Code Review / controller.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Fixing a bug to show node name if present instead of node id while adding...
[controller.git] / opendaylight / web / devices / src / main / java / org / opendaylight / controller / devices / web / Devices.java
diff --git a/opendaylight/web/devices/src/main/java/org/opendaylight/controller/devices/web/Devices.java b/opendaylight/web/devices/src/main/java/org/opendaylight/controller/devices/web/Devices.java
index bec194bf1cc67432a53320cd8fc4911af98977f2..781242a969b0a0f5964a7223672e1b08a74f60fb 100644 (file)
--- a/opendaylight/web/devices/src/main/java/org/opendaylight/controller/devices/web/Devices.java
+++ b/opendaylight/web/devices/src/main/java/org/opendaylight/controller/devices/web/Devices.java
@@ -10,31 +10,30 @@ package org.opendaylight.controller.devices.web;
 
 import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.concurrent.ConcurrentMap;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.codehaus.jackson.map.ObjectMapper;
-import org.opendaylight.controller.usermanager.IUserManager;
-import org.opendaylight.controller.web.DaylightWebUtil;
-import org.opendaylight.controller.web.IDaylightWeb;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
 import org.opendaylight.controller.forwarding.staticrouting.IForwardingStaticRouting;
 import org.opendaylight.controller.forwarding.staticrouting.StaticRouteConfig;
+import org.opendaylight.controller.sal.authorization.Privilege;
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.core.Config;
+import org.opendaylight.controller.sal.core.Description;
+import org.opendaylight.controller.sal.core.ForwardingMode;
 import org.opendaylight.controller.sal.core.Name;
 import org.opendaylight.controller.sal.core.Node;
 import org.opendaylight.controller.sal.core.NodeConnector;
+import org.opendaylight.controller.sal.core.Property;
+import org.opendaylight.controller.sal.core.State;
 import org.opendaylight.controller.sal.core.Tier;
 import org.opendaylight.controller.sal.utils.GlobalConstants;
 import org.opendaylight.controller.sal.utils.HexEncode;
@@ -46,6 +45,13 @@ import org.opendaylight.controller.switchmanager.SpanConfig;
 import org.opendaylight.controller.switchmanager.SubnetConfig;
 import org.opendaylight.controller.switchmanager.Switch;
 import org.opendaylight.controller.switchmanager.SwitchConfig;
+import org.opendaylight.controller.web.DaylightWebUtil;
+import org.opendaylight.controller.web.IDaylightWeb;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
 
 import com.google.gson.Gson;
 
@@ -83,50 +89,62 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/nodesLearnt", method = RequestMethod.GET)
     @ResponseBody
-    public DevicesJsonBean getNodesLearnt(HttpServletRequest request, @RequestParam(required = false) String container) {
+    public DevicesJsonBean getNodesLearnt(HttpServletRequest request,
+            @RequestParam(required = false) String container) {
         Gson gson = new Gson();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
-        ISwitchManager switchManager = (ISwitchManager) ServiceHelper
-                .getInstance(ISwitchManager.class, containerName, this);
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Derive the privilege this user has on the current container
+        String userName = request.getUserPrincipal().getName();
+        Privilege privilege = DaylightWebUtil.getContainerPrivilege(userName, containerName, this);
+
+        ISwitchManager switchManager = (ISwitchManager) ServiceHelper.getInstance(ISwitchManager.class, containerName,
+                this);
         List<Map<String, String>> nodeData = new ArrayList<Map<String, String>>();
-        if (switchManager != null) {
+        if (switchManager != null && privilege != Privilege.NONE) {
             for (Switch device : switchManager.getNetworkDevices()) {
                 HashMap<String, String> nodeDatum = new HashMap<String, String>();
                 Node node = device.getNode();
-                Tier tier = (Tier) switchManager.getNodeProp(node,
-                        Tier.TierPropName);
-
+                Tier tier = (Tier) switchManager.getNodeProp(node, Tier.TierPropName);
                 nodeDatum.put("containerName", containerName);
-                nodeDatum.put("nodeName",
-                        switchManager.getNodeDescription(node));
+                Description description = (Description) switchManager.getNodeProp(node, Description.propertyName);
+                String desc = (description == null) ? "" : description.getValue();
+                nodeDatum.put("nodeName", desc);
                 nodeDatum.put("nodeId", node.toString());
-                int tierNumber = (tier == null) ? TierHelper.unknownTierNumber
-                        : tier.getValue();
-                nodeDatum.put("tierName", TierHelper.getTierName(tierNumber)
-                        + " (Tier-" + tierNumber + ")");
+                int tierNumber = (tier == null) ? TierHelper.unknownTierNumber : tier.getValue();
+                nodeDatum.put("tierName", TierHelper.getTierName(tierNumber) + " (Tier-" + tierNumber + ")");
                 nodeDatum.put("tier", tierNumber + "");
-                SwitchConfig sc = switchManager.getSwitchConfig(device
-                        .getNode().toString());
-                String modeStr = (sc != null) ? sc.getMode() : "0";
+                String modeStr = "0";
+                ForwardingMode mode = null;
+                if (!containerName.equals(GlobalConstants.DEFAULT.toString())) {
+                    ISwitchManager switchManagerDefault = (ISwitchManager) ServiceHelper.getInstance(
+                            ISwitchManager.class, GlobalConstants.DEFAULT.toString(), this);
+                    mode = (ForwardingMode) switchManagerDefault.getNodeProp(node, ForwardingMode.name);
+                } else {
+                    mode = (ForwardingMode) switchManager.getNodeProp(node, ForwardingMode.name);
+                }
+                if (mode != null) {
+                    modeStr = String.valueOf(mode.getValue());
+                }
                 nodeDatum.put("mode", modeStr);
 
                 nodeDatum.put("json", gson.toJson(nodeDatum));
-                nodeDatum.put("mac", HexEncode.bytesToHexString(device
-                        .getDataLayerAddress()));
+                nodeDatum.put("mac", HexEncode.bytesToHexString(device.getDataLayerAddress()));
                 StringBuffer sb1 = new StringBuffer();
-                Set<NodeConnector> nodeConnectorSet = device
-                        .getNodeConnectors();
+                Set<NodeConnector> nodeConnectorSet = device.getNodeConnectors();
                 if (nodeConnectorSet != null && nodeConnectorSet.size() > 0) {
                     Map<Short, String> portList = new HashMap<Short, String>();
+                    List<String> intfList = new ArrayList<String>();
                     for (NodeConnector nodeConnector : nodeConnectorSet) {
-                        String nodeConnectorNumberToStr = nodeConnector.getID()
-                                .toString();
-                        Name ncName = ((Name) switchManager
-                                .getNodeConnectorProp(nodeConnector,
-                                        Name.NamePropName));
+                        String nodeConnectorNumberToStr = nodeConnector.getID().toString();
+                        Name ncName = ((Name) switchManager.getNodeConnectorProp(nodeConnector, Name.NamePropName));
                         Config portStatus = ((Config) switchManager
                                 .getNodeConnectorProp(nodeConnector,
                                         Config.ConfigPropName));
+                        State portState = ((State) switchManager
+                                .getNodeConnectorProp(nodeConnector,
+                                        State.StatePropName));
 
                         String nodeConnectorName = (ncName != null) ? ncName
                                 .getValue() : "";
@@ -134,25 +152,42 @@ public class Devices implements IDaylightWeb {
 
                         if (portStatus != null) {
                             if (portStatus.getValue() == Config.ADMIN_UP) {
-                                nodeConnectorName = "<span style='color:green;'>"
-                                        + nodeConnectorName + "</span>";
+                                if (portState.getValue() == State.EDGE_UP) {
+                                    nodeConnectorName = "<span class='admin-up'>"
+                                            + nodeConnectorName + "</span>";
+                                } else if (portState.getValue() == State.EDGE_DOWN) {
+                                    nodeConnectorName = "<span class='edge-down'>"
+                                            + nodeConnectorName + "</span>";
+                                }
                             } else if (portStatus.getValue() == Config.ADMIN_DOWN) {
-                                nodeConnectorName = "<span style='color:red;'>"
+                                nodeConnectorName = "<span class='admin-down'>"
                                         + nodeConnectorName + "</span>";
                             }
                         }
 
-                        portList.put(
-                                Short.parseShort(nodeConnectorNumberToStr),
-                                nodeConnectorName);
+                        Class<?> idClass = nodeConnector.getID().getClass();
+                        if (idClass.equals(Short.class)) {
+                            portList.put(
+                                    Short.parseShort(nodeConnectorNumberToStr),
+                                    nodeConnectorName);
+                        } else {
+                            intfList.add(nodeConnectorName);
+                        }
                     }
 
-                    Map<Short, String> sortedPortList = new TreeMap<Short, String>(
-                            portList);
+                    if (portList.size() > 0) {
+                        Map<Short, String> sortedPortList = new TreeMap<Short, String>(
+                                portList);
 
-                    for (Entry<Short, String> e : sortedPortList.entrySet()) {
-                        sb1.append(e.getValue());
-                        sb1.append("<br>");
+                        for (Entry<Short, String> e : sortedPortList.entrySet()) {
+                            sb1.append(e.getValue());
+                            sb1.append("<br>");
+                        }
+                    } else if (intfList.size() > 0) {
+                        for (String intf : intfList) {
+                            sb1.append(intf);
+                            sb1.append("<br>");
+                        }
                     }
                 }
                 nodeDatum.put("ports", sb1.toString());
@@ -162,6 +197,7 @@ public class Devices implements IDaylightWeb {
 
         DevicesJsonBean result = new DevicesJsonBean();
         result.setNodeData(nodeData);
+        result.setPrivilege(privilege);
         List<String> columnNames = new ArrayList<String>();
         columnNames.add("Node ID");
         columnNames.add("Node Name");
@@ -187,21 +223,41 @@ public class Devices implements IDaylightWeb {
             @RequestParam("nodeId") String nodeId,
             @RequestParam("tier") String tier,
             @RequestParam("operationMode") String operationMode,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil
+                .getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
-            SwitchConfig cfg = new SwitchConfig(nodeId, nodeName, tier,
-                    operationMode);
-            switchManager.updateSwitchConfig(cfg);
-            resultBean.setStatus(true);
-            resultBean.setMessage("Updated node information successfully");
+            Map<String, Property> nodeProperties = new HashMap<String, Property>();
+            Property desc = new Description(nodeName);
+            nodeProperties.put(desc.getName(), desc);
+            Property nodeTier = new Tier(Integer.parseInt(tier));
+            nodeProperties.put(nodeTier.getName(), nodeTier);
+            if (containerName.equals(GlobalConstants.DEFAULT.toString())) {
+                Property mode = new ForwardingMode(Integer.parseInt(operationMode));
+                nodeProperties.put(mode.getName(), mode);
+            }
+            SwitchConfig cfg = new SwitchConfig(nodeId, nodeProperties);
+            Status result = switchManager.updateNodeConfig(cfg);
+            if (!result.isSuccess()) {
+                resultBean.setStatus(false);
+                resultBean.setMessage(result.getDescription());
+            } else {
+                resultBean.setStatus(true);
+                resultBean.setMessage("Updated node information successfully");
+                DaylightWebUtil.auditlog("Node", userName, "updated", nodeId + " to "+ nodeName, containerName);
+            }
         } catch (Exception e) {
             resultBean.setStatus(false);
             resultBean.setMessage("Error updating node information. "
@@ -212,9 +268,16 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/staticRoutes", method = RequestMethod.GET)
     @ResponseBody
-    public DevicesJsonBean getStaticRoutes(HttpServletRequest request, @RequestParam(required = false) String container) {
+    public DevicesJsonBean getStaticRoutes(HttpServletRequest request,
+            @RequestParam(required = false) String container) {
         Gson gson = new Gson();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Derive the privilege this user has on the current container
+        String userName = request.getUserPrincipal().getName();
+        Privilege privilege = DaylightWebUtil.getContainerPrivilege(userName, containerName, this);
+
         IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
                 .getInstance(IForwardingStaticRouting.class, containerName,
                         this);
@@ -227,16 +290,19 @@ public class Devices implements IDaylightWeb {
         if (routeConfigs == null) {
             return null;
         }
-        for (StaticRouteConfig conf : routeConfigs.values()) {
-            Map<String, String> staticRoute = new HashMap<String, String>();
-            staticRoute.put("name", conf.getName());
-            staticRoute.put("staticRoute", conf.getStaticRoute());
-            staticRoute.put("nextHopType", conf.getNextHopType());
-            staticRoute.put("nextHop", conf.getNextHop());
-            staticRoute.put("json", gson.toJson(conf));
-            staticRoutes.add(staticRoute);
+        if (privilege != Privilege.NONE) {
+            for (StaticRouteConfig conf : routeConfigs.values()) {
+                Map<String, String> staticRoute = new HashMap<String, String>();
+                staticRoute.put("name", conf.getName());
+                staticRoute.put("staticRoute", conf.getStaticRoute());
+                staticRoute.put("nextHopType", conf.getNextHopType());
+                staticRoute.put("nextHop", conf.getNextHop());
+                staticRoute.put("json", gson.toJson(conf));
+                staticRoutes.add(staticRoute);
+            }
         }
         DevicesJsonBean result = new DevicesJsonBean();
+        result.setPrivilege(privilege);
         result.setColumnNames(StaticRouteConfig.getGuiFieldsNames());
         result.setNodeData(staticRoutes);
         return result;
@@ -248,13 +314,19 @@ public class Devices implements IDaylightWeb {
             @RequestParam("routeName") String routeName,
             @RequestParam("staticRoute") String staticRoute,
             @RequestParam("nextHop") String nextHop,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil
+                .getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean result = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
                     .getInstance(IForwardingStaticRouting.class, containerName,
@@ -267,6 +339,7 @@ public class Devices implements IDaylightWeb {
             if (addStaticRouteResult.isSuccess()) {
                 result.setStatus(true);
                 result.setMessage("Static Route saved successfully");
+                DaylightWebUtil.auditlog("Static Route", userName, "added", routeName, containerName);
             } else {
                 result.setStatus(false);
                 result.setMessage(addStaticRouteResult.getDescription());
@@ -282,13 +355,18 @@ public class Devices implements IDaylightWeb {
     @ResponseBody
     public StatusJsonBean deleteStaticRoute(
             @RequestParam("routesToDelete") String routesToDelete,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
                     .getInstance(IForwardingStaticRouting.class, containerName,
@@ -305,6 +383,7 @@ public class Devices implements IDaylightWeb {
                     resultBean.setMessage(result.getDescription());
                     break;
                 }
+                DaylightWebUtil.auditlog("Static Route", userName, "removed", route, containerName);
             }
         } catch (Exception e) {
             resultBean.setStatus(false);
@@ -317,22 +396,33 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/subnets", method = RequestMethod.GET)
     @ResponseBody
-    public DevicesJsonBean getSubnetGateways(HttpServletRequest request, @RequestParam(required = false) String container) {
+    public DevicesJsonBean getSubnetGateways(HttpServletRequest request,
+            @RequestParam(required = false) String container) {
         Gson gson = new Gson();
         List<Map<String, String>> subnets = new ArrayList<Map<String, String>>();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
-        ISwitchManager switchManager = (ISwitchManager) ServiceHelper
-                .getInstance(ISwitchManager.class, containerName, this);
-        if (switchManager != null) {
-            for (SubnetConfig conf : switchManager.getSubnetsConfigList()) {
-                Map<String, String> subnet = new HashMap<String, String>();
-                subnet.put("name", conf.getName());
-                subnet.put("subnet", conf.getSubnet());
-                subnet.put("json", gson.toJson(conf));
-                subnets.add(subnet);
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Derive the privilege this user has on the current container
+        String userName = request.getUserPrincipal().getName();
+        Privilege privilege = DaylightWebUtil.getContainerPrivilege(
+                userName, containerName, this);
+
+        if (privilege != Privilege.NONE) {
+            ISwitchManager switchManager = (ISwitchManager) ServiceHelper
+                    .getInstance(ISwitchManager.class, containerName, this);
+            if (switchManager != null) {
+                for (SubnetConfig conf : switchManager.getSubnetsConfigList()) {
+                    Map<String, String> subnet = new HashMap<String, String>();
+                    subnet.put("name", conf.getName());
+                    subnet.put("subnet", conf.getSubnet());
+                    subnet.put("json", gson.toJson(conf));
+                    subnets.add(subnet);
+                }
             }
         }
         DevicesJsonBean result = new DevicesJsonBean();
+        result.setPrivilege(privilege);
         result.setColumnNames(SubnetConfig.getGuiFieldsNames());
         result.setNodeData(subnets);
         return result;
@@ -343,22 +433,28 @@ public class Devices implements IDaylightWeb {
     public StatusJsonBean addSubnetGateways(
             @RequestParam("gatewayName") String gatewayName,
             @RequestParam("gatewayIPAddress") String gatewayIPAddress,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
             SubnetConfig cfgObject = new SubnetConfig(gatewayName,
-                    gatewayIPAddress, new ArrayList<String>());
+                    gatewayIPAddress, new HashSet<String>());
             Status result = switchManager.addSubnet(cfgObject);
             if (result.isSuccess()) {
                 resultBean.setStatus(true);
                 resultBean.setMessage("Added gateway address successfully");
+                DaylightWebUtil.auditlog("Subnet Gateway", userName, "added", gatewayName, containerName);
             } else {
                 resultBean.setStatus(false);
                 resultBean.setMessage(result.getDescription());
@@ -374,13 +470,18 @@ public class Devices implements IDaylightWeb {
     @ResponseBody
     public StatusJsonBean deleteSubnetGateways(
             @RequestParam("gatewaysToDelete") String gatewaysToDelete,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, container, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
@@ -394,6 +495,7 @@ public class Devices implements IDaylightWeb {
                     resultBean.setMessage(result.getDescription());
                     break;
                 }
+                DaylightWebUtil.auditlog("Subnet Gateway", userName, "removed", subnet, containerName);
             }
         } catch (Exception e) {
             resultBean.setStatus(false);
@@ -407,14 +509,18 @@ public class Devices implements IDaylightWeb {
     public StatusJsonBean addSubnetGatewayPort(
             @RequestParam("portsName") String portsName,
             @RequestParam("ports") String ports,
-            @RequestParam("nodeId") String nodeId,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            @RequestParam("nodeId") String nodeId, HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
@@ -425,6 +531,7 @@ public class Devices implements IDaylightWeb {
                 resultBean.setStatus(true);
                 resultBean
                         .setMessage("Added ports to subnet gateway address successfully");
+                DaylightWebUtil.auditlog("Ports to Subnet Gateway", userName, "added",nodeId+"/"+ ports, containerName);
             } else {
                 resultBean.setStatus(false);
                 resultBean.setMessage(result.getDescription());
@@ -441,13 +548,18 @@ public class Devices implements IDaylightWeb {
     public StatusJsonBean deleteSubnetGatewayPort(
             @RequestParam("gatewayName") String gatewayName,
             @RequestParam("nodePort") String nodePort,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
@@ -458,6 +570,7 @@ public class Devices implements IDaylightWeb {
                 resultBean.setStatus(true);
                 resultBean
                         .setMessage("Deleted port from subnet gateway address successfully");
+                DaylightWebUtil.auditlog("Ports from Subnet Gateway", userName, "removed", nodePort, containerName);
             } else {
                 resultBean.setStatus(false);
                 resultBean.setMessage(result.getDescription());
@@ -471,38 +584,51 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/spanPorts", method = RequestMethod.GET)
     @ResponseBody
-    public DevicesJsonBean getSpanPorts(HttpServletRequest request, @RequestParam(required = false) String container) {
+    public DevicesJsonBean getSpanPorts(HttpServletRequest request,
+            @RequestParam(required = false) String container) {
         Gson gson = new Gson();
-        List<String> spanConfigs_json = new ArrayList<String>();
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
-        ISwitchManager switchManager = (ISwitchManager) ServiceHelper
-                .getInstance(ISwitchManager.class, containerName, this);
-        if (switchManager != null) {
-            for (SpanConfig conf : switchManager.getSpanConfigList()) {
-                spanConfigs_json.add(gson.toJson(conf));
-            }
-        }
-        ObjectMapper mapper = new ObjectMapper();
         List<Map<String, String>> spanConfigs = new ArrayList<Map<String, String>>();
-        for (String config_json : spanConfigs_json) {
-            try {
-                @SuppressWarnings("unchecked")
-                Map<String, String> config_data = mapper.readValue(config_json,
-                        HashMap.class);
-                Map<String, String> config = new HashMap<String, String>();
-                for (String name : config_data.keySet()) {
-                    config.put(name, config_data.get(name));
-                    // Add switch name value (non-configuration field)
-                    config.put("nodeName",
-                            getNodeDesc(config_data.get("nodeId"), containerName));
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Derive the privilege this user has on the current container
+        String userName = request.getUserPrincipal().getName();
+        Privilege privilege = DaylightWebUtil.getContainerPrivilege(
+                userName, containerName, this);
+
+        if (privilege != Privilege.NONE) {
+            List<String> spanConfigs_json = new ArrayList<String>();
+            ISwitchManager switchManager = (ISwitchManager) ServiceHelper
+                    .getInstance(ISwitchManager.class, containerName, this);
+            if (switchManager != null) {
+                for (SpanConfig conf : switchManager.getSpanConfigList()) {
+                    spanConfigs_json.add(gson.toJson(conf));
+                }
+            }
+            ObjectMapper mapper = new ObjectMapper();
+
+            for (String config_json : spanConfigs_json) {
+                try {
+                    @SuppressWarnings("unchecked")
+                    Map<String, String> config_data = mapper.readValue(config_json,
+                            HashMap.class);
+                    Map<String, String> config = new HashMap<String, String>();
+                    for (String name : config_data.keySet()) {
+                        config.put(name, config_data.get(name));
+                        // Add switch name value (non-configuration field)
+                        config.put("nodeName",
+                                getNodeDesc(config_data.get("nodeId"), containerName));
+                    }
+                    config.put("json", config_json);
+                    spanConfigs.add(config);
+                } catch (Exception e) {
+                    // TODO: Handle the exception.
                 }
-                config.put("json", config_json);
-                spanConfigs.add(config);
-            } catch (Exception e) {
-                // TODO: Handle the exception.
             }
         }
+
         DevicesJsonBean result = new DevicesJsonBean();
+        result.setPrivilege(privilege);
         result.setColumnNames(SpanConfig.getGuiFieldsNames());
         result.setNodeData(spanConfigs);
         return result;
@@ -510,49 +636,65 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/nodeports")
     @ResponseBody
-    public Map<String, Object> getNodePorts(HttpServletRequest request, @RequestParam(required = false) String container) {
-        String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
+    public List<NodeJsonBean> getNodePorts(HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Derive the privilege this user has on the current container
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) == Privilege.NONE) {
+            return null;
+        }
+
         ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                 .getInstance(ISwitchManager.class, containerName, this);
         if (switchManager == null) {
             return null;
         }
-
-        Map<String, Object> nodes = new HashMap<String, Object>();
-        Map<Short, String> port;
+        List<NodeJsonBean> nodeJsonBeans = new ArrayList<NodeJsonBean>();
 
         for (Switch node : switchManager.getNetworkDevices()) {
-            port = new HashMap<Short, String>(); // new port
+            NodeJsonBean nodeJsonBean = new NodeJsonBean();
+            List<String> port = new ArrayList<String>();
             Set<NodeConnector> nodeConnectorSet = node.getNodeConnectors();
 
-            if (nodeConnectorSet != null)
+            if (nodeConnectorSet != null) {
                 for (NodeConnector nodeConnector : nodeConnectorSet) {
                     String nodeConnectorName = ((Name) switchManager
                             .getNodeConnectorProp(nodeConnector,
                                     Name.NamePropName)).getValue();
-                    port.put((Short) nodeConnector.getID(), nodeConnectorName
+                    port.add(nodeConnectorName
                             + "(" + nodeConnector.getID() + ")");
                 }
-
-            nodes.put(node.getNode().toString(), port);
+            }
+            nodeJsonBean.setNodeId(node.getNode().toString());
+            nodeJsonBean.setNodeName(getNodeDesc(node.getNode().toString(), containerName));
+            nodeJsonBean.setNodePorts(port);
+            nodeJsonBeans.add(nodeJsonBean);
         }
 
-        return nodes;
+        return nodeJsonBeans;
     }
 
     @RequestMapping(value = "/spanPorts/add", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean addSpanPort(
             @RequestParam("jsonData") String jsonData,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             Gson gson = new Gson();
-            String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
             SpanConfig cfgObject = gson.fromJson(jsonData, SpanConfig.class);
@@ -560,6 +702,7 @@ public class Devices implements IDaylightWeb {
             if (result.isSuccess()) {
                 resultBean.setStatus(true);
                 resultBean.setMessage("SPAN Port added successfully");
+                DaylightWebUtil.auditlog("SPAN Port", userName, "added", cfgObject.getNodeId(), containerName);
             } else {
                 resultBean.setStatus(false);
                 resultBean.setMessage(result.getDescription());
@@ -576,15 +719,20 @@ public class Devices implements IDaylightWeb {
     @ResponseBody
     public StatusJsonBean deleteSpanPorts(
             @RequestParam("spanPortsToDelete") String spanPortsToDelete,
-            HttpServletRequest request, @RequestParam(required = false) String container) {
-        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            HttpServletRequest request,
+            @RequestParam(required = false) String container) {
+        String containerName = (container == null) ? GlobalConstants.DEFAULT
+                .toString() : container;
+
+        // Authorization check
+        String userName = request.getUserPrincipal().getName();
+        if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
             return unauthorizedMessage();
         }
 
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             Gson gson = new Gson();
-            String containerName = DaylightWebUtil.getAuthorizedContainer(request, container, this);
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
             String[] spans = spanPortsToDelete.split("###");
@@ -600,6 +748,7 @@ public class Devices implements IDaylightWeb {
                         resultBean.setMessage(result.getDescription());
                         break;
                     }
+                    DaylightWebUtil.auditlog("SPAN Port", userName, "removed", cfgObject.getNodeId(), containerName);
                 }
             }
         } catch (Exception e) {
@@ -615,33 +764,15 @@ public class Devices implements IDaylightWeb {
                 .getInstance(ISwitchManager.class, containerName, this);
         String description = "";
         if (switchManager != null) {
-            description = switchManager.getNodeDescription(Node
-                    .fromString(nodeId));
+            Description desc = (Description) switchManager.getNodeProp(Node.fromString(nodeId), Description.propertyName);
+            if(desc != null) {
+                description = desc.getValue();
+            }
         }
         return (description.isEmpty() || description.equalsIgnoreCase("none")) ? nodeId
                 : description;
     }
 
-    /**
-     * Is the operation permitted for the given level
-     * 
-     * @param level
-     */
-    private boolean authorize(UserLevel level, HttpServletRequest request) {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager == null) {
-            return false;
-        }
-
-        String username = request.getUserPrincipal().getName();
-        UserLevel userLevel = userManager.getUserLevel(username);
-        if (userLevel.toNumber() <= level.toNumber()) {
-            return true;
-        }
-        return false;
-    }
-
     private StatusJsonBean unauthorizedMessage() {
         StatusJsonBean message = new StatusJsonBean();
         message.setStatus(false);
@@ -657,10 +788,10 @@ public class Devices implements IDaylightWeb {
          * IUserManager userManager = (IUserManager) ServiceHelper
          * .getGlobalInstance(IUserManager.class, this); if (userManager ==
          * null) { return "User Manager is not available"; }
-         * 
+         *
          * String username = request.getUserPrincipal().getName();
-         * 
-         * 
+         *
+         *
          * model.addAttribute("username", username); model.addAttribute("role",
          * userManager.getUserLevel(username).toNumber());
          */
OpenDaylight controller