2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.northbound.api;
11 import java.net.HttpURLConnection;
13 import org.codehaus.enunciate.jaxrs.ResponseCode;
14 import org.codehaus.enunciate.jaxrs.StatusCodes;
15 import org.opendaylight.neutron.spi.INeutronFirewallAware;
16 import org.opendaylight.neutron.spi.INeutronFirewallCRUD;
17 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
18 import org.opendaylight.neutron.spi.NeutronFirewall;
20 import javax.ws.rs.Consumes;
21 import javax.ws.rs.DELETE;
22 import javax.ws.rs.GET;
23 import javax.ws.rs.POST;
24 import javax.ws.rs.PUT;
25 import javax.ws.rs.Path;
26 import javax.ws.rs.PathParam;
27 import javax.ws.rs.Produces;
28 import javax.ws.rs.QueryParam;
29 import javax.ws.rs.core.MediaType;
30 import javax.ws.rs.core.Response;
31 import java.util.ArrayList;
32 import java.util.HashMap;
33 import java.util.Iterator;
34 import java.util.List;
37 * Neutron Northbound REST APIs for Firewall.<br>
38 * This class provides REST APIs for managing neutron Firewall
42 * Authentication scheme : <b>HTTP Basic</b><br>
43 * Authentication realm : <b>opendaylight</b><br>
44 * Transport : <b>HTTP and HTTPS</b><br>
46 * HTTPS Authentication is disabled by default. Administrator can enable it in
47 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
48 * trusted authority.<br>
50 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
52 * Deprecated as all Neutron FWaaS is experimental and so doesn't meet
53 * the scope of neutron northbound
57 @Path("/fw/firewalls")
58 public class NeutronFirewallNorthbound {
60 private static final int HTTP_OK_BOTTOM = 200;
61 private static final int HTTP_OK_TOP = 299;
62 private static final String INTERFACE_NAME = "Firewall CRUD Interface";
63 private static final String UUID_NO_EXIST = "Firewall UUID does not exist.";
64 private static final String NO_PROVIDERS = "No providers registered. Please try again later";
65 private static final String NO_PROVIDER_LIST = "Couldn't get providers list. Please try again later";
67 private NeutronFirewall extractFields(NeutronFirewall o, List<String> fields) {
68 return o.extractFields(fields);
71 private NeutronCRUDInterfaces getNeutronInterfaces() {
72 NeutronCRUDInterfaces answer = new NeutronCRUDInterfaces().fetchINeutronFirewallCRUD(this);
73 if (answer.getFirewallInterface() == null) {
74 throw new ServiceUnavailableException(INTERFACE_NAME
75 + RestMessages.SERVICEUNAVAILABLE.toString());
81 * Returns a list of all Firewalls */
83 @Produces({ MediaType.APPLICATION_JSON })
85 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
86 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
87 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
88 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
90 public Response listGroups(
92 @QueryParam("fields") List<String> fields,
93 // OpenStack firewall attributes
94 @QueryParam("id") String queryFirewallUUID,
95 @QueryParam("tenant_id") String queryFirewallTenantID,
96 @QueryParam("name") String queryFirewallName,
97 @QueryParam("description") String queryFirewallDescription,
98 @QueryParam("shared") Boolean queryFirewallAdminStateIsUp,
99 @QueryParam("status") String queryFirewallStatus,
100 @QueryParam("shared") Boolean queryFirewallIsShared,
101 @QueryParam("firewall_policy_id") String queryFirewallPolicyID,
103 @QueryParam("limit") String limit,
104 @QueryParam("marker") String marker,
105 @QueryParam("page_reverse") String pageReverse
106 // sorting not supported
108 INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
109 List<NeutronFirewall> allFirewalls = firewallInterface.getAllNeutronFirewalls();
110 List<NeutronFirewall> ans = new ArrayList<NeutronFirewall>();
111 Iterator<NeutronFirewall> i = allFirewalls.iterator();
112 while (i.hasNext()) {
113 NeutronFirewall nsg = i.next();
114 if ((queryFirewallUUID == null ||
115 queryFirewallUUID.equals(nsg.getFirewallUUID())) &&
116 (queryFirewallTenantID == null ||
117 queryFirewallTenantID.equals(nsg.getFirewallTenantID())) &&
118 (queryFirewallName == null ||
119 queryFirewallName.equals(nsg.getFirewallName())) &&
120 (queryFirewallDescription == null ||
121 queryFirewallDescription.equals(nsg.getFirewallDescription())) &&
122 (queryFirewallAdminStateIsUp == null ||
123 queryFirewallAdminStateIsUp.equals(nsg.getFirewallAdminStateIsUp())) &&
124 (queryFirewallStatus == null ||
125 queryFirewallStatus.equals(nsg.getFirewallStatus())) &&
126 (queryFirewallIsShared == null ||
127 queryFirewallIsShared.equals(nsg.getFirewallIsShared())) &&
128 (queryFirewallPolicyID == null ||
129 queryFirewallPolicyID.equals(nsg.getFirewallPolicyID()))) {
130 if (fields.size() > 0) {
131 ans.add(extractFields(nsg,fields));
137 //TODO: apply pagination to results
138 return Response.status(HttpURLConnection.HTTP_OK).entity(
139 new NeutronFirewallRequest(ans)).build();
143 * Returns a specific Firewall */
145 @Path("{firewallUUID}")
147 @Produces({ MediaType.APPLICATION_JSON })
149 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
150 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
151 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
152 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
153 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
154 public Response showFirewall(@PathParam("firewallUUID") String firewallUUID,
156 @QueryParam("fields") List<String> fields) {
157 INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
158 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
159 throw new ResourceNotFoundException(UUID_NO_EXIST);
161 if (fields.size() > 0) {
162 NeutronFirewall ans = firewallInterface.getNeutronFirewall(firewallUUID);
163 return Response.status(HttpURLConnection.HTTP_OK).entity(
164 new NeutronFirewallRequest(extractFields(ans, fields))).build();
166 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
171 * Creates new Firewall */
174 @Produces({ MediaType.APPLICATION_JSON })
175 @Consumes({ MediaType.APPLICATION_JSON })
177 @ResponseCode(code = HttpURLConnection.HTTP_CREATED, condition = "Created"),
178 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
179 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
180 @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
181 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
182 @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
183 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
184 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
185 public Response createFirewalls(final NeutronFirewallRequest input) {
186 INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
187 if (input.isSingleton()) {
188 NeutronFirewall singleton = input.getSingleton();
191 * Verify that the Firewall doesn't already exist.
193 if (firewallInterface.neutronFirewallExists(singleton.getFirewallUUID())) {
194 throw new BadRequestException("Firewall UUID already exists");
196 firewallInterface.addNeutronFirewall(singleton);
197 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
198 if (instances != null) {
199 if (instances.length > 0) {
200 for (Object instance : instances) {
201 INeutronFirewallAware service = (INeutronFirewallAware) instance;
202 int status = service.canCreateNeutronFirewall(singleton);
203 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
204 return Response.status(status).build();
208 throw new ServiceUnavailableException(NO_PROVIDERS);
211 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
213 firewallInterface.addNeutronFirewall(singleton);
214 if (instances != null) {
215 for (Object instance : instances) {
216 INeutronFirewallAware service = (INeutronFirewallAware) instance;
217 service.neutronFirewallCreated(singleton);
221 List<NeutronFirewall> bulk = input.getBulk();
222 Iterator<NeutronFirewall> i = bulk.iterator();
223 HashMap<String, NeutronFirewall> testMap = new HashMap<String, NeutronFirewall>();
224 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
225 while (i.hasNext()) {
226 NeutronFirewall test = i.next();
229 * Verify that the secruity group doesn't already exist
231 if (firewallInterface.neutronFirewallExists(test.getFirewallUUID())) {
232 throw new BadRequestException("Firewall UUID already is already created");
234 if (testMap.containsKey(test.getFirewallUUID())) {
235 throw new BadRequestException("Firewall UUID already exists");
237 if (instances != null) {
238 if (instances.length > 0) {
239 for (Object instance : instances) {
240 INeutronFirewallAware service = (INeutronFirewallAware) instance;
241 int status = service.canCreateNeutronFirewall(test);
242 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
243 return Response.status(status).build();
247 throw new ServiceUnavailableException(NO_PROVIDERS);
250 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
255 * now, each element of the bulk request can be added to the cache
258 while (i.hasNext()) {
259 NeutronFirewall test = i.next();
260 firewallInterface.addNeutronFirewall(test);
261 if (instances != null) {
262 for (Object instance : instances) {
263 INeutronFirewallAware service = (INeutronFirewallAware) instance;
264 service.neutronFirewallCreated(test);
269 return Response.status(HttpURLConnection.HTTP_CREATED).entity(input).build();
273 * Updates a Firewall */
275 @Path("{firewallUUID}")
277 @Produces({ MediaType.APPLICATION_JSON })
278 @Consumes({ MediaType.APPLICATION_JSON })
280 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
281 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
282 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
283 @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
284 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
285 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
286 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
287 public Response updateFirewall(
288 @PathParam("firewallUUID") String firewallUUID, final NeutronFirewallRequest input) {
289 INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
292 * verify the Firewall exists and there is only one delta provided
294 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
295 throw new ResourceNotFoundException(UUID_NO_EXIST);
297 if (!input.isSingleton()) {
298 throw new BadRequestException("Only singleton edit supported");
300 NeutronFirewall delta = input.getSingleton();
301 NeutronFirewall original = firewallInterface.getNeutronFirewall(firewallUUID);
304 * updates restricted by Neutron
306 if (delta.getFirewallUUID() != null ||
307 delta.getFirewallTenantID() != null ||
308 delta.getFirewallName() != null ||
309 delta.getFirewallDescription() != null ||
310 delta.getFirewallAdminStateIsUp() != null ||
311 delta.getFirewallStatus() != null ||
312 delta.getFirewallIsShared() != null ||
313 delta.getFirewallPolicyID() != null) {
314 throw new BadRequestException("Attribute edit blocked by Neutron");
317 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
318 if (instances != null) {
319 if (instances.length > 0) {
320 for (Object instance : instances) {
321 INeutronFirewallAware service = (INeutronFirewallAware) instance;
322 int status = service.canUpdateNeutronFirewall(delta, original);
323 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
324 return Response.status(status).build();
328 throw new ServiceUnavailableException(NO_PROVIDERS);
331 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
335 * update the object and return it
337 firewallInterface.updateNeutronFirewall(firewallUUID, delta);
338 NeutronFirewall updatedFirewall = firewallInterface.getNeutronFirewall(firewallUUID);
339 if (instances != null) {
340 for (Object instance : instances) {
341 INeutronFirewallAware service = (INeutronFirewallAware) instance;
342 service.neutronFirewallUpdated(updatedFirewall);
345 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
349 * Deletes a Firewall */
351 @Path("{firewallUUID}")
354 @ResponseCode(code = HttpURLConnection.HTTP_NO_CONTENT, condition = "No Content"),
355 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
356 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
357 @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
358 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
359 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
360 public Response deleteFirewall(
361 @PathParam("firewallUUID") String firewallUUID) {
362 INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
365 * verify the Firewall exists and it isn't currently in use
367 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
368 throw new ResourceNotFoundException(UUID_NO_EXIST);
370 if (firewallInterface.neutronFirewallInUse(firewallUUID)) {
371 return Response.status(HttpURLConnection.HTTP_CONFLICT).build();
373 NeutronFirewall singleton = firewallInterface.getNeutronFirewall(firewallUUID);
374 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
375 if (instances != null) {
376 if (instances.length > 0) {
377 for (Object instance : instances) {
378 INeutronFirewallAware service = (INeutronFirewallAware) instance;
379 int status = service.canDeleteNeutronFirewall(singleton);
380 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
381 return Response.status(status).build();
385 throw new ServiceUnavailableException(NO_PROVIDERS);
388 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
392 * remove it and return 204 status
394 firewallInterface.removeNeutronFirewall(firewallUUID);
395 if (instances != null) {
396 for (Object instance : instances) {
397 INeutronFirewallAware service = (INeutronFirewallAware) instance;
398 service.neutronFirewallDeleted(singleton);
401 return Response.status(HttpURLConnection.HTTP_NO_CONTENT).build();