3 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
5 * This program and the accompanying materials are made available under the
6 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
7 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.containermanager.northbound;
12 import java.security.Principal;
13 import java.util.ArrayList;
14 import java.util.HashSet;
15 import java.util.List;
18 import javax.ws.rs.Consumes;
19 import javax.ws.rs.DELETE;
20 import javax.ws.rs.GET;
21 import javax.ws.rs.PUT;
22 import javax.ws.rs.Path;
23 import javax.ws.rs.PathParam;
24 import javax.ws.rs.Produces;
25 import javax.ws.rs.core.Context;
26 import javax.ws.rs.core.MediaType;
27 import javax.ws.rs.core.Response;
28 import javax.ws.rs.core.SecurityContext;
29 import javax.ws.rs.core.UriInfo;
31 import org.codehaus.enunciate.jaxrs.ResponseCode;
32 import org.codehaus.enunciate.jaxrs.StatusCodes;
33 import org.codehaus.enunciate.jaxrs.TypeHint;
34 import org.opendaylight.controller.containermanager.ContainerConfig;
35 import org.opendaylight.controller.containermanager.ContainerFlowConfig;
36 import org.opendaylight.controller.containermanager.IContainerAuthorization;
37 import org.opendaylight.controller.containermanager.IContainerManager;
38 import org.opendaylight.controller.northbound.commons.RestMessages;
39 import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
40 import org.opendaylight.controller.northbound.commons.exception.InternalServerErrorException;
41 import org.opendaylight.controller.northbound.commons.exception.ResourceConflictException;
42 import org.opendaylight.controller.northbound.commons.exception.ResourceForbiddenException;
43 import org.opendaylight.controller.northbound.commons.exception.ResourceNotFoundException;
44 import org.opendaylight.controller.northbound.commons.exception.UnauthorizedException;
45 import org.opendaylight.controller.northbound.commons.utils.NorthboundUtils;
46 import org.opendaylight.controller.sal.authorization.Privilege;
47 import org.opendaylight.controller.sal.authorization.UserLevel;
48 import org.opendaylight.controller.sal.utils.GlobalConstants;
49 import org.opendaylight.controller.sal.utils.ServiceHelper;
50 import org.opendaylight.controller.sal.utils.Status;
51 import org.opendaylight.controller.usermanager.IUserManager;
54 * Container Manager Northbound API
58 * Authentication scheme : <b>HTTP Basic</b><br>
59 * Authentication realm : <b>opendaylight</b><br>
60 * Transport : <b>HTTP and HTTPS</b><br>
62 * HTTPS Authentication is disabled by default. Administrator can enable it in
63 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
64 * trusted authority.<br>
66 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
70 public class ContainerManagerNorthbound {
71 private String username;
74 public void setSecurityContext(SecurityContext context) {
75 if (context != null && context.getUserPrincipal() != null) {
76 username = context.getUserPrincipal().getName();
80 protected String getUserName() {
84 private IContainerManager getContainerManager() {
85 IContainerManager containerMgr = (IContainerManager) ServiceHelper.getGlobalInstance(IContainerManager.class, this);
86 if (containerMgr == null) {
87 throw new InternalServerErrorException(RestMessages.INTERNALERROR.toString());
92 private void handleNameMismatch(String name, String nameinURL) {
93 if (name == null || nameinURL == null) {
94 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
97 if (name.equalsIgnoreCase(nameinURL)) {
100 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
106 * Get all the containers configured in the system
108 * @return a List of all {@link org.opendaylight.controller.containermanager.ContainerConfig}
115 * http://localhost:8080/controller/nb/v2/containermanager/containers
117 * Response body in XML:
118 * <container-config-list>
119 *    <container-config>
120 *       <container>black</container>
121 *       <staticVlan>10</staticVlan>
122 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
123 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
124 *       <flowSpecs>
125 *        <name>tcp</name>
126 *        <protocol>TCP</protocol>
127 *       </flowSpecs>
128 *     </container-config>
129 *     <container-config>
130 *       <container>red</container>
131 *       <staticVlan>20</staticVlan>
132 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
133 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
134 *       <flowSpecs>
135 *        <name>udp</name>
136 *        <protocol>UDP</protocol>
137 *       </flowSpecs>
138 *     </container-config>
139 * </container-config-list>
141 * Response body in JSON:
142 * { "container-config" : [
143 * { "container" : "black",
144 * "nodeConnectors" : [
145 * "OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"
147 * "staticVlan" : "10",
150 * "protocol": "UDP" }
153 * { "container" : "red",
154 * "nodeConnectors" : [
155 * "OF|1@OF|00:00:00:00:00:00:00:01",
156 * "OF|23@OF|00:00:00:00:00:00:20:21"
158 * "staticVlan" : "20",
171 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
172 @TypeHint(ContainerConfigs.class)
173 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
174 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
175 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
176 public ContainerConfigs viewAllContainers() {
178 handleNetworkAuthorization(getUserName());
180 IContainerManager containerManager = getContainerManager();
182 return new ContainerConfigs(containerManager.getContainerConfigList());
186 * Get the container configuration for container name requested
189 * name of the Container (eg. blue)
190 * @return a List of {@link org.opendaylight.controller.containermanager.ContainerConfig}
197 * http://localhost:8080/controller/nb/v2/containermanager/container/blue
199 * Response body in XML:
200 * <container-config>
201 *     <container>blue</container>
202 *     <staticVlan>10</staticVlan>
203 *     <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
204 *     <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
205 * </container-config>
207 * Response body in JSON:
209 * "container-config": [
211 * "container": "yellow",
212 * "staticVlan": "10",
213 * "nodeConnectors": [
214 * "OF|1@OF|00:00:00:00:00:00:00:01",
215 * "OF|2@OF|00:00:00:00:00:00:00:02"
223 @Path("/container/{container}")
225 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
226 @TypeHint(ContainerConfig.class)
227 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
228 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
229 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
230 @ResponseCode(code = 404, condition = "The container is not found") })
231 public ContainerConfigs viewContainer(@PathParam(value = "container") String container) {
233 handleContainerAuthorization(container, getUserName());
234 handleForbiddenOnDefault(container);
236 handleContainerNotExists(container);
238 IContainerManager containerManager = getContainerManager();
239 List<ContainerConfig> containerConfigs = new ArrayList<ContainerConfig>();
240 containerConfigs.add(containerManager.getContainerConfig(container));
241 return new ContainerConfigs(containerConfigs);
249 * name of the Container (eg. yellow)
250 * @param containerConfig
251 * details of the container as specified by:
252 * {@link org.opendaylight.controller.containermanager.ContainerConfig}
253 * @return Response as dictated by the HTTP Response Status code
260 * http://localhost:8080/controller/nb/v2/containermanager/container/yellow
262 * Request body in XML:
263 * <container-config>
264 *     <container>yellow</container>
265 *     <staticVlan>10</staticVlan>
266 *     <nodeConnectors></nodeConnectors>
267 * </container-config>
269 * Request body in JSON:
271 * "container" : "yellow",
272 * "nodeConnectors" : [
273 * "OF|1@OF|00:00:00:00:00:00:00:01",
274 * "OF|23@OF|00:00:00:00:00:00:20:21"
276 * "staticVlan" : "10"
281 @Path("/container/{container}")
283 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
284 @StatusCodes({ @ResponseCode(code = 201, condition = "Container created successfully"),
285 @ResponseCode(code = 400, condition = "Invalid Container configuration."),
286 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
287 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
288 @ResponseCode(code = 404, condition = "Container Name is not found"),
289 @ResponseCode(code = 409, condition = "Failed to create Container due to Conflicting Name"),
290 @ResponseCode(code = 500, condition = "Failure Reason included in HTTP Error response") })
291 public Response createContainer(@Context UriInfo uriInfo,
292 @PathParam(value = "container") String container,
293 @TypeHint(ContainerConfig.class) ContainerConfig containerConfig) {
295 handleAdminAuthorization(getUserName());
296 handleContainerExists(container);
298 handleNameMismatch(containerConfig.getContainerName(), container);
299 handleForbiddenOnDefault(container);
301 IContainerManager containerManager = getContainerManager();
302 Status status = containerManager.addContainer(containerConfig);
303 if (status.isSuccess()) {
304 NorthboundUtils.auditlog("Container", username, "added", container);
305 return Response.created(uriInfo.getRequestUri()).build();
307 return NorthboundUtils.getResponse(status);
314 * name of the Container (eg. green)
315 * @return Response as dictated by the HTTP Response code
322 * http://localhost:8080/controller/nb/v2/containermanager/container/green
326 @Path("/container/{container}")
329 @ResponseCode(code = 204, condition = "Container deleted successfully"),
330 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
331 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
332 @ResponseCode(code = 404, condition = "The container is not found") })
333 public Response removeContainer(@PathParam(value = "container") String container) {
335 handleAdminAuthorization(getUserName());
336 handleForbiddenOnDefault(container);
337 handleContainerNotExists(container);
338 IContainerManager containerManager = getContainerManager();
339 Status status = containerManager.removeContainer(container);
340 if (status.isSuccess()) {
341 NorthboundUtils.auditlog("Container", username, "removed", container);
342 return Response.noContent().build();
344 return NorthboundUtils.getResponse(status);
348 * Get flowspec within a given container
351 * name of the Container (eg. green)
353 * name of the flowspec (eg. ssh)
354 * @return flowspec detail as specified by:
355 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
362 * http://localhost:8080/controller/nb/v2/containermanager/container/green/flowspec/ssh
364 * Response body in XML:
365 * <flow-spec-config>
366 *     <name>ssh</name>
367 *     <nwSrc>10.0.0.101</nwSrc>
368 *     <nwDst>10.0.0.102</nwDst>
369 *     <protocol>IPv4</protocol>
370 *     <tpSrc>80</tpSrc>
371 *     <tpDst>100</tpDst>
372 * </flow-spec-config>
374 * Response body in JSON:
376 * "protocol" : "IPv4",
377 * "nwDst" : "10.0.0.102",
379 * "nwSrc" : "10.0.0.101",
386 @Path("/container/{container}/flowspec/{flowspec}")
388 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
389 @TypeHint(ContainerFlowConfig.class)
390 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
391 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
392 @ResponseCode(code = 404, condition = "The container is not found"),
393 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
394 public ContainerFlowConfig viewContainerFlowSpec(@PathParam(value = "container") String container,
395 @PathParam(value = "flowspec") String flowspec) {
397 handleContainerAuthorization(container, getUserName());
398 handleForbiddenOnDefault(container);
400 handleContainerNotExists(container);
401 IContainerManager containerManager = getContainerManager();
402 List<ContainerFlowConfig> flowSpecs = containerManager.getContainerFlows(container);
404 for (ContainerFlowConfig containerFlowConfig : flowSpecs) {
405 if (containerFlowConfig.equalsByName(flowspec)) {
406 return containerFlowConfig;
409 throw new ResourceNotFoundException("Flow Spec not found");
413 * Get all the flowspec in a given container
416 * name of the Container (eg. red)
417 * @return list of all flowspec configured for a container. Flowspec as
419 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
426 * http://localhost:8080/controller/nb/v2/containermanager/container/red/flowspec
428 * Response body in XML:
429 * <flow-spec-configs>
430 *     <flow-spec-config>
431 *       <name>ssh</name>
432 *       <nwSrc>10.0.0.101</nwSrc>
433 *       <nwDst>10.0.0.102</nwDst>
434 *       <protocol>IPv4</protocol>
435 *       <tpSrc>23</tpSrc>
436 *       <tpDst>100</tpDst>
437 *     </flow-spec-config>
438 *     <flow-spec-config>
439 *       <name>http2</name>
440 *       <nwSrc>10.0.0.201</nwSrc>
441 *       <nwDst>10.0.0.202</nwDst>
442 *       <protocol></protocol>
443 *       <tpSrc>80</tpSrc>
444 *       <tpDst>100</tpDst>
445 *     </flow-spec-config>
446 * </flow-spec-configs>
448 * Response body in JSON:
450 * "flow-spec-config": [
453 * "nwSrc": "10.0.0.201",
454 * "nwDst": "10.0.0.202",
461 * "nwSrc": "10.0.0.101",
462 * "nwDst": "10.0.0.102",
463 * "protocol": "IPv4",
472 @Path("/container/{container}/flowspecs")
474 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
475 @TypeHint(FlowSpecConfigs.class)
476 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
477 @ResponseCode(code = 404, condition = "The container is not found"),
478 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
479 public FlowSpecConfigs viewContainerFlowSpecs(@PathParam(value = "container") String container) {
481 handleContainerAuthorization(container, getUserName());
482 handleForbiddenOnDefault(container);
484 handleContainerNotExists(container);
486 IContainerManager containerManager = getContainerManager();
488 return new FlowSpecConfigs(containerManager.getContainerFlows(container));
492 * Add flowspec to a container
495 * name of the container (eg. purple)
497 * name of the flowspec (eg. http)
499 * configuration as specified by:
500 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
502 * @return Response as dictated by the HTTP Response code
509 * http://localhost:8080/controller/nb/v2/containermanager/container/purple/flowspec/http
511 * Request body in XML:
512 * <flow-spec-config>
513 *     <name>http</name>
514 *     <nwSrc>10.0.0.101</nwSrc>
515 *     <nwDst>10.0.0.102</nwDst>
516 *     <protocol></protocol>
517 *     <tpSrc>80</tpSrc>
518 *     <tpDst>100</tpDst>
519 * </flow-spec-config>
521 * Request body in JSON:
524 * "nwDst" : "10.0.0.102",
526 * "nwSrc" : "10.0.0.101",
533 @Path("/container/{container}/flowspec/{flowspec}")
535 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
537 @ResponseCode(code = 201, condition = "FlowSpec created successfully"),
538 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
539 @ResponseCode(code = 404, condition = "The container is not found"),
540 @ResponseCode(code = 409, condition = "Container Entry already exists"),
541 @ResponseCode(code = 500, condition = "Failed to create Flow specifications. Failure Reason included in HTTP Error response") })
542 public Response createFlowSpec(@Context UriInfo uriInfo,
543 @PathParam(value = "container") String container,
544 @PathParam(value = "flowspec") String flowspec,
545 @TypeHint(ContainerFlowConfig.class) ContainerFlowConfig containerFlowConfig) {
547 handleAdminAuthorization(getUserName());
548 handleForbiddenOnDefault(container);
550 handleContainerNotExists(container);
551 handleNameMismatch(containerFlowConfig.getName(), flowspec);
553 IContainerManager containerManager = getContainerManager();
554 List<ContainerFlowConfig> list = new ArrayList<ContainerFlowConfig>();
555 list.add(containerFlowConfig);
556 Status status = containerManager.addContainerFlows(container, list);
557 if (status.isSuccess()) {
558 NorthboundUtils.auditlog("Flow Spec", username, "added", containerFlowConfig.getName());
559 return Response.created(uriInfo.getRequestUri()).build();
561 return NorthboundUtils.getResponse(status);
565 * Remove flowspec from a container
568 * name of the flowspec (eg. telnet)
570 * name of the Container (eg. black)
571 * @return Response as dictated by the HTTP Response code
578 * http://localhost:8080/controller/nb/v2/containermanager/container/black/flowspec/telnet
582 @Path("/container/{container}/flowspec/{flowspec}")
585 @ResponseCode(code = 204, condition = "Flow Spec deleted successfully"),
586 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
587 @ResponseCode(code = 404, condition = "Container or Container Entry not found"),
588 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
589 @ResponseCode(code = 500, condition = "Failed to delete Flowspec. Failure Reason included in HTTP Error response"),
590 @ResponseCode(code = 503, condition = "One or more of Controller service is unavailable") })
591 public Response removeFlowSpec(@PathParam(value = "container") String container,
592 @PathParam(value = "flowspec") String flowspec) {
594 handleAdminAuthorization(getUserName());
595 handleForbiddenOnDefault(container);
597 handleContainerNotExists(container);
599 IContainerManager containerManager = getContainerManager();
600 Set<String> set = new HashSet<String>();
602 Status status = containerManager.removeContainerFlows(container, set);
603 if (status.isSuccess()) {
604 NorthboundUtils.auditlog("Flow Spec", username, "added", flowspec);
605 return Response.noContent().build();
607 return NorthboundUtils.getResponse(status);
611 * Add node connectors to a container
614 * name of the container (eg. green)
616 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
617 * @return response as dictated by the HTTP Status code
624 * http://localhost:8080/controller/nb/v2/containermanager/container/green/nodeconnector
626 * Request body in XML:
627 * <nodeConnectors>
628 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
629 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
630 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
631 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
632 * </nodeConnectors>
634 * Request body in JSON:
636 * "nodeConnectors" : [
637 * "OF|1@OF|00:00:00:00:00:00:00:01",
638 * "OF|2@OF|00:00:00:00:00:00:00:01",
639 * "OF|3@OF|00:00:00:00:00:00:00:22",
640 * "OF|4@OF|00:00:00:00:00:00:00:22"
646 @Path("/container/{container}/nodeconnector/")
648 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
649 @TypeHint(Response.class)
651 @ResponseCode(code = 200, condition = "NodeConnectors added successfully"),
652 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
653 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
654 @ResponseCode(code = 404, condition = "The Container is not found"),
655 @ResponseCode(code = 409, condition = "Container Entry already exists"),
656 @ResponseCode(code = 500, condition = "Failed to create nodeconnectors. Failure Reason included in HTTP Error response") })
657 public Response addNodeConnectors(@PathParam(value = "container") String container,
658 @TypeHint(StringList.class) StringList list) {
660 handleAdminAuthorization(getUserName());
661 handleForbiddenOnDefault(container);
662 handleContainerNotExists(container);
664 IContainerManager containerManager = getContainerManager();
665 Status status = containerManager.addContainerEntry(container, list.getList());
666 if (status.isSuccess()) {
667 NorthboundUtils.auditlog("Node ", username, "added", " Ports:" + list.getList());
669 return NorthboundUtils.getResponse(status);
673 * Remove node connectors from a container
676 * name of the container (eg. red)
678 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
679 * @return response as dictated by the HTTP Status code
686 * http://localhost:8080/controller/nb/v2/containermanager/container/red/nodeconnector
688 * Request body in XML:
689 * <nodeConnectors>
690 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
691 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
692 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
693 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
694 * </nodeConnectors>
696 * Request body in JSON:
698 * "nodeConnectors" : [
699 * "OF|1@OF|00:00:00:00:00:00:00:01",
700 * "OF|2@OF|00:00:00:00:00:00:00:01",
701 * "OF|3@OF|00:00:00:00:00:00:00:22",
702 * "OF|4@OF|00:00:00:00:00:00:00:22"
708 @Path("/container/{container}/nodeconnector/")
710 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
712 @ResponseCode(code = 204, condition = "Container Entry deleted successfully"),
713 @ResponseCode(code = 400, condition = "Invalid Container Entry configuration"),
714 @ResponseCode(code = 404, condition = "The Container is not found"),
715 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
716 @ResponseCode(code = 500, condition = "Failed to delete node connector. Failure Reason included in HTTP Error response") })
717 public Response removeNodeConnectors(@PathParam(value = "container") String container,
718 @TypeHint(StringList.class) StringList portList) {
720 handleAdminAuthorization(getUserName());
721 handleForbiddenOnDefault(container);
722 handleContainerNotExists(container);
724 IContainerManager containerManager = getContainerManager();
725 Status status = containerManager.removeContainerEntry(container, portList.getList());
726 if (status.isSuccess()) {
727 NorthboundUtils.auditlog("Node", username, "removed", " Ports:" + portList.getList());
728 return Response.noContent().build();
730 return NorthboundUtils.getResponse(status);
734 * Check If the function is not allowed on default container, Throw a
735 * ResourceForbiddenException exception if forbidden
737 private void handleForbiddenOnDefault(String container) {
738 if (container.equalsIgnoreCase(GlobalConstants.DEFAULT.toString())) {
739 throw new ResourceForbiddenException(RestMessages.NODEFAULT.toString() + ": " + container);
744 * Check if container exists, Throw a ResourceNotFoundException exception if it
747 private void handleContainerNotExists(String container) {
748 IContainerManager containerManager = getContainerManager();
749 if (!containerManager.doesContainerExist(container)) {
750 throw new ResourceNotFoundException(RestMessages.NOCONTAINER.toString() + ": " + container);
754 private void handleContainerExists(String container) {
755 IContainerManager containerManager = getContainerManager();
756 if (containerManager.doesContainerExist(container)) {
757 throw new ResourceConflictException(RestMessages.RESOURCECONFLICT.toString() + ": " + container);
761 private void handleAdminAuthorization(String userName) {
762 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
764 UserLevel level = usrMgr.getUserLevel(userName);
765 if (level.ordinal() <= UserLevel.NETWORKADMIN.ordinal()) {
769 throw new UnauthorizedException("User is not authorized to perform this operation");
772 private void handleNetworkAuthorization(String userName) {
773 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
775 UserLevel level = usrMgr.getUserLevel(userName);
776 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
779 throw new UnauthorizedException("User is not authorized to perform this operation");
782 private void handleContainerAuthorization(String container, String userName) {
783 IContainerAuthorization auth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
784 IContainerAuthorization.class, this);
786 UserLevel level = auth.getUserLevel(userName);
787 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
791 Privilege current = (auth == null) ? Privilege.NONE : auth.getResourcePrivilege(userName, container);
793 if (current.ordinal() > Privilege.NONE.ordinal()) {
796 throw new UnauthorizedException("User is not authorized to perform this operation");
Code Review / controller.git / blob