openstack/net-virt/src/main/java/org/opendaylight/ovsdb/openstack/netvirt/translator/crud/impl/NeutronSecurityRuleInterface.java

   1 /*
   2  * Copyright (c) 2014, 2015 Red Hat, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.ovsdb.openstack.netvirt.translator.crud.impl;
  10
  11 import java.util.ArrayList;
  12 import java.util.HashSet;
  13 import java.util.List;
  14 import java.util.Set;
  15
  16 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
  17 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
  18 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
  19 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSecurityGroupCRUD;
  20 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSecurityRuleCRUD;
  21 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.NeutronCRUDInterfaces;
  22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;
  25 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;
  26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;
  27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmpV6;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;
  33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;
  34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
  35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.SecurityRules;
  36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;
  37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRuleBuilder;
  38 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  39 import org.osgi.framework.BundleContext;
  40 import org.osgi.framework.ServiceRegistration;
  41 import org.slf4j.Logger;
  42 import org.slf4j.LoggerFactory;
  43
  44 import com.google.common.collect.ImmutableBiMap;
  45
  46
  47 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
  48
  49     private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
  50
  51     private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
  52     = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
  53     .put(DirectionEgress.class,"egress")
  54     .put(DirectionIngress.class,"ingress")
  55     .build();
  56     private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
  57     = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
  58     .put(ProtocolIcmp.class,"icmp")
  59     .put(ProtocolTcp.class,"tcp")
  60     .put(ProtocolUdp.class,"udp")
  61     .put(ProtocolIcmpV6.class,"icmpv6")
  62     .build();
  63     private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
  64     = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
  65     .put(EthertypeV4.class,"IPv4")
  66     .put(EthertypeV6.class,"IPv6")
  67     .build();
  68
  69     NeutronSecurityRuleInterface(ProviderContext providerContext) {
  70         super(providerContext);
  71     }
  72
  73     private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
  74         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  75             .fetchINeutronSecurityGroupCRUD(this);
  76         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  77         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  78         if(sg != null && sg.getSecurityRules() != null) {
  79             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  80                 if(sgr != null && sgr.getID() != null && sgr.getID().equals(input.getID())) {
  81                     int index = sg.getSecurityRules().indexOf(sgr);
  82                     sg.getSecurityRules().set(index, input);
  83                 }
  84             }
  85         }
  86         if (sg != null) {
  87             sg.getSecurityRules().add(input);
  88         }
  89     }
  90
  91     private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
  92         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  93             .fetchINeutronSecurityGroupCRUD(this);
  94         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  95         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  96         if(sg != null && sg.getSecurityRules() != null) {
  97             List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
  98             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  99                 if(sgr.getID() != null && sgr.getID().equals(input.getID())) {
 100                     toRemove.add(sgr);
 101                 }
 102             }
 103             sg.getSecurityRules().removeAll(toRemove);
 104         }
 105     }
 106
 107     @Override
 108     public boolean neutronSecurityRuleExists(String uuid) {
 109         SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
 110         if (rule == null) {
 111             return false;
 112         }
 113         return true;
 114     }
 115
 116     @Override
 117     public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
 118         SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
 119         if (rule == null) {
 120             return null;
 121         }
 122         return fromMd(rule);
 123     }
 124
 125     @Override
 126     public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
 127         Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
 128         SecurityRules rules = readMd(createInstanceIdentifier());
 129         if (rules != null) {
 130             for (SecurityRule rule: rules.getSecurityRule()) {
 131                 allSecurityRules.add(fromMd(rule));
 132             }
 133         }
 134         LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
 135         List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
 136         ans.addAll(allSecurityRules);
 137         return ans;
 138     }
 139
 140     @Override
 141     public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
 142         if (neutronSecurityRuleExists(input.getID())) {
 143             return false;
 144         }
 145         updateSecGroupRuleInSecurityGroup(input);
 146         addMd(input);
 147         return true;
 148     }
 149
 150     @Override
 151     public boolean removeNeutronSecurityRule(String uuid) {
 152         if (!neutronSecurityRuleExists(uuid)) {
 153             return false;
 154         }
 155         removeSecGroupRuleFromSecurityGroup(getNeutronSecurityRule(uuid));
 156         removeMd(toMd(uuid));
 157         return true;
 158     }
 159
 160     @Override
 161     public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
 162         if (!neutronSecurityRuleExists(uuid)) {
 163             return false;
 164         }
 165         updateSecGroupRuleInSecurityGroup(delta);
 166         updateMd(delta);
 167         return true;
 168     }
 169
 170     @Override
 171     public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
 172         return !neutronSecurityRuleExists(securityRuleUUID);
 173     }
 174
 175     protected NeutronSecurityRule fromMd(SecurityRule rule) {
 176         NeutronSecurityRule answer = new NeutronSecurityRule();
 177         if (rule.getTenantId() != null) {
 178             answer.setSecurityRuleTenantID(rule.getTenantId().getValue().replace("-",""));
 179         }
 180         if (rule.getDirection() != null) {
 181             answer.setSecurityRuleDirection(DIRECTION_MAP.get(rule.getDirection()));
 182         }
 183         if (rule.getSecurityGroupId() != null) {
 184             answer.setSecurityRuleGroupID(rule.getSecurityGroupId().getValue());
 185         }
 186         if (rule.getRemoteGroupId() != null) {
 187             answer.setSecurityRemoteGroupID(rule.getRemoteGroupId().getValue());
 188         }
 189         if (rule.getRemoteIpPrefix() != null) {
 190             answer.setSecurityRuleRemoteIpPrefix(rule.getRemoteIpPrefix().getIpv4Prefix() != null?
 191                     rule.getRemoteIpPrefix().getIpv4Prefix().getValue():rule.getRemoteIpPrefix().getIpv6Prefix().getValue());
 192         }
 193         if (rule.getProtocol() != null) {
 194             answer.setSecurityRuleProtocol(PROTOCOL_MAP.get(rule.getProtocol()));
 195         }
 196         if (rule.getEthertype() != null) {
 197             answer.setSecurityRuleEthertype(ETHERTYPE_MAP.get(rule.getEthertype()));
 198         }
 199         if (rule.getPortRangeMin() != null) {
 200             answer.setSecurityRulePortMin(Integer.valueOf(rule.getPortRangeMin()));
 201         }
 202         if (rule.getPortRangeMax() != null) {
 203             answer.setSecurityRulePortMax(Integer.valueOf(rule.getPortRangeMax()));
 204         }
 205         if (rule.getId() != null) {
 206             answer.setID(rule.getId().getValue());
 207         }
 208         return answer;
 209     }
 210
 211     @Override
 212     protected SecurityRule toMd(NeutronSecurityRule securityRule) {
 213         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 214
 215         if (securityRule.getSecurityRuleTenantID() != null) {
 216             securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
 217         }
 218         if (securityRule.getSecurityRuleDirection() != null) {
 219             ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
 220                     DIRECTION_MAP.inverse();
 221             securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
 222         }
 223         if (securityRule.getSecurityRuleGroupID() != null) {
 224             securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
 225         }
 226         if (securityRule.getSecurityRemoteGroupID() != null) {
 227             securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
 228         }
 229         if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
 230             securityRuleBuilder.setRemoteIpPrefix(new IpPrefix(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray()));
 231         }
 232         if (securityRule.getSecurityRuleProtocol() != null) {
 233             ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
 234                     PROTOCOL_MAP.inverse();
 235             securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
 236         }
 237         if (securityRule.getSecurityRuleEthertype() != null) {
 238             ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
 239                     ETHERTYPE_MAP.inverse();
 240             securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
 241         }
 242         if (securityRule.getSecurityRulePortMin() != null) {
 243             securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
 244         }
 245         if (securityRule.getSecurityRulePortMax() != null) {
 246             securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
 247         }
 248         if (securityRule.getID() != null) {
 249             securityRuleBuilder.setId(toUuid(securityRule.getID()));
 250         } else {
 251             LOGGER.warn("Attempting to write neutron securityRule without UUID");
 252         }
 253         return securityRuleBuilder.build();
 254     }
 255
 256     @Override
 257     protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
 258         return InstanceIdentifier.create(Neutron.class)
 259             .child(SecurityRules.class).child(SecurityRule.class,
 260                                               securityRule.getKey());
 261     }
 262
 263     protected InstanceIdentifier<SecurityRules> createInstanceIdentifier() {
 264         return InstanceIdentifier.create(Neutron.class)
 265             .child(SecurityRules.class);
 266     }
 267
 268     @Override
 269     protected SecurityRule toMd(String uuid) {
 270         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 271         securityRuleBuilder.setId(toUuid(uuid));
 272         return securityRuleBuilder.build();
 273     }
 274
 275     public static void registerNewInterface(BundleContext context,
 276                                             ProviderContext providerContext,
 277                                             List<ServiceRegistration<?>> registrations) {
 278         NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
 279         ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
 280         if(neutronSecurityRuleInterfaceRegistration != null) {
 281             registrations.add(neutronSecurityRuleInterfaceRegistration);
 282         }
 283     }
 284 }