northbound-api/src/main/java/org/opendaylight/neutron/northbound/api/NeutronFirewallNorthbound.java

   1 /*
   2  * Copyright (C) 2014 Red Hat, Inc.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.neutron.northbound.api;
  10
  11 import java.net.HttpURLConnection;
  12
  13 import org.codehaus.enunciate.jaxrs.ResponseCode;
  14 import org.codehaus.enunciate.jaxrs.StatusCodes;
  15 import org.opendaylight.neutron.spi.INeutronFirewallAware;
  16 import org.opendaylight.neutron.spi.INeutronFirewallCRUD;
  17 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
  18 import org.opendaylight.neutron.spi.NeutronFirewall;
  19
  20 import javax.ws.rs.Consumes;
  21 import javax.ws.rs.DELETE;
  22 import javax.ws.rs.GET;
  23 import javax.ws.rs.POST;
  24 import javax.ws.rs.PUT;
  25 import javax.ws.rs.Path;
  26 import javax.ws.rs.PathParam;
  27 import javax.ws.rs.Produces;
  28 import javax.ws.rs.QueryParam;
  29 import javax.ws.rs.core.MediaType;
  30 import javax.ws.rs.core.Response;
  31 import java.util.ArrayList;
  32 import java.util.HashMap;
  33 import java.util.Iterator;
  34 import java.util.List;
  35
  36 /**
  37  * Neutron Northbound REST APIs for Firewall.<br>
  38  * This class provides REST APIs for managing neutron Firewall
  39  *
  40  * <br>
  41  * <br>
  42  * Authentication scheme : <b>HTTP Basic</b><br>
  43  * Authentication realm : <b>opendaylight</b><br>
  44  * Transport : <b>HTTP and HTTPS</b><br>
  45  * <br>
  46  * HTTPS Authentication is disabled by default. Administrator can enable it in
  47  * tomcat-server.xml after adding a proper keystore / SSL certificate from a
  48  * trusted authority.<br>
  49  * More info :
  50  * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
  51  *
  52  * Deprecated as all Neutron FWaaS is experimental and so doesn't meet
  53  * the scope of neutron northbound
  54  *
  55  * @deprecated
  56  */
  57 @Path("/fw/firewalls")
  58 public class NeutronFirewallNorthbound {
  59
  60     private static final int HTTP_OK_BOTTOM = 200;
  61     private static final int HTTP_OK_TOP = 299;
  62     private static final String INTERFACE_NAME = "Firewall CRUD Interface";
  63     private static final String UUID_NO_EXIST = "Firewall UUID does not exist.";
  64     private static final String NO_PROVIDERS = "No providers registered.  Please try again later";
  65     private static final String NO_PROVIDER_LIST = "Couldn't get providers list.  Please try again later";
  66
  67     private NeutronFirewall extractFields(NeutronFirewall o, List<String> fields) {
  68         return o.extractFields(fields);
  69     }
  70
  71     private NeutronCRUDInterfaces getNeutronInterfaces() {
  72         NeutronCRUDInterfaces answer = new NeutronCRUDInterfaces().fetchINeutronFirewallCRUD(this);
  73         if (answer.getFirewallInterface() == null) {
  74             throw new ServiceUnavailableException(INTERFACE_NAME
  75                 + RestMessages.SERVICEUNAVAILABLE.toString());
  76         }
  77         return answer;
  78     }
  79
  80     /**
  81      * Returns a list of all Firewalls */
  82     @GET
  83     @Produces({ MediaType.APPLICATION_JSON })
  84     @StatusCodes({
  85             @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
  86             @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
  87             @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
  88             @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
  89
  90     public Response listGroups(
  91             // return fields
  92             @QueryParam("fields") List<String> fields,
  93             // OpenStack firewall attributes
  94             @QueryParam("id") String queryFirewallUUID,
  95             @QueryParam("tenant_id") String queryFirewallTenantID,
  96             @QueryParam("name") String queryFirewallName,
  97             @QueryParam("description") String queryFirewallDescription,
  98             @QueryParam("shared") Boolean queryFirewallAdminStateIsUp,
  99             @QueryParam("status") String queryFirewallStatus,
 100             @QueryParam("shared") Boolean queryFirewallIsShared,
 101             @QueryParam("firewall_policy_id") String queryFirewallPolicyID,
 102             // pagination
 103             @QueryParam("limit") String limit,
 104             @QueryParam("marker") String marker,
 105             @QueryParam("page_reverse") String pageReverse
 106             // sorting not supported
 107     ) {
 108         INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
 109         List<NeutronFirewall> allFirewalls = firewallInterface.getAllNeutronFirewalls();
 110         List<NeutronFirewall> ans = new ArrayList<NeutronFirewall>();
 111         Iterator<NeutronFirewall> i = allFirewalls.iterator();
 112         while (i.hasNext()) {
 113             NeutronFirewall nsg = i.next();
 114             if ((queryFirewallUUID == null ||
 115                 queryFirewallUUID.equals(nsg.getFirewallUUID())) &&
 116                 (queryFirewallTenantID == null ||
 117                     queryFirewallTenantID.equals(nsg.getFirewallTenantID())) &&
 118                 (queryFirewallName == null ||
 119                     queryFirewallName.equals(nsg.getFirewallName())) &&
 120                 (queryFirewallDescription == null ||
 121                     queryFirewallDescription.equals(nsg.getFirewallDescription())) &&
 122                 (queryFirewallAdminStateIsUp == null ||
 123                     queryFirewallAdminStateIsUp.equals(nsg.getFirewallAdminStateIsUp())) &&
 124                 (queryFirewallStatus == null ||
 125                     queryFirewallStatus.equals(nsg.getFirewallStatus())) &&
 126                 (queryFirewallIsShared == null ||
 127                     queryFirewallIsShared.equals(nsg.getFirewallIsShared())) &&
 128                 (queryFirewallPolicyID == null ||
 129                     queryFirewallPolicyID.equals(nsg.getFirewallPolicyID()))) {
 130                 if (fields.size() > 0) {
 131                     ans.add(extractFields(nsg,fields));
 132                 } else {
 133                     ans.add(nsg);
 134                 }
 135             }
 136         }
 137         //TODO: apply pagination to results
 138         return Response.status(HttpURLConnection.HTTP_OK).entity(
 139                 new NeutronFirewallRequest(ans)).build();
 140     }
 141
 142     /**
 143      * Returns a specific Firewall */
 144
 145     @Path("{firewallUUID}")
 146     @GET
 147     @Produces({ MediaType.APPLICATION_JSON })
 148     @StatusCodes({
 149             @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
 150             @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
 151             @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
 152             @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
 153             @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
 154     public Response showFirewall(@PathParam("firewallUUID") String firewallUUID,
 155                                       // return fields
 156                                       @QueryParam("fields") List<String> fields) {
 157         INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
 158         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 159             throw new ResourceNotFoundException(UUID_NO_EXIST);
 160         }
 161         if (fields.size() > 0) {
 162             NeutronFirewall ans = firewallInterface.getNeutronFirewall(firewallUUID);
 163             return Response.status(HttpURLConnection.HTTP_OK).entity(
 164                     new NeutronFirewallRequest(extractFields(ans, fields))).build();
 165         } else {
 166             return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
 167         }
 168     }
 169
 170     /**
 171      * Creates new Firewall */
 172
 173     @POST
 174     @Produces({ MediaType.APPLICATION_JSON })
 175     @Consumes({ MediaType.APPLICATION_JSON })
 176     @StatusCodes({
 177             @ResponseCode(code = HttpURLConnection.HTTP_CREATED, condition = "Created"),
 178             @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
 179             @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
 180             @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
 181             @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
 182             @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
 183             @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
 184             @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
 185     public Response createFirewalls(final NeutronFirewallRequest input) {
 186         INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
 187         if (input.isSingleton()) {
 188             NeutronFirewall singleton = input.getSingleton();
 189
 190             /*
 191              *  Verify that the Firewall doesn't already exist.
 192              */
 193             if (firewallInterface.neutronFirewallExists(singleton.getFirewallUUID())) {
 194                 throw new BadRequestException("Firewall UUID already exists");
 195             }
 196             firewallInterface.addNeutronFirewall(singleton);
 197             Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 198             if (instances != null) {
 199                 if (instances.length > 0) {
 200                     for (Object instance : instances) {
 201                         INeutronFirewallAware service = (INeutronFirewallAware) instance;
 202                         int status = service.canCreateNeutronFirewall(singleton);
 203                         if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
 204                             return Response.status(status).build();
 205                         }
 206                     }
 207                 } else {
 208                     throw new ServiceUnavailableException(NO_PROVIDERS);
 209                 }
 210             } else {
 211                 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
 212             }
 213             firewallInterface.addNeutronFirewall(singleton);
 214             if (instances != null) {
 215                 for (Object instance : instances) {
 216                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 217                     service.neutronFirewallCreated(singleton);
 218                 }
 219             }
 220         } else {
 221             List<NeutronFirewall> bulk = input.getBulk();
 222             Iterator<NeutronFirewall> i = bulk.iterator();
 223             HashMap<String, NeutronFirewall> testMap = new HashMap<String, NeutronFirewall>();
 224             Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 225             while (i.hasNext()) {
 226                 NeutronFirewall test = i.next();
 227
 228                 /*
 229                  *  Verify that the secruity group doesn't already exist
 230                  */
 231                 if (firewallInterface.neutronFirewallExists(test.getFirewallUUID())) {
 232                     throw new BadRequestException("Firewall UUID already is already created");
 233                 }
 234                 if (testMap.containsKey(test.getFirewallUUID())) {
 235                     throw new BadRequestException("Firewall UUID already exists");
 236                 }
 237                 if (instances != null) {
 238                     if (instances.length > 0) {
 239                         for (Object instance : instances) {
 240                             INeutronFirewallAware service = (INeutronFirewallAware) instance;
 241                             int status = service.canCreateNeutronFirewall(test);
 242                             if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
 243                                 return Response.status(status).build();
 244                             }
 245                         }
 246                     } else {
 247                         throw new ServiceUnavailableException(NO_PROVIDERS);
 248                     }
 249                 } else {
 250                     throw new ServiceUnavailableException(NO_PROVIDER_LIST);
 251                 }
 252             }
 253
 254             /*
 255              * now, each element of the bulk request can be added to the cache
 256              */
 257             i = bulk.iterator();
 258             while (i.hasNext()) {
 259                 NeutronFirewall test = i.next();
 260                 firewallInterface.addNeutronFirewall(test);
 261                 if (instances != null) {
 262                     for (Object instance : instances) {
 263                         INeutronFirewallAware service = (INeutronFirewallAware) instance;
 264                         service.neutronFirewallCreated(test);
 265                     }
 266                 }
 267             }
 268         }
 269         return Response.status(HttpURLConnection.HTTP_CREATED).entity(input).build();
 270     }
 271
 272     /**
 273      * Updates a Firewall */
 274
 275     @Path("{firewallUUID}")
 276     @PUT
 277     @Produces({ MediaType.APPLICATION_JSON })
 278     @Consumes({ MediaType.APPLICATION_JSON })
 279     @StatusCodes({
 280             @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
 281             @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
 282             @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
 283             @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
 284             @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
 285             @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
 286             @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
 287     public Response updateFirewall(
 288             @PathParam("firewallUUID") String firewallUUID, final NeutronFirewallRequest input) {
 289         INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
 290
 291         /*
 292          * verify the Firewall exists and there is only one delta provided
 293          */
 294         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 295             throw new ResourceNotFoundException(UUID_NO_EXIST);
 296         }
 297         if (!input.isSingleton()) {
 298             throw new BadRequestException("Only singleton edit supported");
 299         }
 300         NeutronFirewall delta = input.getSingleton();
 301         NeutronFirewall original = firewallInterface.getNeutronFirewall(firewallUUID);
 302
 303         /*
 304          * updates restricted by Neutron
 305          */
 306         if (delta.getFirewallUUID() != null ||
 307                 delta.getFirewallTenantID() != null ||
 308                 delta.getFirewallName() != null ||
 309                 delta.getFirewallDescription() != null ||
 310                 delta.getFirewallAdminStateIsUp() != null ||
 311                 delta.getFirewallStatus() != null ||
 312                 delta.getFirewallIsShared() != null ||
 313                 delta.getFirewallPolicyID() != null) {
 314             throw new BadRequestException("Attribute edit blocked by Neutron");
 315         }
 316
 317         Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 318         if (instances != null) {
 319             if (instances.length > 0) {
 320                 for (Object instance : instances) {
 321                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 322                     int status = service.canUpdateNeutronFirewall(delta, original);
 323                     if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
 324                         return Response.status(status).build();
 325                     }
 326                 }
 327             } else {
 328                 throw new ServiceUnavailableException(NO_PROVIDERS);
 329             }
 330         } else {
 331             throw new ServiceUnavailableException(NO_PROVIDER_LIST);
 332         }
 333
 334         /*
 335          * update the object and return it
 336          */
 337         firewallInterface.updateNeutronFirewall(firewallUUID, delta);
 338         NeutronFirewall updatedFirewall = firewallInterface.getNeutronFirewall(firewallUUID);
 339         if (instances != null) {
 340             for (Object instance : instances) {
 341                 INeutronFirewallAware service = (INeutronFirewallAware) instance;
 342                 service.neutronFirewallUpdated(updatedFirewall);
 343             }
 344         }
 345         return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
 346     }
 347
 348     /**
 349      * Deletes a Firewall */
 350
 351     @Path("{firewallUUID}")
 352     @DELETE
 353     @StatusCodes({
 354             @ResponseCode(code = HttpURLConnection.HTTP_NO_CONTENT, condition = "No Content"),
 355             @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
 356             @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
 357             @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
 358             @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
 359             @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
 360     public Response deleteFirewall(
 361             @PathParam("firewallUUID") String firewallUUID) {
 362         INeutronFirewallCRUD firewallInterface = getNeutronInterfaces().getFirewallInterface();
 363
 364         /*
 365          * verify the Firewall exists and it isn't currently in use
 366          */
 367         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 368             throw new ResourceNotFoundException(UUID_NO_EXIST);
 369         }
 370         if (firewallInterface.neutronFirewallInUse(firewallUUID)) {
 371             return Response.status(HttpURLConnection.HTTP_CONFLICT).build();
 372         }
 373         NeutronFirewall singleton = firewallInterface.getNeutronFirewall(firewallUUID);
 374         Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 375         if (instances != null) {
 376             if (instances.length > 0) {
 377                 for (Object instance : instances) {
 378                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 379                     int status = service.canDeleteNeutronFirewall(singleton);
 380                     if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
 381                         return Response.status(status).build();
 382                     }
 383                 }
 384             } else {
 385                 throw new ServiceUnavailableException(NO_PROVIDERS);
 386             }
 387         } else {
 388             throw new ServiceUnavailableException(NO_PROVIDER_LIST);
 389         }
 390
 391         /*
 392          * remove it and return 204 status
 393          */
 394         firewallInterface.removeNeutronFirewall(firewallUUID);
 395         if (instances != null) {
 396             for (Object instance : instances) {
 397                 INeutronFirewallAware service = (INeutronFirewallAware) instance;
 398                 service.neutronFirewallDeleted(singleton);
 399             }
 400         }
 401         return Response.status(HttpURLConnection.HTTP_NO_CONTENT).build();
 402     }
 403 }