2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.neutron.northbound.api;
12 import java.net.HttpURLConnection;
14 import java.util.ArrayList;
15 import java.util.HashMap;
16 import java.util.Iterator;
17 import java.util.List;
19 import javax.ws.rs.Consumes;
20 import javax.ws.rs.DELETE;
21 import javax.ws.rs.GET;
22 import javax.ws.rs.POST;
23 import javax.ws.rs.PUT;
24 import javax.ws.rs.Path;
25 import javax.ws.rs.PathParam;
26 import javax.ws.rs.Produces;
27 import javax.ws.rs.QueryParam;
28 import javax.ws.rs.core.MediaType;
29 import javax.ws.rs.core.Response;
31 import org.codehaus.enunciate.jaxrs.ResponseCode;
32 import org.codehaus.enunciate.jaxrs.StatusCodes;
33 import org.opendaylight.neutron.spi.INeutronSecurityGroupAware;
34 import org.opendaylight.neutron.spi.INeutronSecurityGroupCRUD;
35 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
36 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
39 * Neutron Northbound REST APIs for Security Group.<br>
40 * This class provides REST APIs for managing neutron Security Group
44 * Authentication scheme : <b>HTTP Basic</b><br>
45 * Authentication realm : <b>opendaylight</b><br>
46 * Transport : <b>HTTP and HTTPS</b><br>
48 * HTTPS Authentication is disabled by default. Administrator can enable it in
49 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
50 * trusted authority.<br>
52 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
54 @Path ("/security-groups")
55 public class NeutronSecurityGroupsNorthbound {
56 private static final int HTTP_OK_BOTTOM = 200;
57 private static final int HTTP_OK_TOP = 299;
58 private static final String INTERFACE_NAME = "Security Group CRUD Interface";
59 private static final String UUID_NO_EXIST = "Security Group UUID does not exist.";
60 private static final String NO_PROVIDERS = "No providers registered. Please try again later";
61 private static final String NO_PROVIDER_LIST = "Couldn't get providers list. Please try again later";
63 private NeutronSecurityGroup extractFields(NeutronSecurityGroup o, List<String> fields) {
64 return o.extractFields(fields);
67 private NeutronCRUDInterfaces getNeutronInterfaces() {
68 NeutronCRUDInterfaces answer = new NeutronCRUDInterfaces().fetchINeutronSecurityGroupCRUD(this);
69 if (answer.getSecurityGroupInterface() == null) {
70 throw new ServiceUnavailableException(INTERFACE_NAME
71 + RestMessages.SERVICEUNAVAILABLE.toString());
77 * Returns a list of all Security Groups
80 @Produces ({MediaType.APPLICATION_JSON})
82 @ResponseCode (code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
83 @ResponseCode (code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
84 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
85 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
87 public Response listGroups(
89 @QueryParam ("fields") List<String> fields,
90 // OpenStack security group attributes
91 @QueryParam ("id") String querySecurityGroupUUID,
92 @QueryParam ("name") String querySecurityGroupName,
93 @QueryParam ("description") String querySecurityDescription,
94 @QueryParam ("tenant_id") String querySecurityTenantID,
95 @QueryParam ("limit") String limit,
96 @QueryParam ("marker") String marker,
97 @QueryParam ("page_reverse") String pageReverse
99 INeutronSecurityGroupCRUD securityGroupInterface = getNeutronInterfaces().getSecurityGroupInterface();
100 List<NeutronSecurityGroup> allSecurityGroups = securityGroupInterface.getAllNeutronSecurityGroups();
101 List<NeutronSecurityGroup> ans = new ArrayList<NeutronSecurityGroup>();
102 Iterator<NeutronSecurityGroup> i = allSecurityGroups.iterator();
103 while (i.hasNext()) {
104 NeutronSecurityGroup nsg = i.next();
105 if ((querySecurityGroupUUID == null ||
106 querySecurityGroupUUID.equals(nsg.getSecurityGroupUUID())) &&
107 (querySecurityGroupName == null ||
108 querySecurityGroupName.equals(nsg.getSecurityGroupName())) &&
109 (querySecurityDescription == null ||
110 querySecurityDescription.equals(nsg.getSecurityGroupDescription())) &&
111 (querySecurityTenantID == null ||
112 querySecurityTenantID.equals(nsg.getSecurityGroupTenantID()))) {
113 if (fields.size() > 0) {
114 ans.add(extractFields(nsg, fields));
120 return Response.status(HttpURLConnection.HTTP_OK).entity(
121 new NeutronSecurityGroupRequest(ans)).build();
125 * Returns a specific Security Group
128 @Path ("{securityGroupUUID}")
130 @Produces ({MediaType.APPLICATION_JSON})
132 @ResponseCode (code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
133 @ResponseCode (code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
134 @ResponseCode (code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
135 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
136 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
137 public Response showSecurityGroup(@PathParam ("securityGroupUUID") String securityGroupUUID,
139 @QueryParam ("fields") List<String> fields) {
140 INeutronSecurityGroupCRUD securityGroupInterface = getNeutronInterfaces().getSecurityGroupInterface();
141 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
142 throw new ResourceNotFoundException(UUID_NO_EXIST);
144 if (!fields.isEmpty()) {
145 NeutronSecurityGroup ans = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
146 return Response.status(HttpURLConnection.HTTP_OK).entity(
147 new NeutronSecurityGroupRequest(extractFields(ans, fields))).build();
149 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronSecurityGroupRequest(securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID))).build();
154 * Creates new Security Group
158 @Produces ({MediaType.APPLICATION_JSON})
159 @Consumes ({MediaType.APPLICATION_JSON})
161 @ResponseCode (code = HttpURLConnection.HTTP_CREATED, condition = "Created"),
162 @ResponseCode (code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
163 @ResponseCode (code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
164 @ResponseCode (code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
165 @ResponseCode (code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
166 @ResponseCode (code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
167 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
168 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
169 public Response createSecurityGroups(final NeutronSecurityGroupRequest input) {
170 INeutronSecurityGroupCRUD securityGroupInterface = getNeutronInterfaces().getSecurityGroupInterface();
172 if (input.isSingleton()) {
173 NeutronSecurityGroup singleton = input.getSingleton();
176 * Verify that the Security Group doesn't already exist.
178 if (securityGroupInterface.neutronSecurityGroupExists(singleton.getSecurityGroupUUID())) {
179 throw new BadRequestException("Security Group UUID already exists");
182 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
183 if (instances != null) {
184 if (instances.length > 0) {
185 for (Object instance : instances) {
186 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
187 int status = service.canCreateNeutronSecurityGroup(singleton);
188 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
189 return Response.status(status).build();
193 throw new ServiceUnavailableException(NO_PROVIDERS);
196 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
198 // Add to Neutron cache
199 securityGroupInterface.addNeutronSecurityGroup(singleton);
200 if (instances != null) {
201 for (Object instance : instances) {
202 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
203 service.neutronSecurityGroupCreated(singleton);
207 List<NeutronSecurityGroup> bulk = input.getBulk();
208 Iterator<NeutronSecurityGroup> i = bulk.iterator();
209 HashMap<String, NeutronSecurityGroup> testMap = new HashMap<String, NeutronSecurityGroup>();
210 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
211 while (i.hasNext()) {
212 NeutronSecurityGroup test = i.next();
215 * Verify that the security group doesn't already exist
218 if (securityGroupInterface.neutronSecurityGroupExists(test.getSecurityGroupUUID())) {
219 throw new BadRequestException("Security Group UUID already is already created");
221 if (instances != null) {
222 if (instances.length > 0) {
223 for (Object instance : instances) {
224 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
225 int status = service.canCreateNeutronSecurityGroup(test);
226 if ((status < HTTP_OK_BOTTOM) || (status > HTTP_OK_TOP)) {
227 return Response.status(status).build();
231 throw new BadRequestException(NO_PROVIDERS);
234 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
239 * now, each element of the bulk request can be added to the cache
242 while (i.hasNext()) {
243 NeutronSecurityGroup test = i.next();
244 securityGroupInterface.addNeutronSecurityGroup(test);
245 if (instances != null) {
246 for (Object instance : instances) {
247 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
248 service.neutronSecurityGroupCreated(test);
253 return Response.status(HttpURLConnection.HTTP_CREATED).entity(input).build();
257 * Updates a Security Group
260 @Path ("{securityGroupUUID}")
262 @Produces ({MediaType.APPLICATION_JSON})
263 @Consumes ({MediaType.APPLICATION_JSON})
265 @ResponseCode (code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
266 @ResponseCode (code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
267 @ResponseCode (code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
268 @ResponseCode (code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
269 @ResponseCode (code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
270 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
271 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
272 public Response updateSecurityGroup(
273 @PathParam ("securityGroupUUID") String securityGroupUUID, final NeutronSecurityGroupRequest input) {
274 INeutronSecurityGroupCRUD securityGroupInterface = getNeutronInterfaces().getSecurityGroupInterface();
277 * verify the Security Group exists and there is only one delta provided
279 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
280 throw new ResourceNotFoundException(UUID_NO_EXIST);
282 if (!input.isSingleton()) {
283 throw new BadRequestException("Only singleton edit supported");
285 NeutronSecurityGroup delta = input.getSingleton();
286 NeutronSecurityGroup original = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
288 if (delta.getSecurityGroupUUID() != null ||
289 delta.getSecurityGroupTenantID() != null ||
290 delta.getSecurityGroupName() != null ||
291 delta.getSecurityGroupDescription() != null) {
292 throw new BadRequestException("Attribute edit blocked by Neutron");
295 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
296 if (instances != null) {
297 if (instances.length > 0) {
298 for (Object instance : instances) {
299 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
300 int status = service.canUpdateNeutronSecurityGroup(delta, original);
301 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
302 return Response.status(status).build();
306 throw new ServiceUnavailableException(NO_PROVIDERS);
309 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
313 * update the object and return it
315 securityGroupInterface.updateNeutronSecurityGroup(securityGroupUUID, delta);
316 NeutronSecurityGroup updatedSecurityGroup = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
317 if (instances != null) {
318 for (Object instance : instances) {
319 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
320 service.neutronSecurityGroupUpdated(updatedSecurityGroup);
323 return Response.status(HttpURLConnection.HTTP_OK).entity(new NeutronSecurityGroupRequest(securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID))).build();
327 * Deletes a Security Group
330 @Path ("{securityGroupUUID}")
333 @ResponseCode (code = HttpURLConnection.HTTP_NO_CONTENT, condition = "No Content"),
334 @ResponseCode (code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
335 @ResponseCode (code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
336 @ResponseCode (code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
337 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
338 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
339 public Response deleteSecurityGroup(
340 @PathParam ("securityGroupUUID") String securityGroupUUID) {
341 INeutronSecurityGroupCRUD securityGroupInterface = getNeutronInterfaces().getSecurityGroupInterface();
344 * verify the Security Group exists and it isn't currently in use
346 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
347 throw new ResourceNotFoundException(UUID_NO_EXIST);
349 if (securityGroupInterface.neutronSecurityGroupInUse(securityGroupUUID)) {
350 return Response.status(HttpURLConnection.HTTP_CONFLICT).build();
352 NeutronSecurityGroup singleton = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
353 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
354 if (instances != null) {
355 if (instances.length > 0) {
356 for (Object instance : instances) {
357 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
358 int status = service.canDeleteNeutronSecurityGroup(singleton);
359 if ((status < HTTP_OK_BOTTOM) || (status > HTTP_OK_TOP)) {
360 return Response.status(status).build();
364 throw new ServiceUnavailableException(NO_PROVIDERS);
367 throw new ServiceUnavailableException(NO_PROVIDER_LIST);
371 * remove it and return 204 status
373 securityGroupInterface.removeNeutronSecurityGroup(securityGroupUUID);
374 if (instances != null) {
375 for (Object instance : instances) {
376 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
377 service.neutronSecurityGroupDeleted(singleton);
380 return Response.status(HttpURLConnection.HTTP_NO_CONTENT).build();