import java.util.ArrayList;\r
import java.util.List;\r
\r
-import javax.annotation.Nullable;\r
-\r
import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;\r
import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;\r
import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;\r
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;\r
-import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;\r
-import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;\r
-import org.opendaylight.neutron.spi.NeutronSecurityRule;\r
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;\r
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;\r
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.AllowActionCase;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCase;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchersBuilder;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;\r
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstanceBuilder;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionBase;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionEgress;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.DirectionIngress;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeBase;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV4;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.EthertypeV6;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolBase;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmp;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolIcmpV6;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolTcp;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.constants.rev150712.ProtocolUdp;\r
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.rules.attributes.security.rules.SecurityRule;\r
\r
-import com.google.common.base.Strings;\r
import com.google.common.collect.ImmutableList;\r
\r
public class SecRuleEntityDecoder {\r
throw new UnsupportedOperationException("Cannot create an instace.");\r
}\r
\r
- public static TenantId getTenantId(NeutronSecurityRule secRule) {\r
- return new TenantId(Utils.normalizeUuid(secRule.getSecurityRuleTenantID()));\r
- }\r
-\r
- public static EndpointGroupId getProviderEpgId(NeutronSecurityRule secRule) {\r
- return new EndpointGroupId(Utils.normalizeUuid(secRule.getSecurityRuleGroupID()));\r
+ public static ContractId getContractId(SecurityRule secRule) {\r
+ return new ContractId(secRule.getId().getValue());\r
}\r
\r
- public static @Nullable EndpointGroupId getConsumerEpgId(NeutronSecurityRule secRule) {\r
- if (Strings.isNullOrEmpty(secRule.getSecurityRemoteGroupID())) {\r
- return null;\r
- }\r
- return new EndpointGroupId(Utils.normalizeUuid(secRule.getSecurityRemoteGroupID()));\r
- }\r
-\r
- public static ContractId getContractId(NeutronSecurityRule secRule) {\r
- return new ContractId(Utils.normalizeUuid(secRule.getSecurityRuleUUID()));\r
- }\r
-\r
- public static ClassifierInstance getClassifierInstance(NeutronSecurityRule secRule) {\r
+ public static ClassifierInstance getClassifierInstance(SecurityRule secRule) {\r
ClassifierInstanceBuilder classifierBuilder = new ClassifierInstanceBuilder();\r
List<ParameterValue> params = new ArrayList<>();\r
- Integer portMin = secRule.getSecurityRulePortMin();\r
- Integer portMax = secRule.getSecurityRulePortMax();\r
+ Integer portMin = secRule.getPortRangeMin();\r
+ Integer portMax = secRule.getPortRangeMax();\r
if (portMin != null && portMax != null) {\r
classifierBuilder.setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId());\r
if (portMin.equals(portMax)) {\r
return null;\r
}\r
\r
- public static ClassifierRef getClassifierRef(NeutronSecurityRule secRule) {\r
+ public static ClassifierRef getClassifierRef(SecurityRule secRule) {\r
checkNotNull(secRule);\r
ClassifierName classifierInstanceName = SecRuleNameDecoder.getClassifierInstanceName(secRule);\r
ClassifierRefBuilder classifierRefBuilder = new ClassifierRefBuilder()\r
\r
/**\r
* @param secRule\r
- * @return direction resolved from {@link NeutronSecurityRule#getSecurityRuleDirection()}\r
+ * @return direction resolved from {@link SecurityRule#getDirection()}\r
* @throws IllegalArgumentException if return value of\r
- * {@link NeutronSecurityRule#getSecurityRuleDirection()} is other than "ingress" or\r
- * "egress"\r
+ * {@link SecurityRule#getDirection()} is other than {@link DirectionIngress} or\r
+ * {@link DirectionEgress}\r
*/\r
- public static Direction getDirection(NeutronSecurityRule secRule) {\r
- String direction = secRule.getSecurityRuleDirection();\r
- if (NeutronUtils.INGRESS.equals(direction)) {\r
+ public static Direction getDirection(SecurityRule secRule) {\r
+ Class<? extends DirectionBase> direction = secRule.getDirection();\r
+ if (direction == null) {\r
+ throw new IllegalArgumentException("Direction cannot be null.");\r
+ }\r
+ if (direction.isAssignableFrom(DirectionIngress.class)) {\r
return Direction.In;\r
}\r
- if (NeutronUtils.EGRESS.equals(direction)) {\r
+ if (direction.isAssignableFrom(DirectionEgress.class)) {\r
return Direction.Out;\r
}\r
throw new IllegalArgumentException("Direction " + direction + " from security group rule "\r
- + secRule.getSecurityRuleUUID() + " is not supported. Direction can be only 'ingress' or 'egress'.");\r
+ + secRule + " is not supported. Direction can be only 'ingress' or 'egress'.");\r
}\r
\r
/**\r
- * @param secRule {@link NeutronSecurityRule#getSecurityRuleRemoteIpPrefix()} is used for EIC\r
+ * @param secRule {@link SecurityRule#getRemoteIpPrefix()} is used for EIC\r
* and subject selection\r
* @return clause with the subject and with a consumer matcher containing EIC\r
*/\r
- public static Clause getClause(NeutronSecurityRule secRule) {\r
+ public static Clause getClause(SecurityRule secRule) {\r
checkNotNull(secRule);\r
SubjectName subjectName = SecRuleNameDecoder.getSubjectName(secRule);\r
ClauseBuilder clauseBuilder =\r
new ClauseBuilder().setSubjectRefs(ImmutableList.of(subjectName)).setName(SecRuleNameDecoder.getClauseName(secRule));\r
- String remoteIpPrefix = secRule.getSecurityRuleRemoteIpPrefix();\r
- if (!Strings.isNullOrEmpty(remoteIpPrefix)) {\r
+ IpPrefix remoteIpPrefix = secRule.getRemoteIpPrefix();\r
+ if (remoteIpPrefix != null) {\r
clauseBuilder.setConsumerMatchers(createConsumerMatchersWithEic(remoteIpPrefix));\r
}\r
return clauseBuilder.build();\r
}\r
\r
- private static ConsumerMatchers createConsumerMatchersWithEic(String remoteIpPrefix) {\r
- IpPrefix ipPrefix = Utils.createIpPrefix(remoteIpPrefix);\r
+ private static ConsumerMatchers createConsumerMatchersWithEic(IpPrefix ipPrefix) {\r
PrefixConstraint consumerPrefixConstraint = new PrefixConstraintBuilder().setIpPrefix(ipPrefix).build();\r
EndpointIdentificationConstraints eic =\r
new EndpointIdentificationConstraintsBuilder()\r
return new ConsumerMatchersBuilder().setEndpointIdentificationConstraints(eic).build();\r
}\r
\r
- public static boolean isEtherTypeOfOneWithinTwo(NeutronSecurityRule one, NeutronSecurityRule two) {\r
+ public static boolean isEtherTypeOfOneWithinTwo(SecurityRule one, SecurityRule two) {\r
Long oneEtherType = getEtherType(one);\r
Long twoEtherType = getEtherType(two);\r
return twoIsNullOrEqualsOne(oneEtherType, twoEtherType);\r
}\r
\r
- public static boolean isProtocolOfOneWithinTwo(NeutronSecurityRule one, NeutronSecurityRule two) {\r
+ public static boolean isProtocolOfOneWithinTwo(SecurityRule one, SecurityRule two) {\r
Long oneProtocol = getProtocol(one);\r
Long twoProtocol = getProtocol(two);\r
return twoIsNullOrEqualsOne(oneProtocol, twoProtocol);\r
return false;\r
}\r
\r
- public static boolean isPortsOfOneWithinTwo(NeutronSecurityRule one, NeutronSecurityRule two) {\r
- Integer onePortMin = one.getSecurityRulePortMin();\r
- Integer onePortMax = one.getSecurityRulePortMax();\r
- Integer twoPortMin = two.getSecurityRulePortMin();\r
- Integer twoPortMax = two.getSecurityRulePortMax();\r
+ public static boolean isPortsOfOneWithinTwo(SecurityRule one, SecurityRule two) {\r
+ Integer onePortMin = one.getPortRangeMin();\r
+ Integer onePortMax = one.getPortRangeMax();\r
+ Integer twoPortMin = two.getPortRangeMin();\r
+ Integer twoPortMax = two.getPortRangeMax();\r
if (twoPortMin == null && twoPortMax == null) {\r
return true;\r
}\r
\r
/**\r
* @param secRule\r
- * @return {@code null} if {@link NeutronSecurityRule#getSecurityRuleEthertype()} is null or\r
- * empty; value of {@link EtherTypeClassifierDefinition#IPv4_VALUE} or\r
- * {@link EtherTypeClassifierDefinition#IPv6_VALUE}\r
+ * @return {@code null} if {@link SecurityRule#getEthertype()} is null; Otherwise ethertype\r
+ * number\r
* @throws IllegalArgumentException if return value of\r
- * {@link NeutronSecurityRule#getSecurityRuleEthertype()} is not empty/null and is other\r
- * than "IPv4" or "IPv6"\r
+ * {@link SecurityRule#getEthertype()} is other {@link EthertypeV4} or\r
+ * {@link EthertypeV6}\r
*/\r
- public static Long getEtherType(NeutronSecurityRule secRule) {\r
- String ethertype = secRule.getSecurityRuleEthertype();\r
- if (Strings.isNullOrEmpty(ethertype)) {\r
+ public static Long getEtherType(SecurityRule secRule) {\r
+ Class<? extends EthertypeBase> ethertype = secRule.getEthertype();\r
+ if (ethertype == null) {\r
return null;\r
}\r
- if (NeutronUtils.IPv4.equals(ethertype)) {\r
+ if (ethertype.isAssignableFrom(EthertypeV4.class)) {\r
return EtherTypeClassifierDefinition.IPv4_VALUE;\r
}\r
- if (NeutronUtils.IPv6.equals(ethertype)) {\r
+ if (ethertype.isAssignableFrom(EthertypeV6.class)) {\r
return EtherTypeClassifierDefinition.IPv6_VALUE;\r
}\r
throw new IllegalArgumentException("Ethertype " + ethertype + " is not supported.");\r
\r
/**\r
* @param secRule\r
- * @return {@code null} if {@link NeutronSecurityRule#getSecurityRuleProtocol()} is null or\r
- * empty; Otherwise protocol number\r
+ * @return {@code null} if {@link SecurityRule#getProtocol()} is null; Otherwise protocol number\r
* @throws IllegalArgumentException if return value of\r
- * {@link NeutronSecurityRule#getSecurityRuleProtocol()} is not empty/null and is other\r
- * than "tcp", "udp", "icmp", "icmpv6" or string values that can be decoded to {@link Short}.\r
+ * {@link SecurityRule#getProtocol()} is other than {@link ProtocolTcp},\r
+ * {@link ProtocolUdp}, {@link ProtocolIcmp}, {@link ProtocolIcmpV6}\r
*/\r
- public static Long getProtocol(NeutronSecurityRule secRule) {\r
- String protocol = secRule.getSecurityRuleProtocol();\r
- if (Strings.isNullOrEmpty(protocol)) {\r
+ public static Long getProtocol(SecurityRule secRule) {\r
+ Class<? extends ProtocolBase> protocol = secRule.getProtocol();\r
+ if (protocol == null) {\r
return null;\r
}\r
- if (NeutronUtils.TCP.equals(protocol)) {\r
+ if (protocol.isAssignableFrom(ProtocolTcp.class)) {\r
return IpProtoClassifierDefinition.TCP_VALUE;\r
}\r
- if (NeutronUtils.UDP.equals(protocol)) {\r
+ if (protocol.isAssignableFrom(ProtocolUdp.class)) {\r
return IpProtoClassifierDefinition.UDP_VALUE;\r
}\r
- if (NeutronUtils.ICMP.equals(protocol)) {\r
+ if (protocol.isAssignableFrom(ProtocolIcmp.class)) {\r
return IpProtoClassifierDefinition.ICMP_VALUE;\r
}\r
- if (NeutronUtils.ICMPv6.equals(protocol)) {\r
+ if (protocol.isAssignableFrom(ProtocolIcmpV6.class)) {\r
return IpProtoClassifierDefinition.ICMPv6_VALUE;\r
}\r
- Long protocolNum;\r
- try {\r
- protocolNum = Long.valueOf(protocol);\r
- } catch (NumberFormatException e) {\r
- throw new IllegalArgumentException("Neutron Security Rule Protocol value " + protocol\r
- + " is not supported.");\r
- }\r
- return protocolNum;\r
+ throw new IllegalArgumentException("Neutron Security Rule Protocol value " + protocol + " is not supported.");\r
}\r
}\r