+++ /dev/null
-/*
- * Copyright (C) 2014 Red Hat, Inc.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- *
- */
-
-package org.opendaylight.controller.networkconfig.neutron.northbound;
-
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
-import org.codehaus.enunciate.jaxrs.ResponseCode;
-import org.codehaus.enunciate.jaxrs.StatusCodes;
-import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityGroupCRUD;
-import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityRuleAware;
-import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityRuleCRUD;
-import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
-import org.opendaylight.controller.networkconfig.neutron.NeutronSecurityRule;
-import org.opendaylight.controller.northbound.commons.RestMessages;
-import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
-import org.opendaylight.controller.northbound.commons.exception.ResourceNotFoundException;
-import org.opendaylight.controller.northbound.commons.exception.ServiceUnavailableException;
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Neutron Northbound REST APIs for Security Rule.<br>
- * This class provides REST APIs for managing neutron Security Rule
- * <p/>
- * <br>
- * <br>
- * Authentication scheme : <b>HTTP Basic</b><br>
- * Authentication realm : <b>opendaylight</b><br>
- * Transport : <b>HTTP and HTTPS</b><br>
- * <br>
- * HTTPS Authentication is disabled by default. Administrator can enable it in
- * tomcat-server.xml after adding a proper keystore / SSL certificate from a
- * trusted authority.<br>
- * More info :
- * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
- */
-
-@Path ("/security-group-rules")
-public class NeutronSecurityRulesNorthbound {
- static final Logger logger = LoggerFactory.getLogger(NeutronSecurityRulesNorthbound.class);
-
- private NeutronSecurityRule extractFields(NeutronSecurityRule o, List<String> fields) {
- return o.extractFields(fields);
- }
-
- /**
- * Returns a list of all Security Rules
- */
- @GET
- @Produces ({MediaType.APPLICATION_JSON})
- @StatusCodes ({
- @ResponseCode (code = 200, condition = "Operation successful"),
- @ResponseCode (code = 401, condition = "Unauthorized"),
- @ResponseCode (code = 501, condition = "Not Implemented")})
- public Response listRules(
- // return fields
- @QueryParam ("fields") List<String> fields,
- // OpenStack security rule attributes
- @QueryParam ("id") String querySecurityRuleUUID,
- @QueryParam ("direction") String querySecurityRuleDirection,
- @QueryParam ("protocol") String querySecurityRuleProtocol,
- @QueryParam ("port_range_min") Integer querySecurityRulePortMin,
- @QueryParam ("port_range_max") Integer querySecurityRulePortMax,
- @QueryParam ("ethertype") String querySecurityRuleEthertype,
- @QueryParam ("remote_ip_prefix") String querySecurityRuleIpPrefix,
- @QueryParam ("remote_group_id") String querySecurityRemoteGroupID,
- @QueryParam ("security_group_id") String querySecurityRuleGroupID,
- @QueryParam ("tenant_id") String querySecurityRuleTenantID,
- @QueryParam ("limit") String limit,
- @QueryParam ("marker") String marker,
- @QueryParam ("page_reverse") String pageReverse
- ) {
- INeutronSecurityRuleCRUD securityRuleInterface = NeutronCRUDInterfaces.getINeutronSecurityRuleCRUD(this);
- if (securityRuleInterface == null) {
- throw new ServiceUnavailableException("Security Rule CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
- List<NeutronSecurityRule> allSecurityRules = securityRuleInterface.getAllNeutronSecurityRules();
- List<NeutronSecurityRule> ans = new ArrayList<NeutronSecurityRule>();
- Iterator<NeutronSecurityRule> i = allSecurityRules.iterator();
- while (i.hasNext()) {
- NeutronSecurityRule nsr = i.next();
- if ((querySecurityRuleUUID == null ||
- querySecurityRuleUUID.equals(nsr.getSecurityRuleUUID())) &&
- (querySecurityRuleDirection == null ||
- querySecurityRuleDirection.equals(nsr.getSecurityRuleDirection())) &&
- (querySecurityRuleProtocol == null ||
- querySecurityRuleProtocol.equals(nsr.getSecurityRuleProtocol())) &&
- (querySecurityRulePortMin == null ||
- querySecurityRulePortMin.equals(nsr.getSecurityRulePortMin())) &&
- (querySecurityRulePortMax == null ||
- querySecurityRulePortMax.equals(nsr.getSecurityRulePortMax())) &&
- (querySecurityRuleEthertype == null ||
- querySecurityRuleEthertype.equals(nsr.getSecurityRuleEthertype())) &&
- (querySecurityRuleIpPrefix == null ||
- querySecurityRuleIpPrefix.equals(nsr.getSecurityRuleRemoteIpPrefix())) &&
- (querySecurityRuleGroupID == null ||
- querySecurityRuleGroupID.equals(nsr.getSecurityRuleGroupID())) &&
- (querySecurityRemoteGroupID == null ||
- querySecurityRemoteGroupID.equals(nsr.getSecurityRemoteGroupID())) &&
- (querySecurityRuleTenantID == null ||
- querySecurityRuleTenantID.equals(nsr.getSecurityRuleTenantID()))) {
- if (fields.size() > 0) {
- ans.add(extractFields(nsr, fields));
- } else {
- ans.add(nsr);
- }
- }
- }
- return Response.status(200).entity(
- new NeutronSecurityRuleRequest(ans)).build();
- }
-
- /**
- * Returns a specific Security Rule
- */
-
- @Path ("{securityRuleUUID}")
- @GET
- @Produces ({MediaType.APPLICATION_JSON})
- @StatusCodes ({
- @ResponseCode (code = 200, condition = "Operation successful"),
- @ResponseCode (code = 401, condition = "Unauthorized"),
- @ResponseCode (code = 404, condition = "Not Found"),
- @ResponseCode (code = 501, condition = "Not Implemented")})
- public Response showSecurityRule(@PathParam ("securityRuleUUID") String securityRuleUUID,
- // return fields
- @QueryParam ("fields") List<String> fields) {
- INeutronSecurityRuleCRUD securityRuleInterface = NeutronCRUDInterfaces.getINeutronSecurityRuleCRUD(this);
- if (securityRuleInterface == null) {
- throw new ServiceUnavailableException("Security Rule CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
- if (!securityRuleInterface.neutronSecurityRuleExists(securityRuleUUID)) {
- throw new ResourceNotFoundException("Security Rule UUID does not exist.");
- }
- if (!fields.isEmpty()) {
- NeutronSecurityRule ans = securityRuleInterface.getNeutronSecurityRule(securityRuleUUID);
- return Response.status(200).entity(
- new NeutronSecurityRuleRequest(extractFields(ans, fields))).build();
- } else {
- return Response.status(200).entity(new NeutronSecurityRuleRequest(securityRuleInterface.getNeutronSecurityRule(securityRuleUUID))).build();
- }
- }
-
- /**
- * Creates new Security Rule
- */
-
- @POST
- @Produces ({MediaType.APPLICATION_JSON})
- @Consumes ({MediaType.APPLICATION_JSON})
- @StatusCodes ({
- @ResponseCode (code = 201, condition = "Created"),
- @ResponseCode (code = 400, condition = "Bad Request"),
- @ResponseCode (code = 401, condition = "Unauthorized"),
- @ResponseCode (code = 403, condition = "Forbidden"),
- @ResponseCode (code = 404, condition = "Not Found"),
- @ResponseCode (code = 409, condition = "Conflict"),
- @ResponseCode (code = 501, condition = "Not Implemented")})
- public Response createSecurityRules(final NeutronSecurityRuleRequest input) {
- INeutronSecurityRuleCRUD securityRuleInterface = NeutronCRUDInterfaces.getINeutronSecurityRuleCRUD(this);
- if (securityRuleInterface == null) {
- throw new ServiceUnavailableException("Security Rule CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
- INeutronSecurityGroupCRUD securityGroupInterface = NeutronCRUDInterfaces.getINeutronSecurityGroupCRUD(this);
- if (securityGroupInterface == null) {
- throw new ServiceUnavailableException("Security Group CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
-
- /*
- * Existing entry checks
- */
-
- if (input.isSingleton()) {
- NeutronSecurityRule singleton = input.getSingleton();
-
- if (securityRuleInterface.neutronSecurityRuleExists(singleton.getSecurityRuleUUID())) {
- throw new BadRequestException("Security Rule UUID already exists");
- }
- Object[] instances = ServiceHelper.getGlobalInstances(INeutronSecurityRuleAware.class, this, null);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- int status = service.canCreateNeutronSecurityRule(singleton);
- if ((status < 200) || (status > 299)) {
- return Response.status(status).build();
- }
- }
- }
-
- // add rule to cache
- singleton.initDefaults();
- securityRuleInterface.addNeutronSecurityRule(singleton);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- service.neutronSecurityRuleCreated(singleton);
- }
- }
-
- securityRuleInterface.addNeutronSecurityRule(singleton);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- service.neutronSecurityRuleCreated(singleton);
- }
- }
- } else {
- List<NeutronSecurityRule> bulk = input.getBulk();
- Iterator<NeutronSecurityRule> i = bulk.iterator();
- HashMap<String, NeutronSecurityRule> testMap = new HashMap<String, NeutronSecurityRule>();
- Object[] instances = ServiceHelper.getGlobalInstances(INeutronSecurityRuleAware.class, this, null);
- while (i.hasNext()) {
- NeutronSecurityRule test = i.next();
-
- /*
- * Verify that the security rule doesn't already exist
- */
-
- if (securityRuleInterface.neutronSecurityRuleExists(test.getSecurityRuleUUID())) {
- throw new BadRequestException("Security Rule UUID already exists");
- }
- if (testMap.containsKey(test.getSecurityRuleUUID())) {
- throw new BadRequestException("Security Rule UUID already exists");
- }
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- int status = service.canCreateNeutronSecurityRule(test);
- if ((status < 200) || (status > 299)) {
- return Response.status(status).build();
- }
- }
- }
- }
-
- /*
- * now, each element of the bulk request can be added to the cache
- */
- i = bulk.iterator();
- while (i.hasNext()) {
- NeutronSecurityRule test = i.next();
- securityRuleInterface.addNeutronSecurityRule(test);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- service.neutronSecurityRuleCreated(test);
- }
- }
- }
- }
- return Response.status(201).entity(input).build();
- }
-
- /**
- * Updates a Security Rule
- */
-
- @Path ("{securityRuleUUID}")
- @PUT
- @Produces ({MediaType.APPLICATION_JSON})
- @Consumes ({MediaType.APPLICATION_JSON})
- @StatusCodes ({
- @ResponseCode (code = 200, condition = "Operation successful"),
- @ResponseCode (code = 400, condition = "Bad Request"),
- @ResponseCode (code = 401, condition = "Unauthorized"),
- @ResponseCode (code = 403, condition = "Forbidden"),
- @ResponseCode (code = 404, condition = "Not Found"),
- @ResponseCode (code = 501, condition = "Not Implemented")})
- public Response updateSecurityRule(
- @PathParam ("securityRuleUUID") String securityRuleUUID, final NeutronSecurityRuleRequest input) {
- INeutronSecurityRuleCRUD securityRuleInterface = NeutronCRUDInterfaces.getINeutronSecurityRuleCRUD(this);
- if (securityRuleInterface == null) {
- throw new ServiceUnavailableException("Security Rule CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
-
- /*
- * verify the Security Rule exists and there is only one delta provided
- */
- if (!securityRuleInterface.neutronSecurityRuleExists(securityRuleUUID)) {
- throw new ResourceNotFoundException("Security Rule UUID does not exist.");
- }
- if (!input.isSingleton()) {
- throw new BadRequestException("Only singleton edit supported");
- }
- NeutronSecurityRule delta = input.getSingleton();
- NeutronSecurityRule original = securityRuleInterface.getNeutronSecurityRule(securityRuleUUID);
-
- /*
- * updates restricted by Neutron
- *
- */
- if (delta.getSecurityRuleUUID() != null ||
- delta.getSecurityRuleDirection() != null ||
- delta.getSecurityRuleProtocol() != null ||
- delta.getSecurityRulePortMin() != null ||
- delta.getSecurityRulePortMax() != null ||
- delta.getSecurityRuleEthertype() != null ||
- delta.getSecurityRuleRemoteIpPrefix() != null ||
- delta.getSecurityRuleGroupID() != null ||
- delta.getSecurityRemoteGroupID() != null ||
- delta.getSecurityRuleTenantID() != null) {
- throw new BadRequestException("Attribute edit blocked by Neutron");
- }
-
- Object[] instances = ServiceHelper.getGlobalInstances(INeutronSecurityRuleAware.class, this, null);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- int status = service.canUpdateNeutronSecurityRule(delta, original);
- if (status < 200 || status > 299) {
- return Response.status(status).build();
- }
- }
- }
-
- /*
- * update the object and return it
- */
- securityRuleInterface.updateNeutronSecurityRule(securityRuleUUID, delta);
- NeutronSecurityRule updatedSecurityRule = securityRuleInterface.getNeutronSecurityRule(securityRuleUUID);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- service.neutronSecurityRuleUpdated(updatedSecurityRule);
- }
- }
- return Response.status(200).entity(new NeutronSecurityRuleRequest(securityRuleInterface.getNeutronSecurityRule(securityRuleUUID))).build();
- }
-
- /**
- * Deletes a Security Rule
- */
-
- @Path ("{securityRuleUUID}")
- @DELETE
- @StatusCodes ({
- @ResponseCode (code = 204, condition = "No Content"),
- @ResponseCode (code = 401, condition = "Unauthorized"),
- @ResponseCode (code = 404, condition = "Not Found"),
- @ResponseCode (code = 409, condition = "Conflict"),
- @ResponseCode (code = 501, condition = "Not Implemented")})
- public Response deleteSecurityRule(
- @PathParam ("securityRuleUUID") String securityRuleUUID) {
- INeutronSecurityRuleCRUD securityRuleInterface = NeutronCRUDInterfaces.getINeutronSecurityRuleCRUD(this);
- if (securityRuleInterface == null) {
- throw new ServiceUnavailableException("Security Rule CRUD Interface "
- + RestMessages.SERVICEUNAVAILABLE.toString());
- }
-
- /*
- * verify the Security Rule exists and it isn't currently in use
- */
- if (!securityRuleInterface.neutronSecurityRuleExists(securityRuleUUID)) {
- throw new ResourceNotFoundException("Security Rule UUID does not exist.");
- }
- if (securityRuleInterface.neutronSecurityRuleInUse(securityRuleUUID)) {
- return Response.status(409).build();
- }
- NeutronSecurityRule singleton = securityRuleInterface.getNeutronSecurityRule(securityRuleUUID);
- Object[] instances = ServiceHelper.getGlobalInstances(INeutronSecurityRuleAware.class, this, null);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- int status = service.canDeleteNeutronSecurityRule(singleton);
- if (status < 200 || status > 299) {
- return Response.status(status).build();
- }
- }
- }
-
- /*
- * remove it and return 204 status
- */
- securityRuleInterface.removeNeutronSecurityRule(securityRuleUUID);
- if (instances != null) {
- for (Object instance : instances) {
- INeutronSecurityRuleAware service = (INeutronSecurityRuleAware) instance;
- service.neutronSecurityRuleDeleted(singleton);
- }
- }
- return Response.status(204).build();
- }
-}
\ No newline at end of file
Code Review / controller.git / blobdiff