transcriber/src/main/java/org/opendaylight/neutron/transcriber/NeutronSecurityRuleInterface.java

   1 /*
   2  * Copyright (c) 2014, 2015 Red Hat, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.neutron.transcriber;
  10
  11 import java.util.ArrayList;
  12 import java.util.HashSet;
  13 import java.util.List;
  14 import java.util.Map.Entry;
  15 import java.util.Set;
  16 import java.util.concurrent.ConcurrentHashMap;
  17 import java.util.concurrent.ConcurrentMap;
  18
  19 import org.opendaylight.controller.sal.binding.api.BindingAwareBroker.ProviderContext;
  20 import org.opendaylight.neutron.spi.INeutronSecurityGroupCRUD;
  21 import org.opendaylight.neutron.spi.INeutronSecurityRuleCRUD;
  22 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
  23 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
  24 import org.opendaylight.neutron.spi.NeutronSecurityRule;
  25 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
  26 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionBase;
  27 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionEgress;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.DirectionIngress;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeBase;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV4;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.EthertypeV6;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolBase;
  33 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttp;
  34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolHttps;
  35 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolIcmp;
  36 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev160807.ProtocolTcp;
  37 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150325.Neutron;
  38 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.SecurityRules;
  39 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRule;
  40 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev141002.security.rules.attributes.security.rules.SecurityRuleBuilder;
  41 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  42 import org.osgi.framework.BundleContext;
  43 import org.osgi.framework.ServiceRegistration;
  44 import org.slf4j.Logger;
  45 import org.slf4j.LoggerFactory;
  46
  47 import com.google.common.collect.ImmutableBiMap;
  48
  49
  50 public class NeutronSecurityRuleInterface extends AbstractNeutronInterface<SecurityRule, NeutronSecurityRule> implements INeutronSecurityRuleCRUD {
  51     private static final Logger LOGGER = LoggerFactory.getLogger(NeutronSecurityRuleInterface.class);
  52     private ConcurrentMap<String, NeutronSecurityRule> securityRuleDB = new ConcurrentHashMap<String, NeutronSecurityRule>();
  53
  54     private static final ImmutableBiMap<Class<? extends DirectionBase>,String> DIRECTION_MAP
  55             = new ImmutableBiMap.Builder<Class<? extends DirectionBase>,String>()
  56             .put(DirectionEgress.class,"egress")
  57             .put(DirectionIngress.class,"ingress")
  58             .build();
  59     private static final ImmutableBiMap<Class<? extends ProtocolBase>,String> PROTOCOL_MAP
  60             = new ImmutableBiMap.Builder<Class<? extends ProtocolBase>,String>()
  61             .put(ProtocolHttp.class,"HTTP")
  62             .put(ProtocolHttps.class,"HTTPS")
  63             .put(ProtocolIcmp.class,"ICMP")
  64             .put(ProtocolTcp.class,"TCP")
  65             .build();
  66     private static final ImmutableBiMap<Class<? extends EthertypeBase>,String> ETHERTYPE_MAP
  67             = new ImmutableBiMap.Builder<Class<? extends EthertypeBase>,String>()
  68             .put(EthertypeV4.class,"v4")
  69             .put(EthertypeV6.class,"v6")
  70             .build();
  71
  72     NeutronSecurityRuleInterface(ProviderContext providerContext) {
  73         super(providerContext);
  74     }
  75
  76     private void updateSecGroupRuleInSecurityGroup(NeutronSecurityRule input) {
  77         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  78             .fetchINeutronSecurityGroupCRUD(this);
  79         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  80         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  81         if(sg != null && sg.getSecurityRules() != null) {
  82             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
  83                 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
  84                     int index = sg.getSecurityRules().indexOf(sgr);
  85                     sg.getSecurityRules().set(index, input);
  86                 }
  87             }
  88         }
  89         if (sg != null) {
  90             sg.getSecurityRules().add(input);
  91         }
  92     }
  93
  94     private void removeSecGroupRuleFromSecurityGroup(NeutronSecurityRule input) {
  95         NeutronCRUDInterfaces interfaces = new NeutronCRUDInterfaces()
  96             .fetchINeutronSecurityGroupCRUD(this);
  97         INeutronSecurityGroupCRUD sgCrud = interfaces.getSecurityGroupInterface();
  98         NeutronSecurityGroup sg = sgCrud.getNeutronSecurityGroup(input.getSecurityRuleGroupID());
  99         if(sg != null && sg.getSecurityRules() != null) {
 100             List<NeutronSecurityRule> toRemove = new ArrayList<NeutronSecurityRule>();
 101             for(NeutronSecurityRule sgr :sg.getSecurityRules()) {
 102                 if(sgr.getSecurityRuleUUID() != null && sgr.getSecurityRuleUUID().equals(input.getSecurityRuleUUID())) {
 103                     toRemove.add(sgr);
 104                 }
 105             }
 106             sg.getSecurityRules().removeAll(toRemove);
 107         }
 108     }
 109
 110     @Override
 111     public boolean neutronSecurityRuleExists(String uuid) {
 112         return securityRuleDB.containsKey(uuid);
 113     }
 114
 115     @Override
 116     public NeutronSecurityRule getNeutronSecurityRule(String uuid) {
 117         if (!neutronSecurityRuleExists(uuid)) {
 118             LOGGER.debug("No Security Rules Have Been Defined");
 119             return null;
 120         }
 121         return securityRuleDB.get(uuid);
 122     }
 123
 124     @Override
 125     public List<NeutronSecurityRule> getAllNeutronSecurityRules() {
 126         Set<NeutronSecurityRule> allSecurityRules = new HashSet<NeutronSecurityRule>();
 127         for (Entry<String, NeutronSecurityRule> entry : securityRuleDB.entrySet()) {
 128             NeutronSecurityRule securityRule = entry.getValue();
 129             allSecurityRules.add(securityRule);
 130         }
 131         LOGGER.debug("Exiting getSecurityRule, Found {} OpenStackSecurityRule", allSecurityRules.size());
 132         List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
 133         ans.addAll(allSecurityRules);
 134         return ans;
 135     }
 136
 137     @Override
 138     public boolean addNeutronSecurityRule(NeutronSecurityRule input) {
 139         if (neutronSecurityRuleExists(input.getSecurityRuleUUID())) {
 140             return false;
 141         }
 142         securityRuleDB.putIfAbsent(input.getSecurityRuleUUID(), input);
 143         updateSecGroupRuleInSecurityGroup(input);
 144         addMd(input);
 145         return true;
 146     }
 147
 148     @Override
 149     public boolean removeNeutronSecurityRule(String uuid) {
 150         if (!neutronSecurityRuleExists(uuid)) {
 151             return false;
 152         }
 153         removeSecGroupRuleFromSecurityGroup(securityRuleDB.get(uuid));
 154         securityRuleDB.remove(uuid);
 155         removeMd(toMd(uuid));
 156         return true;
 157     }
 158
 159     @Override
 160     public boolean updateNeutronSecurityRule(String uuid, NeutronSecurityRule delta) {
 161         if (!neutronSecurityRuleExists(uuid)) {
 162             return false;
 163         }
 164         NeutronSecurityRule target = securityRuleDB.get(uuid);
 165         boolean rc = overwrite(target, delta);
 166         updateSecGroupRuleInSecurityGroup(securityRuleDB.get(uuid));
 167         if (rc) {
 168             updateMd(securityRuleDB.get(uuid));
 169         }
 170         return rc;
 171     }
 172
 173     @Override
 174     public boolean neutronSecurityRuleInUse(String securityRuleUUID) {
 175         return !neutronSecurityRuleExists(securityRuleUUID);
 176     }
 177
 178     @Override
 179     protected SecurityRule toMd(NeutronSecurityRule securityRule) {
 180         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 181
 182         if (securityRule.getSecurityRuleTenantID() != null) {
 183             securityRuleBuilder.setTenantId(toUuid(securityRule.getSecurityRuleTenantID()));
 184         }
 185         if (securityRule.getSecurityRuleDirection() != null) {
 186             ImmutableBiMap<String, Class<? extends DirectionBase>> mapper =
 187                     DIRECTION_MAP.inverse();
 188             securityRuleBuilder.setDirection((Class<? extends DirectionBase>) mapper.get(securityRule.getSecurityRuleDirection()));
 189         }
 190         if (securityRule.getSecurityRuleGroupID() != null) {
 191             securityRuleBuilder.setSecurityGroupId(toUuid(securityRule.getSecurityRuleGroupID()));
 192         }
 193         if (securityRule.getSecurityRemoteGroupID() != null) {
 194             securityRuleBuilder.setRemoteGroupId(toUuid(securityRule.getSecurityRemoteGroupID()));
 195         }
 196         if (securityRule.getSecurityRuleRemoteIpPrefix() != null) {
 197             IpAddress ipAddress = new IpAddress(securityRule.getSecurityRuleRemoteIpPrefix().toCharArray());
 198             securityRuleBuilder.setRemoteIpPrefix(ipAddress);
 199         }
 200         if (securityRule.getSecurityRuleProtocol() != null) {
 201             ImmutableBiMap<String, Class<? extends ProtocolBase>> mapper =
 202                     PROTOCOL_MAP.inverse();
 203             securityRuleBuilder.setProtocol((Class<? extends ProtocolBase>) mapper.get(securityRule.getSecurityRuleProtocol()));
 204         }
 205         if (securityRule.getSecurityRuleEthertype() != null) {
 206             ImmutableBiMap<String, Class<? extends EthertypeBase>> mapper =
 207                     ETHERTYPE_MAP.inverse();
 208             securityRuleBuilder.setEthertype((Class<? extends EthertypeBase>) mapper.get(securityRule.getSecurityRuleEthertype()));
 209         }
 210         if (securityRule.getSecurityRulePortMin() != null) {
 211             securityRuleBuilder.setPortRangeMin(Integer.valueOf(securityRule.getSecurityRulePortMin()));
 212         }
 213         if (securityRule.getSecurityRulePortMax() != null) {
 214             securityRuleBuilder.setPortRangeMax(Integer.valueOf(securityRule.getSecurityRulePortMax()));
 215         }
 216         if (securityRule.getSecurityRuleUUID() != null) {
 217             securityRuleBuilder.setId(toUuid(securityRule.getSecurityRuleUUID()));
 218         } else {
 219             LOGGER.warn("Attempting to write neutron securityRule without UUID");
 220         }
 221         return securityRuleBuilder.build();
 222     }
 223
 224     @Override
 225     protected InstanceIdentifier<SecurityRule> createInstanceIdentifier(SecurityRule securityRule) {
 226         return InstanceIdentifier.create(Neutron.class).child(SecurityRules.class).child(SecurityRule.class,
 227                 securityRule.getKey());
 228     }
 229
 230     @Override
 231     protected SecurityRule toMd(String uuid) {
 232         SecurityRuleBuilder securityRuleBuilder = new SecurityRuleBuilder();
 233         securityRuleBuilder.setId(toUuid(uuid));
 234         return securityRuleBuilder.build();
 235     }
 236
 237     public static void registerNewInterface(BundleContext context,
 238                                             ProviderContext providerContext,
 239                                             List<ServiceRegistration<?>> registrations) {
 240         NeutronSecurityRuleInterface neutronSecurityRuleInterface = new NeutronSecurityRuleInterface(providerContext);
 241         ServiceRegistration<INeutronSecurityRuleCRUD> neutronSecurityRuleInterfaceRegistration = context.registerService(INeutronSecurityRuleCRUD.class, neutronSecurityRuleInterface, null);
 242         if(neutronSecurityRuleInterfaceRegistration != null) {
 243             registrations.add(neutronSecurityRuleInterfaceRegistration);
 244         }
 245     }
 246 }