vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclEventListener.java

   1 /*
   2  * Copyright (c) 2016 Ericsson India Global Services Pvt Ltd. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.netvirt.aclservice.listeners;
   9
  10 import java.util.ArrayList;
  11 import java.util.Collection;
  12 import java.util.Iterator;
  13 import java.util.List;
  14 import javax.annotation.PostConstruct;
  15 import javax.inject.Inject;
  16 import javax.inject.Singleton;
  17 import org.opendaylight.controller.md.sal.binding.api.ClusteredDataTreeChangeListener;
  18 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
  19 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
  20 import org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase;
  21 import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
  22 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
  23 import org.opendaylight.netvirt.aclservice.utils.AclClusterUtil;
  24 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
  25 import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
  26 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
  27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.AccessLists;
  28 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
  29 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
  30 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
  32 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  33 import org.slf4j.Logger;
  34 import org.slf4j.LoggerFactory;
  35
  36 @Singleton
  37 public class AclEventListener extends AsyncDataTreeChangeListenerBase<Acl, AclEventListener> implements
  38         ClusteredDataTreeChangeListener<Acl> {
  39
  40     private static final Logger LOG = LoggerFactory.getLogger(AclEventListener.class);
  41
  42     private final AclServiceManager aclServiceManager;
  43     private final AclClusterUtil aclClusterUtil;
  44     private final DataBroker dataBroker;
  45     private final AclDataUtil aclDataUtil;
  46     private final AclServiceUtils aclServiceUtils;
  47
  48     @Inject
  49     public AclEventListener(AclServiceManager aclServiceManager, AclClusterUtil aclClusterUtil, DataBroker dataBroker,
  50             AclDataUtil aclDataUtil, AclServiceUtils aclServicUtils) {
  51         super(Acl.class, AclEventListener.class);
  52         this.aclServiceManager = aclServiceManager;
  53         this.aclClusterUtil = aclClusterUtil;
  54         this.dataBroker = dataBroker;
  55         this.aclDataUtil = aclDataUtil;
  56         this.aclServiceUtils = aclServicUtils;
  57     }
  58
  59     @Override
  60     @PostConstruct
  61     public void init() {
  62         LOG.info("{} start", getClass().getSimpleName());
  63         registerListener(LogicalDatastoreType.CONFIGURATION, dataBroker);
  64     }
  65
  66     @Override
  67     protected InstanceIdentifier<Acl> getWildCardPath() {
  68         return InstanceIdentifier
  69                 .create(AccessLists.class)
  70                 .child(Acl.class);
  71     }
  72
  73     @Override
  74     protected void remove(InstanceIdentifier<Acl> key, Acl acl) {
  75         if (!AclServiceUtils.isOfAclInterest(acl)) {
  76             LOG.trace("{} does not have SecurityRuleAttr augmentation", acl.getAclName());
  77             return;
  78         }
  79
  80         LOG.trace("On remove event, remove ACL: {}", acl);
  81         this.aclServiceUtils.releaseAclTag(acl.getAclName());
  82         updateRemoteAclCache(acl.getAccessListEntries().getAce(), acl.getAclName(), AclServiceManager.Action.REMOVE);
  83     }
  84
  85     @Override
  86     protected void update(InstanceIdentifier<Acl> key, Acl aclBefore, Acl aclAfter) {
  87         if (!AclServiceUtils.isOfAclInterest(aclAfter) && !AclServiceUtils.isOfAclInterest(aclBefore)) {
  88             LOG.trace("before {} and after {} does not have SecurityRuleAttr augmentation",
  89                     aclBefore.getAclName(), aclAfter.getAclName());
  90             return;
  91         }
  92
  93         String aclName = aclAfter.getAclName();
  94         Collection<AclInterface> interfaceList = aclDataUtil.getInterfaceList(new Uuid(aclName));
  95         // find and update added ace rules in acl
  96         List<Ace> addedAceRules = getChangedAceList(aclAfter, aclBefore);
  97         updateRemoteAclCache(addedAceRules, aclName, AclServiceManager.Action.ADD);
  98         if (interfaceList != null && aclClusterUtil.isEntityOwner()) {
  99             LOG.debug("On update event, add Ace rules: {} for ACL: {}", addedAceRules, aclName);
 100             updateAceRules(interfaceList, aclName, addedAceRules, AclServiceManager.Action.ADD);
 101         }
 102         // find and update deleted ace rules in acl
 103         List<Ace> deletedAceRules = getChangedAceList(aclBefore, aclAfter);
 104         if (interfaceList != null && aclClusterUtil.isEntityOwner()) {
 105             LOG.debug("On update event, remove Ace rules: {} for ACL: {}", deletedAceRules, aclName);
 106             updateAceRules(interfaceList, aclName, deletedAceRules, AclServiceManager.Action.REMOVE);
 107         }
 108         updateRemoteAclCache(deletedAceRules, aclName, AclServiceManager.Action.REMOVE);
 109     }
 110
 111     private void updateAceRules(Collection<AclInterface> interfaceList, String aclName, List<Ace> aceList,
 112             AclServiceManager.Action action) {
 113         if (null != aceList && !aceList.isEmpty()) {
 114             LOG.trace("update ace rules - action: {} , ace rules: {}", action.name(), aceList);
 115             for (AclInterface port : interfaceList) {
 116                 for (Ace aceRule : aceList) {
 117                     aclServiceManager.notifyAce(port, action, aclName, aceRule);
 118                 }
 119             }
 120         }
 121     }
 122
 123     @Override
 124     protected void add(InstanceIdentifier<Acl> key, Acl acl) {
 125         String aclName = acl.getAclName();
 126         if (!AclServiceUtils.isOfAclInterest(acl)) {
 127             LOG.trace("{} does not have SecurityRuleAttr augmentation", aclName);
 128             return;
 129         }
 130
 131         LOG.trace("On add event, add ACL: {}", acl);
 132         Integer aclTag = this.aclServiceUtils.allocateAclTag(aclName);
 133         if (aclTag != null && aclTag != AclConstants.INVALID_ACL_TAG) {
 134             this.aclDataUtil.addAclTag(aclName, aclTag);
 135         }
 136
 137         updateRemoteAclCache(acl.getAccessListEntries().getAce(), aclName, AclServiceManager.Action.ADD);
 138     }
 139
 140     /**
 141      * Update remote acl cache.
 142      *
 143      * @param aceList the ace list
 144      * @param aclName the acl name
 145      * @param action the action
 146      */
 147     private void updateRemoteAclCache(List<Ace> aceList, String aclName, AclServiceManager.Action action) {
 148         if (null == aceList) {
 149             return;
 150         }
 151         for (Ace ace : aceList) {
 152             SecurityRuleAttr aceAttributes = ace.getAugmentation(SecurityRuleAttr.class);
 153             if (aceAttributes != null && aceAttributes.getRemoteGroupId() != null) {
 154                 if (action == AclServiceManager.Action.ADD) {
 155                     aclDataUtil.addRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName));
 156                 } else {
 157                     aclDataUtil.removeRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName));
 158                 }
 159             }
 160         }
 161     }
 162
 163     @Override
 164     protected AclEventListener getDataTreeChangeListener() {
 165         return this;
 166     }
 167
 168     private List<Ace> getChangedAceList(Acl updatedAcl, Acl currentAcl) {
 169         if (updatedAcl == null) {
 170             return null;
 171         }
 172         List<Ace> updatedAceList = new ArrayList<>(updatedAcl.getAccessListEntries().getAce());
 173         if (currentAcl == null) {
 174             return updatedAceList;
 175         }
 176         List<Ace> currentAceList = new ArrayList<>(currentAcl.getAccessListEntries().getAce());
 177         for (Iterator<Ace> iterator = updatedAceList.iterator(); iterator.hasNext();) {
 178             Ace ace1 = iterator.next();
 179             for (Ace ace2 : currentAceList) {
 180                 if (ace1.getRuleName().equals(ace2.getRuleName())) {
 181                     iterator.remove();
 182                 }
 183             }
 184         }
 185         return updatedAceList;
 186     }
 187 }