openstack/net-virt/src/main/java/org/opendaylight/netvirt/openstack/netvirt/translator/crud/impl/NeutronSecurityRuleInterface.java

   1 /*
   2  * Copyright (c) 2014, 2015 Red Hat, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.netvirt.openstack.netvirt.translator.crud.impl;
  10
  11 import java.util.ArrayList;
  12 import java.util.HashSet;
  13 import java.util.List;
  14 import java.util.Set;
  15
  16 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
  17 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronSecurityRuleCRUD;
  18 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityGroup;
  19 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityRule;
  20 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronSecurityGroupCRUD;
  21 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.NeutronCRUDInterfaces;
  22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;
  25 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;
  26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;
  27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmpV6;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;
  33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;
  34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
  35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.SecurityRules;
  36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;
  37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRuleBuilder;
  38 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  39 import org.osgi.framework.BundleContext;
  40 import org.osgi.framework.ServiceRegistration;
  41 import org.slf4j.Logger;
  42 import org.slf4j.LoggerFactory;
  43
  44 import com.google.common.collect.ImmutableBiMap;
  45
  46
  47 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
  48
  49     private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
  50
  51     private static final ImmutableBiMap<Class<? extends DirectionBase>, String> DIRECTION_MAP = ImmutableBiMap.of(
  52             DirectionEgress.class, NeutronSecurityRule.DIRECTION_EGRESS,
  53             DirectionIngress.class, NeutronSecurityRule.DIRECTION_INGRESS);
  54     private static final ImmutableBiMap<Class<? extends ProtocolBase>, String> PROTOCOL_MAP = ImmutableBiMap.of(
  55             ProtocolIcmp.class, NeutronSecurityRule.PROTOCOL_ICMP,
  56             ProtocolTcp.class, NeutronSecurityRule.PROTOCOL_TCP,
  57             ProtocolUdp.class, NeutronSecurityRule.PROTOCOL_UDP,
  58             ProtocolIcmpV6.class, NeutronSecurityRule.PROTOCOL_ICMPV6);
  59     private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP = ImmutableBiMap.of(
  60             EthertypeV4.class, NeutronSecurityRule.ETHERTYPE_IPV4,
  61             EthertypeV6.class, NeutronSecurityRule.ETHERTYPE_IPV6);
  62
  63     NeutronSecurityRuleInterface(ProviderContext providerContext) {
  64         super(providerContext);
  65     }
  66
  67     private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
  68         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  69             .fetchINeutronSecurityGroupCRUD(this);
  70         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  71         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  72         if(sg != null && sg.getSecurityRules() != null) {
  73             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  74                 if(sgr != null && sgr.getID() != null && sgr.getID().equals(input.getID())) {
  75                     int index = sg.getSecurityRules().indexOf(sgr);
  76                     sg.getSecurityRules().set(index, input);
  77                 }
  78             }
  79         }
  80         if (sg != null) {
  81             sg.getSecurityRules().add(input);
  82         }
  83     }
  84
  85     private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
  86         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  87             .fetchINeutronSecurityGroupCRUD(this);
  88         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  89         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  90         if(sg != null && sg.getSecurityRules() != null) {
  91             List<NeutronSecurityRule> toRemove = new ArrayList<>();
  92             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  93                 if(sgr.getID() != null && sgr.getID().equals(input.getID())) {
  94                     toRemove.add(sgr);
  95                 }
  96             }
  97             sg.getSecurityRules().removeAll(toRemove);
  98         }
  99     }
 100
 101     @Override
 102     public boolean neutronSecurityRuleExists(String uuid) {
 103         SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
 104         return rule != null;
 105     }
 106
 107     @Override
 108     public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
 109         SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
 110         if (rule == null) {
 111             return null;
 112         }
 113         return fromMd(rule);
 114     }
 115
 116     @Override
 117     public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
 118         Set<NeutronSecurityRule> allSecurityRules = new HashSet<>();
 119         SecurityRules rules = readMd(createInstanceIdentifier());
 120         if (rules != null) {
 121             for (SecurityRule rule: rules.getSecurityRule()) {
 122                 allSecurityRules.add(fromMd(rule));
 123             }
 124         }
 125         LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
 126         return new ArrayList<>(allSecurityRules);
 127     }
 128
 129     @Override
 130     public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
 131         if (neutronSecurityRuleExists(input.getID())) {
 132             return false;
 133         }
 134         updateSecGroupRuleInSecurityGroup(input);
 135         addMd(input);
 136         return true;
 137     }
 138
 139     @Override
 140     public boolean removeNeutronSecurityRule(String uuid) {
 141         if (!neutronSecurityRuleExists(uuid)) {
 142             return false;
 143         }
 144         removeSecGroupRuleFromSecurityGroup(getNeutronSecurityRule(uuid));
 145         removeMd(toMd(uuid));
 146         return true;
 147     }
 148
 149     @Override
 150     public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
 151         if (!neutronSecurityRuleExists(uuid)) {
 152             return false;
 153         }
 154         updateSecGroupRuleInSecurityGroup(delta);
 155         updateMd(delta);
 156         return true;
 157     }
 158
 159     @Override
 160     public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
 161         return !neutronSecurityRuleExists(securityRuleUUID);
 162     }
 163
 164     protected NeutronSecurityRule fromMd(SecurityRule rule) {
 165         NeutronSecurityRule answer = new NeutronSecurityRule();
 166         if (rule.getTenantId() != null) {
 167             answer.setSecurityRuleTenantID(rule.getTenantId().getValue().replace("-",""));
 168         }
 169         if (rule.getDirection() != null) {
 170             answer.setSecurityRuleDirection(DIRECTION_MAP.get(rule.getDirection()));
 171         }
 172         if (rule.getSecurityGroupId() != null) {
 173             answer.setSecurityRuleGroupID(rule.getSecurityGroupId().getValue());
 174         }
 175         if (rule.getRemoteGroupId() != null) {
 176             answer.setSecurityRemoteGroupID(rule.getRemoteGroupId().getValue());
 177         }
 178         if (rule.getRemoteIpPrefix() != null) {
 179             answer.setSecurityRuleRemoteIpPrefix(rule.getRemoteIpPrefix().getIpv4Prefix() != null?
 180                     rule.getRemoteIpPrefix().getIpv4Prefix().getValue():rule.getRemoteIpPrefix().getIpv6Prefix().getValue());
 181         }
 182         if (rule.getProtocol() != null) {
 183             answer.setSecurityRuleProtocol(PROTOCOL_MAP.get(rule.getProtocol()));
 184         }
 185         if (rule.getEthertype() != null) {
 186             answer.setSecurityRuleEthertype(ETHERTYPE_MAP.get(rule.getEthertype()));
 187         }
 188         if (rule.getPortRangeMin() != null) {
 189             answer.setSecurityRulePortMin(rule.getPortRangeMin());
 190         }
 191         if (rule.getPortRangeMax() != null) {
 192             answer.setSecurityRulePortMax(rule.getPortRangeMax());
 193         }
 194         if (rule.getId() != null) {
 195             answer.setID(rule.getId().getValue());
 196         }
 197         return answer;
 198     }
 199
 200     @Override
 201     protected SecurityRule toMd(NeutronSecurityRule securityRule) {
 202         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 203
 204         if (securityRule.getSecurityRuleTenantID() != null) {
 205             securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
 206         }
 207         if (securityRule.getSecurityRuleDirection() != null) {
 208             ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
 209                     DIRECTION_MAP.inverse();
 210             securityRuleBuilder.setDirection(mapper.get(securityRule.getSecurityRuleDirection()));
 211         }
 212         if (securityRule.getSecurityRuleGroupID() != null) {
 213             securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
 214         }
 215         if (securityRule.getSecurityRemoteGroupID() != null) {
 216             securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
 217         }
 218         if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
 219             securityRuleBuilder.setRemoteIpPrefix(new IpPrefix(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray()));
 220         }
 221         if (securityRule.getSecurityRuleProtocol() != null) {
 222             ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
 223                     PROTOCOL_MAP.inverse();
 224             securityRuleBuilder.setProtocol(mapper.get(securityRule.getSecurityRuleProtocol()));
 225         }
 226         if (securityRule.getSecurityRuleEthertype() != null) {
 227             ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
 228                     ETHERTYPE_MAP.inverse();
 229             securityRuleBuilder.setEthertype(mapper.get(securityRule.getSecurityRuleEthertype()));
 230         }
 231         if (securityRule.getSecurityRulePortMin() != null) {
 232             securityRuleBuilder.setPortRangeMin(securityRule.getSecurityRulePortMin());
 233         }
 234         if (securityRule.getSecurityRulePortMax() != null) {
 235             securityRuleBuilder.setPortRangeMax(securityRule.getSecurityRulePortMax());
 236         }
 237         if (securityRule.getID() != null) {
 238             securityRuleBuilder.setId(toUuid(securityRule.getID()));
 239         } else {
 240             LOGGER.warn("Attempting to write neutron securityRule without UUID");
 241         }
 242         return securityRuleBuilder.build();
 243     }
 244
 245     @Override
 246     protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
 247         return InstanceIdentifier.create(Neutron.class)
 248             .child(SecurityRules.class).child(SecurityRule.class,
 249                                               securityRule.getKey());
 250     }
 251
 252     protected InstanceIdentifier<SecurityRules> createInstanceIdentifier() {
 253         return InstanceIdentifier.create(Neutron.class)
 254             .child(SecurityRules.class);
 255     }
 256
 257     @Override
 258     protected SecurityRule toMd(String uuid) {
 259         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 260         securityRuleBuilder.setId(toUuid(uuid));
 261         return securityRuleBuilder.build();
 262     }
 263
 264     public static void registerNewInterface(BundleContext context,
 265                                             ProviderContext providerContext,
 266                                             List<ServiceRegistration<?>> registrations) {
 267         NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
 268         ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
 269         if(neutronSecurityRuleInterfaceRegistration != null) {
 270             registrations.add(neutronSecurityRuleInterfaceRegistration);
 271         }
 272     }
 273 }