Code Review / controller.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "BUG 1082 Migrate sal-rest-connector to Async Data Broker API"
[controller.git] / opendaylight / northbound / networkconfiguration / neutron / src / main / java / org / opendaylight / controller / networkconfig / neutron / northbound / NeutronFirewallPolicyNorthbound.java
1 /*
2  * Copyright (C) 2014 Red Hat, Inc.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8
9 package org.opendaylight.controller.networkconfig.neutron.northbound;
10
11
12 import org.codehaus.enunciate.jaxrs.ResponseCode;
13 import org.codehaus.enunciate.jaxrs.StatusCodes;
14 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallPolicyAware;
15 import org.opendaylight.controller.networkconfig.neutron.INeutronFirewallPolicyCRUD;
16 import org.opendaylight.controller.networkconfig.neutron.NeutronCRUDInterfaces;
17 import org.opendaylight.controller.networkconfig.neutron.NeutronFirewallPolicy;
18 import org.opendaylight.controller.northbound.commons.RestMessages;
19 import org.opendaylight.controller.northbound.commons.exception.BadRequestException;
20 import org.opendaylight.controller.northbound.commons.exception.ResourceNotFoundException;
21 import org.opendaylight.controller.northbound.commons.exception.ServiceUnavailableException;
22 import org.opendaylight.controller.sal.utils.ServiceHelper;
23
24 import javax.ws.rs.Consumes;
25 import javax.ws.rs.DELETE;
26 import javax.ws.rs.GET;
27 import javax.ws.rs.POST;
28 import javax.ws.rs.PUT;
29 import javax.ws.rs.Path;
30 import javax.ws.rs.PathParam;
31 import javax.ws.rs.Produces;
32 import javax.ws.rs.QueryParam;
33 import javax.ws.rs.core.MediaType;
34 import javax.ws.rs.core.Response;
35 import java.util.ArrayList;
36 import java.util.HashMap;
37 import java.util.Iterator;
38 import java.util.List;
39
40 /**
41  * Neutron Northbound REST APIs for Firewall Policies.<br>
42  * This class provides REST APIs for managing neutron Firewall Policies
43  *
44  * <br>
45  * <br>
46  * Authentication scheme : <b>HTTP Basic</b><br>
47  * Authentication realm : <b>opendaylight</b><br>
48  * Transport : <b>HTTP and HTTPS</b><br>
49  * <br>
50  * HTTPS Authentication is disabled by default. Administrator can enable it in
51  * tomcat-server.xml after adding a proper keystore / SSL certificate from a
52  * trusted authority.<br>
53  * More info :
54  * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
55  *
56  */
57 @Path("/fw/firewalls_policies")
58 public class NeutronFirewallPolicyNorthbound {
59
60     private NeutronFirewallPolicy extractFields(NeutronFirewallPolicy o, List<String> fields) {
61         return o.extractFields(fields);
62     }
63
64     /**
65      * Returns a list of all Firewall Policies */
66     @GET
67     @Produces({ MediaType.APPLICATION_JSON })
68     @StatusCodes({
69             @ResponseCode(code = 200, condition = "Operation successful"),
70             @ResponseCode(code = 401, condition = "Unauthorized"),
71             @ResponseCode(code = 501, condition = "Not Implemented") })
72
73     public Response listGroups(
74             // return fields
75             @QueryParam("fields") List<String> fields,
76             // OpenStack Firewall Policy attributes
77             @QueryParam("id") String queryFirewallPolicyUUID,
78             @QueryParam("tenant_id") String queryFirewallPolicyTenantID,
79             @QueryParam("name") String queryFirewallPolicyName,
80             @QueryParam("description") String querySecurityPolicyDescription,
81             @QueryParam("shared") String querySecurityPolicyIsShared,
82             @QueryParam("firewall_rules") List querySecurityPolicyFirewallRules,
83             @QueryParam("audited") Boolean querySecurityPolicyIsAudited,
84             // pagination
85             @QueryParam("limit") String limit,
86             @QueryParam("marker") String marker,
87             @QueryParam("page_reverse") String pageReverse
88             // sorting not supported
89     ) {
90         INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
91
92         if (firewallPolicyInterface == null) {
93             throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
94                 + RestMessages.SERVICEUNAVAILABLE.toString());
95         }
96         List<NeutronFirewallPolicy> allFirewallPolicies = firewallPolicyInterface.getAllNeutronFirewallPolicies();
97         List<NeutronFirewallPolicy> ans = new ArrayList<NeutronFirewallPolicy>();
98         Iterator<NeutronFirewallPolicy> i = allFirewallPolicies.iterator();
99         while (i.hasNext()) {
100             NeutronFirewallPolicy nsg = i.next();
101             if ((queryFirewallPolicyUUID == null ||
102                 queryFirewallPolicyUUID.equals(nsg.getFirewallPolicyUUID())) &&
103                 (queryFirewallPolicyTenantID == null ||
104                     queryFirewallPolicyTenantID.equals(nsg.getFirewallPolicyTenantID())) &&
105                 (queryFirewallPolicyName == null ||
106                     queryFirewallPolicyName.equals(nsg.getFirewallPolicyName())) &&
107                 (querySecurityPolicyDescription == null ||
108                     querySecurityPolicyDescription.equals(nsg.getFirewallPolicyDescription())) &&
109                 (querySecurityPolicyIsShared == null ||
110                     querySecurityPolicyIsShared.equals(nsg.getFirewallPolicyIsShared())) &&
111                 (querySecurityPolicyFirewallRules.size() == 0 ||
112                     querySecurityPolicyFirewallRules.equals(nsg.getFirewallPolicyRules())) &&
113                 (querySecurityPolicyIsAudited == null ||
114                     querySecurityPolicyIsAudited.equals(nsg.getFirewallPolicyIsAudited()))) {
115                 if (fields.size() > 0) {
116                     ans.add(extractFields(nsg,fields));
117                 } else {
118                     ans.add(nsg);
119                 }
120             }
121         } // ans.add((NeutronFirewallPolicy) rules);
122         //TODO: apply pagination to results
123         return Response.status(200).entity(
124                 new NeutronFirewallPolicyRequest(ans)).build();
125     }
126
127     /**
128      * Returns a specific Firewall Policy */
129
130     @Path("{firewallPolicyUUID}")
131     @GET
132     @Produces({ MediaType.APPLICATION_JSON })
133     @StatusCodes({
134             @ResponseCode(code = 200, condition = "Operation successful"),
135             @ResponseCode(code = 401, condition = "Unauthorized"),
136             @ResponseCode(code = 404, condition = "Not Found"),
137             @ResponseCode(code = 501, condition = "Not Implemented") })
138     public Response showFirewallPolicy(@PathParam("firewallPolicyUUID") String firewallPolicyUUID,
139                                       // return fields
140                                       @QueryParam("fields") List<String> fields) {
141         INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
142         if (firewallPolicyInterface == null) {
143             throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
144                     + RestMessages.SERVICEUNAVAILABLE.toString());
145         }
146         if (!firewallPolicyInterface.neutronFirewallPolicyExists(firewallPolicyUUID)) {
147             throw new ResourceNotFoundException("Firewall Policy UUID does not exist.");
148         }
149         if (fields.size() > 0) {
150             NeutronFirewallPolicy ans = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
151             return Response.status(200).entity(
152                     new NeutronFirewallPolicyRequest(extractFields(ans, fields))).build();
153         } else {
154             return Response.status(200).entity(new NeutronFirewallPolicyRequest(firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID))).build();
155         }
156     }
157
158     /**
159      * Creates new Firewall Policy
160      * */
161     @POST
162     @Produces({ MediaType.APPLICATION_JSON })
163     @Consumes({ MediaType.APPLICATION_JSON })
164     @StatusCodes({
165             @ResponseCode(code = 201, condition = "Created"),
166             @ResponseCode(code = 400, condition = "Bad Request"),
167             @ResponseCode(code = 401, condition = "Unauthorized"),
168             @ResponseCode(code = 403, condition = "Forbidden"),
169             @ResponseCode(code = 404, condition = "Not Found"),
170             @ResponseCode(code = 409, condition = "Conflict"),
171             @ResponseCode(code = 501, condition = "Not Implemented") })
172     public Response createFirewallPolicies(final NeutronFirewallPolicyRequest input) {
173         INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
174         if (firewallPolicyInterface == null) {
175             throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
176                     + RestMessages.SERVICEUNAVAILABLE.toString());
177         }
178         if (input.isSingleton()) {
179             NeutronFirewallPolicy singleton = input.getSingleton();
180
181             /*
182              *  Verify that the Firewall Policy doesn't already exist.
183              */
184             if (firewallPolicyInterface.neutronFirewallPolicyExists(singleton.getFirewallPolicyUUID())) {
185                 throw new BadRequestException("Firewall Policy UUID already exists");
186             }
187             firewallPolicyInterface.addNeutronFirewallPolicy(singleton);
188
189             Object[] instances = ServiceHelper.getGlobalInstances(INeutronFirewallPolicyAware.class, this, null);
190             if (instances != null) {
191                 for (Object instance : instances) {
192                     INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
193                     int status = service.canCreateNeutronFirewallPolicy(singleton);
194                     if (status < 200 || status > 299) {
195                         return Response.status(status).build();
196                     }
197                 }
198             }
199             firewallPolicyInterface.addNeutronFirewallPolicy(singleton);
200             if (instances != null) {
201                 for (Object instance : instances) {
202                     INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
203                     service.neutronFirewallPolicyCreated(singleton);
204                 }
205             }
206         } else {
207             List<NeutronFirewallPolicy> bulk = input.getBulk();
208             Iterator<NeutronFirewallPolicy> i = bulk.iterator();
209             HashMap<String, NeutronFirewallPolicy> testMap = new HashMap<String, NeutronFirewallPolicy>();
210             Object[] instances = ServiceHelper.getGlobalInstances(INeutronFirewallPolicyAware.class, this, null);
211             while (i.hasNext()) {
212                 NeutronFirewallPolicy test = i.next();
213
214                 /*
215                  *  Verify that the firewall policy doesn't already exist
216                  */
217
218                 if (firewallPolicyInterface.neutronFirewallPolicyExists(test.getFirewallPolicyUUID())) {
219                     throw new BadRequestException("Firewall Policy UUID already is already created");
220                 }
221                 if (testMap.containsKey(test.getFirewallPolicyUUID())) {
222                     throw new BadRequestException("Firewall Policy UUID already exists");
223                 }
224                 if (instances != null) {
225                     for (Object instance : instances) {
226                         INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
227                         int status = service.canCreateNeutronFirewallPolicy(test);
228                         if (status < 200 || status > 299) {
229                             return Response.status(status).build();
230                         }
231                     }
232                 }
233             }
234             /*
235              * now, each element of the bulk request can be added to the cache
236              */
237             i = bulk.iterator();
238             while (i.hasNext()) {
239                 NeutronFirewallPolicy test = i.next();
240                 firewallPolicyInterface.addNeutronFirewallPolicy(test);
241                 if (instances != null) {
242                     for (Object instance : instances) {
243                         INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
244                         service.neutronFirewallPolicyCreated(test);
245                     }
246                 }
247             }
248         }
249         return Response.status(201).entity(input).build();
250     }
251
252     /**
253      * Updates a Firewall Policy
254      */
255     @Path("{firewallPolicyUUID}")
256     @PUT
257     @Produces({ MediaType.APPLICATION_JSON })
258     @Consumes({ MediaType.APPLICATION_JSON })
259     //@TypeHint(OpenStackSubnets.class)
260     @StatusCodes({
261             @ResponseCode(code = 200, condition = "Operation successful"),
262             @ResponseCode(code = 400, condition = "Bad Request"),
263             @ResponseCode(code = 401, condition = "Unauthorized"),
264             @ResponseCode(code = 403, condition = "Forbidden"),
265             @ResponseCode(code = 404, condition = "Not Found"),
266             @ResponseCode(code = 501, condition = "Not Implemented") })
267     public Response updateFirewallPolicy(
268             @PathParam("firewallPolicyUUID") String firewallPolicyUUID, final NeutronFirewallPolicyRequest input) {
269         INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
270         if (firewallPolicyInterface == null) {
271             throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
272                     + RestMessages.SERVICEUNAVAILABLE.toString());
273         }
274
275         /*
276          * verify the Firewall Policy exists and there is only one delta provided
277          */
278         if (!firewallPolicyInterface.neutronFirewallPolicyExists(firewallPolicyUUID)) {
279             throw new ResourceNotFoundException("Firewall Policy UUID does not exist.");
280         }
281         if (!input.isSingleton()) {
282             throw new BadRequestException("Only singleton edit supported");
283         }
284         NeutronFirewallPolicy delta = input.getSingleton();
285         NeutronFirewallPolicy original = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
286
287         /*
288          * updates restricted by Neutron
289          */
290         if (delta.getFirewallPolicyUUID() != null ||
291                 delta.getFirewallPolicyTenantID() != null ||
292                 delta.getFirewallPolicyName() != null ||
293                 delta.getFirewallPolicyDescription() != null ||
294                 delta.getFirewallPolicyIsShared() != null ||
295                 delta.getFirewallPolicyRules().size() > 0 ||
296                 delta.getFirewallPolicyIsAudited() != null) {
297             throw new BadRequestException("Attribute edit blocked by Neutron");
298         }
299
300         Object[] instances = ServiceHelper.getGlobalInstances(INeutronFirewallPolicyAware.class, this, null);
301         if (instances != null) {
302             for (Object instance : instances) {
303                 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
304                 int status = service.canUpdateNeutronFirewallPolicy(delta, original);
305                 if (status < 200 || status > 299) {
306                     return Response.status(status).build();
307                 }
308             }
309         }
310
311         /*
312          * update the object and return it
313          */
314         firewallPolicyInterface.updateNeutronFirewallPolicy(firewallPolicyUUID, delta);
315         NeutronFirewallPolicy updatedFirewallPolicy = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
316         if (instances != null) {
317             for (Object instance : instances) {
318                 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
319                 service.neutronFirewallPolicyUpdated(updatedFirewallPolicy);
320             }
321         }
322         return Response.status(200).entity(new NeutronFirewallPolicyRequest(firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID))).build();
323     }
324
325     /**
326      * Deletes a Firewall Policy */
327
328     @Path("{firewallPolicyUUID}")
329     @DELETE
330     @StatusCodes({
331             @ResponseCode(code = 204, condition = "No Content"),
332             @ResponseCode(code = 401, condition = "Unauthorized"),
333             @ResponseCode(code = 404, condition = "Not Found"),
334             @ResponseCode(code = 409, condition = "Conflict"),
335             @ResponseCode(code = 501, condition = "Not Implemented") })
336     public Response deleteFirewallPolicy(
337             @PathParam("firewallPolicyUUID") String firewallPolicyUUID) {
338         INeutronFirewallPolicyCRUD firewallPolicyInterface = NeutronCRUDInterfaces.getINeutronFirewallPolicyCRUD(this);
339         if (firewallPolicyInterface == null) {
340             throw new ServiceUnavailableException("Firewall Policy CRUD Interface "
341                     + RestMessages.SERVICEUNAVAILABLE.toString());
342         }
343
344         /*
345          * verify the Firewall Policy exists and it isn't currently in use
346          */
347         if (!firewallPolicyInterface.neutronFirewallPolicyExists(firewallPolicyUUID)) {
348             throw new ResourceNotFoundException("Firewall Policy UUID does not exist.");
349         }
350         if (firewallPolicyInterface.neutronFirewallPolicyInUse(firewallPolicyUUID)) {
351             return Response.status(409).build();
352         }
353         NeutronFirewallPolicy singleton = firewallPolicyInterface.getNeutronFirewallPolicy(firewallPolicyUUID);
354         Object[] instances = ServiceHelper.getGlobalInstances(INeutronFirewallPolicyAware.class, this, null);
355         if (instances != null) {
356             for (Object instance : instances) {
357                 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
358                 int status = service.canDeleteNeutronFirewallPolicy(singleton);
359                 if (status < 200 || status > 299) {
360                     return Response.status(status).build();
361                 }
362             }
363         }
364
365         firewallPolicyInterface.removeNeutronFirewallPolicy(firewallPolicyUUID);
366         if (instances != null) {
367             for (Object instance : instances) {
368                 INeutronFirewallPolicyAware service = (INeutronFirewallPolicyAware) instance;
369                 service.neutronFirewallPolicyDeleted(singleton);
370             }
371         }
372         return Response.status(204).build();
373     }
374 }
OpenDaylight controller