Code Review / netvirt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Fixup Augmentable and Identifiable methods changing
[netvirt.git] / aclservice / impl / src / main / java / org / opendaylight / netvirt / aclservice / listeners / AclEventListener.java
1 /*
2  * Copyright (c) 2016 Ericsson India Global Services Pvt Ltd. and others. All rights reserved.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8 package org.opendaylight.netvirt.aclservice.listeners;
9
10 import com.google.common.collect.ImmutableSet;
11 import java.util.ArrayList;
12 import java.util.Collection;
13 import java.util.HashSet;
14 import java.util.Iterator;
15 import java.util.List;
16 import java.util.Set;
17 import java.util.SortedSet;
18 import javax.annotation.PostConstruct;
19 import javax.inject.Inject;
20 import javax.inject.Singleton;
21 import org.opendaylight.controller.md.sal.binding.api.ClusteredDataTreeChangeListener;
22 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
23 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
24 import org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase;
25 import org.opendaylight.genius.srm.RecoverableListener;
26 import org.opendaylight.genius.srm.ServiceRecoveryRegistry;
27 import org.opendaylight.netvirt.aclservice.api.AclInterfaceCache;
28 import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
29 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
30 import org.opendaylight.netvirt.aclservice.utils.AclClusterUtil;
31 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
32 import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
33 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
34 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.AccessLists;
35 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
36 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
37 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionBase;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
42 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
43 import org.slf4j.Logger;
44 import org.slf4j.LoggerFactory;
45
46 @Singleton
47 public class AclEventListener extends AsyncDataTreeChangeListenerBase<Acl, AclEventListener> implements
48         ClusteredDataTreeChangeListener<Acl>, RecoverableListener {
49
50     private static final Logger LOG = LoggerFactory.getLogger(AclEventListener.class);
51
52     private final AclServiceManager aclServiceManager;
53     private final AclClusterUtil aclClusterUtil;
54     private final DataBroker dataBroker;
55     private final AclDataUtil aclDataUtil;
56     private final AclServiceUtils aclServiceUtils;
57     private final AclInterfaceCache aclInterfaceCache;
58
59     @Inject
60     public AclEventListener(AclServiceManager aclServiceManager, AclClusterUtil aclClusterUtil, DataBroker dataBroker,
61             AclDataUtil aclDataUtil, AclServiceUtils aclServicUtils, AclInterfaceCache aclInterfaceCache,
62             ServiceRecoveryRegistry serviceRecoveryRegistry) {
63         super(Acl.class, AclEventListener.class);
64         this.aclServiceManager = aclServiceManager;
65         this.aclClusterUtil = aclClusterUtil;
66         this.dataBroker = dataBroker;
67         this.aclDataUtil = aclDataUtil;
68         this.aclServiceUtils = aclServicUtils;
69         this.aclInterfaceCache = aclInterfaceCache;
70         serviceRecoveryRegistry.addRecoverableListener(AclServiceUtils.getRecoverServiceRegistryKey(), this);
71     }
72
73     @Override
74     @PostConstruct
75     public void init() {
76         LOG.info("{} start", getClass().getSimpleName());
77         registerListener();
78     }
79
80     @Override
81     public void registerListener() {
82         registerListener(LogicalDatastoreType.CONFIGURATION, dataBroker);
83     }
84
85     @Override
86     protected InstanceIdentifier<Acl> getWildCardPath() {
87         return InstanceIdentifier.create(AccessLists.class).child(Acl.class);
88     }
89
90     @Override
91     protected void remove(InstanceIdentifier<Acl> key, Acl acl) {
92         String aclName = acl.getAclName();
93         if (!AclServiceUtils.isOfAclInterest(acl)) {
94             LOG.trace("{} does not have SecurityRuleAttr augmentation", aclName);
95             return;
96         }
97
98         LOG.trace("On remove event, remove ACL: {}", acl);
99         this.aclDataUtil.removeAcl(aclName);
100         Integer aclTag = this.aclDataUtil.getAclTag(aclName);
101         if (aclTag != null) {
102             this.aclDataUtil.removeAclTag(aclName);
103             this.aclServiceUtils.releaseAclTag(aclName);
104         }
105         updateRemoteAclCache(acl.getAccessListEntries().getAce(), aclName, AclServiceManager.Action.REMOVE);
106     }
107
108     @Override
109     protected void update(InstanceIdentifier<Acl> key, Acl aclBefore, Acl aclAfter) {
110         if (!AclServiceUtils.isOfAclInterest(aclAfter) && !AclServiceUtils.isOfAclInterest(aclBefore)) {
111             LOG.trace("before {} and after {} does not have SecurityRuleAttr augmentation",
112                     aclBefore.getAclName(), aclAfter.getAclName());
113             return;
114         }
115         String aclName = aclAfter.getAclName();
116         Collection<AclInterface> interfacesBefore =
117                 ImmutableSet.copyOf(aclDataUtil.getInterfaceList(new Uuid(aclName)));
118         // Find and update added ace rules in acl
119         List<Ace> addedAceRules = getChangedAceList(aclAfter, aclBefore);
120
121         // Find and update deleted ace rules in acl
122         List<Ace> deletedAceRules = getChangedAceList(aclBefore, aclAfter);
123
124         if (interfacesBefore != null && aclClusterUtil.isEntityOwner()) {
125             LOG.debug("On update event, remove Ace rules: {} for ACL: {}", deletedAceRules, aclName);
126             updateAceRules(interfacesBefore, aclName, deletedAceRules, AclServiceManager.Action.REMOVE);
127         }
128         updateAclCaches(aclBefore, aclAfter, interfacesBefore);
129
130         if (interfacesBefore != null && aclClusterUtil.isEntityOwner()) {
131             LOG.debug("On update event, add Ace rules: {} for ACL: {}", addedAceRules, aclName);
132             updateAceRules(interfacesBefore, aclName, addedAceRules, AclServiceManager.Action.ADD);
133
134             aclServiceManager.notifyAcl(aclBefore, aclAfter, interfacesBefore, AclServiceManager.Action.UPDATE);
135         }
136     }
137
138     private void updateAceRules(Collection<AclInterface> interfaceList, String aclName, List<Ace> aceList,
139             AclServiceManager.Action action) {
140         if (null != aceList && !aceList.isEmpty()) {
141             LOG.trace("update ace rules - action: {} , ace rules: {}", action.name(), aceList);
142             for (AclInterface port : interfaceList) {
143                 for (Ace aceRule : aceList) {
144                     aclServiceManager.notifyAce(port, action, aclName, aceRule);
145                 }
146             }
147         }
148     }
149
150     @Override
151     protected void add(InstanceIdentifier<Acl> key, Acl acl) {
152         String aclName = acl.getAclName();
153         if (!AclServiceUtils.isOfAclInterest(acl)) {
154             LOG.trace("{} does not have SecurityRuleAttr augmentation", aclName);
155             return;
156         }
157
158         LOG.trace("On add event, add ACL: {}", acl);
159         this.aclDataUtil.addAcl(acl);
160
161         Integer aclTag = this.aclServiceUtils.allocateAclTag(aclName);
162         if (aclTag != null && aclTag != AclConstants.INVALID_ACL_TAG) {
163             this.aclDataUtil.addAclTag(aclName, aclTag);
164         }
165
166         updateRemoteAclCache(acl.getAccessListEntries().getAce(), aclName, AclServiceManager.Action.ADD);
167     }
168
169     /**
170      * Update remote acl cache.
171      *
172      * @param aceList the ace list
173      * @param aclName the acl name
174      * @param action the action
175      */
176     private void updateRemoteAclCache(List<Ace> aceList, String aclName, AclServiceManager.Action action) {
177         if (null == aceList) {
178             return;
179         }
180         for (Ace ace : aceList) {
181             SecurityRuleAttr aceAttributes = ace.augmentation(SecurityRuleAttr.class);
182             if (AclServiceUtils.doesAceHaveRemoteGroupId(aceAttributes)) {
183                 if (action == AclServiceManager.Action.ADD) {
184                     aclDataUtil.addRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName),
185                             aceAttributes.getDirection());
186                 } else {
187                     aclDataUtil.removeRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName),
188                             aceAttributes.getDirection());
189                 }
190             }
191         }
192     }
193
194     private void updateAclCaches(Acl aclBefore, Acl aclAfter, Collection<AclInterface> aclInterfaces) {
195         String aclName = aclAfter.getAclName();
196         Integer aclTag = this.aclDataUtil.getAclTag(aclName);
197         if (aclTag == null) {
198             aclTag = this.aclServiceUtils.allocateAclTag(aclName);
199             if (aclTag != null && aclTag != AclConstants.INVALID_ACL_TAG) {
200                 this.aclDataUtil.addAclTag(aclName, aclTag);
201             }
202         }
203         this.aclDataUtil.addAcl(aclAfter);
204
205         updateAclCaches(aclBefore, aclAfter, aclInterfaces, DirectionEgress.class);
206         updateAclCaches(aclBefore, aclAfter, aclInterfaces, DirectionIngress.class);
207     }
208
209     private void updateAclCaches(Acl aclBefore, Acl aclAfter, Collection<AclInterface> aclInterfaces,
210             Class<? extends DirectionBase> direction) {
211         Uuid aclId = new Uuid(aclAfter.getAclName());
212         Set<Uuid> remoteAclsBefore = AclServiceUtils.getRemoteAclIdsByDirection(aclBefore, direction);
213         Set<Uuid> remoteAclsAfter = AclServiceUtils.getRemoteAclIdsByDirection(aclAfter, direction);
214
215         Set<Uuid> remoteAclsDeleted = new HashSet<>(remoteAclsBefore);
216         remoteAclsDeleted.removeAll(remoteAclsAfter);
217         for (Uuid remoteAcl : remoteAclsDeleted) {
218             aclDataUtil.removeRemoteAclId(remoteAcl, aclId, direction);
219         }
220
221         Set<Uuid> remoteAclsAdded = new HashSet<>(remoteAclsAfter);
222         remoteAclsAdded.removeAll(remoteAclsBefore);
223         for (Uuid remoteAcl : remoteAclsAdded) {
224             aclDataUtil.addRemoteAclId(remoteAcl, aclId, direction);
225         }
226
227         if (remoteAclsDeleted.isEmpty() && remoteAclsAdded.isEmpty()) {
228             return;
229         }
230
231         if (aclInterfaces != null) {
232             for (AclInterface aclInterface : aclInterfaces) {
233                 AclInterface aclInterfaceInCache =
234                         aclInterfaceCache.addOrUpdate(aclInterface.getInterfaceId(), (prevAclInterface, builder) -> {
235                             SortedSet<Integer> remoteAclTags =
236                                     aclServiceUtils.getRemoteAclTags(aclInterface.getSecurityGroups(), direction);
237                             if (DirectionEgress.class.equals(direction)) {
238                                 builder.egressRemoteAclTags(remoteAclTags);
239                             } else {
240                                 builder.ingressRemoteAclTags(remoteAclTags);
241                             }
242                         });
243
244                 aclDataUtil.addOrUpdateAclInterfaceMap(aclInterface.getSecurityGroups(), aclInterfaceInCache);
245             }
246         }
247     }
248
249     @Override
250     protected AclEventListener getDataTreeChangeListener() {
251         return this;
252     }
253
254     private List<Ace> getChangedAceList(Acl updatedAcl, Acl currentAcl) {
255         if (updatedAcl == null) {
256             return null;
257         }
258         List<Ace> updatedAceList = updatedAcl.getAccessListEntries() == null ? new ArrayList<>()
259                 : new ArrayList<>(updatedAcl.getAccessListEntries().getAce());
260         if (currentAcl == null) {
261             return updatedAceList;
262         }
263         List<Ace> currentAceList = currentAcl.getAccessListEntries() == null ? new ArrayList<>()
264                 : new ArrayList<>(currentAcl.getAccessListEntries().getAce());
265         for (Iterator<Ace> iterator = updatedAceList.iterator(); iterator.hasNext();) {
266             Ace ace1 = iterator.next();
267             for (Ace ace2 : currentAceList) {
268                 if (ace1.getRuleName().equals(ace2.getRuleName())) {
269                     iterator.remove();
270                 }
271             }
272         }
273         return updatedAceList;
274     }
275 }
NetVirt - Archived