2 * Copyright (C) 2014 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.controller.networkconfig.neutron.northbound;
12 import java.util.ArrayList;
13 import java.util.HashMap;
14 import java.util.Iterator;
15 import java.util.List;
17 import javax.ws.rs.Consumes;
18 import javax.ws.rs.DELETE;
19 import javax.ws.rs.GET;
20 import javax.ws.rs.POST;
21 import javax.ws.rs.PUT;
22 import javax.ws.rs.Path;
23 import javax.ws.rs.PathParam;
24 import javax.ws.rs.Produces;
25 import javax.ws.rs.QueryParam;
26 import javax.ws.rs.core.MediaType;
27 import javax.ws.rs.core.Response;
29 import org.codehaus.enunciate.jaxrs.ResponseCode;
30 import org.codehaus.enunciate.jaxrs.StatusCodes;
31 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallPolicyCRUD;
32 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallRuleAware;
33 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallRuleCRUD;
34 import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
35 import org.opendaylight.controller.networkconfig.neutron.NeutronFirewallRule;
38 * Neutron Northbound REST APIs for Firewall Rule.<br>
39 * This class provides REST APIs for managing neutron Firewall Rule
43 * Authentication scheme : <b>HTTP Basic</b><br>
44 * Authentication realm : <b>opendaylight</b><br>
45 * Transport : <b>HTTP and HTTPS</b><br>
47 * HTTPS Authentication is disabled by default. Administrator can enable it in
48 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
49 * trusted authority.<br>
51 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
54 @Path("fw/firewalls_rules")
55 public class NeutronFirewallRulesNorthbound {
57 private NeutronFirewallRule extractFields(NeutronFirewallRule o, List<String> fields) {
58 return o.extractFields(fields);
62 * Returns a list of all Firewall Rules
65 @Produces({MediaType.APPLICATION_JSON})
67 @ResponseCode(code = 200, condition = "Operation successful"),
68 @ResponseCode(code = 401, condition = "Unauthorized"),
69 @ResponseCode(code = 501, condition = "Not Implemented")})
70 public Response listRules(
72 @QueryParam("fields") List<String> fields,
73 // OpenStack firewall rule attributes
74 @QueryParam("id") String queryFirewallRuleUUID,
75 @QueryParam("tenant_id") String queryFirewallRuleTenantID,
76 @QueryParam("name") String queryFirewallRuleName,
77 @QueryParam("description") String queryFirewallRuleDescription,
78 @QueryParam("admin_state_up") Boolean queryFirewallRuleAdminStateIsUp,
79 @QueryParam("status") String queryFirewallRuleStatus,
80 @QueryParam("shared") Boolean queryFirewallRuleIsShared,
81 @QueryParam("firewall_policy_id") String queryFirewallRulePolicyID,
82 @QueryParam("protocol") String queryFirewallRuleProtocol,
83 @QueryParam("ip_version") Integer queryFirewallRuleIpVer,
84 @QueryParam("source_ip_address") String queryFirewallRuleSrcIpAddr,
85 @QueryParam("destination_ip_address") String queryFirewallRuleDstIpAddr,
86 @QueryParam("source_port") Integer queryFirewallRuleSrcPort,
87 @QueryParam("destination_port") Integer queryFirewallRuleDstPort,
88 @QueryParam("position") Integer queryFirewallRulePosition,
89 @QueryParam("action") String queryFirewallRuleAction,
90 @QueryParam("enabled") Boolean queryFirewallRuleIsEnabled,
92 @QueryParam("limit") String limit,
93 @QueryParam("marker") String marker,
94 @QueryParam("page_reverse") String pageReverse
95 // sorting not supported
97 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
98 if (firewallRuleInterface == null) {
99 throw new ServiceUnavailableException("Firewall Rule CRUD Interface "
100 + RestMessages.SERVICEUNAVAILABLE.toString());
102 List<NeutronFirewallRule> allFirewallRules = firewallRuleInterface.getAllNeutronFirewallRules();
103 List<NeutronFirewallRule> ans = new ArrayList<NeutronFirewallRule>();
104 Iterator<NeutronFirewallRule> i = allFirewallRules.iterator();
105 while (i.hasNext()) {
106 NeutronFirewallRule nsr = i.next();
107 if ((queryFirewallRuleUUID == null ||
108 queryFirewallRuleUUID.equals(nsr.getFirewallRuleUUID())) &&
109 (queryFirewallRuleTenantID == null ||
110 queryFirewallRuleTenantID.equals(nsr.getFirewallRuleTenantID())) &&
111 (queryFirewallRuleName == null ||
112 queryFirewallRuleName.equals(nsr.getFirewallRuleName())) &&
113 (queryFirewallRuleDescription == null ||
114 queryFirewallRuleDescription.equals(nsr.getFirewallRuleDescription())) &&
115 (queryFirewallRuleAdminStateIsUp == null ||
116 queryFirewallRuleAdminStateIsUp.equals(nsr.getFirewallRuleAdminStateIsUp())) &&
117 (queryFirewallRuleStatus == null ||
118 queryFirewallRuleStatus.equals(nsr.getFirewallRuleStatus())) &&
119 (queryFirewallRuleIsShared == null ||
120 queryFirewallRuleIsShared.equals(nsr.getFirewallRuleIsShared())) &&
121 (queryFirewallRulePolicyID == null ||
122 queryFirewallRulePolicyID.equals(nsr.getFirewallRulePolicyID())) &&
123 (queryFirewallRuleProtocol == null ||
124 queryFirewallRuleProtocol.equals(nsr.getFirewallRuleProtocol())) &&
125 (queryFirewallRuleIpVer == null ||
126 queryFirewallRuleIpVer.equals(nsr.getFirewallRuleIpVer())) &&
127 (queryFirewallRuleSrcIpAddr == null ||
128 queryFirewallRuleSrcIpAddr.equals(nsr.getFirewallRuleSrcIpAddr())) &&
129 (queryFirewallRuleDstIpAddr == null ||
130 queryFirewallRuleDstIpAddr.equals(nsr.getFirewallRuleDstIpAddr())) &&
131 (queryFirewallRuleSrcPort == null ||
132 queryFirewallRuleSrcPort.equals(nsr.getFirewallRuleSrcPort())) &&
133 (queryFirewallRuleDstPort == null ||
134 queryFirewallRuleDstPort.equals(nsr.getFirewallRuleDstPort())) &&
135 (queryFirewallRulePosition == null ||
136 queryFirewallRulePosition.equals(nsr.getFirewallRulePosition())) &&
137 (queryFirewallRuleAction == null ||
138 queryFirewallRuleAction.equals(nsr.getFirewallRuleAction())) &&
139 (queryFirewallRuleIsEnabled == null ||
140 queryFirewallRuleIsEnabled.equals(nsr.getFirewallRuleIsEnabled()))) {
141 if (fields.size() > 0) {
142 ans.add(extractFields(nsr, fields));
148 //TODO: apply pagination to results
149 return Response.status(200).entity(
150 new NeutronFirewallRuleRequest(ans)).build();
154 * Returns a specific Firewall Rule
157 @Path("{firewallRuleUUID}")
159 @Produces({MediaType.APPLICATION_JSON})
161 @ResponseCode(code = 200, condition = "Operation successful"),
162 @ResponseCode(code = 401, condition = "Unauthorized"),
163 @ResponseCode(code = 404, condition = "Not Found"),
164 @ResponseCode(code = 501, condition = "Not Implemented")})
165 public Response showFirewallRule(@PathParam("firewallRuleUUID") String firewallRuleUUID,
167 @QueryParam("fields") List<String> fields) {
168 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
169 if (firewallRuleInterface == null) {
170 throw new ServiceUnavailableException("Firewall Rule CRUD Interface "
171 + RestMessages.SERVICEUNAVAILABLE.toString());
173 if (!firewallRuleInterface.neutronFirewallRuleExists(firewallRuleUUID)) {
174 throw new ResourceNotFoundException("Firewall Rule UUID does not exist.");
176 if (fields.size() > 0) {
177 NeutronFirewallRule ans = firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID);
178 return Response.status(200).entity(
179 new NeutronFirewallRuleRequest(extractFields(ans, fields))).build();
181 return Response.status(200)
182 .entity(new NeutronFirewallRuleRequest(
183 firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID)))
189 * Creates new Firewall Rule
193 @Produces({MediaType.APPLICATION_JSON})
194 @Consumes({MediaType.APPLICATION_JSON})
196 @ResponseCode(code = 201, condition = "Created"),
197 @ResponseCode(code = 400, condition = "Bad Request"),
198 @ResponseCode(code = 401, condition = "Unauthorized"),
199 @ResponseCode(code = 403, condition = "Forbidden"),
200 @ResponseCode(code = 404, condition = "Not Found"),
201 @ResponseCode(code = 409, condition = "Conflict"),
202 @ResponseCode(code = 501, condition = "Not Implemented")})
203 public Response createFirewallRules(final NeutronFirewallRuleRequest input) {
204 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
205 if (firewallRuleInterface == null) {
206 throw new ServiceUnavailableException("Firewall Rule CRUD Interface "
207 + RestMessages.SERVICEUNAVAILABLE.toString());
209 INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
210 if (firewallPolicyInterface == null) {
211 throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
212 + RestMessages.SERVICEUNAVAILABLE.toString());
215 if (input.isSingleton()) {
216 NeutronFirewallRule singleton = input.getSingleton();
217 if (firewallRuleInterface.neutronFirewallRuleExists(singleton.getFirewallRuleUUID())) {
218 throw new BadRequestException("Firewall Rule UUID already exists");
220 firewallRuleInterface.addNeutronFirewallRule(singleton);
221 Object[] instances = NeutronUtil.getInstances(INeutronFirewallRuleAware.class, this);
222 if (instances != null) {
223 if (instances.length > 0) {
224 for (Object instance : instances) {
225 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
226 int status = service.canCreateNeutronFirewallRule(singleton);
227 if (status < 200 || status > 299) {
228 return Response.status(status).build();
232 throw new ServiceUnavailableException("No providers registered. Please try again later");
235 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
238 singleton.initDefaults();
239 firewallRuleInterface.addNeutronFirewallRule(singleton);
240 if (instances != null) {
241 for (Object instance : instances) {
242 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
243 service.neutronFirewallRuleCreated(singleton);
247 List<NeutronFirewallRule> bulk = input.getBulk();
248 Iterator<NeutronFirewallRule> i = bulk.iterator();
249 HashMap<String, NeutronFirewallRule> testMap = new HashMap<String, NeutronFirewallRule>();
250 Object[] instances = NeutronUtil.getInstances(INeutronFirewallRuleAware.class, this);
251 while (i.hasNext()) {
252 NeutronFirewallRule test = i.next();
255 * Verify that the Firewall rule doesn't already exist
258 if (firewallRuleInterface.neutronFirewallRuleExists(test.getFirewallRuleUUID())) {
259 throw new BadRequestException("Firewall Rule UUID already exists");
261 if (testMap.containsKey(test.getFirewallRuleUUID())) {
262 throw new BadRequestException("Firewall Rule UUID already exists");
264 if (instances != null) {
265 if (instances.length > 0) {
266 for (Object instance : instances) {
267 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
268 int status = service.canCreateNeutronFirewallRule(test);
269 if (status < 200 || status > 299) {
270 return Response.status(status).build();
274 throw new ServiceUnavailableException("No providers registered. Please try again later");
277 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
281 * now, each element of the bulk request can be added to the cache
284 while (i.hasNext()) {
285 NeutronFirewallRule test = i.next();
286 firewallRuleInterface.addNeutronFirewallRule(test);
287 if (instances != null) {
288 for (Object instance : instances) {
289 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
290 service.neutronFirewallRuleCreated(test);
295 return Response.status(201).entity(input).build();
299 * Updates a Firewall Rule
301 @Path("{firewallRuleUUID}")
303 @Produces({MediaType.APPLICATION_JSON})
304 @Consumes({MediaType.APPLICATION_JSON})
306 @ResponseCode(code = 200, condition = "Operation successful"),
307 @ResponseCode(code = 400, condition = "Bad Request"),
308 @ResponseCode(code = 401, condition = "Unauthorized"),
309 @ResponseCode(code = 403, condition = "Forbidden"),
310 @ResponseCode(code = 404, condition = "Not Found"),
311 @ResponseCode(code = 501, condition = "Not Implemented")})
312 public Response updateFirewallRule(
313 @PathParam("firewallRuleUUID") String firewallRuleUUID, final NeutronFirewallRuleRequest input) {
314 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
315 if (firewallRuleInterface == null) {
316 throw new ServiceUnavailableException("Firewall Rule CRUD Interface "
317 + RestMessages.SERVICEUNAVAILABLE.toString());
320 * verify the Firewall Rule exists
322 if (!firewallRuleInterface.neutronFirewallRuleExists(firewallRuleUUID)) {
323 throw new ResourceNotFoundException("Firewall Rule UUID does not exist.");
325 if (!input.isSingleton()) {
326 throw new BadRequestException("Only singleton edit supported");
328 NeutronFirewallRule delta = input.getSingleton();
329 NeutronFirewallRule original = firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID);
332 * updates restricted by Neutron
335 if (delta.getFirewallRuleUUID() != null ||
336 delta.getFirewallRuleTenantID() != null ||
337 delta.getFirewallRuleName() != null ||
338 delta.getFirewallRuleDescription() != null ||
339 delta.getFirewallRuleAdminStateIsUp() != null ||
340 delta.getFirewallRuleStatus() != null ||
341 delta.getFirewallRuleIsShared() != null ||
342 delta.getFirewallRulePolicyID() != null ||
343 delta.getFirewallRuleProtocol() != null ||
344 delta.getFirewallRuleIpVer() != null ||
345 delta.getFirewallRuleSrcIpAddr() != null ||
346 delta.getFirewallRuleDstIpAddr() != null ||
347 delta.getFirewallRuleSrcPort() != null ||
348 delta.getFirewallRuleDstPort() != null ||
349 delta.getFirewallRulePosition() != null ||
350 delta.getFirewallRuleAction() != null ||
351 delta.getFirewallRuleIsEnabled() != null) {
352 throw new BadRequestException("Attribute edit blocked by Neutron");
355 Object[] instances = NeutronUtil.getInstances(INeutronFirewallRuleAware.class, this);
356 if (instances != null) {
357 if (instances.length > 0) {
358 for (Object instance : instances) {
359 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
360 int status = service.canUpdateNeutronFirewallRule(delta, original);
361 if (status < 200 || status > 299) {
362 return Response.status(status).build();
366 throw new ServiceUnavailableException("No providers registered. Please try again later");
369 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
373 * update the object and return it
375 firewallRuleInterface.updateNeutronFirewallRule(firewallRuleUUID, delta);
376 NeutronFirewallRule updatedFirewallRule = firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID);
377 if (instances != null) {
378 for (Object instance : instances) {
379 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
380 service.neutronFirewallRuleUpdated(updatedFirewallRule);
383 return Response.status(200)
384 .entity(new NeutronFirewallRuleRequest(firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID)))
389 * Deletes a Firewall Rule
392 @Path("{firewallRuleUUID}")
395 @ResponseCode(code = 204, condition = "No Content"),
396 @ResponseCode(code = 401, condition = "Unauthorized"),
397 @ResponseCode(code = 404, condition = "Not Found"),
398 @ResponseCode(code = 409, condition = "Conflict"),
399 @ResponseCode(code = 501, condition = "Not Implemented")})
400 public Response deleteFirewallRule(
401 @PathParam("firewallRuleUUID") String firewallRuleUUID) {
402 INeutronFirewallRuleCRUD firewallRuleInterface = NeutronCRUDInterfaces.getINeutronFirewallRuleCRUD(this);
403 if (firewallRuleInterface == null) {
404 throw new ServiceUnavailableException("Firewall Rule CRUD Interface "
405 + RestMessages.SERVICEUNAVAILABLE.toString());
409 * verify the Firewall Rule exists and it isn't currently in use
411 if (!firewallRuleInterface.neutronFirewallRuleExists(firewallRuleUUID)) {
412 throw new ResourceNotFoundException("Firewall Rule UUID does not exist.");
414 if (firewallRuleInterface.neutronFirewallRuleInUse(firewallRuleUUID)) {
415 return Response.status(409).build();
417 NeutronFirewallRule singleton = firewallRuleInterface.getNeutronFirewallRule(firewallRuleUUID);
418 Object[] instances = NeutronUtil.getInstances(INeutronFirewallRuleAware.class, this);
419 if (instances != null) {
420 if (instances.length > 0) {
421 for (Object instance : instances) {
422 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
423 int status = service.canDeleteNeutronFirewallRule(singleton);
424 if (status < 200 || status > 299) {
425 return Response.status(status).build();
429 throw new ServiceUnavailableException("No providers registered. Please try again later");
432 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
436 * remove it and return 204 status
438 firewallRuleInterface.removeNeutronFirewallRule(firewallRuleUUID);
439 if (instances != null) {
440 for (Object instance : instances) {
441 INeutronFirewallRuleAware service = (INeutronFirewallRuleAware) instance;
442 service.neutronFirewallRuleDeleted(singleton);
445 return Response.status(204).build();
Code Review / controller.git / blob