Module netapp_ontap.resources.file_directory_security_acl
Copyright © 2023 NetApp Inc. All rights reserved.
This file has been automatically generated based on the ONTAP REST API documentation.
Classes
class FileDirectorySecurityAcl (*args, **kwargs)
-
Manages the DACLS or SACLS.
Initialize the instance of the resource.
Any keyword arguments are set on the instance as properties. For example, if the class was named 'MyResource', then this statement would be true:
MyResource(name='foo').name == 'foo'
Args
*args
- Each positional argument represents a parent key as used in the URL of the object. That is, each value will be used to fill in a segment of the URL which refers to some parent object. The order of these arguments must match the order they are specified in the URL, from left to right.
**kwargs
- each entry will have its key set as an attribute name on the instance and its value will be the value of that attribute.
Ancestors
Static methods
def delete_collection (*args, records: Iterable[_ForwardRef('FileDirectorySecurityAcl')] = None, body: Union[Resource, dict] = None, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, connection: HostConnection = None, **kwargs) -> NetAppResponse
-
Deletes the SACL/DACL ACL You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while deleting SLAG ACE. * Set access_control field to file_directory while deleting file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl remove
vserver security file-directory ntfs sacl remove
Delete all objects in a collection which match the given query.
All records on the host which match the query will be deleted.
Args
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to delete the collection of bars for a particular foo, the foo.name value should be passed.
records
- Can be provided in place of a query. If so, this list of objects will be deleted from the host.
body
- The body of the delete request. This could be a Resource instance or a dictionary object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be deleted.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def patch_collection (body: dict, *args, records: Iterable[_ForwardRef('FileDirectorySecurityAcl')] = None, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, connection: HostConnection = None, **kwargs) -> NetAppResponse
-
Updates the SACLs/DACLs You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while updating SLAG ACE. * Set access_control field to file_directory while updating file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl modify
vserver security file-directory ntfs sacl modify
Patch all objects in a collection which match the given query.
All records on the host which match the query will be patched with the provided body.
Args
body
- A dictionary of name/value pairs to set on all matching members of the collection. The body argument will be ignored if records is provided.
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to patch the collection of bars for a particular foo, the foo.name value should be passed.
records
- Can be provided in place of a query. If so, this list of objects will be patched on the host.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def post_collection (records: Iterable[_ForwardRef('FileDirectorySecurityAcl')], *args, hydrate: bool = False, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, connection: HostConnection = None, **kwargs) -> Union[List[FileDirectorySecurityAcl], NetAppResponse]
-
Adds the new SACL/DACL ACE. You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while adding SLAG ACE. * Set access_control field to file_directory while adding file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl add
vserver security file-directory ntfs sacl add
Send this collection of objects to the host as a creation request.
Args
records
- A list of
Resource
objects to send to the server to be created. *args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to create a bar for a particular foo, the foo.name value should be passed.
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of each object. When hydrate is set to True, poll must also be set to True.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.
Returns
A list of
Resource
objects matching the provided type which have been created by the host and returned. This is not the same list that was provided, so to continue using the object, you should save this list. If poll is set to False, then aNetAppResponse
object is returned instead.Raises
NetAppRestError
: If the API call returned a status code >= 400
Methods
def delete (self, body: Union[Resource, dict] = None, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, **kwargs) -> NetAppResponse
-
Deletes the SACL/DACL ACL You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while deleting SLAG ACE. * Set access_control field to file_directory while deleting file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl remove
vserver security file-directory ntfs sacl remove
Send a deletion request to the host for this object.
Args
body
- The body of the delete request. This could be a Resource instance or a dictionary object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def patch (self, hydrate: bool = False, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, **kwargs) -> NetAppResponse
-
Updates the SACLs/DACLs You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while updating SLAG ACE. * Set access_control field to file_directory while updating file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl modify
vserver security file-directory ntfs sacl modify
Send the difference in the object's state to the host as a modification request.
Calculates the difference in the object's state since the last time we interacted with the host and sends this in the request body.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will normally be sent as query parameters to the host. If any of these pairs are parameters that are sent as formdata then only parameters of that type will be accepted and all others will be discarded.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 def post (self, hydrate: bool = False, poll: bool = True, poll_interval: Optional[int] = None, poll_timeout: Optional[int] = None, **kwargs) -> NetAppResponse
-
Adds the new SACL/DACL ACE. You must keep the following points in mind while using these endpoints: * SLAG applies to all files and/or directories in a volume hence, inheritance is not required to be propagated. * Set access_control field to slag while adding SLAG ACE. * Set access_control field to file_directory while adding file-directory ACE. By Default access_control field is set to file_directory. * For SLAG, valid apply_to combinations are "this-folder, sub-folders", "files", "this-folder, sub-folders, files".
Related ONTAP commands
vserver security file-directory ntfs dacl add
vserver security file-directory ntfs sacl add
Send this object to the host as a creation request.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will normally be sent as query parameters to the host. If any of these pairs are parameters that are sent as formdata then only parameters of that type will be accepted and all others will be discarded.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400
Inherited members
class FileDirectorySecurityAclSchema (*, only: Union[Sequence[str], Set[str]] = None, exclude: Union[Sequence[str], Set[str]] = (), many: bool = False, context: Dict = None, load_only: Union[Sequence[str], Set[str]] = (), dump_only: Union[Sequence[str], Set[str]] = (), partial: Union[bool, Sequence[str], Set[str]] = False, unknown: str = None)
-
The fields of the FileDirectorySecurityAcl object
Ancestors
- netapp_ontap.resource.ResourceSchema
- marshmallow.schema.Schema
- marshmallow.base.SchemaABC
Class variables
-
access: str GET POST PATCH
-
Specifies whether the ACL is for DACL or SACL. The available values are:
- access_allow - DACL for allow access
- access_deny - DACL for deny access
- audit_success - SACL for success access
- audit_failure - SACL for failure access
Valid choices:
- access_allow
- access_deny
- audit_failure
- audit_success
-
access_control: str GET POST PATCH
-
Access Control Level specifies the access control of the task to be applied. Valid values are "file-directory" or "Storage-Level Access Guard (SLAG)". SLAG is used to apply the specified security descriptors with the task for the volume or qtree. Otherwise, the security descriptors are applied on files and directories at the specified path. The value slag is not supported on FlexGroups volumes. The default value is "file-directory".
Valid choices:
- file_directory
- slag
-
advanced_rights: AdvancedRights GET POST PATCH
-
The advanced_rights field of the file_directory_security_acl.
-
apply_to: ApplyTo GET POST PATCH
-
The apply_to field of the file_directory_security_acl.
-
ignore_paths: List[str] GET POST PATCH
-
Specifies that permissions on this file or directory cannot be replaced.
Example: ["/dir1/dir2/","/parent/dir3"]
-
propagation_mode: str GET POST PATCH
-
Specifies how to propagate security settings to child subfolders and files. This setting determines how child files/folders contained within a parent folder inherit access control and audit information from the parent folder. The available values are:
- propagate - propagate inheritable permissions to all subfolders and files
- replace - replace existing permissions on all subfolders and files with inheritable permissions
Valid choices:
- propagate
- replace
-
rights: str GET POST PATCH
-
Specifies the access right controlled by the ACE for the account specified. The "rights" parameter is mutually exclusive with the "advanced_rights" parameter. If you specify the "rights" parameter, you can specify one of the following "rights" values:
Valid choices:
- no_access
- full_control
- modify
- read_and_execute
- read
- write
-
user: str GET POST
-
Specifies the account to which the ACE applies. You can specify either name or SID.
Example: S-1-5-21-2233347455-2266964949-1780268902-69304