cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alena1...@apache.org
Subject [39/72] [abbrv] [partial] Moved most of the VOs and DAOs from server package into engine-schema as well
Date Tue, 07 May 2013 22:01:55 GMT
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
new file mode 100644
index 0000000..f8eeb8a
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
@@ -0,0 +1,143 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.Date;
+import java.util.UUID;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+import com.cloud.network.Site2SiteVpnConnection;
+import com.cloud.network.Site2SiteVpnConnection.State;
+import com.cloud.utils.db.GenericDao;
+import org.apache.cloudstack.api.InternalIdentity;
+
+@Entity
+@Table(name=("s2s_vpn_connection"))
+public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, InternalIdentity {
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    private long id;
+    
+	@Column(name="uuid")
+	private String uuid;    
+    
+    @Column(name="vpn_gateway_id")
+    private long vpnGatewayId;
+    
+    @Column(name="customer_gateway_id")
+    private long customerGatewayId;
+
+    @Column(name="state")
+    @Enumerated(value=EnumType.STRING)
+    private State state;
+    
+    @Column(name="domain_id")
+    private Long domainId;
+    
+    @Column(name="account_id")
+    private Long accountId;
+
+    @Column(name=GenericDao.CREATED_COLUMN)
+    private Date created;
+    
+    @Column(name=GenericDao.REMOVED_COLUMN)
+    private Date removed;
+    
+    public Site2SiteVpnConnectionVO() { }
+
+    public Site2SiteVpnConnectionVO(long accountId, long domainId, long vpnGatewayId, long customerGatewayId) {
+        this.uuid = UUID.randomUUID().toString();
+        this.setVpnGatewayId(vpnGatewayId);
+        this.setCustomerGatewayId(customerGatewayId);
+        this.setState(State.Pending);
+        this.accountId = accountId;
+        this.domainId = domainId;
+    }
+    
+    @Override
+    public long getId() {
+        return id;
+    }
+    
+    @Override
+    public State getState() {
+        return state;
+    }
+
+    public void setState(State state) {
+        this.state = state;
+    }
+
+    @Override
+    public long getVpnGatewayId() {
+        return vpnGatewayId;
+    }
+
+    public void setVpnGatewayId(long vpnGatewayId) {
+        this.vpnGatewayId = vpnGatewayId;
+    }
+
+    @Override
+    public long getCustomerGatewayId() {
+        return customerGatewayId;
+    }
+
+    public void setCustomerGatewayId(long customerGatewayId) {
+        this.customerGatewayId = customerGatewayId;
+    }
+
+    @Override
+    public Date getCreated() {
+        return created;
+    }
+
+    public void setCreated(Date created) {
+        this.created = created;
+    }
+
+    @Override
+    public Date getRemoved() {
+        return removed;
+    }
+
+    public void setRemoved(Date removed) {
+        this.removed = removed;
+    }
+    
+    public String getUuid() {
+        return uuid;
+    }
+    
+    @Override
+    public long getDomainId() {
+        return domainId;
+    }
+
+    @Override
+    public long getAccountId() {
+        return accountId;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java
new file mode 100644
index 0000000..9b393e6
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java
@@ -0,0 +1,23 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface Site2SiteVpnGatewayDao extends GenericDao<Site2SiteVpnGatewayVO, Long> {
+    Site2SiteVpnGatewayVO findByVpcId(long vpcId);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java
new file mode 100644
index 0000000..fa4a9fa
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java
@@ -0,0 +1,50 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+@Local(value={Site2SiteVpnGatewayDao.class})
+public class Site2SiteVpnGatewayDaoImpl extends GenericDaoBase<Site2SiteVpnGatewayVO, Long> implements Site2SiteVpnGatewayDao {
+    @Inject protected IPAddressDao _addrDao;
+
+    private static final Logger s_logger = Logger.getLogger(Site2SiteVpnGatewayDaoImpl.class);
+
+    private final SearchBuilder<Site2SiteVpnGatewayVO> AllFieldsSearch;
+
+    protected Site2SiteVpnGatewayDaoImpl() {
+        AllFieldsSearch = createSearchBuilder();
+        AllFieldsSearch.and("vpcId", AllFieldsSearch.entity().getVpcId(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.done();
+    }
+
+    @Override
+    public Site2SiteVpnGatewayVO findByVpcId(long vpcId) {
+        SearchCriteria<Site2SiteVpnGatewayVO> sc = AllFieldsSearch.create();
+        sc.setParameters("vpcId", vpcId);
+        return findOneBy(sc);
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
new file mode 100644
index 0000000..1e12971
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
@@ -0,0 +1,114 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.Date;
+import java.util.UUID;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+import com.cloud.network.Site2SiteVpnGateway;
+import com.cloud.utils.db.GenericDao;
+import org.apache.cloudstack.api.InternalIdentity;
+
+@Entity
+@Table(name=("s2s_vpn_gateway"))
+public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    private long id;
+    
+	@Column(name="uuid")
+	private String uuid;    
+    
+    @Column(name="addr_id")
+    private long addrId;
+
+    @Column(name="vpc_id")
+    private long vpcId;
+
+    @Column(name="domain_id")
+    private Long domainId;
+    
+    @Column(name="account_id")
+    private Long accountId;
+
+    @Column(name=GenericDao.REMOVED_COLUMN)
+    private Date removed;
+    
+    public Site2SiteVpnGatewayVO() { }
+
+    public Site2SiteVpnGatewayVO(long accountId, long domainId, long addrId, long vpcId) {
+        this.uuid = UUID.randomUUID().toString();
+        this.setAddrId(addrId);
+        this.setVpcId(vpcId);
+        this.accountId = accountId;
+        this.domainId = domainId;
+    }
+    
+    @Override
+    public long getId() {
+        return id;
+    }
+
+    @Override
+    public long getVpcId() {
+        return vpcId;
+    }
+    
+    public void setVpcId(long vpcId) {
+        this.vpcId = vpcId;
+    }
+
+    @Override
+    public long getAddrId() {
+        return addrId;
+    }
+
+    public void setAddrId(long addrId) {
+        this.addrId = addrId;
+    }
+
+    @Override
+    public Date getRemoved() {
+        return removed;
+    }
+
+    public void setRemoved(Date removed) {
+        this.removed = removed;
+    }
+
+    public String getUuid() {
+        return uuid;
+    }
+    
+    @Override
+    public long getDomainId() {
+        return domainId;
+    }
+
+    @Override
+    public long getAccountId() {
+        return accountId;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDao.java b/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDao.java
new file mode 100644
index 0000000..555b7f6
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDao.java
@@ -0,0 +1,41 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import com.cloud.network.Network;
+import com.cloud.network.UserIpv6AddressVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface UserIpv6AddressDao extends GenericDao<UserIpv6AddressVO, Long> {
+	List<UserIpv6AddressVO> listByAccount(long accountId);
+	
+	List<UserIpv6AddressVO> listByVlanId(long vlanId);
+	
+	List<UserIpv6AddressVO> listByDcId(long dcId); 
+	
+	List<UserIpv6AddressVO> listByNetwork(long networkId);
+	
+	public UserIpv6AddressVO findByNetworkIdAndIp(long networkId, String ipAddress);
+
+	List<UserIpv6AddressVO> listByPhysicalNetworkId(long physicalNetworkId);
+
+	long countExistedIpsInNetwork(long networkId);
+
+	long countExistedIpsInVlan(long vlanId);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java b/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java
new file mode 100644
index 0000000..c9f38ec
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/UserIpv6AddressDaoImpl.java
@@ -0,0 +1,122 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.ejb.Local;
+import javax.naming.ConfigurationException;
+
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.Network;
+import com.cloud.network.UserIpv6AddressVO;
+import com.cloud.utils.Pair;
+import com.cloud.utils.db.Filter;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.GenericSearchBuilder;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.SearchCriteria.Func;
+import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.utils.db.SearchCriteria2;
+
+@Component
+@Local(value=UserIpv6AddressDao.class)
+public class UserIpv6AddressDaoImpl extends GenericDaoBase<UserIpv6AddressVO, Long> implements UserIpv6AddressDao {
+    private static final Logger s_logger = Logger.getLogger(IPAddressDaoImpl.class);
+
+    protected final SearchBuilder<UserIpv6AddressVO> AllFieldsSearch;
+    protected GenericSearchBuilder<UserIpv6AddressVO, Long> CountFreePublicIps;
+    
+    public UserIpv6AddressDaoImpl() {
+        AllFieldsSearch = createSearchBuilder();
+        AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ);
+        AllFieldsSearch.and("dataCenterId", AllFieldsSearch.entity().getDataCenterId(), Op.EQ);
+        AllFieldsSearch.and("ipAddress", AllFieldsSearch.entity().getAddress(), Op.EQ);
+        AllFieldsSearch.and("vlan", AllFieldsSearch.entity().getVlanId(), Op.EQ);
+        AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), Op.EQ);
+        AllFieldsSearch.and("network", AllFieldsSearch.entity().getNetworkId(), Op.EQ);
+        AllFieldsSearch.and("physicalNetworkId", AllFieldsSearch.entity().getPhysicalNetworkId(), Op.EQ);
+        AllFieldsSearch.done();
+        
+        CountFreePublicIps = createSearchBuilder(Long.class);
+        CountFreePublicIps.select(null, Func.COUNT, null);
+        CountFreePublicIps.and("networkId", CountFreePublicIps.entity().getSourceNetworkId(), SearchCriteria.Op.EQ);
+        CountFreePublicIps.and("vlanId", CountFreePublicIps.entity().getVlanId(), SearchCriteria.Op.EQ);
+        CountFreePublicIps.done();
+    }
+
+	@Override
+	public List<UserIpv6AddressVO> listByAccount(long accountId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByVlanId(long vlanId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("vlan", vlanId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByDcId(long dcId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("dataCenterId", dcId);
+        return listBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByNetwork(long networkId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("network", networkId);
+        return listBy(sc);
+	}
+
+	@Override
+	public UserIpv6AddressVO findByNetworkIdAndIp(long networkId, String ipAddress) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("networkId", networkId);
+        sc.setParameters("ipAddress", ipAddress);
+        return findOneBy(sc);
+	}
+
+	@Override
+	public List<UserIpv6AddressVO> listByPhysicalNetworkId(long physicalNetworkId) {
+        SearchCriteria<UserIpv6AddressVO> sc = AllFieldsSearch.create();
+        sc.setParameters("physicalNetworkId", physicalNetworkId);
+        return listBy(sc);
+	}
+
+	@Override
+	public long countExistedIpsInNetwork(long networkId) {
+        SearchCriteria<Long> sc = CountFreePublicIps.create();
+        sc.setParameters("networkId", networkId);
+        return customSearch(sc, null).get(0);       
+	}
+
+	@Override
+	public long countExistedIpsInVlan(long vlanId) {
+        SearchCriteria<Long> sc = CountFreePublicIps.create();
+        sc.setParameters("vlanId", vlanId);
+        return customSearch(sc, null).get(0);       
+	}
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDao.java b/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDao.java
new file mode 100644
index 0000000..d929293
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDao.java
@@ -0,0 +1,31 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import com.cloud.network.VirtualRouterProvider;
+import com.cloud.network.element.VirtualRouterProviderVO;
+import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType;
+import com.cloud.utils.db.GenericDao;
+
+public interface VirtualRouterProviderDao extends GenericDao<VirtualRouterProviderVO, Long> {
+    public VirtualRouterProviderVO findByNspIdAndType(long nspId, VirtualRouterProviderType type);
+    public List<VirtualRouterProviderVO> listByEnabledAndType(boolean enabled, VirtualRouterProviderType type);
+    public VirtualRouterProviderVO findByIdAndEnabledAndType(long id, boolean enabled, VirtualRouterProviderType type);
+    public List<VirtualRouterProviderVO> listByType(VirtualRouterProviderType type);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDaoImpl.java b/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDaoImpl.java
new file mode 100644
index 0000000..dba835f
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/VirtualRouterProviderDaoImpl.java
@@ -0,0 +1,79 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import javax.ejb.Local;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.element.VirtualRouterProviderVO;
+import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType;
+import com.cloud.utils.db.DB;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+@Local(value=VirtualRouterProviderDao.class) @DB(txn=false)
+public class VirtualRouterProviderDaoImpl extends GenericDaoBase<VirtualRouterProviderVO, Long> implements VirtualRouterProviderDao {
+    final SearchBuilder<VirtualRouterProviderVO> AllFieldsSearch;
+    
+    public VirtualRouterProviderDaoImpl() {
+        super();
+        AllFieldsSearch = createSearchBuilder();
+        AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.and("nsp_id", AllFieldsSearch.entity().getNspId(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.and("uuid", AllFieldsSearch.entity().getUuid(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.and("type", AllFieldsSearch.entity().getType(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.and("enabled", AllFieldsSearch.entity().isEnabled(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.done();
+    }
+
+    @Override
+    public VirtualRouterProviderVO findByNspIdAndType(long nspId, VirtualRouterProviderType type) {
+        SearchCriteria<VirtualRouterProviderVO> sc = AllFieldsSearch.create();
+        sc.setParameters("nsp_id", nspId);
+        sc.setParameters("type", type);
+        return findOneBy(sc);
+    }
+    
+    @Override
+    public List<VirtualRouterProviderVO> listByEnabledAndType(boolean enabled, VirtualRouterProviderType type) {
+        SearchCriteria<VirtualRouterProviderVO> sc = AllFieldsSearch.create();
+        sc.setParameters("enabled", enabled);
+        sc.setParameters("type", type);
+        return listBy(sc);
+    }
+    
+    @Override
+    public VirtualRouterProviderVO findByIdAndEnabledAndType(long id, boolean enabled, VirtualRouterProviderType type) {
+        SearchCriteria<VirtualRouterProviderVO> sc = AllFieldsSearch.create();
+        sc.setParameters("id", id);
+        sc.setParameters("enabled", enabled);
+        sc.setParameters("type", type);
+        return findOneBy(sc);
+    }
+
+    @Override
+    public List<VirtualRouterProviderVO> listByType(VirtualRouterProviderType type) {
+        SearchCriteria<VirtualRouterProviderVO> sc = AllFieldsSearch.create();
+        sc.setParameters("type", type);
+        return listBy(sc);
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/VpnUserDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/VpnUserDao.java b/engine/schema/src/com/cloud/network/dao/VpnUserDao.java
new file mode 100644
index 0000000..8ba742a
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/VpnUserDao.java
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import com.cloud.network.VpnUserVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface VpnUserDao extends GenericDao<VpnUserVO, Long> {
+    List<VpnUserVO> listByAccount(Long accountId);
+    VpnUserVO findByAccountAndUsername(Long acccountId, String userName);
+    long getVpnUserCount(Long accountId);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/dao/VpnUserDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/VpnUserDaoImpl.java b/engine/schema/src/com/cloud/network/dao/VpnUserDaoImpl.java
new file mode 100644
index 0000000..cd3de79
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/dao/VpnUserDaoImpl.java
@@ -0,0 +1,87 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.dao;
+
+import java.util.List;
+
+import javax.ejb.Local;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.VpnUser.State;
+import com.cloud.network.VpnUserVO;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.GenericSearchBuilder;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.SearchCriteria.Func;
+
+@Component
+@Local(value={VpnUserDao.class})
+public class VpnUserDaoImpl extends GenericDaoBase<VpnUserVO, Long> implements VpnUserDao {
+    private final SearchBuilder<VpnUserVO> AccountSearch;
+    private final SearchBuilder<VpnUserVO> AccountNameSearch;
+    private final GenericSearchBuilder<VpnUserVO, Long> VpnUserCount;
+
+
+    protected VpnUserDaoImpl() {
+
+        AccountSearch = createSearchBuilder();
+        AccountSearch.and("accountId", AccountSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountSearch.done();
+        
+        AccountNameSearch = createSearchBuilder();
+        AccountNameSearch.and("accountId", AccountNameSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountNameSearch.and("username", AccountNameSearch.entity().getUsername(), SearchCriteria.Op.EQ);
+        AccountNameSearch.done();
+        
+        VpnUserCount = createSearchBuilder(Long.class);
+        VpnUserCount.and("accountId", VpnUserCount.entity().getAccountId(), SearchCriteria.Op.EQ);
+        VpnUserCount.and("state", VpnUserCount.entity().getState(), SearchCriteria.Op.NEQ);
+        VpnUserCount.select(null, Func.COUNT, null);
+        VpnUserCount.done();
+    }
+
+    @Override
+    public List<VpnUserVO> listByAccount(Long accountId) {
+        SearchCriteria<VpnUserVO> sc = AccountSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc);
+    }
+
+	@Override
+	public VpnUserVO findByAccountAndUsername(Long accountId, String userName) {
+		SearchCriteria<VpnUserVO> sc = AccountNameSearch.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("username", userName);
+
+        return findOneBy(sc);
+	}
+
+	@Override
+	public long getVpnUserCount(Long accountId) {
+		SearchCriteria<Long> sc = VpnUserCount.create();
+		sc.setParameters("accountId", accountId);
+		sc.setParameters("state", State.Revoke);
+		List<Long> rs = customSearch(sc, null);
+		if (rs.size() == 0) {
+            return 0;
+        }
+        
+        return rs.get(0);
+	}
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/element/VirtualRouterProviderVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/element/VirtualRouterProviderVO.java b/engine/schema/src/com/cloud/network/element/VirtualRouterProviderVO.java
new file mode 100644
index 0000000..ff2b621
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/element/VirtualRouterProviderVO.java
@@ -0,0 +1,120 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.element;
+
+import java.util.Date;
+import java.util.UUID;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+import com.cloud.network.VirtualRouterProvider;
+import com.cloud.utils.db.GenericDao;
+import org.apache.cloudstack.api.InternalIdentity;
+
+@Entity
+@Table(name=("virtual_router_providers"))
+public class VirtualRouterProviderVO implements VirtualRouterProvider {
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    long id;
+    
+    @Column(name="type")
+    @Enumerated(EnumType.STRING)
+    private VirtualRouterProviderType type;
+    
+    @Column(name="enabled")
+    private boolean enabled;
+    
+    @Column(name="nsp_id")
+    private long nspId;
+    
+    @Column(name="uuid")
+    private String uuid;
+    
+    @Column(name=GenericDao.REMOVED_COLUMN)
+    Date removed;
+
+    public VirtualRouterProviderVO() {
+        this.uuid = UUID.randomUUID().toString();
+    }
+    
+    public VirtualRouterProviderVO(long nspId, VirtualRouterProviderType type) {
+        this.nspId = nspId;
+        this.type = type;
+        this.uuid = UUID.randomUUID().toString();
+    }
+
+    @Override
+    public long getNspId() {
+        return nspId;
+    }
+
+    public String getUuid() {
+        return uuid;
+    }
+
+    @Override
+    public long getId() {
+        return id;
+    }
+
+    @Override
+    public VirtualRouterProviderType getType() {
+        return this.type;
+    }
+    
+    public Date getRemoved() {
+        return removed;
+    }
+
+    public void setRemoved(Date removed) {
+        this.removed = removed;
+    }
+
+    public void setEnabled(boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return this.enabled;
+    }
+
+    public void setId(long id) {
+        this.id = id;
+    }
+
+    public void setType(VirtualRouterProviderType type) {
+        this.type = type;
+    }
+
+    public void setNspId(long nspId) {
+        this.nspId = nspId;
+    }
+
+    public void setUuid(String uuid) {
+        this.uuid = uuid;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
new file mode 100644
index 0000000..9f73029
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
@@ -0,0 +1,268 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.rules;
+
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+import javax.persistence.Column;
+import javax.persistence.DiscriminatorColumn;
+import javax.persistence.DiscriminatorType;
+import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Inheritance;
+import javax.persistence.InheritanceType;
+import javax.persistence.Table;
+import javax.persistence.Transient;
+
+import com.cloud.utils.db.GenericDao;
+import com.cloud.utils.net.NetUtils;
+
+@Entity
+@Table(name="firewall_rules")
+@Inheritance(strategy=InheritanceType.JOINED)
+@DiscriminatorColumn(name="purpose", discriminatorType=DiscriminatorType.STRING, length=32)
+public class FirewallRuleVO implements FirewallRule {
+
+    @Id
+    @GeneratedValue(strategy=GenerationType.IDENTITY)
+    @Column(name="id")
+    long id;
+
+    @GeneratedValue(strategy=GenerationType.AUTO)
+    @Column(name=GenericDao.XID_COLUMN)
+    String xId;
+
+    @Column(name="domain_id", updatable=false)
+    long domainId;
+
+    @Column(name="account_id", updatable=false)
+    long accountId;
+
+    @Column(name="ip_address_id", updatable=false)
+    Long sourceIpAddressId;
+
+    @Column(name="start_port", updatable=false)
+    Integer sourcePortStart;
+
+    @Column(name="end_port", updatable=false)
+    Integer sourcePortEnd;
+
+    @Column(name="protocol", updatable=false)
+    String protocol = NetUtils.TCP_PROTO;
+
+    @Enumerated(value=EnumType.STRING)
+    @Column(name="purpose")
+    Purpose purpose;
+
+    @Enumerated(value=EnumType.STRING)
+    @Column(name="state")
+    State state;
+
+    @Column(name=GenericDao.CREATED_COLUMN)
+    Date created;
+
+    @Column(name="network_id")
+    Long networkId;
+
+    @Column(name="icmp_code")
+    Integer icmpCode;
+
+    @Column(name="icmp_type")
+    Integer icmpType;
+
+
+    @Column(name="related")
+    Long related;
+
+    @Column(name="type")
+    @Enumerated(value=EnumType.STRING)
+    FirewallRuleType type;
+
+    @Column(name="traffic_type")
+    @Enumerated(value=EnumType.STRING)
+    TrafficType trafficType;
+
+
+    // This is a delayed load value.  If the value is null,
+    // then this field has not been loaded yet.
+    // Call firewallrules dao to load it.
+    @Transient
+    List<String> sourceCidrs;
+
+    @Column(name="uuid")
+    String uuid;
+
+    public void setSourceCidrList(List<String> sourceCidrs) {
+        this.sourceCidrs=sourceCidrs;
+    }
+
+    @Override
+    public List<String> getSourceCidrList() {
+        return sourceCidrs;
+    }
+
+    @Override
+    public long getAccountId() {
+        return accountId;
+    }
+
+    @Override
+    public long getDomainId() {
+        return domainId;
+    }
+
+    @Override
+    public long getId() {
+        return id;
+    }
+
+    @Override
+    public String getXid() {
+        return xId;
+    }
+
+    @Override
+    public Long getSourceIpAddressId() {
+        return sourceIpAddressId;
+    }
+
+    @Override
+    public Integer getSourcePortStart() {
+        return sourcePortStart;
+    }
+
+    @Override
+    public Integer getSourcePortEnd() {
+        return sourcePortEnd;
+    }
+
+    @Override
+    public String getProtocol() {
+        return protocol;
+    }
+
+    public void setState(State state) {
+        this.state = state;
+    }
+
+    @Override
+    public Purpose getPurpose() {
+        return purpose;
+    }
+
+    @Override
+    public State getState() {
+        return state;
+    }
+
+    @Override
+    public long getNetworkId() {
+        return networkId;
+    }
+
+    @Override
+    public FirewallRuleType getType() {
+        return type;
+    }
+    public Date getCreated() {
+        return created;
+    }
+
+    protected FirewallRuleVO() {
+        this.uuid = UUID.randomUUID().toString();
+    }
+
+    public FirewallRuleVO(String xId, Long ipAddressId, Integer portStart, Integer portEnd, String protocol, 
+            long networkId, long accountId, long domainId, Purpose purpose, List<String> sourceCidrs, Integer icmpCode,
+            Integer icmpType, Long related, TrafficType trafficType) {
+        this.xId = xId;
+        if (xId == null) {
+            this.xId = UUID.randomUUID().toString();
+        }
+        this.accountId = accountId;
+        this.domainId = domainId;
+        this.sourceIpAddressId = ipAddressId;
+        this.sourcePortStart = portStart;
+        this.sourcePortEnd = portEnd;
+        this.protocol = protocol;
+        this.purpose = purpose;
+        this.networkId = networkId;
+        this.state = State.Staged;
+        this.icmpCode = icmpCode;
+        this.icmpType = icmpType;
+        this.sourceCidrs = sourceCidrs;
+
+        if (related != null) {
+            assert (purpose == Purpose.Firewall) : "related field can be set for rule of purpose " + Purpose.Firewall + " only";
+        }
+
+        this.related = related;
+        this.uuid = UUID.randomUUID().toString();
+        this.type = FirewallRuleType.User;
+        this.trafficType = trafficType;
+    }
+
+
+    public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId, 
+            long domainId, Purpose purpose, List<String> sourceCidrs, Integer icmpCode, Integer icmpType, Long related) {
+        this(xId, ipAddressId, port, port, protocol, networkId, accountId, domainId, purpose, sourceCidrs, icmpCode, icmpType, related, null);
+    }
+
+    @Override
+    public String toString() {
+        return new StringBuilder("Rule[").append(id).append("-").append(purpose).append("-").append(state).append("]").toString();
+    }
+
+    @Override
+    public Integer getIcmpCode() {
+        return icmpCode;
+    }
+
+    @Override
+    public Integer getIcmpType() {
+        return icmpType;
+    }
+
+    @Override
+    public Long getRelated() {
+        return related;
+    }
+
+    @Override
+    public String getUuid() {
+        return this.uuid;
+    }
+
+    public void setUuid(String uuid) {
+        this.uuid = uuid;
+    }
+
+    public void setType(FirewallRuleType type) {
+        this.type = type;
+    }
+
+    @Override
+    public TrafficType getTrafficType() {
+        return trafficType;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/rules/PortForwardingRuleVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/rules/PortForwardingRuleVO.java b/engine/schema/src/com/cloud/network/rules/PortForwardingRuleVO.java
new file mode 100644
index 0000000..0bd78ff
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/rules/PortForwardingRuleVO.java
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.rules;
+
+import java.util.List;
+
+import javax.persistence.Column;
+import javax.persistence.DiscriminatorValue;
+import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
+import javax.persistence.PrimaryKeyJoinColumn;
+import javax.persistence.Table;
+
+import com.cloud.utils.net.Ip;
+
+@Entity
+@Table(name=("port_forwarding_rules"))
+@DiscriminatorValue(value="PortForwarding")
+@PrimaryKeyJoinColumn(name="id")
+public class PortForwardingRuleVO extends FirewallRuleVO implements PortForwardingRule {
+
+    @Enumerated(value=EnumType.STRING)
+    @Column(name="dest_ip_address")
+    private Ip destinationIpAddress = null;
+
+    @Column(name="dest_port_start")
+    private int destinationPortStart;
+    
+    @Column(name="dest_port_end")
+    private int destinationPortEnd;
+    
+    @Column(name="instance_id")
+    private long virtualMachineId;
+    
+    public PortForwardingRuleVO() {
+    }
+
+    public PortForwardingRuleVO(String xId, long srcIpId, int srcPortStart, int srcPortEnd, Ip dstIp, int dstPortStart, int dstPortEnd, String protocol, long networkId, long accountId, long domainId, long instanceId) {
+        super(xId, srcIpId, srcPortStart, srcPortEnd, protocol, networkId, accountId, domainId, Purpose.PortForwarding, null, null, null, null, null);
+        this.destinationIpAddress = dstIp;
+        this.virtualMachineId = instanceId;
+        this.destinationPortStart = dstPortStart;
+        this.destinationPortEnd = dstPortEnd;
+    }
+    
+    public PortForwardingRuleVO(String xId, long srcIpId, int srcPort, Ip dstIp, int dstPort, String protocol, List<String> sourceCidrs, long networkId, long accountId, long domainId, long instanceId) {
+        this(xId, srcIpId, srcPort, srcPort, dstIp, dstPort, dstPort, protocol.toLowerCase(), networkId, accountId, domainId, instanceId);
+    }
+
+    @Override
+    public Ip getDestinationIpAddress() {
+        return destinationIpAddress;
+    }
+    
+    @Override
+    public void setDestinationIpAddress(Ip destinationIpAddress) {
+    	this.destinationIpAddress = destinationIpAddress;
+    }
+
+    @Override
+    public int getDestinationPortStart() {
+        return destinationPortStart;
+    }
+    
+    @Override
+    public int getDestinationPortEnd() {
+        return destinationPortEnd;
+    }
+    
+    @Override
+    public long getVirtualMachineId() {
+        return virtualMachineId;
+    }
+    
+    @Override
+    public Long getRelated() {
+        return null;
+    }
+
+}
+

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java
new file mode 100644
index 0000000..682a941
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java
@@ -0,0 +1,47 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.rules.dao;
+
+import java.util.List;
+
+import com.cloud.network.rules.PortForwardingRuleVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface PortForwardingRulesDao extends GenericDao<PortForwardingRuleVO, Long> {
+    List<PortForwardingRuleVO> listForApplication(long ipId);
+    
+    /**
+     * Find all port forwarding rules for the ip address that have not been revoked.
+     * 
+     * @param ip ip address 
+     * @return List of PortForwardingRuleVO
+     */
+    List<PortForwardingRuleVO> listByIpAndNotRevoked(long ipId);
+    
+    List<PortForwardingRuleVO> listByNetworkAndNotRevoked(long networkId);
+    
+    List<PortForwardingRuleVO> listByIp(long ipId);
+
+    List<PortForwardingRuleVO> listByVm(Long vmId);
+    
+    List<PortForwardingRuleVO> listByNetwork(long networkId);
+    
+    List<PortForwardingRuleVO> listByAccount(long accountId);
+
+    List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address);
+    
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java
new file mode 100644
index 0000000..cc780cb
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java
@@ -0,0 +1,162 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+// 
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.rules.dao;
+
+import java.util.List;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.dao.FirewallRulesCidrsDao;
+import com.cloud.network.dao.FirewallRulesCidrsDaoImpl;
+import com.cloud.network.rules.FirewallRule.Purpose;
+import com.cloud.network.rules.FirewallRule.State;
+import com.cloud.network.rules.PortForwardingRuleVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.vm.dao.NicSecondaryIpVO;
+
+@Component
+@Local(value=PortForwardingRulesDao.class)
+public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRuleVO, Long> implements PortForwardingRulesDao {
+
+    protected final SearchBuilder<PortForwardingRuleVO> AllFieldsSearch;
+    protected final SearchBuilder<PortForwardingRuleVO> ApplicationSearch;
+    protected final SearchBuilder<PortForwardingRuleVO> ActiveRulesSearch;
+    protected final SearchBuilder<PortForwardingRuleVO> AllRulesSearchByVM;
+    protected final SearchBuilder<PortForwardingRuleVO> ActiveRulesSearchByAccount;
+
+    @Inject protected FirewallRulesCidrsDao _portForwardingRulesCidrsDao;
+    
+    protected PortForwardingRulesDaoImpl() {
+        super();
+        AllFieldsSearch = createSearchBuilder();
+        AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ);
+        AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), Op.EQ);
+        AllFieldsSearch.and("ipId", AllFieldsSearch.entity().getSourceIpAddressId(), Op.EQ);
+        AllFieldsSearch.and("protocol", AllFieldsSearch.entity().getProtocol(), Op.EQ);
+        AllFieldsSearch.and("networkId", AllFieldsSearch.entity().getNetworkId(), Op.EQ);
+        AllFieldsSearch.and("vmId", AllFieldsSearch.entity().getVirtualMachineId(), Op.EQ);
+        AllFieldsSearch.and("purpose", AllFieldsSearch.entity().getPurpose(), Op.EQ);
+        AllFieldsSearch.and("dstIp", AllFieldsSearch.entity().getDestinationIpAddress(), Op.EQ);
+        AllFieldsSearch.done();
+        
+        ApplicationSearch = createSearchBuilder();
+        ApplicationSearch.and("ipId", ApplicationSearch.entity().getSourceIpAddressId(), Op.EQ);
+        ApplicationSearch.and("state", ApplicationSearch.entity().getState(), Op.NEQ);
+        ApplicationSearch.and("purpose", ApplicationSearch.entity().getPurpose(), Op.EQ);
+        ApplicationSearch.done();
+        
+        
+        ActiveRulesSearch = createSearchBuilder();
+        ActiveRulesSearch.and("ipId", ActiveRulesSearch.entity().getSourceIpAddressId(), Op.EQ);
+        ActiveRulesSearch.and("networkId", ActiveRulesSearch.entity().getNetworkId(), Op.EQ);
+        ActiveRulesSearch.and("state", ActiveRulesSearch.entity().getState(), Op.NEQ);
+        ActiveRulesSearch.and("purpose", ActiveRulesSearch.entity().getPurpose(), Op.EQ);
+        ActiveRulesSearch.done();
+        
+        AllRulesSearchByVM = createSearchBuilder();
+        AllRulesSearchByVM.and("vmId", AllRulesSearchByVM.entity().getVirtualMachineId(), Op.EQ);
+        AllRulesSearchByVM.and("purpose", AllRulesSearchByVM.entity().getPurpose(), Op.EQ);
+        AllRulesSearchByVM.done();
+        
+        ActiveRulesSearchByAccount = createSearchBuilder();
+        ActiveRulesSearchByAccount.and("accountId", ActiveRulesSearchByAccount.entity().getAccountId(), Op.EQ);
+        ActiveRulesSearchByAccount.and("state", ActiveRulesSearchByAccount.entity().getState(), Op.NEQ);
+        ActiveRulesSearchByAccount.and("purpose", ActiveRulesSearchByAccount.entity().getPurpose(), Op.EQ);
+        ActiveRulesSearchByAccount.done();
+    }
+
+    @Override
+    public List<PortForwardingRuleVO> listForApplication(long ipId) {
+        SearchCriteria<PortForwardingRuleVO> sc = ApplicationSearch.create();
+        sc.setParameters("ipId", ipId);
+        sc.setParameters("state", State.Staged);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc, null);
+    }
+    
+    @Override
+    public List<PortForwardingRuleVO> listByVm(Long vmId) {
+    	SearchCriteria<PortForwardingRuleVO> sc = AllRulesSearchByVM.create();
+    	sc.setParameters("vmId", vmId);
+    	sc.setParameters("purpose", Purpose.PortForwarding);
+    	
+    	return listBy(sc, null);
+    }
+
+    @Override
+    public List<PortForwardingRuleVO> listByIpAndNotRevoked(long ipId) {
+        SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create();
+        sc.setParameters("ipId", ipId);
+        sc.setParameters("state", State.Revoke);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc, null);
+    }
+    
+    @Override
+    public List<PortForwardingRuleVO> listByNetworkAndNotRevoked(long networkId) {
+        SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create();
+        sc.setParameters("networkId", networkId);
+        sc.setParameters("state", State.Revoke);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc, null);
+    }
+    
+    @Override
+    public List<PortForwardingRuleVO> listByIp(long ipId) {
+        SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create();
+        sc.setParameters("ipId", ipId);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc, null);
+    }
+    
+    @Override
+    public List<PortForwardingRuleVO> listByNetwork(long networkId) {
+        SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create();
+        sc.setParameters("networkId", networkId);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc);
+    }
+
+    @Override
+    public List<PortForwardingRuleVO> listByAccount(long accountId) {
+        SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearchByAccount.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("state", State.Revoke);
+        sc.setParameters("purpose", Purpose.PortForwarding);
+        
+        return listBy(sc);
+    }
+    @Override
+    public List<PortForwardingRuleVO> listByDestIpAddr(String ip4Address) {
+        SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create();
+        sc.setParameters("dstIp", ip4Address);
+        return listBy(sc);
+    }
+  
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDao.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDao.java
new file mode 100644
index 0000000..482e13c
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDao.java
@@ -0,0 +1,30 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import com.cloud.network.security.SecurityGroupVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface SecurityGroupDao extends GenericDao<SecurityGroupVO, Long> {
+    List<SecurityGroupVO> listByAccountId(long accountId);
+    boolean isNameInUse(Long accountId, Long domainId, String name);
+    SecurityGroupVO findByAccountAndName(Long accountId, String name);
+    List<SecurityGroupVO> findByAccountAndNames(Long accountId, String... names);
+    int removeByAccountId(long accountId); 
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDaoImpl.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDaoImpl.java
new file mode 100644
index 0000000..d82cc4a
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupDaoImpl.java
@@ -0,0 +1,136 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.security.SecurityGroupVO;
+import com.cloud.server.ResourceTag.TaggedResourceType;
+import com.cloud.tags.dao.ResourceTagDao;
+import com.cloud.tags.dao.ResourceTagsDaoImpl;
+
+import com.cloud.utils.db.DB;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.Transaction;
+
+@Component
+@Local(value={SecurityGroupDao.class})
+public class SecurityGroupDaoImpl extends GenericDaoBase<SecurityGroupVO, Long> implements SecurityGroupDao {
+    private SearchBuilder<SecurityGroupVO> AccountIdSearch;
+    private SearchBuilder<SecurityGroupVO> AccountIdNameSearch;
+    private SearchBuilder<SecurityGroupVO> AccountIdNamesSearch;
+    @Inject ResourceTagDao _tagsDao;
+
+
+    protected SecurityGroupDaoImpl() {
+        AccountIdSearch = createSearchBuilder();
+        AccountIdSearch.and("accountId", AccountIdSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountIdSearch.done();
+
+        AccountIdNameSearch = createSearchBuilder();
+        AccountIdNameSearch.and("accountId", AccountIdNameSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountIdNameSearch.and("name", AccountIdNameSearch.entity().getName(), SearchCriteria.Op.EQ);
+        
+        AccountIdNamesSearch = createSearchBuilder();
+        AccountIdNamesSearch.and("accountId", AccountIdNamesSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountIdNamesSearch.and("groupNames", AccountIdNamesSearch.entity().getName(), SearchCriteria.Op.IN);
+        AccountIdNameSearch.done();
+    }
+
+    @Override
+    public List<SecurityGroupVO> listByAccountId(long accountId) {
+        SearchCriteria<SecurityGroupVO> sc = AccountIdSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc);
+    }
+
+    @Override
+    public boolean isNameInUse(Long accountId, Long domainId, String name) {
+        SearchCriteria<SecurityGroupVO> sc = createSearchCriteria();
+        sc.addAnd("name", SearchCriteria.Op.EQ, name);
+        if (accountId != null) {
+            sc.addAnd("accountId", SearchCriteria.Op.EQ, accountId);
+        } else {
+            sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
+            sc.addAnd("accountId", SearchCriteria.Op.NULL);
+        }
+
+        List<SecurityGroupVO> securityGroups = listBy(sc);
+        return ((securityGroups != null) && !securityGroups.isEmpty());
+    }
+
+	@Override
+	public SecurityGroupVO findByAccountAndName(Long accountId, String name) {
+		SearchCriteria<SecurityGroupVO> sc = AccountIdNameSearch.create();
+		sc.setParameters("accountId", accountId);
+		sc.setParameters("name", name);
+
+		return findOneIncludingRemovedBy(sc);
+	}
+
+	@Override
+	public List<SecurityGroupVO> findByAccountAndNames(Long accountId, String... names) {
+		SearchCriteria<SecurityGroupVO> sc = AccountIdNamesSearch.create();
+		sc.setParameters("accountId", accountId);
+
+		sc.setParameters("groupNames", (Object [])names);
+
+		return listBy(sc);
+	}
+	@Override
+	public int removeByAccountId(long accountId) {
+	    SearchCriteria<SecurityGroupVO> sc = AccountIdSearch.create();
+	    sc.setParameters("accountId", accountId);
+	    return expunge(sc);
+	} 
+
+	
+	@Override
+    @DB
+    public boolean remove(Long id) {
+        Transaction txn = Transaction.currentTxn();
+        txn.start();
+        SecurityGroupVO entry = findById(id);
+        if (entry != null) {
+            _tagsDao.removeByIdAndType(id, TaggedResourceType.SecurityGroup);
+        }
+        boolean result = super.remove(id);
+        txn.commit();
+        return result;
+    }
+	
+	@Override
+    @DB
+    public boolean expunge(Long id) {
+        Transaction txn = Transaction.currentTxn();
+        txn.start();
+        SecurityGroupVO entry = findById(id);
+        if (entry != null) {
+            _tagsDao.removeByIdAndType(id, TaggedResourceType.SecurityGroup);
+        }
+        boolean result = super.expunge(id);
+        txn.commit();
+        return result;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDao.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDao.java
new file mode 100644
index 0000000..4668aa4
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDao.java
@@ -0,0 +1,35 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import com.cloud.network.security.SecurityGroupRuleVO;
+import com.cloud.network.security.SecurityRule.SecurityRuleType;
+import com.cloud.utils.db.GenericDao;
+
+public interface SecurityGroupRuleDao extends GenericDao<SecurityGroupRuleVO, Long> {
+    List<SecurityGroupRuleVO> listBySecurityGroupId(long securityGroupId, SecurityRuleType type);
+    List<SecurityGroupRuleVO> listByAllowedSecurityGroupId(long networkGroupId);
+    SecurityGroupRuleVO findByProtoPortsAndCidr(long networkGroupId, String proto, int startPort, int endPort, String cidr);
+    SecurityGroupRuleVO findByProtoPortsAndGroup(String proto, int startPort, int endPort, String networkGroup);
+    SecurityGroupRuleVO findByProtoPortsAndAllowedGroupId(long networkGroupId, String proto, int startPort, int endPort, Long allowedGroupId);
+    int deleteBySecurityGroup(long securityGroupId);
+	int deleteByPortProtoAndGroup(long securityGroupId, String protocol, int startPort,int endPort, Long id);
+	int deleteByPortProtoAndCidr(long securityGroupId, String protocol, int startPort,int endPort, String cidr);
+
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDaoImpl.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDaoImpl.java
new file mode 100644
index 0000000..346ed26
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRuleDaoImpl.java
@@ -0,0 +1,176 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.security.SecurityGroupRuleVO;
+import com.cloud.network.security.SecurityGroupVO;
+import com.cloud.network.security.SecurityRule.SecurityRuleType;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.JoinBuilder;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+@Local(value={SecurityGroupRuleDao.class})
+public class SecurityGroupRuleDaoImpl extends GenericDaoBase<SecurityGroupRuleVO, Long> implements SecurityGroupRuleDao {
+	
+	@Inject SecurityGroupDao _securityGroupDao;
+	
+    protected SearchBuilder<SecurityGroupRuleVO> securityGroupIdSearch;
+    protected SearchBuilder<SecurityGroupRuleVO> securityGroupIdAndTypeSearch;
+    protected SearchBuilder<SecurityGroupRuleVO> allowedSecurityGroupIdSearch;
+    protected SearchBuilder<SecurityGroupRuleVO> protoPortsAndCidrSearch;
+    protected SearchBuilder<SecurityGroupRuleVO> protoPortsAndSecurityGroupNameSearch;
+    protected SearchBuilder<SecurityGroupRuleVO> protoPortsAndSecurityGroupIdSearch;
+
+
+
+    protected SecurityGroupRuleDaoImpl() {
+        securityGroupIdSearch  = createSearchBuilder();
+        securityGroupIdSearch.and("securityGroupId", securityGroupIdSearch.entity().getSecurityGroupId(), SearchCriteria.Op.EQ);
+        securityGroupIdSearch.done();
+        
+        securityGroupIdAndTypeSearch  = createSearchBuilder();
+        securityGroupIdAndTypeSearch.and("securityGroupId", securityGroupIdAndTypeSearch.entity().getSecurityGroupId(), SearchCriteria.Op.EQ);
+        securityGroupIdAndTypeSearch.and("type", securityGroupIdAndTypeSearch.entity().getType(), SearchCriteria.Op.EQ);
+        securityGroupIdAndTypeSearch.done();
+        
+        allowedSecurityGroupIdSearch  = createSearchBuilder();
+        allowedSecurityGroupIdSearch.and("allowedNetworkId", allowedSecurityGroupIdSearch.entity().getAllowedNetworkId(), SearchCriteria.Op.EQ);
+        allowedSecurityGroupIdSearch.done();
+        
+        protoPortsAndCidrSearch = createSearchBuilder();
+        protoPortsAndCidrSearch.and("securityGroupId", protoPortsAndCidrSearch.entity().getSecurityGroupId(), SearchCriteria.Op.EQ);
+        protoPortsAndCidrSearch.and("proto", protoPortsAndCidrSearch.entity().getProtocol(), SearchCriteria.Op.EQ);
+        protoPortsAndCidrSearch.and("startPort", protoPortsAndCidrSearch.entity().getStartPort(), SearchCriteria.Op.EQ);
+        protoPortsAndCidrSearch.and("endPort", protoPortsAndCidrSearch.entity().getEndPort(), SearchCriteria.Op.EQ);
+        protoPortsAndCidrSearch.and("cidr", protoPortsAndCidrSearch.entity().getAllowedSourceIpCidr(), SearchCriteria.Op.EQ);
+        protoPortsAndCidrSearch.done();
+        
+        protoPortsAndSecurityGroupIdSearch = createSearchBuilder();
+        protoPortsAndSecurityGroupIdSearch.and("securityGroupId", protoPortsAndSecurityGroupIdSearch.entity().getSecurityGroupId(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupIdSearch.and("proto", protoPortsAndSecurityGroupIdSearch.entity().getProtocol(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupIdSearch.and("startPort", protoPortsAndSecurityGroupIdSearch.entity().getStartPort(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupIdSearch.and("endPort", protoPortsAndSecurityGroupIdSearch.entity().getEndPort(), SearchCriteria.Op.EQ);        
+        protoPortsAndSecurityGroupIdSearch.and("allowedNetworkId", protoPortsAndSecurityGroupIdSearch.entity().getAllowedNetworkId(), SearchCriteria.Op.EQ);
+
+    }
+
+    public List<SecurityGroupRuleVO> listBySecurityGroupId(long securityGroupId, SecurityRuleType type) {
+        SearchCriteria<SecurityGroupRuleVO> sc = securityGroupIdAndTypeSearch.create();
+        sc.setParameters("securityGroupId", securityGroupId);
+        String dbType; 
+        if (type == SecurityRuleType.EgressRule) {
+            dbType = SecurityRuleType.EgressRule.getType();     
+        }else {
+            dbType = SecurityRuleType.IngressRule.getType();
+        }
+        
+        sc.setParameters("type", dbType);
+        return listBy(sc);
+    }
+
+    public int deleteBySecurityGroup(long securityGroupId) {
+        SearchCriteria<SecurityGroupRuleVO> sc = securityGroupIdSearch.create();
+        sc.setParameters("securityGroupId", securityGroupId);
+        return expunge(sc);
+    }
+
+    @Override
+    public List<SecurityGroupRuleVO> listByAllowedSecurityGroupId(long securityGroupId) {
+        SearchCriteria<SecurityGroupRuleVO> sc = allowedSecurityGroupIdSearch.create();
+        sc.setParameters("allowedNetworkId", securityGroupId);
+        return listBy(sc);
+    }
+
+    @Override
+    public SecurityGroupRuleVO findByProtoPortsAndCidr(long securityGroupId,
+            String proto, int startPort, int endPort, String cidr) {
+        SearchCriteria<SecurityGroupRuleVO> sc = protoPortsAndCidrSearch.create();
+        sc.setParameters("securityGroupId", securityGroupId);
+        sc.setParameters("proto", proto);
+        sc.setParameters("startPort", startPort);
+        sc.setParameters("endPort", endPort);
+        sc.setParameters("cidr", cidr);
+        return findOneIncludingRemovedBy(sc);
+    }
+
+    @Override
+    public SecurityGroupRuleVO findByProtoPortsAndGroup(String proto, int startPort, int endPort, String securityGroup) {
+        SearchCriteria<SecurityGroupRuleVO> sc = protoPortsAndSecurityGroupNameSearch.create();
+        sc.setParameters("proto", proto);
+        sc.setParameters("startPort", startPort);
+        sc.setParameters("endPort", endPort);
+        sc.setJoinParameters("groupName", "groupName", securityGroup);
+        return findOneIncludingRemovedBy(sc);
+    }
+
+	@Override
+	public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+        protoPortsAndSecurityGroupNameSearch = createSearchBuilder();
+        protoPortsAndSecurityGroupNameSearch.and("proto", protoPortsAndSecurityGroupNameSearch.entity().getProtocol(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupNameSearch.and("startPort", protoPortsAndSecurityGroupNameSearch.entity().getStartPort(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupNameSearch.and("endPort", protoPortsAndSecurityGroupNameSearch.entity().getEndPort(), SearchCriteria.Op.EQ);
+        SearchBuilder<SecurityGroupVO> ngSb = _securityGroupDao.createSearchBuilder();
+        ngSb.and("groupName", ngSb.entity().getName(), SearchCriteria.Op.EQ);
+        protoPortsAndSecurityGroupNameSearch.join("groupName", ngSb, protoPortsAndSecurityGroupNameSearch.entity().getAllowedNetworkId(), ngSb.entity().getId(), JoinBuilder.JoinType.INNER);
+        protoPortsAndSecurityGroupNameSearch.done();
+        return super.configure(name, params);
+    }
+
+    @Override
+    public int deleteByPortProtoAndGroup(long securityGroupId, String protocol, int startPort, int endPort, Long allowedGroupId) {
+        SearchCriteria<SecurityGroupRuleVO> sc = protoPortsAndSecurityGroupIdSearch.create();
+        sc.setParameters("securityGroupId", securityGroupId);
+        sc.setParameters("proto", protocol);
+        sc.setParameters("startPort", startPort);
+        sc.setParameters("endPort", endPort);
+        sc.setParameters("allowedNetworkId", allowedGroupId);
+        return expunge(sc);
+    }
+
+    @Override
+    public int deleteByPortProtoAndCidr(long securityGroupId, String protocol, int startPort, int endPort, String cidr) {
+        SearchCriteria<SecurityGroupRuleVO> sc = protoPortsAndCidrSearch.create();
+        sc.setParameters("securityGroupId", securityGroupId);
+        sc.setParameters("proto", protocol);
+        sc.setParameters("startPort", startPort);
+        sc.setParameters("endPort", endPort);
+        sc.setParameters("cidr", cidr);
+        return expunge(sc);
+    }
+
+    @Override
+    public SecurityGroupRuleVO findByProtoPortsAndAllowedGroupId(long securityGroupId, String proto, int startPort, int endPort, Long allowedGroupId) {
+        SearchCriteria<SecurityGroupRuleVO> sc = protoPortsAndSecurityGroupIdSearch.create();
+        sc.addAnd("securityGroupId", SearchCriteria.Op.EQ, securityGroupId);
+        sc.setParameters("proto", proto);
+        sc.setParameters("startPort", startPort);
+        sc.setParameters("endPort", endPort);
+        sc.setParameters("allowedNetworkId", allowedGroupId);
+        return findOneIncludingRemovedBy(sc);
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDao.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDao.java
new file mode 100644
index 0000000..b97662c
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDao.java
@@ -0,0 +1,48 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import com.cloud.network.security.SecurityGroupRulesVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface SecurityGroupRulesDao extends GenericDao<SecurityGroupRulesVO, Long> {
+	/**
+	 * List a security group and associated ingress rules
+	 * @return the list of ingress rules associated with the security group (and security group info)
+	 */
+	List<SecurityGroupRulesVO> listSecurityGroupRules(long accountId, String groupName);
+
+	/**
+	 * List security groups and associated ingress rules
+	 * @return the list of security groups with associated ingress rules
+	 */
+	List<SecurityGroupRulesVO> listSecurityGroupRules(long accountId);
+
+    /**
+     * List all security groups and associated ingress rules
+     * @return the list of security groups with associated ingress rules
+     */
+    List<SecurityGroupRulesVO> listSecurityGroupRules();
+    
+    /**
+     * List all security rules belonging to the specific group
+     * @return the security group with associated ingress rules
+     */
+    List<SecurityGroupRulesVO> listSecurityRulesByGroupId(long groupId);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
new file mode 100644
index 0000000..18ef57f
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import javax.ejb.Local;
+
+import org.springframework.stereotype.Component;
+
+import com.cloud.network.security.SecurityGroupRulesVO;
+import com.cloud.utils.db.Filter;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+@Local(value={SecurityGroupRulesDao.class})
+public class SecurityGroupRulesDaoImpl extends GenericDaoBase<SecurityGroupRulesVO, Long> implements SecurityGroupRulesDao {
+    private SearchBuilder<SecurityGroupRulesVO> AccountGroupNameSearch;
+    private SearchBuilder<SecurityGroupRulesVO> AccountSearch;
+    private SearchBuilder<SecurityGroupRulesVO> GroupSearch;
+
+
+    protected SecurityGroupRulesDaoImpl() {
+        AccountGroupNameSearch = createSearchBuilder();
+        AccountGroupNameSearch.and("accountId", AccountGroupNameSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountGroupNameSearch.and("name", AccountGroupNameSearch.entity().getName(), SearchCriteria.Op.EQ);
+        AccountGroupNameSearch.done();
+
+        AccountSearch = createSearchBuilder();
+        AccountSearch.and("accountId", AccountSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
+        AccountSearch.done();
+        
+        GroupSearch = createSearchBuilder();
+        GroupSearch.and("groupId", GroupSearch.entity().getId(), SearchCriteria.Op.EQ);
+        GroupSearch.done();
+        
+    }
+
+    @Override
+    public List<SecurityGroupRulesVO> listSecurityGroupRules() {
+        Filter searchFilter = new Filter(SecurityGroupRulesVO.class, "id", true, null, null);
+        return listAll(searchFilter);
+    }
+
+    @Override
+    public List<SecurityGroupRulesVO> listSecurityGroupRules(long accountId, String groupName) {
+        Filter searchFilter = new Filter(SecurityGroupRulesVO.class, "id", true, null, null);
+
+        SearchCriteria<SecurityGroupRulesVO> sc = AccountGroupNameSearch.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("name", groupName);
+
+        return listBy(sc, searchFilter);
+    }
+
+    @Override
+    public List<SecurityGroupRulesVO> listSecurityGroupRules(long accountId) {
+        Filter searchFilter = new Filter(SecurityGroupRulesVO.class, "id", true, null, null);
+        SearchCriteria<SecurityGroupRulesVO> sc = AccountSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc, searchFilter);
+    }
+    
+    @Override
+    public List<SecurityGroupRulesVO> listSecurityRulesByGroupId(long groupId) {
+        Filter searchFilter = new Filter(SecurityGroupRulesVO.class, "id", true, null, null);
+        SearchCriteria<SecurityGroupRulesVO> sc = GroupSearch.create();
+        sc.setParameters("groupId", groupId);
+        return listBy(sc, searchFilter);
+    }
+
+    @Override
+    public SecurityGroupRulesVO findByUuidIncludingRemoved(final String uuid) {
+        SearchCriteria<SecurityGroupRulesVO> sc = createSearchCriteria();
+        sc.addAnd("ruleUuid", SearchCriteria.Op.EQ, uuid);
+        SecurityGroupRulesVO rule = findOneIncludingRemovedBy(sc);
+        SecurityGroupRulesVO newRule = new SecurityGroupRulesVO(rule.getRuleId());
+        return newRule;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d015fb35/engine/schema/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java
new file mode 100644
index 0000000..cbeae4f
--- /dev/null
+++ b/engine/schema/src/com/cloud/network/security/dao/SecurityGroupVMMapDao.java
@@ -0,0 +1,38 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.network.security.dao;
+
+import java.util.List;
+
+import com.cloud.network.security.SecurityGroupVMMapVO;
+import com.cloud.utils.Pair;
+import com.cloud.utils.db.Filter;
+import com.cloud.utils.db.GenericDao;
+import com.cloud.vm.VirtualMachine.State;
+
+public interface SecurityGroupVMMapDao extends GenericDao<SecurityGroupVMMapVO, Long> {
+    List<SecurityGroupVMMapVO> listByIpAndInstanceId(String ipAddress, long instanceId);
+    List<SecurityGroupVMMapVO> listByInstanceId(long instanceId);
+    Pair<List<SecurityGroupVMMapVO>, Integer> listByInstanceId(long instanceId, Filter filter);
+    List<SecurityGroupVMMapVO> listByIp(String ipAddress);
+    List<SecurityGroupVMMapVO> listBySecurityGroup(long securityGroupId);
+    List<SecurityGroupVMMapVO> listBySecurityGroup(long securityGroupId, State ... vmStates);
+    int deleteVM(long instanceid);
+	List<Long> listVmIdsBySecurityGroup(long securityGroupId);
+	SecurityGroupVMMapVO findByVmIdGroupId(long instanceId, long securityGroupId);
+	long countSGForVm(long instanceId);
+}


Mime
View raw message