2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.controller.networkconfig.neutron.northbound;
12 import org.codehaus.enunciate.jaxrs.ResponseCode;
13 import org.codehaus.enunciate.jaxrs.StatusCodes;
14 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallAware;
15 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallCRUD;
16 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallRuleCRUD;
17 import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
18 import org.opendaylight.controller.networkconfig.neutron.NeutronFirewall;
20 import javax.ws.rs.Consumes;
21 import javax.ws.rs.DELETE;
22 import javax.ws.rs.GET;
23 import javax.ws.rs.POST;
24 import javax.ws.rs.PUT;
25 import javax.ws.rs.Path;
26 import javax.ws.rs.PathParam;
27 import javax.ws.rs.Produces;
28 import javax.ws.rs.QueryParam;
29 import javax.ws.rs.core.MediaType;
30 import javax.ws.rs.core.Response;
31 import java.util.ArrayList;
32 import java.util.HashMap;
33 import java.util.Iterator;
34 import java.util.List;
37 * Neutron Northbound REST APIs for Firewall.<br>
38 * This class provides REST APIs for managing neutron Firewall
42 * Authentication scheme : <b>HTTP Basic</b><br>
43 * Authentication realm : <b>opendaylight</b><br>
44 * Transport : <b>HTTP and HTTPS</b><br>
46 * HTTPS Authentication is disabled by default. Administrator can enable it in
47 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
48 * trusted authority.<br>
50 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
53 @Path("/fw/firewalls")
54 public class NeutronFirewallNorthbound {
56 private NeutronFirewall extractFields(NeutronFirewall o, List<String> fields) {
57 return o.extractFields(fields);
61 * Returns a list of all Firewalls */
63 @Produces({ MediaType.APPLICATION_JSON })
65 @ResponseCode(code = 200, condition = "Operation successful"),
66 @ResponseCode(code = 401, condition = "Unauthorized"),
67 @ResponseCode(code = 501, condition = "Not Implemented") })
69 public Response listGroups(
71 @QueryParam("fields") List<String> fields,
72 // OpenStack firewall attributes
73 @QueryParam("id") String queryFirewallUUID,
74 @QueryParam("tenant_id") String queryFirewallTenantID,
75 @QueryParam("name") String queryFirewallName,
76 @QueryParam("description") String queryFirewallDescription,
77 @QueryParam("shared") Boolean queryFirewallAdminStateIsUp,
78 @QueryParam("status") String queryFirewallStatus,
79 @QueryParam("shared") Boolean queryFirewallIsShared,
80 @QueryParam("firewall_policy_id") String queryFirewallPolicyID,
82 @QueryParam("limit") String limit,
83 @QueryParam("marker") String marker,
84 @QueryParam("page_reverse") String pageReverse
85 // sorting not supported
87 INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
88 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
90 if (firewallInterface == null) {
91 throw new ServiceUnavailableException("Firewall CRUD Interface "
92 + RestMessages.SERVICEUNAVAILABLE.toString());
94 List<NeutronFirewall> allFirewalls = firewallInterface.getAllNeutronFirewalls();
95 List<NeutronFirewall> ans = new ArrayList<NeutronFirewall>();
96 Iterator<NeutronFirewall> i = allFirewalls.iterator();
98 NeutronFirewall nsg = i.next();
99 if ((queryFirewallUUID == null ||
100 queryFirewallUUID.equals(nsg.getFirewallUUID())) &&
101 (queryFirewallTenantID == null ||
102 queryFirewallTenantID.equals(nsg.getFirewallTenantID())) &&
103 (queryFirewallName == null ||
104 queryFirewallName.equals(nsg.getFirewallName())) &&
105 (queryFirewallDescription == null ||
106 queryFirewallDescription.equals(nsg.getFirewallDescription())) &&
107 (queryFirewallAdminStateIsUp == null ||
108 queryFirewallAdminStateIsUp.equals(nsg.getFirewallAdminStateIsUp())) &&
109 (queryFirewallStatus == null ||
110 queryFirewallStatus.equals(nsg.getFirewallStatus())) &&
111 (queryFirewallIsShared == null ||
112 queryFirewallIsShared.equals(nsg.getFirewallIsShared())) &&
113 (queryFirewallPolicyID == null ||
114 queryFirewallPolicyID.equals(nsg.getFirewallPolicyID()))) {
115 if (fields.size() > 0) {
116 ans.add(extractFields(nsg,fields));
122 //TODO: apply pagination to results
123 return Response.status(200).entity(
124 new NeutronFirewallRequest(ans)).build();
128 * Returns a specific Firewall */
130 @Path("{firewallUUID}")
132 @Produces({ MediaType.APPLICATION_JSON })
134 @ResponseCode(code = 200, condition = "Operation successful"),
135 @ResponseCode(code = 401, condition = "Unauthorized"),
136 @ResponseCode(code = 404, condition = "Not Found"),
137 @ResponseCode(code = 501, condition = "Not Implemented") })
138 public Response showFirewall(@PathParam("firewallUUID") String firewallUUID,
140 @QueryParam("fields") List<String> fields) {
141 INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
142 if (firewallInterface == null) {
143 throw new ServiceUnavailableException("Firewall CRUD Interface "
144 + RestMessages.SERVICEUNAVAILABLE.toString());
146 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
147 throw new ResourceNotFoundException("Firewall UUID does not exist.");
149 if (fields.size() > 0) {
150 NeutronFirewall ans = firewallInterface.getNeutronFirewall(firewallUUID);
151 return Response.status(200).entity(
152 new NeutronFirewallRequest(extractFields(ans, fields))).build();
154 return Response.status(200).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
159 * Creates new Firewall */
162 @Produces({ MediaType.APPLICATION_JSON })
163 @Consumes({ MediaType.APPLICATION_JSON })
165 @ResponseCode(code = 201, condition = "Created"),
166 @ResponseCode(code = 400, condition = "Bad Request"),
167 @ResponseCode(code = 401, condition = "Unauthorized"),
168 @ResponseCode(code = 403, condition = "Forbidden"),
169 @ResponseCode(code = 404, condition = "Not Found"),
170 @ResponseCode(code = 409, condition = "Conflict"),
171 @ResponseCode(code = 501, condition = "Not Implemented") })
172 public Response createFirewalls(final NeutronFirewallRequest input) {
173 INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
174 if (firewallInterface == null) {
175 throw new ServiceUnavailableException("Firewall CRUD Interface "
176 + RestMessages.SERVICEUNAVAILABLE.toString());
178 if (input.isSingleton()) {
179 NeutronFirewall singleton = input.getSingleton();
182 * Verify that the Firewall doesn't already exist.
184 if (firewallInterface.neutronFirewallExists(singleton.getFirewallUUID())) {
185 throw new BadRequestException("Firewall UUID already exists");
187 firewallInterface.addNeutronFirewall(singleton);
188 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
189 if (instances != null) {
190 if (instances.length > 0) {
191 for (Object instance : instances) {
192 INeutronFirewallAware service = (INeutronFirewallAware) instance;
193 int status = service.canCreateNeutronFirewall(singleton);
194 if (status < 200 || status > 299) {
195 return Response.status(status).build();
199 throw new ServiceUnavailableException("No providers registered. Please try again later");
202 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
204 firewallInterface.addNeutronFirewall(singleton);
205 if (instances != null) {
206 for (Object instance : instances) {
207 INeutronFirewallAware service = (INeutronFirewallAware) instance;
208 service.neutronFirewallCreated(singleton);
212 List<NeutronFirewall> bulk = input.getBulk();
213 Iterator<NeutronFirewall> i = bulk.iterator();
214 HashMap<String, NeutronFirewall> testMap = new HashMap<String, NeutronFirewall>();
215 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
216 while (i.hasNext()) {
217 NeutronFirewall test = i.next();
220 * Verify that the secruity group doesn't already exist
222 if (firewallInterface.neutronFirewallExists(test.getFirewallUUID())) {
223 throw new BadRequestException("Firewall UUID already is already created");
225 if (testMap.containsKey(test.getFirewallUUID())) {
226 throw new BadRequestException("Firewall UUID already exists");
228 if (instances != null) {
229 if (instances.length > 0) {
230 for (Object instance : instances) {
231 INeutronFirewallAware service = (INeutronFirewallAware) instance;
232 int status = service.canCreateNeutronFirewall(test);
233 if (status < 200 || status > 299) {
234 return Response.status(status).build();
238 throw new ServiceUnavailableException("No providers registered. Please try again later");
241 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
246 * now, each element of the bulk request can be added to the cache
249 while (i.hasNext()) {
250 NeutronFirewall test = i.next();
251 firewallInterface.addNeutronFirewall(test);
252 if (instances != null) {
253 for (Object instance : instances) {
254 INeutronFirewallAware service = (INeutronFirewallAware) instance;
255 service.neutronFirewallCreated(test);
260 return Response.status(201).entity(input).build();
264 * Updates a Firewall */
266 @Path("{firewallUUID}")
268 @Produces({ MediaType.APPLICATION_JSON })
269 @Consumes({ MediaType.APPLICATION_JSON })
271 @ResponseCode(code = 200, condition = "Operation successful"),
272 @ResponseCode(code = 400, condition = "Bad Request"),
273 @ResponseCode(code = 401, condition = "Unauthorized"),
274 @ResponseCode(code = 403, condition = "Forbidden"),
275 @ResponseCode(code = 404, condition = "Not Found"),
276 @ResponseCode(code = 501, condition = "Not Implemented") })
277 public Response updateFirewall(
278 @PathParam("firewallUUID") String firewallUUID, final NeutronFirewallRequest input) {
279 INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
280 if (firewallInterface == null) {
281 throw new ServiceUnavailableException("Firewall CRUD Interface "
282 + RestMessages.SERVICEUNAVAILABLE.toString());
286 * verify the Firewall exists and there is only one delta provided
288 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
289 throw new ResourceNotFoundException("Firewall UUID does not exist.");
291 if (!input.isSingleton()) {
292 throw new BadRequestException("Only singleton edit supported");
294 NeutronFirewall delta = input.getSingleton();
295 NeutronFirewall original = firewallInterface.getNeutronFirewall(firewallUUID);
298 * updates restricted by Neutron
300 if (delta.getFirewallUUID() != null ||
301 delta.getFirewallTenantID() != null ||
302 delta.getFirewallName() != null ||
303 delta.getFirewallDescription() != null ||
304 delta.getFirewallAdminStateIsUp() != null ||
305 delta.getFirewallStatus() != null ||
306 delta.getFirewallIsShared() != null ||
307 delta.getFirewallPolicyID() != null) {
308 throw new BadRequestException("Attribute edit blocked by Neutron");
311 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
312 if (instances != null) {
313 if (instances.length > 0) {
314 for (Object instance : instances) {
315 INeutronFirewallAware service = (INeutronFirewallAware) instance;
316 int status = service.canUpdateNeutronFirewall(delta, original);
317 if (status < 200 || status > 299) {
318 return Response.status(status).build();
322 throw new ServiceUnavailableException("No providers registered. Please try again later");
325 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
329 * update the object and return it
331 firewallInterface.updateNeutronFirewall(firewallUUID, delta);
332 NeutronFirewall updatedFirewall = firewallInterface.getNeutronFirewall(firewallUUID);
333 if (instances != null) {
334 for (Object instance : instances) {
335 INeutronFirewallAware service = (INeutronFirewallAware) instance;
336 service.neutronFirewallUpdated(updatedFirewall);
339 return Response.status(200).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
343 * Deletes a Firewall */
345 @Path("{firewallUUID}")
348 @ResponseCode(code = 204, condition = "No Content"),
349 @ResponseCode(code = 401, condition = "Unauthorized"),
350 @ResponseCode(code = 404, condition = "Not Found"),
351 @ResponseCode(code = 409, condition = "Conflict"),
352 @ResponseCode(code = 501, condition = "Not Implemented") })
353 public Response deleteFirewall(
354 @PathParam("firewallUUID") String firewallUUID) {
355 INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
356 if (firewallInterface == null) {
357 throw new ServiceUnavailableException("Firewall CRUD Interface "
358 + RestMessages.SERVICEUNAVAILABLE.toString());
362 * verify the Firewall exists and it isn't currently in use
364 if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
365 throw new ResourceNotFoundException("Firewall UUID does not exist.");
367 if (firewallInterface.neutronFirewallInUse(firewallUUID)) {
368 return Response.status(409).build();
370 NeutronFirewall singleton = firewallInterface.getNeutronFirewall(firewallUUID);
371 Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
372 if (instances != null) {
373 if (instances.length > 0) {
374 for (Object instance : instances) {
375 INeutronFirewallAware service = (INeutronFirewallAware) instance;
376 int status = service.canDeleteNeutronFirewall(singleton);
377 if (status < 200 || status > 299) {
378 return Response.status(status).build();
382 throw new ServiceUnavailableException("No providers registered. Please try again later");
385 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
389 * remove it and return 204 status
391 firewallInterface.removeNeutronFirewall(firewallUUID);
392 if (instances != null) {
393 for (Object instance : instances) {
394 INeutronFirewallAware service = (INeutronFirewallAware) instance;
395 service.neutronFirewallDeleted(singleton);
398 return Response.status(204).build();