2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.networkconfig.neutron.northbound;
13 import java.util.ArrayList;
14 import java.util.HashMap;
15 import java.util.Iterator;
16 import java.util.List;
18 import javax.ws.rs.Consumes;
19 import javax.ws.rs.DELETE;
20 import javax.ws.rs.GET;
21 import javax.ws.rs.POST;
22 import javax.ws.rs.PUT;
23 import javax.ws.rs.Path;
24 import javax.ws.rs.PathParam;
25 import javax.ws.rs.Produces;
26 import javax.ws.rs.QueryParam;
27 import javax.ws.rs.core.MediaType;
28 import javax.ws.rs.core.Response;
30 import org.codehaus.enunciate.jaxrs.ResponseCode;
31 import org.codehaus.enunciate.jaxrs.StatusCodes;
32 import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityGroupAware;
33 import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityGroupCRUD;
34 import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
35 import org.opendaylight.controller.networkconfig.neutron.NeutronSecurityGroup;
36 import org.slf4j.Logger;
37 import org.slf4j.LoggerFactory;
40 * Neutron Northbound REST APIs for Security Group.<br>
41 * This class provides REST APIs for managing neutron Security Group
45 * Authentication scheme : <b>HTTP Basic</b><br>
46 * Authentication realm : <b>opendaylight</b><br>
47 * Transport : <b>HTTP and HTTPS</b><br>
49 * HTTPS Authentication is disabled by default. Administrator can enable it in
50 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
51 * trusted authority.<br>
53 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
55 @Path ("/security-groups")
56 public class NeutronSecurityGroupsNorthbound {
57 static final Logger logger = LoggerFactory.getLogger(NeutronSecurityGroupsNorthbound.class);
59 private NeutronSecurityGroup extractFields(NeutronSecurityGroup o, List<String> fields) {
60 return o.extractFields(fields);
64 * Returns a list of all Security Groups
67 @Produces ({MediaType.APPLICATION_JSON})
69 @ResponseCode (code = 200, condition = "Operation successful"),
70 @ResponseCode (code = 401, condition = "Unauthorized"),
71 @ResponseCode (code = 501, condition = "Not Implemented")})
73 public Response listGroups(
75 @QueryParam ("fields") List<String> fields,
76 // OpenStack security group attributes
77 @QueryParam ("id") String querySecurityGroupUUID,
78 @QueryParam ("name") String querySecurityGroupName,
79 @QueryParam ("description") String querySecurityDescription,
80 @QueryParam ("tenant_id") String querySecurityTenantID,
81 @QueryParam ("limit") String limit,
82 @QueryParam ("marker") String marker,
83 @QueryParam ("page_reverse") String pageReverse
85 INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
87 if (securityGroupInterface == null) {
88 throw new ServiceUnavailableException("Security Group CRUD Interface "
89 + RestMessages.SERVICEUNAVAILABLE.toString());
91 List<NeutronSecurityGroup> allSecurityGroups = securityGroupInterface.getAllNeutronSecurityGroups();
92 List<NeutronSecurityGroup> ans = new ArrayList<NeutronSecurityGroup>();
93 Iterator<NeutronSecurityGroup> i = allSecurityGroups.iterator();
95 NeutronSecurityGroup nsg = i.next();
96 if ((querySecurityGroupUUID == null ||
97 querySecurityGroupUUID.equals(nsg.getSecurityGroupUUID())) &&
98 (querySecurityGroupName == null ||
99 querySecurityGroupName.equals(nsg.getSecurityGroupName())) &&
100 (querySecurityDescription == null ||
101 querySecurityDescription.equals(nsg.getSecurityGroupDescription())) &&
102 (querySecurityTenantID == null ||
103 querySecurityTenantID.equals(nsg.getSecurityGroupTenantID()))) {
104 if (fields.size() > 0) {
105 ans.add(extractFields(nsg, fields));
111 return Response.status(200).entity(
112 new NeutronSecurityGroupRequest(ans)).build();
116 * Returns a specific Security Group
119 @Path ("{securityGroupUUID}")
121 @Produces ({MediaType.APPLICATION_JSON})
123 @ResponseCode (code = 200, condition = "Operation successful"),
124 @ResponseCode (code = 401, condition = "Unauthorized"),
125 @ResponseCode (code = 404, condition = "Not Found"),
126 @ResponseCode (code = 501, condition = "Not Implemented")})
127 public Response showSecurityGroup(@PathParam ("securityGroupUUID") String securityGroupUUID,
129 @QueryParam ("fields") List<String> fields) {
130 INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
131 if (securityGroupInterface == null) {
132 throw new ServiceUnavailableException("Security Group CRUD Interface "
133 + RestMessages.SERVICEUNAVAILABLE.toString());
135 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
136 throw new ResourceNotFoundException("Security Group UUID does not exist.");
138 if (!fields.isEmpty()) {
139 NeutronSecurityGroup ans = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
140 return Response.status(200).entity(
141 new NeutronSecurityGroupRequest(extractFields(ans, fields))).build();
143 return Response.status(200).entity(new NeutronSecurityGroupRequest(securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID))).build();
148 * Creates new Security Group
152 @Produces ({MediaType.APPLICATION_JSON})
153 @Consumes ({MediaType.APPLICATION_JSON})
155 @ResponseCode (code = 201, condition = "Created"),
156 @ResponseCode (code = 400, condition = "Bad Request"),
157 @ResponseCode (code = 401, condition = "Unauthorized"),
158 @ResponseCode (code = 403, condition = "Forbidden"),
159 @ResponseCode (code = 404, condition = "Not Found"),
160 @ResponseCode (code = 409, condition = "Conflict"),
161 @ResponseCode (code = 501, condition = "Not Implemented")})
162 public Response createSecurityGroups(final NeutronSecurityGroupRequest input) {
163 INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
164 if (securityGroupInterface == null) {
165 throw new ServiceUnavailableException("Security Group CRUD Interface "
166 + RestMessages.SERVICEUNAVAILABLE.toString());
169 if (input.isSingleton()) {
170 NeutronSecurityGroup singleton = input.getSingleton();
173 * Verify that the Security Group doesn't already exist.
175 if (securityGroupInterface.neutronSecurityGroupExists(singleton.getSecurityGroupUUID())) {
176 throw new BadRequestException("Security Group UUID already exists");
179 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
180 if (instances != null) {
181 for (Object instance : instances) {
182 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
183 int status = service.canCreateNeutronSecurityGroup(singleton);
184 if (status < 200 || status > 299) {
185 return Response.status(status).build();
189 // Add to Neutron cache
190 securityGroupInterface.addNeutronSecurityGroup(singleton);
191 if (instances != null) {
192 for (Object instance : instances) {
193 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
194 service.neutronSecurityGroupCreated(singleton);
198 List<NeutronSecurityGroup> bulk = input.getBulk();
199 Iterator<NeutronSecurityGroup> i = bulk.iterator();
200 HashMap<String, NeutronSecurityGroup> testMap = new HashMap<String, NeutronSecurityGroup>();
201 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
202 while (i.hasNext()) {
203 NeutronSecurityGroup test = i.next();
206 * Verify that the security group doesn't already exist
209 if (securityGroupInterface.neutronSecurityGroupExists(test.getSecurityGroupUUID())) {
210 throw new BadRequestException("Security Group UUID already is already created");
212 if (instances != null) for (Object instance : instances) {
213 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
214 int status = service.canCreateNeutronSecurityGroup(test);
215 if ((status < 200) || (status > 299)) return Response.status(status).build();
220 * now, each element of the bulk request can be added to the cache
223 while (i.hasNext()) {
224 NeutronSecurityGroup test = i.next();
225 securityGroupInterface.addNeutronSecurityGroup(test);
226 if (instances != null) {
227 for (Object instance : instances) {
228 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
229 service.neutronSecurityGroupCreated(test);
234 return Response.status(201).entity(input).build();
238 * Updates a Security Group
241 @Path ("{securityGroupUUID}")
243 @Produces ({MediaType.APPLICATION_JSON})
244 @Consumes ({MediaType.APPLICATION_JSON})
246 @ResponseCode (code = 200, condition = "Operation successful"),
247 @ResponseCode (code = 400, condition = "Bad Request"),
248 @ResponseCode (code = 401, condition = "Unauthorized"),
249 @ResponseCode (code = 403, condition = "Forbidden"),
250 @ResponseCode (code = 404, condition = "Not Found"),
251 @ResponseCode (code = 501, condition = "Not Implemented")})
252 public Response updateSecurityGroup(
253 @PathParam ("securityGroupUUID") String securityGroupUUID, final NeutronSecurityGroupRequest input) {
254 INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
255 if (securityGroupInterface == null) {
256 throw new ServiceUnavailableException("Security Group CRUD Interface "
257 + RestMessages.SERVICEUNAVAILABLE.toString());
261 * verify the Security Group exists and there is only one delta provided
263 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
264 throw new ResourceNotFoundException("Security Group UUID does not exist.");
266 if (!input.isSingleton()) {
267 throw new BadRequestException("Only singleton edit supported");
269 NeutronSecurityGroup delta = input.getSingleton();
270 NeutronSecurityGroup original = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
272 if (delta.getSecurityGroupUUID() != null ||
273 delta.getSecurityGroupTenantID() != null ||
274 delta.getSecurityGroupName() != null ||
275 delta.getSecurityGroupDescription() != null) {
276 throw new BadRequestException("Attribute edit blocked by Neutron");
279 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
280 if (instances != null) {
281 for (Object instance : instances) {
282 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
283 int status = service.canUpdateNeutronSecurityGroup(delta, original);
284 if (status < 200 || status > 299) {
285 return Response.status(status).build();
291 * update the object and return it
293 securityGroupInterface.updateNeutronSecurityGroup(securityGroupUUID, delta);
294 NeutronSecurityGroup updatedSecurityGroup = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
295 if (instances != null) {
296 for (Object instance : instances) {
297 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
298 service.neutronSecurityGroupUpdated(updatedSecurityGroup);
301 return Response.status(200).entity(new NeutronSecurityGroupRequest(securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID))).build();
305 * Deletes a Security Group
308 @Path ("{securityGroupUUID}")
311 @ResponseCode (code = 204, condition = "No Content"),
312 @ResponseCode (code = 401, condition = "Unauthorized"),
313 @ResponseCode (code = 404, condition = "Not Found"),
314 @ResponseCode (code = 409, condition = "Conflict"),
315 @ResponseCode (code = 501, condition = "Not Implemented")})
316 public Response deleteSecurityGroup(
317 @PathParam ("securityGroupUUID") String securityGroupUUID) {
318 INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
319 if (securityGroupInterface == null) {
320 throw new ServiceUnavailableException("Security Group CRUD Interface "
321 + RestMessages.SERVICEUNAVAILABLE.toString());
325 * verify the Security Group exists and it isn't currently in use
327 if (!securityGroupInterface.neutronSecurityGroupExists(securityGroupUUID)) {
328 throw new ResourceNotFoundException("Security Group UUID does not exist.");
330 if (securityGroupInterface.neutronSecurityGroupInUse(securityGroupUUID)) {
331 return Response.status(409).build();
333 NeutronSecurityGroup singleton = securityGroupInterface.getNeutronSecurityGroup(securityGroupUUID);
334 Object[] instances = NeutronUtil.getInstances(INeutronSecurityGroupAware.class, this);
335 if (instances != null) {
336 for (Object instance : instances) {
337 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
338 int status = service.canDeleteNeutronSecurityGroup(singleton);
339 if ((status < 200) || (status > 299)) {
340 return Response.status(status).build();
346 * remove it and return 204 status
348 securityGroupInterface.removeNeutronSecurityGroup(securityGroupUUID);
349 if (instances != null) {
350 for (Object instance : instances) {
351 INeutronSecurityGroupAware service = (INeutronSecurityGroupAware) instance;
352 service.neutronSecurityGroupDeleted(singleton);
355 return Response.status(204).build();