2 * Copyright (c) 2014, 2015 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.transcriber;
11 import java.util.ArrayList;
12 import java.util.HashSet;
13 import java.util.List;
14 import java.util.Map.Entry;
16 import java.util.concurrent.ConcurrentHashMap;
17 import java.util.concurrent.ConcurrentMap;
19 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
20 import org.opendaylight.neutron.spi.INeutronSecurityGroupCRUD;
21 import org.opendaylight.neutron.spi.INeutronSecurityRuleCRUD;
22 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
23 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
24 import org.opendaylight.neutron.spi.NeutronSecurityRule;
25 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionBase;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionEgress;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionIngress;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeBase;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV4;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV6;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolBase;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttp;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttps;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolIcmp;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolTcp;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150325.Neutron;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.SecurityRules;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRule;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRuleBuilder;
41 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
42 import org.osgi.framework.BundleContext;
43 import org.osgi.framework.ServiceRegistration;
44 import org.slf4j.Logger;
45 import org.slf4j.LoggerFactory;
47 import com.google.common.collect.ImmutableBiMap;
50 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
51 private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
52 private ConcurrentMap<String, NeutronSecurityRule> securityRuleDB = new ConcurrentHashMap<String, NeutronSecurityRule>();
54 private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
55 = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
56 .put(DirectionEgress.class,"egress")
57 .put(DirectionIngress.class,"ingress")
59 private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
60 = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
61 .put(ProtocolHttp.class,"HTTP")
62 .put(ProtocolHttps.class,"HTTPS")
63 .put(ProtocolIcmp.class,"ICMP")
64 .put(ProtocolTcp.class,"TCP")
66 private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
67 = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
68 .put(EthertypeV4.class,"v4")
69 .put(EthertypeV6.class,"v6")
72 NeutronSecurityRuleInterface(ProviderContext providerContext) {
73 super(providerContext);
76 private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
77 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
78 .fetchINeutronSecurityGroupCRUD(this);
79 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
80 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
81 if(sg != null && sg.getSecurityRules() != null) {
82 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
83 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
84 int index = sg.getSecurityRules().indexOf(sgr);
85 sg.getSecurityRules().set(index, input);
90 sg.getSecurityRules().add(input);
94 private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
95 NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
96 .fetchINeutronSecurityGroupCRUD(this);
97 INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
98 NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
99 if(sg != null && sg.getSecurityRules() != null) {
100 List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
101 for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
102 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
106 sg.getSecurityRules().removeAll(toRemove);
111 public boolean neutronSecurityRuleExists(String uuid) {
112 return securityRuleDB.containsKey(uuid);
116 public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
117 if (!neutronSecurityRuleExists(uuid)) {
118 LOGGER.debug("No Security Rules Have Been Defined");
121 return securityRuleDB.get(uuid);
125 public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
126 Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
127 for (Entry<String, NeutronSecurityRule> entry : securityRuleDB.entrySet()) {
128 NeutronSecurityRule securityRule = entry.getValue();
129 allSecurityRules.add(securityRule);
131 LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
132 List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
133 ans.addAll(allSecurityRules);
138 public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
139 if (neutronSecurityRuleExists(input.getSecurityRuleUUID())) {
142 securityRuleDB.putIfAbsent(input.getSecurityRuleUUID(), input);
143 updateSecGroupRuleInSecurityGroup(input);
149 public boolean removeNeutronSecurityRule(String uuid) {
150 if (!neutronSecurityRuleExists(uuid)) {
153 removeSecGroupRuleFromSecurityGroup(securityRuleDB.get(uuid));
154 securityRuleDB.remove(uuid);
155 removeMd(toMd(uuid));
160 public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
161 if (!neutronSecurityRuleExists(uuid)) {
164 NeutronSecurityRule target = securityRuleDB.get(uuid);
165 boolean rc = overwrite(target, delta);
166 updateSecGroupRuleInSecurityGroup(securityRuleDB.get(uuid));
168 updateMd(securityRuleDB.get(uuid));
174 public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
175 return !neutronSecurityRuleExists(securityRuleUUID);
179 protected SecurityRule toMd(NeutronSecurityRule securityRule) {
180 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
182 if (securityRule.getSecurityRuleTenantID() != null) {
183 securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
185 if (securityRule.getSecurityRuleDirection() != null) {
186 ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
187 DIRECTION_MAP.inverse();
188 securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
190 if (securityRule.getSecurityRuleGroupID() != null) {
191 securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
193 if (securityRule.getSecurityRemoteGroupID() != null) {
194 securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
196 if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
197 IpAddress ipAddress = new IpAddress(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray());
198 securityRuleBuilder.setRemoteIpPrefix(ipAddress);
200 if (securityRule.getSecurityRuleProtocol() != null) {
201 ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
202 PROTOCOL_MAP.inverse();
203 securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
205 if (securityRule.getSecurityRuleEthertype() != null) {
206 ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
207 ETHERTYPE_MAP.inverse();
208 securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
210 if (securityRule.getSecurityRulePortMin() != null) {
211 securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
213 if (securityRule.getSecurityRulePortMax() != null) {
214 securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
216 if (securityRule.getSecurityRuleUUID() != null) {
217 securityRuleBuilder.setId(toUuid(securityRule.getSecurityRuleUUID()));
219 LOGGER.warn("Attempting to write neutron securityRule without UUID");
221 return securityRuleBuilder.build();
225 protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
226 return InstanceIdentifier.create(Neutron.class).child(SecurityRules.class).child(SecurityRule.class,
227 securityRule.getKey());
231 protected SecurityRule toMd(String uuid) {
232 SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
233 securityRuleBuilder.setId(toUuid(uuid));
234 return securityRuleBuilder.build();
237 public static void registerNewInterface(BundleContext context,
238 ProviderContext providerContext,
239 List<ServiceRegistration<?>> registrations) {
240 NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
241 ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
242 if(neutronSecurityRuleInterfaceRegistration != null) {
243 registrations.add(neutronSecurityRuleInterfaceRegistration);