2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.neutron.transcriber;
12 import java.util.ArrayList;
13 import java.util.HashSet;
14 import java.util.List;
15 import java.util.Map.Entry;
17 import java.util.concurrent.ConcurrentHashMap;
18 import java.util.concurrent.ConcurrentMap;
20 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
21 import org.opendaylight.neutron.spi.INeutronSecurityGroupCRUD;
22 import org.opendaylight.neutron.spi.INeutronSecurityRuleCRUD;
23 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
24 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
25 import org.opendaylight.neutron.spi.NeutronSecurityRule;
26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionBase;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionEgress;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionIngress;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeBase;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV4;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV6;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolBase;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttp;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttps;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolIcmp;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolTcp;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150325.Neutron;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.SecurityRules;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRule;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRuleBuilder;
42 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
43 import org.osgi.framework.BundleContext;
44 import org.osgi.framework.ServiceRegistration;
45 import org.slf4j.Logger;
46 import org.slf4j.LoggerFactory;
48 import com.google.common.collect.ImmutableBiMap;
51 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
52 private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
53 private ConcurrentMap<String, NeutronSecurityRule> securityRuleDB = new ConcurrentHashMap<String, NeutronSecurityRule>();
55 private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
56 = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
57 .put(DirectionEgress.class,"egress")
58 .put(DirectionIngress.class,"ingress")
60 private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
61 = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
62 .put(ProtocolHttp.class,"HTTP")
63 .put(ProtocolHttps.class,"HTTPS")
64 .put(ProtocolIcmp.class,"ICMP")
65 .put(ProtocolTcp.class,"TCP")
67 private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
68 = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
69 .put(EthertypeV4.class,"v4")
70 .put(EthertypeV6.class,"v6")
73 NeutronSecurityRuleInterface(ProviderContext providerContext) {
74 super(providerContext);
77 private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
78 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
79 .fetchINeutronSecurityGroupCRUD(this);
80 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
81 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
82 if(sg != null && sg.getSecurityRules() != null) {
83 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
84 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
85 int index = sg.getSecurityRules().indexOf(sgr);
86 sg.getSecurityRules().set(index, input);
91 sg.getSecurityRules().add(input);
95 private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
96 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
97 .fetchINeutronSecurityGroupCRUD(this);
98 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
99 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
100 if(sg != null && sg.getSecurityRules() != null) {
101 List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
102 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
103 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
107 sg.getSecurityRules().removeAll(toRemove);
112 public boolean neutronSecurityRuleExists(String uuid) {
113 return securityRuleDB.containsKey(uuid);
117 public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
118 if (!neutronSecurityRuleExists(uuid)) {
119 LOGGER.debug("No Security Rules Have Been Defined");
122 return securityRuleDB.get(uuid);
126 public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
127 Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
128 for (Entry<String, NeutronSecurityRule> entry : securityRuleDB.entrySet()) {
129 NeutronSecurityRule securityRule = entry.getValue();
130 allSecurityRules.add(securityRule);
132 LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
133 List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
134 ans.addAll(allSecurityRules);
139 public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
140 if (neutronSecurityRuleExists(input.getSecurityRuleUUID())) {
143 securityRuleDB.putIfAbsent(input.getSecurityRuleUUID(), input);
144 updateSecGroupRuleInSecurityGroup(input);
150 public boolean removeNeutronSecurityRule(String uuid) {
151 if (!neutronSecurityRuleExists(uuid)) {
154 removeSecGroupRuleFromSecurityGroup(securityRuleDB.get(uuid));
155 securityRuleDB.remove(uuid);
156 removeMd(toMd(uuid));
161 public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
162 if (!neutronSecurityRuleExists(uuid)) {
165 NeutronSecurityRule target = securityRuleDB.get(uuid);
166 boolean rc = overwrite(target, delta);
167 updateSecGroupRuleInSecurityGroup(securityRuleDB.get(uuid));
169 updateMd(securityRuleDB.get(uuid));
175 public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
176 return !neutronSecurityRuleExists(securityRuleUUID);
180 protected SecurityRule toMd(NeutronSecurityRule securityRule) {
181 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
183 if (securityRule.getSecurityRuleTenantID() != null) {
184 securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
186 if (securityRule.getSecurityRuleDirection() != null) {
187 ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
188 DIRECTION_MAP.inverse();
189 securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
191 if (securityRule.getSecurityRuleGroupID() != null) {
192 securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
194 if (securityRule.getSecurityRemoteGroupID() != null) {
195 securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
197 if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
198 IpAddress ipAddress = new IpAddress(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray());
199 securityRuleBuilder.setRemoteIpPrefix(ipAddress);
201 if (securityRule.getSecurityRuleProtocol() != null) {
202 ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
203 PROTOCOL_MAP.inverse();
204 securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
206 if (securityRule.getSecurityRuleEthertype() != null) {
207 ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
208 ETHERTYPE_MAP.inverse();
209 securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
211 if (securityRule.getSecurityRulePortMin() != null) {
212 securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
214 if (securityRule.getSecurityRulePortMax() != null) {
215 securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
217 if (securityRule.getSecurityRuleUUID() != null) {
218 securityRuleBuilder.setId(toUuid(securityRule.getSecurityRuleUUID()));
220 LOGGER.warn("Attempting to write neutron securityRule without UUID");
222 return securityRuleBuilder.build();
226 protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
227 return InstanceIdentifier.create(Neutron.class).child(SecurityRules.class).child(SecurityRule.class,
228 securityRule.getKey());
232 protected SecurityRule toMd(String uuid) {
233 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
234 securityRuleBuilder.setId(toUuid(uuid));
235 return securityRuleBuilder.build();
238 public static void registerNewInterface(BundleContext context,
239 ProviderContext providerContext,
240 List<ServiceRegistration<?>> registrations) {
241 NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
242 ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
243 if(neutronSecurityRuleInterfaceRegistration != null) {
244 registrations.add(neutronSecurityRuleInterfaceRegistration);