2 * Copyright (c) 2014, 2015 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.netvirt.openstack.netvirt.translator.crud.impl;
11 import java.util.ArrayList;
12 import java.util.HashSet;
13 import java.util.List;
16 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
17 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronSecurityRuleCRUD;
18 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityGroup;
19 import org.opendaylight.netvirt.openstack.netvirt.translator.NeutronSecurityRule;
20 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.INeutronSecurityGroupCRUD;
21 import org.opendaylight.netvirt.openstack.netvirt.translator.crud.NeutronCRUDInterfaces;
22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
23 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;
25 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;
26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmpV6;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.SecurityRules;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRuleBuilder;
38 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
39 import org.osgi.framework.BundleContext;
40 import org.osgi.framework.ServiceRegistration;
41 import org.slf4j.Logger;
42 import org.slf4j.LoggerFactory;
44 import com.google.common.collect.ImmutableBiMap;
47 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
49 private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
51 private static final ImmutableBiMap<Class<? extends DirectionBase>, String> DIRECTION_MAP = ImmutableBiMap.of(
52 DirectionEgress.class, NeutronSecurityRule.DIRECTION_EGRESS,
53 DirectionIngress.class, NeutronSecurityRule.DIRECTION_INGRESS);
54 private static final ImmutableBiMap<Class<? extends ProtocolBase>, String> PROTOCOL_MAP = ImmutableBiMap.of(
55 ProtocolIcmp.class, NeutronSecurityRule.PROTOCOL_ICMP,
56 ProtocolTcp.class, NeutronSecurityRule.PROTOCOL_TCP,
57 ProtocolUdp.class, NeutronSecurityRule.PROTOCOL_UDP,
58 ProtocolIcmpV6.class, NeutronSecurityRule.PROTOCOL_ICMPV6);
59 private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP = ImmutableBiMap.of(
60 EthertypeV4.class, NeutronSecurityRule.ETHERTYPE_IPV4,
61 EthertypeV6.class, NeutronSecurityRule.ETHERTYPE_IPV6);
63 NeutronSecurityRuleInterface(ProviderContext providerContext) {
64 super(providerContext);
67 private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
68 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
69 .fetchINeutronSecurityGroupCRUD(this);
70 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
71 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
72 if(sg != null && sg.getSecurityRules() != null) {
73 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
74 if(sgr != null && sgr.getID() != null && sgr.getID().equals(input.getID())) {
75 int index = sg.getSecurityRules().indexOf(sgr);
76 sg.getSecurityRules().set(index, input);
81 sg.getSecurityRules().add(input);
85 private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
86 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
87 .fetchINeutronSecurityGroupCRUD(this);
88 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
89 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
90 if(sg != null && sg.getSecurityRules() != null) {
91 List<NeutronSecurityRule> toRemove = new ArrayList<>();
92 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
93 if(sgr.getID() != null && sgr.getID().equals(input.getID())) {
97 sg.getSecurityRules().removeAll(toRemove);
102 public boolean neutronSecurityRuleExists(String uuid) {
103 SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
108 public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
109 SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
117 public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
118 Set<NeutronSecurityRule> allSecurityRules = new HashSet<>();
119 SecurityRules rules = readMd(createInstanceIdentifier());
121 for (SecurityRule rule: rules.getSecurityRule()) {
122 allSecurityRules.add(fromMd(rule));
125 LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
126 return new ArrayList<>(allSecurityRules);
130 public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
131 if (neutronSecurityRuleExists(input.getID())) {
134 updateSecGroupRuleInSecurityGroup(input);
140 public boolean removeNeutronSecurityRule(String uuid) {
141 if (!neutronSecurityRuleExists(uuid)) {
144 removeSecGroupRuleFromSecurityGroup(getNeutronSecurityRule(uuid));
145 removeMd(toMd(uuid));
150 public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
151 if (!neutronSecurityRuleExists(uuid)) {
154 updateSecGroupRuleInSecurityGroup(delta);
160 public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
161 return !neutronSecurityRuleExists(securityRuleUUID);
164 protected NeutronSecurityRule fromMd(SecurityRule rule) {
165 NeutronSecurityRule answer = new NeutronSecurityRule();
166 if (rule.getTenantId() != null) {
167 answer.setSecurityRuleTenantID(rule.getTenantId().getValue().replace("-",""));
169 if (rule.getDirection() != null) {
170 answer.setSecurityRuleDirection(DIRECTION_MAP.get(rule.getDirection()));
172 if (rule.getSecurityGroupId() != null) {
173 answer.setSecurityRuleGroupID(rule.getSecurityGroupId().getValue());
175 if (rule.getRemoteGroupId() != null) {
176 answer.setSecurityRemoteGroupID(rule.getRemoteGroupId().getValue());
178 if (rule.getRemoteIpPrefix() != null) {
179 answer.setSecurityRuleRemoteIpPrefix(rule.getRemoteIpPrefix().getIpv4Prefix() != null?
180 rule.getRemoteIpPrefix().getIpv4Prefix().getValue():rule.getRemoteIpPrefix().getIpv6Prefix().getValue());
182 if (rule.getProtocol() != null) {
183 answer.setSecurityRuleProtocol(PROTOCOL_MAP.get(rule.getProtocol()));
185 if (rule.getEthertype() != null) {
186 answer.setSecurityRuleEthertype(ETHERTYPE_MAP.get(rule.getEthertype()));
188 if (rule.getPortRangeMin() != null) {
189 answer.setSecurityRulePortMin(rule.getPortRangeMin());
191 if (rule.getPortRangeMax() != null) {
192 answer.setSecurityRulePortMax(rule.getPortRangeMax());
194 if (rule.getId() != null) {
195 answer.setID(rule.getId().getValue());
201 protected SecurityRule toMd(NeutronSecurityRule securityRule) {
202 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
204 if (securityRule.getSecurityRuleTenantID() != null) {
205 securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
207 if (securityRule.getSecurityRuleDirection() != null) {
208 ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
209 DIRECTION_MAP.inverse();
210 securityRuleBuilder.setDirection(mapper.get(securityRule.getSecurityRuleDirection()));
212 if (securityRule.getSecurityRuleGroupID() != null) {
213 securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
215 if (securityRule.getSecurityRemoteGroupID() != null) {
216 securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
218 if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
219 securityRuleBuilder.setRemoteIpPrefix(new IpPrefix(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray()));
221 if (securityRule.getSecurityRuleProtocol() != null) {
222 ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
223 PROTOCOL_MAP.inverse();
224 securityRuleBuilder.setProtocol(mapper.get(securityRule.getSecurityRuleProtocol()));
226 if (securityRule.getSecurityRuleEthertype() != null) {
227 ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
228 ETHERTYPE_MAP.inverse();
229 securityRuleBuilder.setEthertype(mapper.get(securityRule.getSecurityRuleEthertype()));
231 if (securityRule.getSecurityRulePortMin() != null) {
232 securityRuleBuilder.setPortRangeMin(securityRule.getSecurityRulePortMin());
234 if (securityRule.getSecurityRulePortMax() != null) {
235 securityRuleBuilder.setPortRangeMax(securityRule.getSecurityRulePortMax());
237 if (securityRule.getID() != null) {
238 securityRuleBuilder.setId(toUuid(securityRule.getID()));
240 LOGGER.warn("Attempting to write neutron securityRule without UUID");
242 return securityRuleBuilder.build();
246 protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
247 return InstanceIdentifier.create(Neutron.class)
248 .child(SecurityRules.class).child(SecurityRule.class,
249 securityRule.getKey());
252 protected InstanceIdentifier<SecurityRules> createInstanceIdentifier() {
253 return InstanceIdentifier.create(Neutron.class)
254 .child(SecurityRules.class);
258 protected SecurityRule toMd(String uuid) {
259 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
260 securityRuleBuilder.setId(toUuid(uuid));
261 return securityRuleBuilder.build();
264 public static void registerNewInterface(BundleContext context,
265 ProviderContext providerContext,
266 List<ServiceRegistration<?>> registrations) {
267 NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
268 ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
269 if(neutronSecurityRuleInterfaceRegistration != null) {
270 registrations.add(neutronSecurityRuleInterfaceRegistration);