3 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
5 * This program and the accompanying materials are made available under the
6 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
7 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.containermanager.northbound;
12 import java.security.Principal;
13 import java.util.ArrayList;
14 import java.util.HashSet;
15 import java.util.List;
18 import javax.ws.rs.Consumes;
19 import javax.ws.rs.DELETE;
20 import javax.ws.rs.GET;
21 import javax.ws.rs.POST;
22 import javax.ws.rs.PUT;
23 import javax.ws.rs.Path;
24 import javax.ws.rs.PathParam;
25 import javax.ws.rs.Produces;
26 import javax.ws.rs.core.Context;
27 import javax.ws.rs.core.MediaType;
28 import javax.ws.rs.core.Response;
29 import javax.ws.rs.core.SecurityContext;
30 import javax.ws.rs.core.UriInfo;
31 import javax.xml.bind.JAXBElement;
33 import org.codehaus.enunciate.jaxrs.ResponseCode;
34 import org.codehaus.enunciate.jaxrs.StatusCodes;
35 import org.codehaus.enunciate.jaxrs.TypeHint;
36 import org.opendaylight.controller.containermanager.IContainerAuthorization;
37 import org.opendaylight.controller.northbound.commons.RestMessages;
38 import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
39 import org.opendaylight.controller.northbound.commons.exception.InternalServerErrorException;
40 import org.opendaylight.controller.northbound.commons.exception.ResourceConflictException;
41 import org.opendaylight.controller.northbound.commons.exception.ResourceForbiddenException;
42 import org.opendaylight.controller.northbound.commons.exception.ResourceNotFoundException;
43 import org.opendaylight.controller.northbound.commons.exception.UnauthorizedException;
44 import org.opendaylight.controller.northbound.commons.utils.NorthboundUtils;
45 import org.opendaylight.controller.sal.authorization.Privilege;
46 import org.opendaylight.controller.sal.authorization.UserLevel;
47 import org.opendaylight.controller.sal.utils.GlobalConstants;
48 import org.opendaylight.controller.sal.utils.ServiceHelper;
49 import org.opendaylight.controller.sal.utils.Status;
50 import org.opendaylight.controller.usermanager.IUserManager;
52 import org.opendaylight.controller.containermanager.ContainerFlowConfig;
53 import org.opendaylight.controller.containermanager.IContainerManager;
54 import org.opendaylight.controller.containermanager.ContainerConfig;
57 * Container Manager Northbound API
61 * Authentication scheme : <b>HTTP Basic</b><br>
62 * Authentication realm : <b>opendaylight</b><br>
63 * Transport : <b>HTTP and HTTPS</b><br>
65 * HTTPS Authentication is disabled by default. Administrator can enable it in
66 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
67 * trusted authority.<br>
69 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
73 public class ContainerManagerNorthbound {
74 private String username;
77 public void setSecurityContext(SecurityContext context) {
79 principal = context.getUserPrincipal();
80 username = principal.getName();
83 protected String getUserName() {
87 private IContainerManager getContainerManager() {
88 IContainerManager containerMgr = (IContainerManager) ServiceHelper.getGlobalInstance(IContainerManager.class, this);
89 if (containerMgr == null) {
90 throw new InternalServerErrorException(RestMessages.INTERNALERROR.toString());
95 private void handleNameMismatch(String name, String nameinURL) {
96 if (name == null || nameinURL == null) {
97 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
100 if (name.equalsIgnoreCase(nameinURL)) {
103 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
109 * Get all the containers configured in the system
111 * @return a List of all {@link org.opendaylight.controller.containermanager.ContainerConfig}
118 * http://localhost:8080/controller/nb/v2/containermanager/all
120 * Response Payload in XML:
121 * <container-config-list>
122 *    <container-config>
123 *       <container>black</container>
124 *       <staticVlan>10</staticVlan>
125 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
126 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
127 *       <flowSpecs>
128 *        <name>tcp</name>
129 *        <protocol>TCP</protocol>
130 *       </flowSpecs>
131 *     </container-config>
132 *     <container-config>
133 *       <container>red</container>
134 *       <staticVlan>20</staticVlan>
135 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
136 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
137 *       <flowSpecs>
138 *        <name>udp</name>
139 *        <protocol>UDP</protocol>
140 *       </flowSpecs>
141 *     </container-config>
142 * </container-config-list>
144 * Response Payload in JSON:
145 * { "container-config" : [ { "name" : "black", "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"], "staticVlan" : "10", "flowSpecs : [{ "name": "udp", "protocol": "UDP" }] } ] }
146 * { "container-config" : [ { "name" : "red", "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"], "staticVlan" : "20", "flowSpecs": [{ "name": "tcp", "protocol": "TCP" }] } ] }
152 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
153 @TypeHint(ContainerConfigs.class)
154 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
155 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
156 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
157 public ContainerConfigs viewAllContainers() {
159 handleNetworkAuthorization(getUserName());
161 IContainerManager containerManager = getContainerManager();
163 return new ContainerConfigs(containerManager.getContainerConfigList());
167 * Get the container configuration for container name requested
170 * name of the Container (eg. blue)
171 * @return a List of {@link org.opendaylight.controller.containermanager.ContainerConfig}
178 * http://localhost:8080/controller/nb/v2/containermanager/container/blue
180 * Response Payload in XML:
181 * <container-config>
182 *     <container>blue</container>
183 *     <staticVlan>10</staticVlan>
184 *     <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
185 *     <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
186 * </container-config>
188 * Response Payload in JSON:
189 * { "container" : "blue", "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"], "staticVlan" : "10" }
193 @Path("/container/{container}")
195 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
196 @TypeHint(ContainerConfig.class)
197 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
198 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
199 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
200 @ResponseCode(code = 404, condition = "The container is not found") })
201 public ContainerConfigs viewContainer(@PathParam(value = "container") String container) {
203 handleContainerAuthorization(container, getUserName());
204 handleForbiddenOnDefault(container);
206 handleContainerNotExists(container);
208 IContainerManager containerManager = getContainerManager();
209 List<ContainerConfig> containerConfigs = new ArrayList<ContainerConfig>();
210 containerConfigs.add(containerManager.getContainerConfig(container));
211 return new ContainerConfigs(containerConfigs);
219 * name of the Container (eg. yellow)
220 * @param containerConfig
221 * details of the container as specified by:
222 * {@link org.opendaylight.controller.containermanager.ContainerConfig}
223 * @return Response as dictated by the HTTP Response Status code
230 * http://localhost:8080/controller/nb/v2/containermanager/container/yellow
232 * Request Payload in XML:
233 * <container-config>
234 *     <container>yellow</container>
235 *     <staticVlan>10</staticVlan>
236 *     <nodeConnectors></nodeConnectors>
237 * </container-config>
239 * Request Payload in JSON:
240 * { "container" : "yellow", "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"], "staticVlan" : "10"}
244 @Path("/container/{container}")
246 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
247 @StatusCodes({ @ResponseCode(code = 201, condition = "Container created successfully"),
248 @ResponseCode(code = 400, condition = "Invalid Container configuration."),
249 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
250 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
251 @ResponseCode(code = 404, condition = "Container Name is not found"),
252 @ResponseCode(code = 409, condition = "Failed to create Container due to Conflicting Name"),
253 @ResponseCode(code = 500, condition = "Failure Reason included in HTTP Error response") })
254 public Response createContainer(@Context UriInfo uriInfo,
255 @PathParam(value = "container") String container,
256 @TypeHint(ContainerConfig.class) ContainerConfig containerConfig) {
258 handleAdminAuthorization(getUserName());
259 handleContainerExists(container);
261 handleNameMismatch(containerConfig.getContainerName(), container);
262 handleForbiddenOnDefault(container);
264 IContainerManager containerManager = getContainerManager();
265 Status status = containerManager.addContainer(containerConfig);
266 if (status.isSuccess()) {
267 NorthboundUtils.auditlog("Container", username, "added", container);
268 return Response.created(uriInfo.getRequestUri()).build();
270 return NorthboundUtils.getResponse(status);
277 * name of the Container (eg. green)
278 * @return Response as dictated by the HTTP Response code
285 * http://localhost:8080/controller/nb/v2/containermanager/container/green
289 @Path("/container/{container}")
292 @ResponseCode(code = 204, condition = "Container deleted successfully"),
293 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
294 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
295 @ResponseCode(code = 404, condition = "The container is not found") })
296 public Response removeContainer(@PathParam(value = "container") String container) {
298 handleAdminAuthorization(getUserName());
299 handleForbiddenOnDefault(container);
300 handleContainerNotExists(container);
301 IContainerManager containerManager = getContainerManager();
302 Status status = containerManager.removeContainer(container);
303 if (status.isSuccess()) {
304 NorthboundUtils.auditlog("Container", username, "removed", container);
305 return Response.noContent().build();
307 return NorthboundUtils.getResponse(status);
311 * Get flowspec within a given container
314 * name of the Container (eg. green)
316 * name of the flowspec (eg. ssh)
317 * @return flowspec detail as specified by:
318 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
325 * http://localhost:8080/controller/nb/v2/containermanager/container/green/flowspec/ssh
327 * Response Payload in XML:
328 * <container-flowconfig>
329 *     <name>ssh</name>
330 *     <nwSrc>10.0.0.101</nwSrc>
331 *     <nwDst>10.0.0.102</nwDst>
332 *     <protocol>IPv4</protocol>
333 *     <tpSrc>80</tpSrc>
334 *     <tpDst>100</tpDst>
335 * </container-flowconfig>
337 * Response Payload in JSON:
338 * { "protocol" : "IPv4", "nwDst" : "10.0.0.102", "name" : "ssh", "nwSrc" : "10.0.0.101", "tpSrc" : "80", "tpDst" : "100" }
342 @Path("/container/{container}/flowspec/{flowspec}")
344 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
345 @TypeHint(ContainerFlowConfig.class)
346 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
347 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
348 @ResponseCode(code = 404, condition = "The container is not found"),
349 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
350 public ContainerFlowConfig viewContainerFlowSpec(@PathParam(value = "container") String container,
351 @PathParam(value = "flowspec") String flowspec) {
353 handleContainerAuthorization(container, getUserName());
354 handleForbiddenOnDefault(container);
356 handleContainerNotExists(container);
357 IContainerManager containerManager = getContainerManager();
358 List<ContainerFlowConfig> flowSpecs = containerManager.getContainerFlows(container);
360 for (ContainerFlowConfig containerFlowConfig : flowSpecs) {
361 if (containerFlowConfig.equalsByName(flowspec)) {
362 return containerFlowConfig;
365 throw new ResourceNotFoundException("Flow Spec not found");
369 * Get all the flowspec in a given container
372 * name of the Container (eg. red)
373 * @return list of all flowspec configured for a container. Flowspec as
375 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
382 * http://localhost:8080/controller/nb/v2/containermanager/container/red/flowspec
384 * Response Payload in XML:
385 * <container-flowconfigs>
386 *     <container-flowconfig>
387 *       <name>ssh</name>
388 *       <nwSrc>10.0.0.101</nwSrc>
389 *       <nwDst>10.0.0.102</nwDst>
390 *       <protocol>IPv4</protocol>
391 *       <tpSrc>23</tpSrc>
392 *       <tpDst>100</tpDst>
393 *     </container-flowconfig>
394 *     <container-flowconfig>
395 *       <name>http2</name>
396 *       <nwSrc>10.0.0.201</nwSrc>
397 *       <nwDst>10.0.0.202</nwDst>
398 *       <protocol></protocol>
399 *       <tpSrc>80</tpSrc>
400 *       <tpDst>100</tpDst>
401 *     </container-flowconfig>
402 * </container-flowconfigs>
404 * Response Payload in JSON:
405 * { "protocol" : "IPv4", "nwDst" : "10.0.0.102", "name" : "ssh" , "nwSrc" : "10.0.0.101", "tpSrc" : "23", "tpDst" : "100" }
406 * { "protocol" : "", "nwDst" : "10.0.0.202", "name" : "http" , "nwSrc" : "10.0.0.201", "tpSrc" : "80", "tpDst" : "100" }
410 @Path("/container/{container}/flowspec")
412 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
413 @TypeHint(FlowSpecConfigs.class)
414 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
415 @ResponseCode(code = 404, condition = "The container is not found"),
416 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
417 public FlowSpecConfigs viewContainerFlowSpecs(@PathParam(value = "container") String container) {
419 handleContainerAuthorization(container, getUserName());
420 handleForbiddenOnDefault(container);
422 handleContainerNotExists(container);
424 IContainerManager containerManager = getContainerManager();
426 return new FlowSpecConfigs(containerManager.getContainerFlows(container));
430 * Add flowspec to a container
433 * name of the container (eg. purple)
435 * name of the flowspec (eg. http)
437 * configuration as specified by:
438 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
440 * @return Response as dictated by the HTTP Response code
447 * http://localhost:8080/controller/nb/v2/containermanager/container/purple/flowspec/http
449 * Request Payload in XML:
450 * <container-flowconfig>
451 *     <name>http</name>
452 *     <nwSrc>10.0.0.101</nwSrc>
453 *     <nwDst>10.0.0.102</nwDst>
454 *     <protocol></protocol>
455 *     <tpSrc>80</tpSrc>
456 *     <tpDst>100</tpDst>
457 * </container-flowconfig>
459 * Request Payload in JSON:
460 * { "protocol" : "", "nwDst" : "10.0.0.102", "name" : "http", "nwSrc" : "10.0.0.101", "tpSrc" : "80", "tpDst" : "100" }
464 @Path("/container/{container}/flowspec/{flowspec}")
466 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
468 @ResponseCode(code = 201, condition = "FlowSpec created successfully"),
469 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
470 @ResponseCode(code = 404, condition = "The container is not found"),
471 @ResponseCode(code = 409, condition = "Container Entry already exists"),
472 @ResponseCode(code = 500, condition = "Failed to create Flow specifications. Failure Reason included in HTTP Error response") })
473 public Response createFlowSpec(@Context UriInfo uriInfo,
474 @PathParam(value = "container") String container,
475 @PathParam(value = "flowspec") String flowspec,
476 @TypeHint(ContainerFlowConfig.class) ContainerFlowConfig containerFlowConfig) {
478 handleAdminAuthorization(getUserName());
479 handleForbiddenOnDefault(container);
481 handleContainerNotExists(container);
482 handleNameMismatch(containerFlowConfig.getName(), flowspec);
484 IContainerManager containerManager = getContainerManager();
485 List<ContainerFlowConfig> list = new ArrayList<ContainerFlowConfig>();
486 list.add(containerFlowConfig);
487 Status status = containerManager.addContainerFlows(container, list);
488 if (status.isSuccess()) {
489 NorthboundUtils.auditlog("Flow Spec", username, "added", containerFlowConfig.getName());
490 return Response.created(uriInfo.getRequestUri()).build();
492 return NorthboundUtils.getResponse(status);
496 * Remove flowspec from a container
499 * name of the flowspec (eg. telnet)
501 * name of the Container (eg. black)
502 * @return Response as dictated by the HTTP Response code
509 * http://localhost:8080/controller/nb/v2/containermanager/container/black/flowspec/telnet
513 @Path("/container/{container}/flowspec/{flowspec}")
516 @ResponseCode(code = 204, condition = "Flow Spec deleted successfully"),
517 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
518 @ResponseCode(code = 404, condition = "Container or Container Entry not found"),
519 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
520 @ResponseCode(code = 500, condition = "Failed to delete Flowspec. Failure Reason included in HTTP Error response"),
521 @ResponseCode(code = 503, condition = "One or more of Controller service is unavailable") })
522 public Response removeFlowSpec(@PathParam(value = "container") String container,
523 @PathParam(value = "flowspec") String flowspec) {
525 handleAdminAuthorization(getUserName());
526 handleForbiddenOnDefault(container);
528 handleContainerNotExists(container);
530 IContainerManager containerManager = getContainerManager();
531 Set<String> set = new HashSet<String>();
533 Status status = containerManager.removeContainerFlows(container, set);
534 if (status.isSuccess()) {
535 NorthboundUtils.auditlog("Flow Spec", username, "added", flowspec);
536 return Response.noContent().build();
538 return NorthboundUtils.getResponse(status);
542 * Add node connectors to a container
545 * name of the container (eg. green)
547 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
548 * @return response as dictated by the HTTP Status code
555 * http://localhost:8080/controller/nb/v2/containermanager/container/green/nodeconnector
557 * Request Payload in XML:
559 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
560 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
561 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
562 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
565 * Request Payload in JSON:
566 * { "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|2@OF|00:00:00:00:00:00:00:01", "OF|3@OF|00:00:00:00:00:00:00:22", "OF|4@OF|00:00:00:00:00:00:00:22" }
570 @Path("/container/{container}/nodeconnector/")
572 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
573 @TypeHint(Response.class)
575 @ResponseCode(code = 200, condition = "NodeConnectors added successfully"),
576 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
577 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
578 @ResponseCode(code = 404, condition = "The Container is not found"),
579 @ResponseCode(code = 409, condition = "Container Entry already exists"),
580 @ResponseCode(code = 500, condition = "Failed to create nodeconnectors. Failure Reason included in HTTP Error response") })
581 public Response addNodeConnectors(@PathParam(value = "container") String container,
582 @TypeHint(StringList.class) StringList list) {
584 handleAdminAuthorization(getUserName());
585 handleForbiddenOnDefault(container);
586 handleContainerNotExists(container);
588 IContainerManager containerManager = getContainerManager();
589 Status status = containerManager.addContainerEntry(container, list.getList());
590 if (status.isSuccess()) {
591 NorthboundUtils.auditlog("Node ", username, "added", " Ports:" + list.getList());
593 return NorthboundUtils.getResponse(status);
597 * Remove node connectors from a container
600 * name of the container (eg. red)
602 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
603 * @return response as dictated by the HTTP Status code
610 * http://localhost:8080/controller/nb/v2/containermanager/container/red/nodeconnector
612 * Request Payload in XML:
614 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
615 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
616 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
617 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
620 * Request Payload in JSON:
621 * { "nodeConnectors" : ["OF|1@OF|00:00:00:00:00:00:00:01", "OF|2@OF|00:00:00:00:00:00:00:01", "OF|3@OF|00:00:00:00:00:00:00:22", "OF|4@OF|00:00:00:00:00:00:00:22" }
625 @Path("/container/{container}/nodeconnector/")
627 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
629 @ResponseCode(code = 204, condition = "Container Entry deleted successfully"),
630 @ResponseCode(code = 400, condition = "Invalid Container Entry configuration"),
631 @ResponseCode(code = 404, condition = "The Container is not found"),
632 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
633 @ResponseCode(code = 500, condition = "Failed to delete node connector. Failure Reason included in HTTP Error response") })
634 public Response removeNodeConnectors(@PathParam(value = "container") String container,
635 @TypeHint(StringList.class) StringList portList) {
637 handleAdminAuthorization(getUserName());
638 handleForbiddenOnDefault(container);
639 handleContainerNotExists(container);
641 IContainerManager containerManager = getContainerManager();
642 Status status = containerManager.removeContainerEntry(container, portList.getList());
643 if (status.isSuccess()) {
644 NorthboundUtils.auditlog("Node", username, "removed", " Ports:" + portList.getList());
645 return Response.noContent().build();
647 return NorthboundUtils.getResponse(status);
651 * Check If the function is not allowed on default container, Throw a
652 * ResourceForbiddenException exception if forbidden
654 private void handleForbiddenOnDefault(String container) {
655 if (container.equalsIgnoreCase(GlobalConstants.DEFAULT.toString())) {
656 throw new ResourceForbiddenException(RestMessages.NODEFAULT.toString() + ": " + container);
661 * Check if container exists, Throw a ResourceNotFoundException exception if it
664 private void handleContainerNotExists(String container) {
665 IContainerManager containerManager = getContainerManager();
666 if (!containerManager.doesContainerExist(container)) {
667 throw new ResourceNotFoundException(RestMessages.NOCONTAINER.toString() + ": " + container);
671 private void handleContainerExists(String container) {
672 IContainerManager containerManager = getContainerManager();
673 if (containerManager.doesContainerExist(container)) {
674 throw new ResourceConflictException(RestMessages.RESOURCECONFLICT.toString() + ": " + container);
678 private void handleAdminAuthorization(String userName) {
679 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
681 UserLevel level = usrMgr.getUserLevel(userName);
682 if (level.ordinal() <= UserLevel.NETWORKADMIN.ordinal()) {
686 throw new UnauthorizedException("User is not authorized to perform this operation");
689 private void handleNetworkAuthorization(String userName) {
690 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
692 UserLevel level = usrMgr.getUserLevel(userName);
693 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
696 throw new UnauthorizedException("User is not authorized to perform this operation");
699 private void handleContainerAuthorization(String container, String userName) {
700 IContainerAuthorization auth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
701 IContainerAuthorization.class, this);
703 UserLevel level = auth.getUserLevel(userName);
704 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
708 Privilege current = (auth == null) ? Privilege.NONE : auth.getResourcePrivilege(userName, container);
710 if (current.ordinal() > Privilege.NONE.ordinal()) {
713 throw new UnauthorizedException("User is not authorized to perform this operation");