transcriber/src/main/java/org/opendaylight/neutron/transcriber/NeutronSecurityRuleInterface.java

   1 /*
   2  * Copyright (C) 2014 Red Hat, Inc.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  *
   8  */
   9
  10 package org.opendaylight.neutron.transcriber;
  11
  12 import java.util.ArrayList;
  13 import java.util.HashSet;
  14 import java.util.List;
  15 import java.util.Map.Entry;
  16 import java.util.Set;
  17 import java.util.concurrent.ConcurrentHashMap;
  18 import java.util.concurrent.ConcurrentMap;
  19
  20 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
  21 import org.opendaylight.neutron.spi.INeutronSecurityGroupCRUD;
  22 import org.opendaylight.neutron.spi.INeutronSecurityRuleCRUD;
  23 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
  24 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
  25 import org.opendaylight.neutron.spi.NeutronSecurityRule;
  26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
  27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionBase;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionEgress;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionIngress;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeBase;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV4;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV6;
  33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolBase;
  34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttp;
  35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttps;
  36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolIcmp;
  37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolTcp;
  38 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150325.Neutron;
  39 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.SecurityRules;
  40 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRule;
  41 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRuleBuilder;
  42 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  43 import org.osgi.framework.BundleContext;
  44 import org.osgi.framework.ServiceRegistration;
  45 import org.slf4j.Logger;
  46 import org.slf4j.LoggerFactory;
  47
  48 import com.google.common.collect.ImmutableBiMap;
  49
  50
  51 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
  52     private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
  53     private ConcurrentMap<String, NeutronSecurityRule> securityRuleDB = new ConcurrentHashMap<String, NeutronSecurityRule>();
  54
  55     private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
  56             = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
  57             .put(DirectionEgress.class,"egress")
  58             .put(DirectionIngress.class,"ingress")
  59             .build();
  60     private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
  61             = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
  62             .put(ProtocolHttp.class,"HTTP")
  63             .put(ProtocolHttps.class,"HTTPS")
  64             .put(ProtocolIcmp.class,"ICMP")
  65             .put(ProtocolTcp.class,"TCP")
  66             .build();
  67     private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
  68             = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
  69             .put(EthertypeV4.class,"v4")
  70             .put(EthertypeV6.class,"v6")
  71             .build();
  72
  73     NeutronSecurityRuleInterface(ProviderContext providerContext) {
  74         super(providerContext);
  75     }
  76
  77     private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
  78         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  79             .fetchINeutronSecurityGroupCRUD(this);
  80         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  81         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  82         if(sg != null && sg.getSecurityRules() != null) {
  83             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  84                 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
  85                     int index = sg.getSecurityRules().indexOf(sgr);
  86                     sg.getSecurityRules().set(index, input);
  87                 }
  88             }
  89         }
  90         if (sg != null) {
  91             sg.getSecurityRules().add(input);
  92         }
  93     }
  94
  95     private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
  96         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  97             .fetchINeutronSecurityGroupCRUD(this);
  98         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  99         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
 100         if(sg != null && sg.getSecurityRules() != null) {
 101             List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
 102             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
 103                 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
 104                     toRemove.add(sgr);
 105                 }
 106             }
 107             sg.getSecurityRules().removeAll(toRemove);
 108         }
 109     }
 110
 111     @Override
 112     public boolean neutronSecurityRuleExists(String uuid) {
 113         return securityRuleDB.containsKey(uuid);
 114     }
 115
 116     @Override
 117     public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
 118         if (!neutronSecurityRuleExists(uuid)) {
 119             LOGGER.debug("No Security Rules Have Been Defined");
 120             return null;
 121         }
 122         return securityRuleDB.get(uuid);
 123     }
 124
 125     @Override
 126     public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
 127         Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
 128         for (Entry<String, NeutronSecurityRule> entry : securityRuleDB.entrySet()) {
 129             NeutronSecurityRule securityRule = entry.getValue();
 130             allSecurityRules.add(securityRule);
 131         }
 132         LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
 133         List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
 134         ans.addAll(allSecurityRules);
 135         return ans;
 136     }
 137
 138     @Override
 139     public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
 140         if (neutronSecurityRuleExists(input.getSecurityRuleUUID())) {
 141             return false;
 142         }
 143         securityRuleDB.putIfAbsent(input.getSecurityRuleUUID(), input);
 144         updateSecGroupRuleInSecurityGroup(input);
 145         addMd(input);
 146         return true;
 147     }
 148
 149     @Override
 150     public boolean removeNeutronSecurityRule(String uuid) {
 151         if (!neutronSecurityRuleExists(uuid)) {
 152             return false;
 153         }
 154         removeSecGroupRuleFromSecurityGroup(securityRuleDB.get(uuid));
 155         securityRuleDB.remove(uuid);
 156         removeMd(toMd(uuid));
 157         return true;
 158     }
 159
 160     @Override
 161     public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
 162         if (!neutronSecurityRuleExists(uuid)) {
 163             return false;
 164         }
 165         NeutronSecurityRule target = securityRuleDB.get(uuid);
 166         boolean rc = overwrite(target, delta);
 167         updateSecGroupRuleInSecurityGroup(securityRuleDB.get(uuid));
 168         if (rc) {
 169             updateMd(securityRuleDB.get(uuid));
 170         }
 171         return rc;
 172     }
 173
 174     @Override
 175     public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
 176         return !neutronSecurityRuleExists(securityRuleUUID);
 177     }
 178
 179     @Override
 180     protected SecurityRule toMd(NeutronSecurityRule securityRule) {
 181         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 182
 183         if (securityRule.getSecurityRuleTenantID() != null) {
 184             securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
 185         }
 186         if (securityRule.getSecurityRuleDirection() != null) {
 187             ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
 188                     DIRECTION_MAP.inverse();
 189             securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
 190         }
 191         if (securityRule.getSecurityRuleGroupID() != null) {
 192             securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
 193         }
 194         if (securityRule.getSecurityRemoteGroupID() != null) {
 195             securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
 196         }
 197         if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
 198             IpAddress ipAddress = new IpAddress(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray());
 199             securityRuleBuilder.setRemoteIpPrefix(ipAddress);
 200         }
 201         if (securityRule.getSecurityRuleProtocol() != null) {
 202             ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
 203                     PROTOCOL_MAP.inverse();
 204             securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
 205         }
 206         if (securityRule.getSecurityRuleEthertype() != null) {
 207             ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
 208                     ETHERTYPE_MAP.inverse();
 209             securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
 210         }
 211         if (securityRule.getSecurityRulePortMin() != null) {
 212             securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
 213         }
 214         if (securityRule.getSecurityRulePortMax() != null) {
 215             securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
 216         }
 217         if (securityRule.getSecurityRuleUUID() != null) {
 218             securityRuleBuilder.setId(toUuid(securityRule.getSecurityRuleUUID()));
 219         } else {
 220             LOGGER.warn("Attempting to write neutron securityRule without UUID");
 221         }
 222         return securityRuleBuilder.build();
 223     }
 224
 225     @Override
 226     protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
 227         return InstanceIdentifier.create(Neutron.class).child(SecurityRules.class).child(SecurityRule.class,
 228                 securityRule.getKey());
 229     }
 230
 231     @Override
 232     protected SecurityRule toMd(String uuid) {
 233         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 234         securityRuleBuilder.setId(toUuid(uuid));
 235         return securityRuleBuilder.build();
 236     }
 237
 238     public static void registerNewInterface(BundleContext context,
 239                                             ProviderContext providerContext,
 240                                             List<ServiceRegistration<?>> registrations) {
 241         NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
 242         ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
 243         if(neutronSecurityRuleInterfaceRegistration != null) {
 244             registrations.add(neutronSecurityRuleInterfaceRegistration);
 245         }
 246     }
 247 }