3 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
5 * This program and the accompanying materials are made available under the
6 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
7 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.containermanager.northbound;
12 import java.util.ArrayList;
13 import java.util.HashSet;
14 import java.util.List;
17 import javax.ws.rs.Consumes;
18 import javax.ws.rs.DELETE;
19 import javax.ws.rs.GET;
20 import javax.ws.rs.PUT;
21 import javax.ws.rs.Path;
22 import javax.ws.rs.PathParam;
23 import javax.ws.rs.Produces;
24 import javax.ws.rs.core.Context;
25 import javax.ws.rs.core.MediaType;
26 import javax.ws.rs.core.Response;
27 import javax.ws.rs.core.SecurityContext;
28 import javax.ws.rs.core.UriInfo;
30 import org.codehaus.enunciate.jaxrs.ResponseCode;
31 import org.codehaus.enunciate.jaxrs.StatusCodes;
32 import org.codehaus.enunciate.jaxrs.TypeHint;
33 import org.opendaylight.controller.containermanager.ContainerConfig;
34 import org.opendaylight.controller.containermanager.ContainerFlowConfig;
35 import org.opendaylight.controller.containermanager.IContainerAuthorization;
36 import org.opendaylight.controller.containermanager.IContainerManager;
37 import org.opendaylight.controller.northbound.commons.RestMessages;
38 import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
39 import org.opendaylight.controller.northbound.commons.exception.InternalServerErrorException;
40 import org.opendaylight.controller.northbound.commons.exception.ResourceConflictException;
41 import org.opendaylight.controller.northbound.commons.exception.ResourceForbiddenException;
42 import org.opendaylight.controller.northbound.commons.exception.ResourceNotFoundException;
43 import org.opendaylight.controller.northbound.commons.exception.UnauthorizedException;
44 import org.opendaylight.controller.northbound.commons.utils.NorthboundUtils;
45 import org.opendaylight.controller.sal.authorization.Privilege;
46 import org.opendaylight.controller.sal.authorization.UserLevel;
47 import org.opendaylight.controller.sal.utils.GlobalConstants;
48 import org.opendaylight.controller.sal.utils.ServiceHelper;
49 import org.opendaylight.controller.sal.utils.Status;
50 import org.opendaylight.controller.usermanager.IUserManager;
53 * Container Manager Northbound API
57 * Authentication scheme : <b>HTTP Basic</b><br>
58 * Authentication realm : <b>opendaylight</b><br>
59 * Transport : <b>HTTP and HTTPS</b><br>
61 * HTTPS Authentication is disabled by default. Administrator can enable it in
62 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
63 * trusted authority.<br>
65 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
69 public class ContainerManagerNorthbound {
70 private String username;
73 public void setSecurityContext(SecurityContext context) {
74 if (context != null && context.getUserPrincipal() != null) {
75 username = context.getUserPrincipal().getName();
79 protected String getUserName() {
83 private IContainerManager getContainerManager() {
84 IContainerManager containerMgr = (IContainerManager) ServiceHelper.getGlobalInstance(IContainerManager.class, this);
85 if (containerMgr == null) {
86 throw new InternalServerErrorException(RestMessages.INTERNALERROR.toString());
91 private void handleNameMismatch(String name, String nameinURL) {
92 if (name == null || nameinURL == null) {
93 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
96 if (name.equalsIgnoreCase(nameinURL)) {
99 throw new BadRequestException(RestMessages.INVALIDJSON.toString());
105 * Get all the containers configured in the system
107 * @return a List of all {@link org.opendaylight.controller.containermanager.ContainerConfig}
114 * http://localhost:8080/controller/nb/v2/containermanager/containers
116 * Response body in XML:
117 * <containerConfig-list>
118 *    <containerConfig>
119 *       <container>black</container>
120 *       <staticVlan>10</staticVlan>
121 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
122 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
123 *       <flowSpecs>
124 *        <name>tcp</name>
125 *        <protocol>TCP</protocol>
126 *       </flowSpecs>
127 *     </containerConfig>
128 *     <containerConfig>
129 *       <container>red</container>
130 *       <staticVlan>20</staticVlan>
131 *       <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
132 *       <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
133 *       <flowSpecs>
134 *        <name>udp</name>
135 *        <protocol>UDP</protocol>
136 *       </flowSpecs>
137 *     </containerConfig>
138 * </containerConfig-list>
140 * Response body in JSON:
141 * { "containerConfig" : [
142 * { "container" : "black",
143 * "nodeConnectors" : [
144 * "OF|1@OF|00:00:00:00:00:00:00:01", "OF|23@OF|00:00:00:00:00:00:20:21"
146 * "staticVlan" : "10",
149 * "protocol": "UDP" }
152 * { "container" : "red",
153 * "nodeConnectors" : [
154 * "OF|1@OF|00:00:00:00:00:00:00:01",
155 * "OF|23@OF|00:00:00:00:00:00:20:21"
157 * "staticVlan" : "20",
170 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
171 @TypeHint(ContainerConfigs.class)
172 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
173 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
174 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
175 public ContainerConfigs viewAllContainers() {
177 handleNetworkAuthorization(getUserName());
179 IContainerManager containerManager = getContainerManager();
181 return new ContainerConfigs(containerManager.getContainerConfigList());
185 * Get the container configuration for container name requested
188 * name of the Container (eg. blue)
189 * @return a List of {@link org.opendaylight.controller.containermanager.ContainerConfig}
196 * http://localhost:8080/controller/nb/v2/containermanager/container/blue
198 * Response body in XML:
199 * <containerConfig>
200 *     <container>blue</container>
201 *     <staticVlan>10</staticVlan>
202 *     <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
203 *     <nodeConnectors>OF|23@OF|00:00:00:00:00:00:20:21</nodeConnectors>
204 * </containerConfig>
206 * Response body in JSON:
208 * "containerConfig": [
210 * "container": "yellow",
211 * "staticVlan": "10",
212 * "nodeConnectors": [
213 * "OF|1@OF|00:00:00:00:00:00:00:01",
214 * "OF|2@OF|00:00:00:00:00:00:00:02"
222 @Path("/container/{container}")
224 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
225 @TypeHint(ContainerConfig.class)
226 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
227 @ResponseCode(code = 401, condition = "User is not authorized to perform this operation"),
228 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
229 @ResponseCode(code = 404, condition = "The container is not found") })
230 public ContainerConfigs viewContainer(@PathParam(value = "container") String container) {
232 handleContainerAuthorization(container, getUserName());
233 handleForbiddenOnDefault(container);
235 handleContainerNotExists(container);
237 IContainerManager containerManager = getContainerManager();
238 List<ContainerConfig> containerConfigs = new ArrayList<ContainerConfig>();
239 containerConfigs.add(containerManager.getContainerConfig(container));
240 return new ContainerConfigs(containerConfigs);
248 * name of the Container (eg. yellow)
249 * @param containerConfig
250 * details of the container as specified by:
251 * {@link org.opendaylight.controller.containermanager.ContainerConfig}
252 * @return Response as dictated by the HTTP Response Status code
259 * http://localhost:8080/controller/nb/v2/containermanager/container/yellow
261 * Request body in XML:
262 * <containerConfig>
263 *     <container>yellow</container>
264 *     <staticVlan>10</staticVlan>
265 *     <nodeConnectors></nodeConnectors>
266 * </containerConfig>
268 * Request body in JSON:
270 * "container" : "yellow",
271 * "nodeConnectors" : [
272 * "OF|1@OF|00:00:00:00:00:00:00:01",
273 * "OF|23@OF|00:00:00:00:00:00:20:21"
275 * "staticVlan" : "10"
280 @Path("/container/{container}")
282 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
283 @StatusCodes({ @ResponseCode(code = 201, condition = "Container created successfully"),
284 @ResponseCode(code = 400, condition = "Invalid Container configuration."),
285 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
286 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
287 @ResponseCode(code = 404, condition = "Container Name is not found"),
288 @ResponseCode(code = 409, condition = "Failed to create Container due to Conflicting Name"),
289 @ResponseCode(code = 500, condition = "Failure Reason included in HTTP Error response") })
290 public Response createContainer(@Context UriInfo uriInfo,
291 @PathParam(value = "container") String container,
292 @TypeHint(ContainerConfig.class) ContainerConfig containerConfig) {
294 handleAdminAuthorization(getUserName());
295 handleContainerExists(container);
297 handleNameMismatch(containerConfig.getContainerName(), container);
298 handleForbiddenOnDefault(container);
300 IContainerManager containerManager = getContainerManager();
301 Status status = containerManager.addContainer(containerConfig);
302 if (status.isSuccess()) {
303 NorthboundUtils.auditlog("Container", username, "added", container);
304 return Response.created(uriInfo.getRequestUri()).build();
306 return NorthboundUtils.getResponse(status);
313 * name of the Container (eg. green)
314 * @return Response as dictated by the HTTP Response code
321 * http://localhost:8080/controller/nb/v2/containermanager/container/green
325 @Path("/container/{container}")
328 @ResponseCode(code = 204, condition = "Container deleted successfully"),
329 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
330 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
331 @ResponseCode(code = 404, condition = "The container is not found") })
332 public Response removeContainer(@PathParam(value = "container") String container) {
334 handleAdminAuthorization(getUserName());
335 handleForbiddenOnDefault(container);
336 handleContainerNotExists(container);
337 IContainerManager containerManager = getContainerManager();
338 Status status = containerManager.removeContainer(container);
339 if (status.isSuccess()) {
340 NorthboundUtils.auditlog("Container", username, "removed", container);
341 return Response.noContent().build();
343 return NorthboundUtils.getResponse(status);
347 * Get flowspec within a given container
350 * name of the Container (eg. green)
352 * name of the flowspec (eg. ssh)
353 * @return flowspec detail as specified by:
354 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
361 * http://localhost:8080/controller/nb/v2/containermanager/container/green/flowspec/ssh
363 * Response body in XML:
364 * <flow-spec-config>
365 *     <name>ssh</name>
366 *     <dlVlan>52</dlVlan>
367 *     <nwSrc>10.0.0.101</nwSrc>
368 *     <nwDst>10.0.0.102</nwDst>
369 *     <protocol>IPv4</protocol>
370 *     <tpSrc>80</tpSrc>
371 *     <tpDst>100</tpDst>
372 * </flow-spec-config>
374 * Response body in JSON:
376 * "protocol" : "IPv4",
378 * "nwDst" : "10.0.0.102",
380 * "nwSrc" : "10.0.0.101",
387 @Path("/container/{container}/flowspec/{flowspec}")
389 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
390 @TypeHint(ContainerFlowConfig.class)
391 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
392 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
393 @ResponseCode(code = 404, condition = "The container is not found"),
394 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
395 public ContainerFlowConfig viewContainerFlowSpec(@PathParam(value = "container") String container,
396 @PathParam(value = "flowspec") String flowspec) {
398 handleContainerAuthorization(container, getUserName());
399 handleForbiddenOnDefault(container);
401 handleContainerNotExists(container);
402 IContainerManager containerManager = getContainerManager();
403 List<ContainerFlowConfig> flowSpecs = containerManager.getContainerFlows(container);
405 for (ContainerFlowConfig containerFlowConfig : flowSpecs) {
406 if (containerFlowConfig.equalsByName(flowspec)) {
407 return containerFlowConfig;
410 throw new ResourceNotFoundException("Flow Spec not found");
414 * Get all the flowspec in a given container
417 * name of the Container (eg. red)
418 * @return list of all flowspec configured for a container. Flowspec as
420 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
427 * http://localhost:8080/controller/nb/v2/containermanager/container/red/flowspec
429 * Response body in XML:
430 * <flow-spec-configs>
431 *     <flow-spec-config>
432 *       <name>ssh</name>
433 *       <dlVlan>52</dlVlan>
434 *       <nwSrc>10.0.0.101</nwSrc>
435 *       <nwDst>10.0.0.102</nwDst>
436 *       <protocol>IPv4</protocol>
437 *       <tpSrc>23</tpSrc>
438 *       <tpDst>100</tpDst>
439 *     </flow-spec-config>
440 *     <flow-spec-config>
441 *       <name>http2</name>
442 *       <dlVlan>123</dlVlan>
443 *       <nwSrc>10.0.0.201</nwSrc>
444 *       <nwDst>10.0.0.202</nwDst>
445 *       <protocol></protocol>
446 *       <tpSrc>80</tpSrc>
447 *       <tpDst>100</tpDst>
448 *     </flow-spec-config>
449 * </flow-spec-configs>
451 * Response body in JSON:
453 * "flow-spec-config": [
457 * "nwSrc": "10.0.0.201",
458 * "nwDst": "10.0.0.202",
466 * "nwSrc": "10.0.0.101",
467 * "nwDst": "10.0.0.102",
468 * "protocol": "IPv4",
477 @Path("/container/{container}/flowspecs")
479 @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
480 @TypeHint(FlowSpecConfigs.class)
481 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
482 @ResponseCode(code = 404, condition = "The container is not found"),
483 @ResponseCode(code = 503, condition = "One or more of Controller Services are unavailable") })
484 public FlowSpecConfigs viewContainerFlowSpecs(@PathParam(value = "container") String container) {
486 handleContainerAuthorization(container, getUserName());
487 handleForbiddenOnDefault(container);
489 handleContainerNotExists(container);
491 IContainerManager containerManager = getContainerManager();
493 return new FlowSpecConfigs(containerManager.getContainerFlows(container));
497 * Add flowspec to a container
500 * name of the container (eg. purple)
502 * name of the flowspec (eg. http)
504 * configuration as specified by:
505 * {@link org.opendaylight.controller.containermanager.ContainerFlowConfig}
507 * @return Response as dictated by the HTTP Response code
514 * http://localhost:8080/controller/nb/v2/containermanager/container/purple/flowspec/http
516 * Request body in XML:
517 * <flow-spec-config>
518 *     <name>http</name>
519 *     <dlVlan>25</dlVlan>
520 *     <nwSrc>10.0.0.101</nwSrc>
521 *     <nwDst>10.0.0.102</nwDst>
522 *     <protocol></protocol>
523 *     <tpSrc>80</tpSrc>
524 *     <tpDst>100</tpDst>
525 * </flow-spec-config>
527 * Request body in JSON:
531 * "nwSrc" : "10.0.0.101",
532 * "nwDst" : "10.0.0.102",
540 @Path("/container/{container}/flowspec/{flowspec}")
542 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
544 @ResponseCode(code = 201, condition = "FlowSpec created successfully"),
545 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
546 @ResponseCode(code = 404, condition = "The container is not found"),
547 @ResponseCode(code = 409, condition = "Container Entry already exists"),
548 @ResponseCode(code = 500, condition = "Failed to create Flow specifications. Failure Reason included in HTTP Error response") })
549 public Response createFlowSpec(@Context UriInfo uriInfo,
550 @PathParam(value = "container") String container,
551 @PathParam(value = "flowspec") String flowspec,
552 @TypeHint(ContainerFlowConfig.class) ContainerFlowConfig containerFlowConfig) {
554 handleAdminAuthorization(getUserName());
555 handleForbiddenOnDefault(container);
557 handleContainerNotExists(container);
558 handleNameMismatch(containerFlowConfig.getName(), flowspec);
560 IContainerManager containerManager = getContainerManager();
561 List<ContainerFlowConfig> list = new ArrayList<ContainerFlowConfig>();
562 list.add(containerFlowConfig);
563 Status status = containerManager.addContainerFlows(container, list);
564 if (status.isSuccess()) {
565 NorthboundUtils.auditlog("Flow Spec", username, "added", containerFlowConfig.getName());
566 return Response.created(uriInfo.getRequestUri()).build();
568 return NorthboundUtils.getResponse(status);
572 * Remove flowspec from a container
575 * name of the flowspec (eg. telnet)
577 * name of the Container (eg. black)
578 * @return Response as dictated by the HTTP Response code
585 * http://localhost:8080/controller/nb/v2/containermanager/container/black/flowspec/telnet
589 @Path("/container/{container}/flowspec/{flowspec}")
592 @ResponseCode(code = 204, condition = "Flow Spec deleted successfully"),
593 @ResponseCode(code = 400, condition = "Invalid flowspec configuration"),
594 @ResponseCode(code = 404, condition = "Container or Container Entry not found"),
595 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
596 @ResponseCode(code = 500, condition = "Failed to delete Flowspec. Failure Reason included in HTTP Error response"),
597 @ResponseCode(code = 503, condition = "One or more of Controller service is unavailable") })
598 public Response removeFlowSpec(@PathParam(value = "container") String container,
599 @PathParam(value = "flowspec") String flowspec) {
601 handleAdminAuthorization(getUserName());
602 handleForbiddenOnDefault(container);
604 handleContainerNotExists(container);
606 IContainerManager containerManager = getContainerManager();
607 Set<String> set = new HashSet<String>();
609 Status status = containerManager.removeContainerFlows(container, set);
610 if (status.isSuccess()) {
611 NorthboundUtils.auditlog("Flow Spec", username, "added", flowspec);
612 return Response.noContent().build();
614 return NorthboundUtils.getResponse(status);
618 * Add node connectors to a container
621 * name of the container (eg. green)
623 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
624 * @return response as dictated by the HTTP Status code
631 * http://localhost:8080/controller/nb/v2/containermanager/container/green/nodeconnector
633 * Request body in XML:
634 * <nodeConnectors>
635 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
636 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
637 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
638 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
639 * </nodeConnectors>
641 * Request body in JSON:
643 * "nodeConnectors" : [
644 * "OF|1@OF|00:00:00:00:00:00:00:01",
645 * "OF|2@OF|00:00:00:00:00:00:00:01",
646 * "OF|3@OF|00:00:00:00:00:00:00:22",
647 * "OF|4@OF|00:00:00:00:00:00:00:22"
653 @Path("/container/{container}/nodeconnector/")
655 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
656 @TypeHint(Response.class)
658 @ResponseCode(code = 200, condition = "NodeConnectors added successfully"),
659 @ResponseCode(code = 401, condition = "User not authorized to perform this operation"),
660 @ResponseCode(code = 403, condition = "Operation forbidden on default"),
661 @ResponseCode(code = 404, condition = "The Container is not found"),
662 @ResponseCode(code = 409, condition = "Container Entry already exists"),
663 @ResponseCode(code = 500, condition = "Failed to create nodeconnectors. Failure Reason included in HTTP Error response") })
664 public Response addNodeConnectors(@PathParam(value = "container") String container,
665 @TypeHint(StringList.class) StringList list) {
667 handleAdminAuthorization(getUserName());
668 handleForbiddenOnDefault(container);
669 handleContainerNotExists(container);
671 IContainerManager containerManager = getContainerManager();
672 Status status = containerManager.addContainerEntry(container, list.getList());
673 if (status.isSuccess()) {
674 NorthboundUtils.auditlog("Node ", username, "added", " Ports:" + list.getList());
676 return NorthboundUtils.getResponse(status);
680 * Remove node connectors from a container
683 * name of the container (eg. red)
685 * The list of strings each representing a node connector in the form "<Port Type>|<Port id>@<Node Type>|<Node id>", as "OF|1@OF|00:00:00:ab:00:00:00:01"
686 * @return response as dictated by the HTTP Status code
693 * http://localhost:8080/controller/nb/v2/containermanager/container/red/nodeconnector
695 * Request body in XML:
696 * <nodeConnectors>
697 * <nodeConnectors>OF|1@OF|00:00:00:00:00:00:00:01</nodeConnectors>
698 * <nodeConnectors>OF|2@OF|00:00:00:00:00:00:00:01</nodeConnectors>
699 * <nodeConnectors>OF|3@OF|00:00:00:00:00:00:00:22</nodeConnectors>
700 * <nodeConnectors>OF|4@OF|00:00:00:00:00:00:00:22</nodeConnectors>
701 * </nodeConnectors>
703 * Request body in JSON:
705 * "nodeConnectors" : [
706 * "OF|1@OF|00:00:00:00:00:00:00:01",
707 * "OF|2@OF|00:00:00:00:00:00:00:01",
708 * "OF|3@OF|00:00:00:00:00:00:00:22",
709 * "OF|4@OF|00:00:00:00:00:00:00:22"
715 @Path("/container/{container}/nodeconnector/")
717 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
719 @ResponseCode(code = 204, condition = "Container Entry deleted successfully"),
720 @ResponseCode(code = 400, condition = "Invalid Container Entry configuration"),
721 @ResponseCode(code = 404, condition = "The Container is not found"),
722 @ResponseCode(code = 406, condition = "Cannot operate on Default Container when other Containers are active"),
723 @ResponseCode(code = 500, condition = "Failed to delete node connector. Failure Reason included in HTTP Error response") })
724 public Response removeNodeConnectors(@PathParam(value = "container") String container,
725 @TypeHint(StringList.class) StringList portList) {
727 handleAdminAuthorization(getUserName());
728 handleForbiddenOnDefault(container);
729 handleContainerNotExists(container);
731 IContainerManager containerManager = getContainerManager();
732 Status status = containerManager.removeContainerEntry(container, portList.getList());
733 if (status.isSuccess()) {
734 NorthboundUtils.auditlog("Node", username, "removed", " Ports:" + portList.getList());
735 return Response.noContent().build();
737 return NorthboundUtils.getResponse(status);
741 * Check If the function is not allowed on default container, Throw a
742 * ResourceForbiddenException exception if forbidden
744 private void handleForbiddenOnDefault(String container) {
745 if (container.equalsIgnoreCase(GlobalConstants.DEFAULT.toString())) {
746 throw new ResourceForbiddenException(RestMessages.NODEFAULT.toString() + ": " + container);
751 * Check if container exists, Throw a ResourceNotFoundException exception if it
754 private void handleContainerNotExists(String container) {
755 IContainerManager containerManager = getContainerManager();
756 if (!containerManager.doesContainerExist(container)) {
757 throw new ResourceNotFoundException(RestMessages.NOCONTAINER.toString() + ": " + container);
761 private void handleContainerExists(String container) {
762 IContainerManager containerManager = getContainerManager();
763 if (containerManager.doesContainerExist(container)) {
764 throw new ResourceConflictException(RestMessages.RESOURCECONFLICT.toString() + ": " + container);
768 private void handleAdminAuthorization(String userName) {
769 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
771 UserLevel level = usrMgr.getUserLevel(userName);
772 if (level.ordinal() <= UserLevel.NETWORKADMIN.ordinal()) {
776 throw new UnauthorizedException("User is not authorized to perform this operation");
779 private void handleNetworkAuthorization(String userName) {
780 IUserManager usrMgr = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
782 UserLevel level = usrMgr.getUserLevel(userName);
783 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
786 throw new UnauthorizedException("User is not authorized to perform this operation");
789 private void handleContainerAuthorization(String container, String userName) {
790 IContainerAuthorization auth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
791 IContainerAuthorization.class, this);
793 UserLevel level = auth.getUserLevel(userName);
794 if (level.ordinal() <= UserLevel.NETWORKOPERATOR.ordinal()) {
798 Privilege current = (auth == null) ? Privilege.NONE : auth.getResourcePrivilege(userName, container);
800 if (current.ordinal() > Privilege.NONE.ordinal()) {
803 throw new UnauthorizedException("User is not authorized to perform this operation");
Code Review / controller.git / blob