2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.northbound.api;
11 import java.net.HttpURLConnection;
13 import java.util.ArrayList;
14 import java.util.HashMap;
15 import java.util.Iterator;
16 import java.util.List;
19 import javax.ws.rs.Consumes;
20 import javax.ws.rs.DELETE;
21 import javax.ws.rs.GET;
22 import javax.ws.rs.POST;
23 import javax.ws.rs.PUT;
24 import javax.ws.rs.Path;
25 import javax.ws.rs.PathParam;
26 import javax.ws.rs.Produces;
27 import javax.ws.rs.QueryParam;
28 import javax.ws.rs.core.MediaType;
29 import javax.ws.rs.core.Response;
31 import org.codehaus.enunciate.jaxrs.ResponseCode;
32 import org.codehaus.enunciate.jaxrs.StatusCodes;
33 import org.opendaylight.neutron.spi.INeutronFirewallPolicyAware;
34 import org.opendaylight.neutron.spi.INeutronFirewallPolicyCRUD;
35 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
36 import org.opendaylight.neutron.spi.NeutronFirewallPolicy;
39 * Neutron Northbound REST APIs for Firewall Policies.<br>
40 * This class provides REST APIs for managing neutron Firewall Policies
44 * Authentication scheme : <b>HTTP Basic</b><br>
45 * Authentication realm : <b>opendaylight</b><br>
46 * Transport : <b>HTTP and HTTPS</b><br>
48 * HTTPS Authentication is disabled by default. Administrator can enable it in
49 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
50 * trusted authority.<br>
52 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
55 @Path("/fw/firewalls_policies")
56 public class NeutronFirewallPolicyNorthbound {
58 private static final int HTTP_OK_BOTTOM = 200;
59 private static final int HTTP_OK_TOP = 299;
60 private static final String INTERFACE_NAME = "Firewall Policy CRUD Interface";
61 private static final String UUID_NO_EXIST = "Firewall Policy UUID does not exist.";
62 private static final String NO_PROVIDERS = "No providers registered. Please try again later";
63 private static final String NO_PROVIDER_LIST = "Couldn't get providers list. Please try again later";
65 private NeutronFirewallPolicy extractFields(NeutronFirewallPolicy o, List<String> fields) {
66 return o.extractFields(fields);
69 private NeutronCRUDInterfaces getNeutronInterfaces() {
70 NeutronCRUDInterfaces answer = new NeutronCRUDInterfaces().fetchINeutronFirewallPolicyCRUD(this);
71 if (answer.getFirewallPolicyInterface() == null) {
72 throw new ServiceUnavailableException(INTERFACE_NAME
73 + RestMessages.SERVICEUNAVAILABLE.toString());
79 * Returns a list of all Firewall Policies */
81 @Produces({ MediaType.APPLICATION_JSON })
83 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
84 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
85 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
86 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
88 public Response listGroups(
90 @QueryParam("fields") List<String> fields,
91 // OpenStack Firewall Policy attributes
92 @QueryParam("id") String queryFirewallPolicyUUID,
93 @QueryParam("tenant_id") String queryFirewallPolicyTenantID,
94 @QueryParam("name") String queryFirewallPolicyName,
95 @QueryParam("description") String querySecurityPolicyDescription,
96 @QueryParam("shared") String querySecurityPolicyIsShared,
97 @QueryParam("firewall_rules") List<String> querySecurityPolicyFirewallRules,
98 @QueryParam("audited") Boolean querySecurityPolicyIsAudited,
100 @QueryParam("limit") String limit,
101 @QueryParam("marker") String marker,
102 @QueryParam("page_reverse") String pageReverse
103 // sorting not supported
105 INeutronFirewallPolicyCRUD firewallPolicyInterface = getNeutronInterfaces().getFirewallPolicyInterface();
106 List<NeutronFirewallPolicy> ans = new ArrayList<NeutronFirewallPolicy>();
107 for (NeutronFirewallPolicy nsg : firewallPolicyInterface.getAllNeutronFirewallPolicies()) {
108 if ((queryFirewallPolicyUUID == null ||
109 queryFirewallPolicyUUID.equals(nsg.getFirewallPolicyUUID())) &&
110 (queryFirewallPolicyTenantID == null ||
111 queryFirewallPolicyTenantID.equals(nsg.getFirewallPolicyTenantID())) &&
112 (queryFirewallPolicyName == null ||
113 queryFirewallPolicyName.equals(nsg.getFirewallPolicyName())) &&
114 (querySecurityPolicyDescription == null ||
115 querySecurityPolicyDescription.equals(nsg.getFirewallPolicyDescription())) &&
116 (querySecurityPolicyIsShared == null ||
117 querySecurityPolicyIsShared.equals(nsg.getFirewallPolicyIsShared())) &&
118 (querySecurityPolicyFirewallRules.size() == 0 ||
119 querySecurityPolicyFirewallRules.equals(nsg.getFirewallPolicyRules())) &&
120 (querySecurityPolicyIsAudited == null ||
121 querySecurityPolicyIsAudited.equals(nsg.getFirewallPolicyIsAudited()))) {
122 if (fields.size() > 0) {
123 ans.add(extractFields(nsg,fields));
129 //TODO: apply pagination to results
130 return Response.status(HttpURLConnection.HTTP_OK).entity(
131 new NeutronFirewallPolicyRequest(ans)).build();
135 * Returns a specific Firewall Policy */
137 @Path("{firewallPolicyUUID}")
139 @Produces({ MediaType.APPLICATION_JSON })
141 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
142 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
143 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
144 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
145 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
146 public Response showFirewallPolicy(@PathParam("firewallPolicyUUID") String firewallPolicyUUID,
148 @QueryParam("fields") List<String> fields) {
149 INeutronFirewallPolicyCRUD firewallPolicyInterface = getNeutronInterfaces().getFirewallPolicyInterface();
150 if (!firewallPolicyInterface.neutronFirewallPolicyExists(firewallPolicyUUID)) {
151 throw new ResourceNotFoundException(UUID_NO_EXIST);
153 if (fields.size() > 0) {
154 NeutronFirewallPolicy ans = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
155 return Response.status(HttpURLConnection.HTTP_OK).entity(
156 new NeutronFirewallPolicyRequest(extractFields(ans, fields))).build();
158 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallPolicyRequest(firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID))).build();
163 * Creates new Firewall Policy
166 @Produces({ MediaType.APPLICATION_JSON })
167 @Consumes({ MediaType.APPLICATION_JSON })
169 @ResponseCode(code = HttpURLConnection.HTTP_CREATED, condition = "Created"),
170 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
171 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
172 @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
173 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
174 @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
175 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
176 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
177 public Response createFirewallPolicies(final NeutronFirewallPolicyRequest input) {
178 INeutronFirewallPolicyCRUD firewallPolicyInterface = getNeutronInterfaces().getFirewallPolicyInterface();
179 if (input.isSingleton()) {
180 NeutronFirewallPolicy singleton = input.getSingleton();
182 Object[] instances = NeutronUtil.getInstances(INeutronFirewallPolicyAware.class, this);
183 if (instances != null) {
184 if (instances.length > 0) {
185 for (Object instance : instances) {
186 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
187 int status = service.canCreateNeutronFirewallPolicy(singleton);
188 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
189 return Response.status(status).build();
193 throw new ServiceUnavailableException(NO_PROVIDERS);
196 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
198 firewallPolicyInterface.addNeutronFirewallPolicy(singleton);
199 if (instances != null) {
200 for (Object instance : instances) {
201 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
202 service.neutronFirewallPolicyCreated(singleton);
206 Object[] instances = NeutronUtil.getInstances(INeutronFirewallPolicyAware.class, this);
207 for (NeutronFirewallPolicy test : input.getBulk()) {
208 if (instances != null) {
209 if (instances.length > 0) {
210 for (Object instance : instances) {
211 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
212 int status = service.canCreateNeutronFirewallPolicy(test);
213 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
214 return Response.status(status).build();
218 throw new ServiceUnavailableException(NO_PROVIDERS);
221 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
225 * now, each element of the bulk request can be added to the cache
227 for (NeutronFirewallPolicy test : input.getBulk()) {
228 firewallPolicyInterface.addNeutronFirewallPolicy(test);
229 if (instances != null) {
230 for (Object instance : instances) {
231 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
232 service.neutronFirewallPolicyCreated(test);
237 return Response.status(HttpURLConnection.HTTP_CREATED).entity(input).build();
241 * Updates a Firewall Policy
243 @Path("{firewallPolicyUUID}")
245 @Produces({ MediaType.APPLICATION_JSON })
246 @Consumes({ MediaType.APPLICATION_JSON })
247 //@TypeHint(OpenStackSubnets.class)
249 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
250 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
251 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
252 @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
253 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
254 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
255 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
256 public Response updateFirewallPolicy(
257 @PathParam("firewallPolicyUUID") String firewallPolicyUUID, final NeutronFirewallPolicyRequest input) {
258 INeutronFirewallPolicyCRUD firewallPolicyInterface = getNeutronInterfaces().getFirewallPolicyInterface();
260 NeutronFirewallPolicy delta = input.getSingleton();
261 NeutronFirewallPolicy original = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
263 Object[] instances = NeutronUtil.getInstances(INeutronFirewallPolicyAware.class, this);
264 if (instances != null) {
265 if (instances.length > 0) {
266 for (Object instance : instances) {
267 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
268 int status = service.canUpdateNeutronFirewallPolicy(delta, original);
269 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
270 return Response.status(status).build();
274 throw new ServiceUnavailableException(NO_PROVIDERS);
277 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
281 * update the object and return it
283 firewallPolicyInterface.updateNeutronFirewallPolicy(firewallPolicyUUID, delta);
284 NeutronFirewallPolicy updatedFirewallPolicy = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
285 if (instances != null) {
286 for (Object instance : instances) {
287 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
288 service.neutronFirewallPolicyUpdated(updatedFirewallPolicy);
291 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronFirewallPolicyRequest(firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID))).build();
295 * Deletes a Firewall Policy */
297 @Path("{firewallPolicyUUID}")
300 @ResponseCode(code = HttpURLConnection.HTTP_NO_CONTENT, condition = "No Content"),
301 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
302 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
303 @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
304 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
305 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
306 public Response deleteFirewallPolicy(
307 @PathParam("firewallPolicyUUID") String firewallPolicyUUID) {
308 INeutronFirewallPolicyCRUD firewallPolicyInterface = getNeutronInterfaces().getFirewallPolicyInterface();
310 NeutronFirewallPolicy singleton = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
311 Object[] instances = NeutronUtil.getInstances(INeutronFirewallPolicyAware.class, this);
312 if (instances != null) {
313 if (instances.length > 0) {
314 for (Object instance : instances) {
315 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
316 int status = service.canDeleteNeutronFirewallPolicy(singleton);
317 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
318 return Response.status(status).build();
322 throw new ServiceUnavailableException(NO_PROVIDERS);
325 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
328 firewallPolicyInterface.removeNeutronFirewallPolicy(firewallPolicyUUID);
329 if (instances != null) {
330 for (Object instance : instances) {
331 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
332 service.neutronFirewallPolicyDeleted(singleton);
335 return Response.status(HttpURLConnection.HTTP_NO_CONTENT).build();