2 * Copyright (c) 2014, 2015 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.ovsdb.openstack.netvirt.translator.crud.impl;
11 import java.util.ArrayList;
12 import java.util.HashSet;
13 import java.util.List;
16 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
17 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup;
18 import org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityRule;
19 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSecurityGroupCRUD;
20 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.INeutronSecurityRuleCRUD;
21 import org.opendaylight.ovsdb.openstack.netvirt.translator.crud.NeutronCRUDInterfaces;
22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
23 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;
25 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;
26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmpV6;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.SecurityRules;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRuleBuilder;
38 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
39 import org.osgi.framework.BundleContext;
40 import org.osgi.framework.ServiceRegistration;
41 import org.slf4j.Logger;
42 import org.slf4j.LoggerFactory;
44 import com.google.common.collect.ImmutableBiMap;
47 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
49 private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
51 private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
52 = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
53 .put(DirectionEgress.class,"egress")
54 .put(DirectionIngress.class,"ingress")
56 private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
57 = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
58 .put(ProtocolIcmp.class,"icmp")
59 .put(ProtocolTcp.class,"tcp")
60 .put(ProtocolUdp.class,"udp")
61 .put(ProtocolIcmpV6.class,"icmpv6")
63 private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
64 = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
65 .put(EthertypeV4.class,"IPv4")
66 .put(EthertypeV6.class,"IPv6")
69 NeutronSecurityRuleInterface(ProviderContext providerContext) {
70 super(providerContext);
73 private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
74 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
75 .fetchINeutronSecurityGroupCRUD(this);
76 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
77 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
78 if(sg != null && sg.getSecurityRules() != null) {
79 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
80 if(sgr != null && sgr.getID() != null && sgr.getID().equals(input.getID())) {
81 int index = sg.getSecurityRules().indexOf(sgr);
82 sg.getSecurityRules().set(index, input);
87 sg.getSecurityRules().add(input);
91 private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
92 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
93 .fetchINeutronSecurityGroupCRUD(this);
94 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
95 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
96 if(sg != null && sg.getSecurityRules() != null) {
97 List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
98 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
99 if(sgr.getID() != null && sgr.getID().equals(input.getID())) {
103 sg.getSecurityRules().removeAll(toRemove);
108 public boolean neutronSecurityRuleExists(String uuid) {
109 SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
117 public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
118 SecurityRule rule = readMd(createInstanceIdentifier(toMd(uuid)));
126 public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
127 Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
128 SecurityRules rules = readMd(createInstanceIdentifier());
130 for (SecurityRule rule: rules.getSecurityRule()) {
131 allSecurityRules.add(fromMd(rule));
134 LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
135 List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
136 ans.addAll(allSecurityRules);
141 public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
142 if (neutronSecurityRuleExists(input.getID())) {
145 updateSecGroupRuleInSecurityGroup(input);
151 public boolean removeNeutronSecurityRule(String uuid) {
152 if (!neutronSecurityRuleExists(uuid)) {
155 removeSecGroupRuleFromSecurityGroup(getNeutronSecurityRule(uuid));
156 removeMd(toMd(uuid));
161 public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
162 if (!neutronSecurityRuleExists(uuid)) {
165 updateSecGroupRuleInSecurityGroup(delta);
171 public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
172 return !neutronSecurityRuleExists(securityRuleUUID);
175 protected NeutronSecurityRule fromMd(SecurityRule rule) {
176 NeutronSecurityRule answer = new NeutronSecurityRule();
177 if (rule.getTenantId() != null) {
178 answer.setSecurityRuleTenantID(rule.getTenantId().getValue().replace("-",""));
180 if (rule.getDirection() != null) {
181 answer.setSecurityRuleDirection(DIRECTION_MAP.get(rule.getDirection()));
183 if (rule.getSecurityGroupId() != null) {
184 answer.setSecurityRuleGroupID(rule.getSecurityGroupId().getValue());
186 if (rule.getRemoteGroupId() != null) {
187 answer.setSecurityRemoteGroupID(rule.getRemoteGroupId().getValue());
189 if (rule.getRemoteIpPrefix() != null) {
190 answer.setSecurityRuleRemoteIpPrefix(rule.getRemoteIpPrefix().getIpv4Prefix() != null?
191 rule.getRemoteIpPrefix().getIpv4Prefix().getValue():rule.getRemoteIpPrefix().getIpv6Prefix().getValue());
193 if (rule.getProtocol() != null) {
194 answer.setSecurityRuleProtocol(PROTOCOL_MAP.get(rule.getProtocol()));
196 if (rule.getEthertype() != null) {
197 answer.setSecurityRuleEthertype(ETHERTYPE_MAP.get(rule.getEthertype()));
199 if (rule.getPortRangeMin() != null) {
200 answer.setSecurityRulePortMin(Integer.valueOf(rule.getPortRangeMin()));
202 if (rule.getPortRangeMax() != null) {
203 answer.setSecurityRulePortMax(Integer.valueOf(rule.getPortRangeMax()));
205 if (rule.getId() != null) {
206 answer.setID(rule.getId().getValue());
212 protected SecurityRule toMd(NeutronSecurityRule securityRule) {
213 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
215 if (securityRule.getSecurityRuleTenantID() != null) {
216 securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
218 if (securityRule.getSecurityRuleDirection() != null) {
219 ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
220 DIRECTION_MAP.inverse();
221 securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
223 if (securityRule.getSecurityRuleGroupID() != null) {
224 securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
226 if (securityRule.getSecurityRemoteGroupID() != null) {
227 securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
229 if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
230 securityRuleBuilder.setRemoteIpPrefix(new IpPrefix(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray()));
232 if (securityRule.getSecurityRuleProtocol() != null) {
233 ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
234 PROTOCOL_MAP.inverse();
235 securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
237 if (securityRule.getSecurityRuleEthertype() != null) {
238 ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
239 ETHERTYPE_MAP.inverse();
240 securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
242 if (securityRule.getSecurityRulePortMin() != null) {
243 securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
245 if (securityRule.getSecurityRulePortMax() != null) {
246 securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
248 if (securityRule.getID() != null) {
249 securityRuleBuilder.setId(toUuid(securityRule.getID()));
251 LOGGER.warn("Attempting to write neutron securityRule without UUID");
253 return securityRuleBuilder.build();
257 protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
258 return InstanceIdentifier.create(Neutron.class)
259 .child(SecurityRules.class).child(SecurityRule.class,
260 securityRule.getKey());
263 protected InstanceIdentifier<SecurityRules> createInstanceIdentifier() {
264 return InstanceIdentifier.create(Neutron.class)
265 .child(SecurityRules.class);
269 protected SecurityRule toMd(String uuid) {
270 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
271 securityRuleBuilder.setId(toUuid(uuid));
272 return securityRuleBuilder.build();
275 public static void registerNewInterface(BundleContext context,
276 ProviderContext providerContext,
277 List<ServiceRegistration<?>> registrations) {
278 NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
279 ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
280 if(neutronSecurityRuleInterfaceRegistration != null) {
281 registrations.add(neutronSecurityRuleInterfaceRegistration);