
|
|
return false;
|
|
|
|
Pool pool = Helpers.GetPoolOfOne(connection);
|
|
if (pool == null)
|
|
return false;
|
|
|
|
List<string> emptyFoldersOnThisConnection = new List<string>(Folders.GetEmptyFolders(pool));
|
|
bool anyAdded = false;
|
|
foreach (string path in paths)
|
|
{
|
|
if (!emptyFoldersOnThisConnection.Contains(path))
|
|
{
|
|
log.DebugFormat("Adding {0} to empty list on {1}", path, Helpers.GetName(pool));
|
|
emptyFoldersOnThisConnection.Add(path);
|
|
anyAdded = true;
|
|
}
|
|
}
|
|
if (anyAdded)
|
|
{
|
|
SetEmptyFolders(connection, emptyFoldersOnThisConnection, cancelling);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
private void SetFolder(IXenObject xmo, string to, Func<bool> cancelling)
|
|
{
|
|
Session sess = GetSession(xmo.Connection);
|
|
if (to == null)
|
|
Helpers.RemoveFromOtherConfig(sess, xmo, Folders.FOLDER);
|
|
else
|
|
Helpers.SetOtherConfig(sess, xmo, Folders.FOLDER, to);
|
|
WaitForFolderCacheChange(xmo, to, cancelling);
|
|
}
|
|
|
|
private Session GetSession(IXenConnection conn)
|
|
{
|
|
// First we look at this.Session. This allows us to sudo if we have only one connection.
|
|
if (Session != null && Session.Connection == conn)
|
|
return Session;
|
|
|
|
// Otherwise we dig into our dictionary of sessions for other connections. These cannot be sudo'ed,
|
|
// because there is no good way to make a sudo dialog (or a series of dialogs) for several connections.
|
|
if (Sessions.ContainsKey(conn))
|
|
return Sessions[conn];
|
|
Session s = conn.DuplicateSession();
|
|
Sessions[conn] = s;
|
|
return s;
|
|
}
|
|
|
|
private void RemoveFoldersFromEmptyList(string[] paths, Func<bool> cancelling)
|
|
{
|
|
foreach (IXenConnection connection in ConnectionsManager.XenConnectionsCopy)
|
|
{
|
|
if (!connection.IsConnected)
|
|
continue;
|
|
|
|
List<string> emptyFoldersOnThisConnection = new List<string>(Folders.GetEmptyFolders(connection));
|
|
|
|
bool somethingChanged = false;
|
|
foreach(string path in paths)
|
|
{
|
|
if (emptyFoldersOnThisConnection.Contains(path))
|
|
{
|
|
emptyFoldersOnThisConnection.Remove(path);
|
|
somethingChanged = true;
|
|
}
|
|
}
|
|
|
|
if (somethingChanged)
|
|
{
|
|
try
|
|
{
|
|
SetEmptyFolders(connection, emptyFoldersOnThisConnection, cancelling);
|
|
}
|
|
// We ignore RBAC exceptions. They are caused by trying to remove a folder from
|
|
// the empty list on a read-only connection. Leaving an additional empty folder
|
|
// lying around is harmless: we don't want to report an error for it. See CA-40412
|
|
// for an example of this.
|
|
catch (Exception e)
|
|
{
|
|
Failure f = e as Failure;
|
|
if (f == null || f.ErrorDescription[0] != Failure.RBAC_PERMISSION_DENIED)
|
|
throw;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
private void SetEmptyFolders(IXenConnection connection, List<string> folders, Func<bool> cancelling)
|
|
{
|
|
string folder_str = string.Join(Folders.EMPTY_FOLDERS_SEPARATOR, folders.ToArray());
|
|
Pool pool = Helpers.GetPoolOfOne(connection);
|
|
if (pool == null)
|
|
throw new Failure(Failure.INTERNAL_ERROR, Messages.POOL_GONE);
|
|
Helpers.SetOtherConfig(GetSession(pool.Connection), pool, Folders.EMPTY_FOLDERS, folder_str);
|
|
WaitForEmptyFoldersCacheChange(pool, folder_str, cancelling);
|
|
}
|
|
|
|
private static void WaitForFolderCacheChange(IXenObject xmo, string expected, Func<bool> cancelling)
|
|
{
|
|
xmo.Connection.WaitFor(delegate()
|
|
{
|
|
return Folders.GetFolderString(xmo) == expected;
|
|
},
|
|
cancelling);
|
|
if (cancelling())
|
|
throw new CancelledException();
|
|
}
|
|
|
|
private static void WaitForEmptyFoldersCacheChange(Pool pool, string expected, Func<bool> cancelling)
|
|
{
|
|
pool.Connection.WaitFor(delegate()
|
|
{
|
|
return Folders.GetEmptyFoldersString(pool) == expected;
|
|
},
|
|
cancelling);
|
|
if (cancelling())
|
|
throw new CancelledException();
|
|
}
|
|
}
|
|
|
|
public class CreateFolderAction : FolderAction
|
|
{
|
|
private readonly string[] paths;
|
|
|
|
public CreateFolderAction(IXenConnection connection, params string[] paths)
|
|
: base(connection, GetTitle(paths))
|
|
{
|
|
this.paths = paths;
|
|
|
|
foreach (string path in paths)
|
|
AppliesTo.Add(path);
|
|
}
|
|
|
|
protected override void Run()
|
|
{
|
|
CanCancel = true;
|
|
|
|
Description = paths.Length == 1 ? Messages.CREATING_NEW_FOLDER : Messages.CREATING_NEW_FOLDERS;
|
|
|
|
if (!AddFoldersToEmptyList(Connection, GetCancelling, paths))
|
|
throw new Exception(Messages.FOLDER_ALREADY_EXISTS);
|
|
|
|
Description = paths.Length == 1 ? Messages.CREATED_NEW_FOLDER : Messages.CREATED_NEW_FOLDERS;
|
|
}
|
|
|
|
internal static string GetTitle(params string[] paths)
|
|
{
|
|
return paths.Length == 1
|
|
? string.Format(Messages.CREATE_NEW_FOLDER, paths[0])
|
|
: string.Format(Messages.CREATE_NEW_FOLDERS, string.Join("; ", paths));
|
|
}
|
|
}
|
|
|
|
public class RenameFolderAction : FolderAction
|
|
{
|
|
private readonly string path;
|
|
protected readonly IXenObject obj;
|
|
|
|
public RenameFolderAction(Folder folder, String name)
|
|
: base(folder.Connection, string.Format(Messages.RENAMING_FOLDER, Helpers.GetName(folder), name))
|
|
{
|
|
obj = folder;
|
|
path = Folders.AppendPath(obj.Path, name);
|
|
AppliesTo.Add(obj.opaque_ref);
|
|
AppliesTo.Add(path);
|
|
}
|
|
protected override void Run()
|
|
{
|
|
CanCancel = true;
|
|
|
|
Description = Messages.RENAMING;
|
|
|
|
Rename(obj, path, GetCancelling);
|
|
|
|
Description = Messages.RENAMED;
|
|
}
|
|
}
|
|
|
|
public class MoveToFolderAction : FolderAction
|
|
{
|
|
private readonly List<IXenObject> objs = new List<IXenObject>();
|
|
private readonly Folder folder;
|
|
|
|
public MoveToFolderAction(IXenObject obj, Folder folder)
|
|
: base(obj.Connection, string.Format(Messages.MOVE_OBJECT_TO_FOLDER, Helpers.GetName(obj), folder.Name()))
|
|
{
|
|
this.objs.Add(obj);
|
|
this.folder = folder;
|
|
if (obj.GetType() != typeof(Folder))
|
|
{
|
|
ApiMethodsToRoleCheck.Add(obj.GetType().Name.ToLowerInvariant() + ".remove_from_other_config",
|
|
Folders.FOLDER);
|
|
ApiMethodsToRoleCheck.Add(obj.GetType().Name.ToLowerInvariant() + ".add_to_other_config",
|
|
Folders.FOLDER);
|
|
}
|
|
|
|
AppliesTo.Add(obj.opaque_ref);
|
|
AppliesTo.Add(folder.opaque_ref);
|
|
}
|
|
|
|
|
|
// Constructor used for moving multiple objects, across multiple connections
|
|
public MoveToFolderAction(List<IXenObject> objs, Folder folder)
|
|
: base(null, string.Format(Messages.MOVE_OBJECTS_TO_FOLDER, folder.Name()))
|
|
{
|
|
this.objs.AddRange(objs);
|
|
this.folder = folder;
|
|
if (this.folder != null)
|
|
AppliesTo.Add(this.folder.opaque_ref);
|
|
}
|
|
|
|
protected override void Run()
|
|
{
|
|
CanCancel = true;
|
|
Description = Messages.MOVING;
|
|
|
|
DeleteOrMove(objs, folder, GetCancelling);
|
|
|
|
Description = Messages.MOVED;
|
|
}
|
|
}
|
|
|
|
public class DeleteFolderAction : FolderAction
|
|
{
|
|
private readonly List<IXenObject> objs = new List<IXenObject>();
|
|
|
|
public DeleteFolderAction(IXenObject obj)
|
|
: base(obj.Connection, Messages.DELETING_FOLDER)
|
|
{
|
|
objs.Add(obj);
|
|
if (obj.GetType() != typeof(Folder))
|
|
{
|
|
ApiMethodsToRoleCheck.Add(obj.GetType().Name.ToLowerInvariant() + ".remove_from_other_config",
|
|
Folders.FOLDER);
|
|
ApiMethodsToRoleCheck.Add(obj.GetType().Name.ToLowerInvariant() + ".add_to_other_config",
|
|
Folders.FOLDER);
|
|
}
|
|
|
|
AppliesTo.Add(obj.opaque_ref);
|
|
}
|
|
|
|
// Constructor used for deleting multiple objects, across multiple connections
|
|
public DeleteFolderAction(List<IXenObject> objs)
|
|
: base(null, Messages.DELETING_FOLDERS)
|
|
{
|
|
this.objs.AddRange(objs);
|
|
}
|
|
|
|
protected override void Run()
|
|
{
|
|
CanCancel = true;
|
|
Description = objs.Count == 1 ? Messages.DELETING_FOLDER : Messages.DELETING_FOLDERS;
|
|
|
|
DeleteOrMove(objs, null, GetCancelling);
|
|
|
|
Description = objs.Count == 1 ? Messages.DELETED_FOLDER : Messages.DELETED_FOLDERS;
|
|
}
|
|
}
|
|
}
|