opendaylight/networkconfiguration/neutron/northbound/src/main/java/org/opendaylight/controller/networkconfig/neutron/northbound/NeutronFirewallNorthbound.java

   1 /*
   2  * Copyright (C) 2014 Red Hat, Inc.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.controller.networkconfig.neutron.northbound;
  10
  11
  12 import org.codehaus.enunciate.jaxrs.ResponseCode;
  13 import org.codehaus.enunciate.jaxrs.StatusCodes;
  14 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallAware;
  15 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallCRUD;
  16 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallRuleCRUD;
  17 import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
  18 import org.opendaylight.controller.networkconfig.neutron.NeutronFirewall;
  19
  20 import javax.ws.rs.Consumes;
  21 import javax.ws.rs.DELETE;
  22 import javax.ws.rs.GET;
  23 import javax.ws.rs.POST;
  24 import javax.ws.rs.PUT;
  25 import javax.ws.rs.Path;
  26 import javax.ws.rs.PathParam;
  27 import javax.ws.rs.Produces;
  28 import javax.ws.rs.QueryParam;
  29 import javax.ws.rs.core.MediaType;
  30 import javax.ws.rs.core.Response;
  31 import java.util.ArrayList;
  32 import java.util.HashMap;
  33 import java.util.Iterator;
  34 import java.util.List;
  35
  36 /**
  37  * Neutron Northbound REST APIs for Firewall.<br>
  38  * This class provides REST APIs for managing neutron Firewall
  39  *
  40  * <br>
  41  * <br>
  42  * Authentication scheme : <b>HTTP Basic</b><br>
  43  * Authentication realm : <b>opendaylight</b><br>
  44  * Transport : <b>HTTP and HTTPS</b><br>
  45  * <br>
  46  * HTTPS Authentication is disabled by default. Administrator can enable it in
  47  * tomcat-server.xml after adding a proper keystore / SSL certificate from a
  48  * trusted authority.<br>
  49  * More info :
  50  * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
  51  *
  52  */
  53 @Path("/fw/firewalls")
  54 public class NeutronFirewallNorthbound {
  55
  56     private NeutronFirewall extractFields(NeutronFirewall o, List<String> fields) {
  57         return o.extractFields(fields);
  58     }
  59
  60     /**
  61      * Returns a list of all Firewalls */
  62     @GET
  63     @Produces({ MediaType.APPLICATION_JSON })
  64     @StatusCodes({
  65             @ResponseCode(code = 200, condition = "Operation successful"),
  66             @ResponseCode(code = 401, condition = "Unauthorized"),
  67             @ResponseCode(code = 501, condition = "Not Implemented") })
  68
  69     public Response listGroups(
  70             // return fields
  71             @QueryParam("fields") List<String> fields,
  72             // OpenStack firewall attributes
  73             @QueryParam("id") String queryFirewallUUID,
  74             @QueryParam("tenant_id") String queryFirewallTenantID,
  75             @QueryParam("name") String queryFirewallName,
  76             @QueryParam("description") String queryFirewallDescription,
  77             @QueryParam("shared") Boolean queryFirewallAdminStateIsUp,
  78             @QueryParam("status") String queryFirewallStatus,
  79             @QueryParam("shared") Boolean queryFirewallIsShared,
  80             @QueryParam("firewall_policy_id") String queryFirewallPolicyID,
  81             // pagination
  82             @QueryParam("limit") String limit,
  83             @QueryParam("marker") String marker,
  84             @QueryParam("page_reverse") String pageReverse
  85             // sorting not supported
  86     ) {
  87         INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
  88         INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
  89
  90         if (firewallInterface == null) {
  91             throw new ServiceUnavailableException("Firewall CRUD Interface "
  92                     + RestMessages.SERVICEUNAVAILABLE.toString());
  93         }
  94         List<NeutronFirewall> allFirewalls = firewallInterface.getAllNeutronFirewalls();
  95         List<NeutronFirewall> ans = new ArrayList<NeutronFirewall>();
  96         Iterator<NeutronFirewall> i = allFirewalls.iterator();
  97         while (i.hasNext()) {
  98             NeutronFirewall nsg = i.next();
  99             if ((queryFirewallUUID == null ||
 100                 queryFirewallUUID.equals(nsg.getFirewallUUID())) &&
 101                 (queryFirewallTenantID == null ||
 102                     queryFirewallTenantID.equals(nsg.getFirewallTenantID())) &&
 103                 (queryFirewallName == null ||
 104                     queryFirewallName.equals(nsg.getFirewallName())) &&
 105                 (queryFirewallDescription == null ||
 106                     queryFirewallDescription.equals(nsg.getFirewallDescription())) &&
 107                 (queryFirewallAdminStateIsUp == null ||
 108                     queryFirewallAdminStateIsUp.equals(nsg.getFirewallAdminStateIsUp())) &&
 109                 (queryFirewallStatus == null ||
 110                     queryFirewallStatus.equals(nsg.getFirewallStatus())) &&
 111                 (queryFirewallIsShared == null ||
 112                     queryFirewallIsShared.equals(nsg.getFirewallIsShared())) &&
 113                 (queryFirewallPolicyID == null ||
 114                     queryFirewallPolicyID.equals(nsg.getFirewallPolicyID()))) {
 115                 if (fields.size() > 0) {
 116                     ans.add(extractFields(nsg,fields));
 117                 } else {
 118                     ans.add(nsg);
 119                 }
 120             }
 121         }
 122         //TODO: apply pagination to results
 123         return Response.status(200).entity(
 124                 new NeutronFirewallRequest(ans)).build();
 125     }
 126
 127     /**
 128      * Returns a specific Firewall */
 129
 130     @Path("{firewallUUID}")
 131     @GET
 132     @Produces({ MediaType.APPLICATION_JSON })
 133     @StatusCodes({
 134             @ResponseCode(code = 200, condition = "Operation successful"),
 135             @ResponseCode(code = 401, condition = "Unauthorized"),
 136             @ResponseCode(code = 404, condition = "Not Found"),
 137             @ResponseCode(code = 501, condition = "Not Implemented") })
 138     public Response showFirewall(@PathParam("firewallUUID") String firewallUUID,
 139                                       // return fields
 140                                       @QueryParam("fields") List<String> fields) {
 141         INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
 142         if (firewallInterface == null) {
 143             throw new ServiceUnavailableException("Firewall CRUD Interface "
 144                     + RestMessages.SERVICEUNAVAILABLE.toString());
 145         }
 146         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 147             throw new ResourceNotFoundException("Firewall UUID does not exist.");
 148         }
 149         if (fields.size() > 0) {
 150             NeutronFirewall ans = firewallInterface.getNeutronFirewall(firewallUUID);
 151             return Response.status(200).entity(
 152                     new NeutronFirewallRequest(extractFields(ans, fields))).build();
 153         } else {
 154             return Response.status(200).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
 155         }
 156     }
 157
 158     /**
 159      * Creates new Firewall */
 160
 161     @POST
 162     @Produces({ MediaType.APPLICATION_JSON })
 163     @Consumes({ MediaType.APPLICATION_JSON })
 164     @StatusCodes({
 165             @ResponseCode(code = 201, condition = "Created"),
 166             @ResponseCode(code = 400, condition = "Bad Request"),
 167             @ResponseCode(code = 401, condition = "Unauthorized"),
 168             @ResponseCode(code = 403, condition = "Forbidden"),
 169             @ResponseCode(code = 404, condition = "Not Found"),
 170             @ResponseCode(code = 409, condition = "Conflict"),
 171             @ResponseCode(code = 501, condition = "Not Implemented") })
 172     public Response createFirewalls(final NeutronFirewallRequest input) {
 173         INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
 174         if (firewallInterface == null) {
 175             throw new ServiceUnavailableException("Firewall CRUD Interface "
 176                     + RestMessages.SERVICEUNAVAILABLE.toString());
 177         }
 178         if (input.isSingleton()) {
 179             NeutronFirewall singleton = input.getSingleton();
 180
 181             /*
 182              *  Verify that the Firewall doesn't already exist.
 183              */
 184             if (firewallInterface.neutronFirewallExists(singleton.getFirewallUUID())) {
 185                 throw new BadRequestException("Firewall UUID already exists");
 186             }
 187             firewallInterface.addNeutronFirewall(singleton);
 188             Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 189             if (instances != null) {
 190                 if (instances.length > 0) {
 191                     for (Object instance : instances) {
 192                         INeutronFirewallAware service = (INeutronFirewallAware) instance;
 193                         int status = service.canCreateNeutronFirewall(singleton);
 194                         if (status < 200 || status > 299) {
 195                             return Response.status(status).build();
 196                         }
 197                     }
 198                 } else {
 199                     throw new ServiceUnavailableException("No providers registered.  Please try again later");
 200                 }
 201             } else {
 202                 throw new ServiceUnavailableException("Couldn't get providers list.  Please try again later");
 203             }
 204             firewallInterface.addNeutronFirewall(singleton);
 205             if (instances != null) {
 206                 for (Object instance : instances) {
 207                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 208                     service.neutronFirewallCreated(singleton);
 209                 }
 210             }
 211         } else {
 212             List<NeutronFirewall> bulk = input.getBulk();
 213             Iterator<NeutronFirewall> i = bulk.iterator();
 214             HashMap<String, NeutronFirewall> testMap = new HashMap<String, NeutronFirewall>();
 215             Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 216             while (i.hasNext()) {
 217                 NeutronFirewall test = i.next();
 218
 219                 /*
 220                  *  Verify that the secruity group doesn't already exist
 221                  */
 222                 if (firewallInterface.neutronFirewallExists(test.getFirewallUUID())) {
 223                     throw new BadRequestException("Firewall UUID already is already created");
 224                 }
 225                 if (testMap.containsKey(test.getFirewallUUID())) {
 226                     throw new BadRequestException("Firewall UUID already exists");
 227                 }
 228                 if (instances != null) {
 229                     if (instances.length > 0) {
 230                         for (Object instance : instances) {
 231                             INeutronFirewallAware service = (INeutronFirewallAware) instance;
 232                             int status = service.canCreateNeutronFirewall(test);
 233                             if (status < 200 || status > 299) {
 234                                 return Response.status(status).build();
 235                             }
 236                         }
 237                     } else {
 238                         throw new ServiceUnavailableException("No providers registered.  Please try again later");
 239                     }
 240                 } else {
 241                     throw new ServiceUnavailableException("Couldn't get providers list.  Please try again later");
 242                 }
 243             }
 244
 245             /*
 246              * now, each element of the bulk request can be added to the cache
 247              */
 248             i = bulk.iterator();
 249             while (i.hasNext()) {
 250                 NeutronFirewall test = i.next();
 251                 firewallInterface.addNeutronFirewall(test);
 252                 if (instances != null) {
 253                     for (Object instance : instances) {
 254                         INeutronFirewallAware service = (INeutronFirewallAware) instance;
 255                         service.neutronFirewallCreated(test);
 256                     }
 257                 }
 258             }
 259         }
 260         return Response.status(201).entity(input).build();
 261     }
 262
 263     /**
 264      * Updates a Firewall */
 265
 266     @Path("{firewallUUID}")
 267     @PUT
 268     @Produces({ MediaType.APPLICATION_JSON })
 269     @Consumes({ MediaType.APPLICATION_JSON })
 270     @StatusCodes({
 271             @ResponseCode(code = 200, condition = "Operation successful"),
 272             @ResponseCode(code = 400, condition = "Bad Request"),
 273             @ResponseCode(code = 401, condition = "Unauthorized"),
 274             @ResponseCode(code = 403, condition = "Forbidden"),
 275             @ResponseCode(code = 404, condition = "Not Found"),
 276             @ResponseCode(code = 501, condition = "Not Implemented") })
 277     public Response updateFirewall(
 278             @PathParam("firewallUUID") String firewallUUID, final NeutronFirewallRequest input) {
 279         INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
 280         if (firewallInterface == null) {
 281             throw new ServiceUnavailableException("Firewall CRUD Interface "
 282                     + RestMessages.SERVICEUNAVAILABLE.toString());
 283         }
 284
 285         /*
 286          * verify the Firewall exists and there is only one delta provided
 287          */
 288         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 289             throw new ResourceNotFoundException("Firewall UUID does not exist.");
 290         }
 291         if (!input.isSingleton()) {
 292             throw new BadRequestException("Only singleton edit supported");
 293         }
 294         NeutronFirewall delta = input.getSingleton();
 295         NeutronFirewall original = firewallInterface.getNeutronFirewall(firewallUUID);
 296
 297         /*
 298          * updates restricted by Neutron
 299          */
 300         if (delta.getFirewallUUID() != null ||
 301                 delta.getFirewallTenantID() != null ||
 302                 delta.getFirewallName() != null ||
 303                 delta.getFirewallDescription() != null ||
 304                 delta.getFirewallAdminStateIsUp() != null ||
 305                 delta.getFirewallStatus() != null ||
 306                 delta.getFirewallIsShared() != null ||
 307                 delta.getFirewallPolicyID() != null) {
 308             throw new BadRequestException("Attribute edit blocked by Neutron");
 309         }
 310
 311         Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 312         if (instances != null) {
 313             if (instances.length > 0) {
 314                 for (Object instance : instances) {
 315                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 316                     int status = service.canUpdateNeutronFirewall(delta, original);
 317                     if (status < 200 || status > 299) {
 318                         return Response.status(status).build();
 319                     }
 320                 }
 321             } else {
 322                 throw new ServiceUnavailableException("No providers registered.  Please try again later");
 323             }
 324         } else {
 325             throw new ServiceUnavailableException("Couldn't get providers list.  Please try again later");
 326         }
 327
 328         /*
 329          * update the object and return it
 330          */
 331         firewallInterface.updateNeutronFirewall(firewallUUID, delta);
 332         NeutronFirewall updatedFirewall = firewallInterface.getNeutronFirewall(firewallUUID);
 333         if (instances != null) {
 334             for (Object instance : instances) {
 335                 INeutronFirewallAware service = (INeutronFirewallAware) instance;
 336                 service.neutronFirewallUpdated(updatedFirewall);
 337             }
 338         }
 339         return Response.status(200).entity(new NeutronFirewallRequest(firewallInterface.getNeutronFirewall(firewallUUID))).build();
 340     }
 341
 342     /**
 343      * Deletes a Firewall */
 344
 345     @Path("{firewallUUID}")
 346     @DELETE
 347     @StatusCodes({
 348             @ResponseCode(code = 204, condition = "No Content"),
 349             @ResponseCode(code = 401, condition = "Unauthorized"),
 350             @ResponseCode(code = 404, condition = "Not Found"),
 351             @ResponseCode(code = 409, condition = "Conflict"),
 352             @ResponseCode(code = 501, condition = "Not Implemented") })
 353     public Response deleteFirewall(
 354             @PathParam("firewallUUID") String firewallUUID) {
 355         INeutronFirewallCRUD firewallInterface = NeutronCRUDInterfaces.getINeutronFirewallCRUD(this);
 356         if (firewallInterface == null) {
 357             throw new ServiceUnavailableException("Firewall CRUD Interface "
 358                     + RestMessages.SERVICEUNAVAILABLE.toString());
 359         }
 360
 361         /*
 362          * verify the Firewall exists and it isn't currently in use
 363          */
 364         if (!firewallInterface.neutronFirewallExists(firewallUUID)) {
 365             throw new ResourceNotFoundException("Firewall UUID does not exist.");
 366         }
 367         if (firewallInterface.neutronFirewallInUse(firewallUUID)) {
 368             return Response.status(409).build();
 369         }
 370         NeutronFirewall singleton = firewallInterface.getNeutronFirewall(firewallUUID);
 371         Object[] instances = NeutronUtil.getInstances(INeutronFirewallAware.class, this);
 372         if (instances != null) {
 373             if (instances.length > 0) {
 374                 for (Object instance : instances) {
 375                     INeutronFirewallAware service = (INeutronFirewallAware) instance;
 376                     int status = service.canDeleteNeutronFirewall(singleton);
 377                     if (status < 200 || status > 299) {
 378                         return Response.status(status).build();
 379                     }
 380                 }
 381             } else {
 382                 throw new ServiceUnavailableException("No providers registered.  Please try again later");
 383             }
 384         } else {
 385             throw new ServiceUnavailableException("Couldn't get providers list.  Please try again later");
 386         }
 387
 388         /*
 389          * remove it and return 204 status
 390          */
 391         firewallInterface.removeNeutronFirewall(firewallUUID);
 392         if (instances != null) {
 393             for (Object instance : instances) {
 394                 INeutronFirewallAware service = (INeutronFirewallAware) instance;
 395                 service.neutronFirewallDeleted(singleton);
 396             }
 397         }
 398         return Response.status(204).build();
 399     }
 400 }