# # Copyright (c) 2011-2013 NetApp, Inc., All Rights Reserved # Any use, modification, or distribution is prohibited # without prior written consent from NetApp, Inc. # ## @summary VserverFpolicy Task Module ## @author Shakeela Shaik(sshaik@netapp.com), dl-nacl-dev ## @status shared ## @pod here package NACL::STask::VserverFpolicy; use strict; use warnings; use base qw(NACL::C::VserverFpolicy NACL::STask::STask); use NATE::Log qw(log_global); my $Log = log_global(); my $may_enter = $Log->may_enter(); my $may_exit = $Log->may_exit(); use Params::Validate qw(validate SCALAR BOOLEAN SCALARREF ARRAYREF); use NATE::Exceptions::Argument qw(:try); use NACL::C::Vserver; use NACL::C::VserverFpolicy; use NACL::APISet::Exceptions::ResponseException (); use NACL::Exceptions::VerifyFailure (); use NACL::ComponentUtils qw(Dumper); =head1 NAME NACL::STask::VserverFpolicy =head1 DESCRIPTION C provide methods to enable, disable vserver fpolicy in ONTAP. It is created on top of C component. Since it is derived class of C, we can use all the methods of C from the object of this task. =head1 CLEANUP METHODS Cleanup can be registered for the following methods, VserverFpolicy Method Cleanup Method ----------------------------------------------- enable purge =head1 ATTRIBUTES =head2 command_interface (Required) A component object that represents the host to which to send commands. See L. =head1 METHODS =head2 create my $VserverFpolicy_obj = NACL::STask::VserverFpolicy->enable( command_interface => $command_interface, vserver => $vserver_name, policy-name => $policy_name, nacltask_if_enabled => $action # default die nacltask_to_cleanup => 1, # default 0, nacltask_cleanup_manager => $CleanupObj, %other_options, ); (Class Method) It will enables a fpolicy. If policy already enabled, it will perform the action based on "nacltask_if_enabled" parameter. Default behavior would be "die". Uses CMode CLI. =over =item Options =over =item C<< "policy-name => $policy_name" >> (Required) Name of the policy to be created. "vserver => $vserver_name" (Required) Name of the vserver on which policy needs to be created. =item C<< "nacltask_if_enabled => $action" >> (Optional) What to do if the policy scope to be created already exists. If $action is "die", then fail with an exception. If action is "purge", then destroy the policy (see the "purge" method, below) before creating a new one. If $action is "reuse", It will return the object of existing policy scope. =item C<< "_was_enbaled => \$scalar" >> (Optional) When this option is provided a reference to a scalar variable, the variable gets filled in with a boolean value describing whether the policy was found enabled(value will be 0; this scenario is possible when if_enabled => "reuse") or whether the policy was enabled (value will be 1). This is necessary to determine whether the policy needs to be cleaned up later. my $was_enabled; my $policy_enabled_obj = NACL::STask::VserverFpolicy->enable( $nacltask_if_enabled => 'reuse', _was_enabled => \$was_enabled, %other_opts ); # Operate on $policy_enable_obj here # ... # Now determine whether to disable the policy , since we're not sure # whether we reused an enabled policy or enabled the diabled policy if ($was_enabled) { # Disabled policy was enabled. Clean it up. $policy_scope_obj->purge(); } =item C<< nacltask_to_cleanup => 0|1 >> (Optional, default to 0(no to cleanup) Flag indicating if this operation needs to be registered for clean up or not. =item C<< nacltask_cleanup_manager >> Cleanup manager to be used for registering. Default : Will use the default cleanup manager. command_interface, apiset_must, apiset_should, mode, policy etc. All of the other various options to NACL::C::VserverFpolicy->enable. =back =back =over =item Exceptions =over =item C This type of exception is thrown when an attempt is made to enable vserver fpolicy scope when it is already enabled. =item C This type of exception is thrown when verification fails for the enabled vserver fpolicy. =back =back =cut sub enable { $Log->enter() if $may_enter; my $pkg = shift; my %opts = $pkg->_common_validate_with( params => \@_, additional_spec => { nacltask_if_enabled => $pkg->_if_exists_validate_spec(), _was_enabled => { type => SCALARREF, optional => 1 }, $pkg->_cleanup_validate_spec(), }, allow_extra => 1 ); # Transform %opts from the options we received into the options to # pass to the base class method. my ( $self, %common_opts, %nacltask_opts, %opts_for_cleanup, %opts_for_register, $nacltask_to_cleanup ); $pkg->_copy_common_component_params_with_ci( source => \%opts, target => \%common_opts ); $pkg->_move_common_cleanup_opts( source => \%opts, target => \%opts_for_cleanup, ); $pkg->_move_nacltask_options( source => \%opts, target => \%nacltask_opts ); my $was_enabled = delete $opts{_was_enabled}; my $if_enabled = $nacltask_opts{'nacltask_if_enabled'}; my $verify = $nacltask_opts{'nacltask_verify'}; $$was_enabled = 0; CREATE: { use warnings; try { $pkg->SUPER::enable(%opts); $$was_enabled = 1; } catch NACL::C::Exceptions::VserverFpolicy::AlreadyEnabled with { my $exception = $_[0]; $Log->debug("STask The Policy already enabled $if_enabled"); $self = $pkg->_element_exists_handler( create_opts => \%opts, nacltask_if_exists => $if_enabled, exception => $exception ); if ( !$self ) { no warnings qw(exiting); redo CREATE; } }; } if ($verify) { $pkg->verify_state(%opts); } # Register this resource with the cleanup manager for cleanup. $pkg->_copy_common_opts_for_cleanup( 'source' => {%opts, %opts_for_cleanup}, 'target' => \%opts_for_register, 'nacltask_to_cleanup'=> \$nacltask_to_cleanup, 'to_cleanup' => 'purge', ); $pkg->_register_for_cleanup(%opts_for_register) if ($nacltask_to_cleanup); $Log->exit() if $may_exit; return $pkg->new( command_interface => $opts{command_interface}, vserver => $opts{vserver}, policy_name => $opts{'policy-name'}, ); } ## end sub enable =head2 purge This accepts the same options and provides the same facilities as L. Additionally, the STask provides the following facilities: C. The description of these features are present at: L. =cut __PACKAGE__->purge_method_builder(c_method_name => 'disable', c_exception_name => 'AlreadyDisabled'); ############################################################################### # Name : _generic_purge_verify # Description : Verifies whether the policy is disabeld or not # ############################################################################### sub _generic_purge_verify { $Log->enter() if $may_enter; my $pkg_or_obj = shift; my %opts = $pkg_or_obj->_common_validate_with( params => \@_ ); my $pkg = ref $pkg_or_obj || $pkg_or_obj; my %common_params; $pkg->_move_common_component_params_with_ci( source => \%opts, target => \%common_params ); my $policy = NACL::CS::VserverFpolicy->fetch( command_interface => $common_params{command_interface}, filter => { vserver => $opts{vserver}, policy_name => $opts{'policy-name'}, }, requested_fields => [qw(status)], ); if ( $policy->status() =~ /on/ ) { $Log->exit() if $may_exit; NACL::Exceptions::VerifyFailure->throw( 'Verification failed! The element ' . _dump_one( \%opts ) . ' still enabled (it should have been disabled)' ); } $Log->exit() if $may_exit; } ## end sub _generic_purge_verify 1;