# # Copyright (c) 2001-2013 NetApp, Inc., All Rights Reserved # Any use, modification, or distribution is prohibited # without prior written consent from NetApp, Inc. # ## @summary SecurityLogin ComponentState Module ## @author dl-nacl-dev@netapp.com ## @status shared ## @pod here =head1 NAME NACL::CS::SecurityLogin =head1 DESCRIPTION C is a derived class of L. It represents the state of an ONTAP SecurityLogin. A related class is L, which represents access to an ONTAP SecurityLogin. =head1 ATTRIBUTES The individual pieces of data that are part of the state of the SecurityLogin element are the attributes of the SecurityLogin ComponentState. =over =item C<< "authmethod" >> Filled in for CMode CLI/ZAPI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping:

$value

=item C<< "vserver" >> Filled in for CMode CLI/ZAPI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping: $value =item C<< "application" >> Filled in for CMode CLI/ZAPI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping: $value =item C<< "username" >> Filled in for CMode CLI/ZAPI, 7Mode CLI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping:

$value

7Mode CLI: For "filter": Applicable, Filtering will be done by Components. For "requested_fields", Not applicable, but the field will be populated in the CS object. =item C<< "acctlocked" >> Filled in for CMode CLI/ZAPI, 7Mode CLI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping:

$value

7Mode CLI: For "filter": Applicable, Filtering will be done by Components. For "requested_fields", Not applicable, but the field will be populated in the CS object. =item C<< "role" >> Filled in for CMode CLI/ZAPI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping:

$value

=item C<< profile >> Filled in for CMode CLI. =item C<< comment >> Filled in for CMode CLI/ZAPI, 7Mode CLI. Maps to: CMode ZAPI: For "requested_fields", "filter" and Output mapping: $value Maps to: 7Mode CLI: For "filter": Applicable, Filtering will be done by Components. For "requested_fields", Not applicable, but the field will be populated in the CS object. =item C<< acctlocked_zapi >> Filled in for CMode CLI. =item C<< require_passwd_update >> Filled in for CMode CLI. =item C<< user_or_group_name >> User Name or Active Directory Group Name Filled in for CMode CLI. =back =cut package NACL::CS::SecurityLogin; use strict; use warnings; use Params::Validate qw(validate); use NACL::ComponentUtils qw(_dump_one); use NATE::Log qw(log_global); my $Log = log_global(); my $may_enter = $Log->may_enter(); my $may_exit = $Log->may_exit(); use Data::Dumper; use NACL::Exceptions::NoElementsFound qw(:try); use NACL::C::_Mixins::SecurityLogin qw(:all); use base 'NACL::CS::ComponentState::ONTAP'; use Class::MethodMaker [ scalar => 'authmethod', scalar => 'vserver', scalar => 'application', scalar => 'acctlocked', scalar => 'role', scalar => 'profile', scalar => 'comment', scalar => 'acctlocked_zapi', scalar => 'require_passwd_update', scalar => 'user_or_group_name', scalar => [ { '-default_ctor' => sub { $_[0] ->user_or_group_name(), }, }, 'username' ], ]; =head1 METHODS =head2 fetch my $SecurityLogin_state = NACL::CS::SecurityLogin->fetch(command_interface => $ci, ...); my @SecurityLogin_states = NACL::CS::SecurityLogin->fetch(command_interface => $ci, ...); (Class method) Discovers which elements are present and returns their state in ComponentState objects. Called in scalar context it returns only one state object, in list context it returns all state objects. See L for a more detailed description along with a complete explanation of the options it accepts. Supports CMode CLI/ZAPI, 7Mode CLI. Invokes "security-login-get-iter" API for CMode ZAPI. Invokes "useradmin diaguser show" and "useradmin user list" command for 7Mode CLI. =over =item Exceptions =over =item C When there are no elements matching the query specified or elements of that type doesn't exist, then this exception will be thrown. =back =back =cut sub fetch { $Log->enter() if $may_enter; my $pkg = shift; my @state_objs = $pkg->SUPER::fetch( @_, choices => [ { method => '_fetch_cmode_cli', interface => 'CLI', set => 'CMode', }, { method => '_fetch_cmode_zapi', interface => 'ZAPI', set => 'CMode', }, { method => '_fetch_7mode_cli', interface => 'CLI', set => '7Mode', }, ], exception_text => 'No matching security login(s) found', show_cmd => 'security login show', ); $Log->exit() if $may_exit; return wantarray ? @state_objs : $state_objs[0]; } ## end sub fetch sub _fetch_cmode_cli { $Log->enter() if $may_enter; my ($pkg, %opts) = @_; #This is necessary for the state() call to work. if ( defined $opts{filter}->{username} && defined $opts{filter}->{'user-or-group-name'} ) { delete $opts{filter}->{username}; } my @state_objs = $pkg->SUPER::_fetch_cmode_cli(%opts, api => 'security_login_show'); $Log->exit() if $may_exit; return @state_objs; } ## end sub _fetch_cmode_cli sub _fetch_cmode_zapi { $Log->enter() if $may_enter; my ($pkg, %opts) = @_; my $common_copy = $pkg->_common_zapi_copy(); my $common_map = $pkg->_common_zapi_map(); my @states; try { @states = $pkg->SUPER::_fetch_cmode_zapi( %opts, api => "security_login_get_iter", copy => $common_copy, map => $common_map, ); } catch NACL::APISet::Exceptions::CommandFailedException with { my $excp_obj = shift; $Log->exit() if $may_exit; if ($excp_obj->text !~ /User not found/) { $excp_obj->throw(); } }; $Log->exit() if $may_exit; return @states; } ## end sub _fetch_cmode_zapi sub _update_state_objs_cmode_zapi { $Log->enter() if $may_enter; my ($pkg, @args) = @_; $pkg->SUPER::_update_state_objs_cmode_zapi( @args, zapi_field_translations => { yes_no_boolean => [qw(acctlocked)], }, ); $Log->exit() if $may_exit; } sub _fetch_7mode_cli { $Log->enter() if $may_enter; my $pkg = shift; my %opts = validate @_, $pkg->_fetch_backend_validate_spec(); my (@state_objs, %final_attributes, %filter); my ($response_diaguser, $response_userlist, $output_diaguser, $output_userlist ); my $command_interface = $opts{command_interface}; my $apiset = $opts{apiset}; my %copy_filter = %{$opts{filter}}; my @copy_requested_fields = @{$opts{requested_fields}}; my $deleted_filter = $pkg->_remove_relational_regex_filters( filter => \%copy_filter, requested_fields => \@copy_requested_fields ); $filter{'login-name'} = $opts{filter}->{username} if (defined $opts{filter}->{username}); if (!defined $filter{'login-name'}) { $response_userlist = $apiset->useradmin_user_list(%filter); $output_userlist = $response_userlist->get_parsed_output(); $response_diaguser = $apiset->useradmin_diaguser_show(); $output_diaguser = $response_diaguser->get_parsed_output(); my $diaguser_hash = $output_diaguser->[0]; push(@$output_userlist, $diaguser_hash); } elsif ( ( (defined $filter{'login-name'}) && $filter{'login-name'} !~ /^diag$/i ) ) { $response_userlist = $apiset->useradmin_user_list(%filter); $output_userlist = $response_userlist->get_parsed_output(); } else { $response_diaguser = $apiset->useradmin_diaguser_show(); $output_diaguser = $response_diaguser->get_parsed_output(); my $diaguser_hash = $output_diaguser->[0]; push(@$output_userlist, $diaguser_hash); } foreach my $row (@$output_userlist) { $pkg->_hash_copy( source => $row, map => { 'Name' => 'username', 'Locked' => 'acctlocked', 'Info' => 'comment' }, target => \%final_attributes ); my $obj = $pkg->new(command_interface => $command_interface,); $obj->_set_fields(row => \%final_attributes); push @state_objs, $obj; } ## end foreach my $row (@$output) $Log->exit() if $may_exit; return @state_objs; } ## end sub _fetch_7mode_cli 1;