2 * Copyright (c) 2016 Ericsson India Global Services Pvt Ltd. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netvirt.aclservice.listeners;
10 import java.util.ArrayList;
11 import java.util.Collection;
12 import java.util.Iterator;
13 import java.util.List;
14 import javax.annotation.PostConstruct;
15 import javax.inject.Inject;
16 import javax.inject.Singleton;
17 import org.opendaylight.controller.md.sal.binding.api.ClusteredDataTreeChangeListener;
18 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
19 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
20 import org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase;
21 import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
22 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
23 import org.opendaylight.netvirt.aclservice.utils.AclClusterUtil;
24 import org.opendaylight.netvirt.aclservice.utils.AclConstants;
25 import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
26 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.AccessLists;
28 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.Acl;
29 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160218.access.lists.acl.access.list.entries.Ace;
30 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.SecurityRuleAttr;
32 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
33 import org.slf4j.Logger;
34 import org.slf4j.LoggerFactory;
37 public class AclEventListener extends AsyncDataTreeChangeListenerBase<Acl, AclEventListener> implements
38 ClusteredDataTreeChangeListener<Acl> {
40 private static final Logger LOG = LoggerFactory.getLogger(AclEventListener.class);
42 private final AclServiceManager aclServiceManager;
43 private final AclClusterUtil aclClusterUtil;
44 private final DataBroker dataBroker;
45 private final AclDataUtil aclDataUtil;
46 private final AclServiceUtils aclServiceUtils;
49 public AclEventListener(AclServiceManager aclServiceManager, AclClusterUtil aclClusterUtil, DataBroker dataBroker,
50 AclDataUtil aclDataUtil, AclServiceUtils aclServicUtils) {
51 super(Acl.class, AclEventListener.class);
52 this.aclServiceManager = aclServiceManager;
53 this.aclClusterUtil = aclClusterUtil;
54 this.dataBroker = dataBroker;
55 this.aclDataUtil = aclDataUtil;
56 this.aclServiceUtils = aclServicUtils;
62 LOG.info("{} start", getClass().getSimpleName());
63 registerListener(LogicalDatastoreType.CONFIGURATION, dataBroker);
67 protected InstanceIdentifier<Acl> getWildCardPath() {
68 return InstanceIdentifier
69 .create(AccessLists.class)
74 protected void remove(InstanceIdentifier<Acl> key, Acl acl) {
75 if (!AclServiceUtils.isOfAclInterest(acl)) {
76 LOG.trace("{} does not have SecurityRuleAttr augmentation", acl.getAclName());
80 LOG.trace("On remove event, remove ACL: {}", acl);
81 this.aclServiceUtils.releaseAclTag(acl.getAclName());
82 updateRemoteAclCache(acl.getAccessListEntries().getAce(), acl.getAclName(), AclServiceManager.Action.REMOVE);
86 protected void update(InstanceIdentifier<Acl> key, Acl aclBefore, Acl aclAfter) {
87 if (!AclServiceUtils.isOfAclInterest(aclAfter) && !AclServiceUtils.isOfAclInterest(aclBefore)) {
88 LOG.trace("before {} and after {} does not have SecurityRuleAttr augmentation",
89 aclBefore.getAclName(), aclAfter.getAclName());
93 String aclName = aclAfter.getAclName();
94 Collection<AclInterface> interfaceList = aclDataUtil.getInterfaceList(new Uuid(aclName));
95 // find and update added ace rules in acl
96 List<Ace> addedAceRules = getChangedAceList(aclAfter, aclBefore);
97 updateRemoteAclCache(addedAceRules, aclName, AclServiceManager.Action.ADD);
98 if (interfaceList != null && aclClusterUtil.isEntityOwner()) {
99 LOG.debug("On update event, add Ace rules: {} for ACL: {}", addedAceRules, aclName);
100 updateAceRules(interfaceList, aclName, addedAceRules, AclServiceManager.Action.ADD);
102 // find and update deleted ace rules in acl
103 List<Ace> deletedAceRules = getChangedAceList(aclBefore, aclAfter);
104 if (interfaceList != null && aclClusterUtil.isEntityOwner()) {
105 LOG.debug("On update event, remove Ace rules: {} for ACL: {}", deletedAceRules, aclName);
106 updateAceRules(interfaceList, aclName, deletedAceRules, AclServiceManager.Action.REMOVE);
108 updateRemoteAclCache(deletedAceRules, aclName, AclServiceManager.Action.REMOVE);
111 private void updateAceRules(Collection<AclInterface> interfaceList, String aclName, List<Ace> aceList,
112 AclServiceManager.Action action) {
113 if (null != aceList && !aceList.isEmpty()) {
114 LOG.trace("update ace rules - action: {} , ace rules: {}", action.name(), aceList);
115 for (AclInterface port : interfaceList) {
116 for (Ace aceRule : aceList) {
117 aclServiceManager.notifyAce(port, action, aclName, aceRule);
124 protected void add(InstanceIdentifier<Acl> key, Acl acl) {
125 String aclName = acl.getAclName();
126 if (!AclServiceUtils.isOfAclInterest(acl)) {
127 LOG.trace("{} does not have SecurityRuleAttr augmentation", aclName);
131 LOG.trace("On add event, add ACL: {}", acl);
132 Integer aclTag = this.aclServiceUtils.allocateAclTag(aclName);
133 if (aclTag != null && aclTag != AclConstants.INVALID_ACL_TAG) {
134 this.aclDataUtil.addAclTag(aclName, aclTag);
137 updateRemoteAclCache(acl.getAccessListEntries().getAce(), aclName, AclServiceManager.Action.ADD);
141 * Update remote acl cache.
143 * @param aceList the ace list
144 * @param aclName the acl name
145 * @param action the action
147 private void updateRemoteAclCache(List<Ace> aceList, String aclName, AclServiceManager.Action action) {
148 if (null == aceList) {
151 for (Ace ace : aceList) {
152 SecurityRuleAttr aceAttributes = ace.getAugmentation(SecurityRuleAttr.class);
153 if (aceAttributes != null && aceAttributes.getRemoteGroupId() != null) {
154 if (action == AclServiceManager.Action.ADD) {
155 aclDataUtil.addRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName));
157 aclDataUtil.removeRemoteAclId(aceAttributes.getRemoteGroupId(), new Uuid(aclName));
164 protected AclEventListener getDataTreeChangeListener() {
168 private List<Ace> getChangedAceList(Acl updatedAcl, Acl currentAcl) {
169 if (updatedAcl == null) {
172 List<Ace> updatedAceList = new ArrayList<>(updatedAcl.getAccessListEntries().getAce());
173 if (currentAcl == null) {
174 return updatedAceList;
176 List<Ace> currentAceList = new ArrayList<>(currentAcl.getAccessListEntries().getAce());
177 for (Iterator<Ace> iterator = updatedAceList.iterator(); iterator.hasNext();) {
178 Ace ace1 = iterator.next();
179 for (Ace ace2 : currentAceList) {
180 if (ace1.getRuleName().equals(ace2.getRuleName())) {
185 return updatedAceList;