cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chipchild...@apache.org
Subject [2/2] git commit: updated refs/heads/4.1 to b02bbc8
Date Mon, 06 May 2013 19:57:57 GMT
CLOUDSTACK-2319: fix "unable to add egress rules" in SecurityGroup

Signed-off-by: Chip Childers <chip.childers@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b02bbc84
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b02bbc84
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b02bbc84

Branch: refs/heads/4.1
Commit: b02bbc841e0ca927b5e208c394dbc8631bb1c389
Parents: 18f0f72
Author: Wei Zhou <w.zhou@leaseweb.com>
Authored: Mon May 6 20:57:02 2013 +0100
Committer: Chip Childers <chip.childers@gmail.com>
Committed: Mon May 6 20:57:02 2013 +0100

----------------------------------------------------------------------
 .../cloud/network/security/SecurityGroupRules.java |    2 +
 .../network/security/SecurityGroupRulesVO.java     |   15 +-
 .../security/dao/SecurityGroupRulesDaoImpl.java    |    9 +
 ui/scripts/network.js                              |  289 +++++++--------
 4 files changed, 164 insertions(+), 151 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b02bbc84/api/src/com/cloud/network/security/SecurityGroupRules.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/security/SecurityGroupRules.java b/api/src/com/cloud/network/security/SecurityGroupRules.java
index d255e46..4dbafd6 100644
--- a/api/src/com/cloud/network/security/SecurityGroupRules.java
+++ b/api/src/com/cloud/network/security/SecurityGroupRules.java
@@ -31,6 +31,8 @@ public interface SecurityGroupRules extends InternalIdentity {
 
     Long getRuleId();
 
+    String getRuleUuid();
+
     int getStartPort();
 
     int getEndPort();

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b02bbc84/core/src/com/cloud/network/security/SecurityGroupRulesVO.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/network/security/SecurityGroupRulesVO.java b/core/src/com/cloud/network/security/SecurityGroupRulesVO.java
index 82060ef..c74152e 100644
--- a/core/src/com/cloud/network/security/SecurityGroupRulesVO.java
+++ b/core/src/com/cloud/network/security/SecurityGroupRulesVO.java
@@ -54,6 +54,9 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
     @Column(name = "id", table = "security_group_rule", insertable = false, updatable = false)
     private Long ruleId;
 
+    @Column(name = "uuid", table = "security_group_rule", insertable = false, updatable =
false)
+    private String ruleUuid;
+
     @Column(name = "start_port", table = "security_group_rule", insertable = false, updatable
= false)
     private int startPort;
 
@@ -75,7 +78,11 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
     public SecurityGroupRulesVO() {
     }
 
-    public SecurityGroupRulesVO(long id, String name, String description, Long domainId,
Long accountId, Long ruleId, int startPort, int endPort, String protocol, Long allowedNetworkId,
+    public SecurityGroupRulesVO(long id) {
+        this.id = id;
+    }
+
+    public SecurityGroupRulesVO(long id, String name, String description, Long domainId,
Long accountId, Long ruleId, String ruleUuid, int startPort, int endPort, String protocol,
Long allowedNetworkId,
             String allowedSourceIpCidr) {
         this.id = id;
         this.name = name;
@@ -83,6 +90,7 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
         this.domainId = domainId;
         this.accountId = accountId;
         this.ruleId = ruleId;
+        this.ruleUuid = ruleUuid;
         this.startPort = startPort;
         this.endPort = endPort;
         this.protocol = protocol;
@@ -121,6 +129,11 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
     }
 
     @Override
+    public String getRuleUuid() {
+        return ruleUuid;
+    }
+
+    @Override
     public int getStartPort() {
         return startPort;
     }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b02bbc84/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java b/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
index f08ca05..18ef57f 100644
--- a/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
+++ b/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
@@ -84,4 +84,13 @@ public class SecurityGroupRulesDaoImpl extends GenericDaoBase<SecurityGroupRules
         sc.setParameters("groupId", groupId);
         return listBy(sc, searchFilter);
     }
+
+    @Override
+    public SecurityGroupRulesVO findByUuidIncludingRemoved(final String uuid) {
+        SearchCriteria<SecurityGroupRulesVO> sc = createSearchCriteria();
+        sc.addAnd("ruleUuid", SearchCriteria.Op.EQ, uuid);
+        SecurityGroupRulesVO rule = findOneIncludingRemovedBy(sc);
+        SecurityGroupRulesVO newRule = new SecurityGroupRulesVO(rule.getRuleId());
+        return newRule;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b02bbc84/ui/scripts/network.js
----------------------------------------------------------------------
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index 1bc4eba..d1efe8a 100755
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -3754,13 +3754,12 @@
                         account: args.context.securityGroups[0].account
                       };
 
-                      // TCP / ICMP
                       if (args.data.icmptype && args.data.icmpcode) { // ICMP
                         $.extend(data, {
                           icmptype: args.data.icmptype,
                           icmpcode: args.data.icmpcode
                         });
-                      } else { // TCP
+                      } else { // TCP/UDP
                         $.extend(data, {
                           startport: args.data.startport,
                           endport: args.data.endport
@@ -3854,121 +3853,142 @@
               
               egressRules: {
                 title: 'label.egress.rule',
-                custom: function(args) {
-                  var context = args.context;
-
-                  return $('<div>').multiEdit({
-                    context: context,
-                    noSelect: true,
-                    noHeaderActionsColumn: true,
-                    fields: {
-                      'cidrlist': { edit: true, label: 'label.cidr' },
-                      'protocol': {
-                        label: 'label.protocol',
-                        select: function(args) {
-                          args.$select.change(function() {
-                            var $inputs = args.$form.find('th, td');
-                            var $icmpFields = $inputs.filter(function() {
-                              var name = $(this).attr('rel');
-
-                              return $.inArray(name, [
-                                'icmptype',
-                                'icmpcode'
-                              ]) > -1;
-                            });
-                            var $otherFields = $inputs.filter(function() {
-                              var name = $(this).attr('rel');
-
-                              return name != 'cidrlist' &&
-                                name != 'icmptype' &&
-                                name != 'icmpcode' &&
-                                name != 'protocol' &&
-                                name != 'add-rule';
-                            });
+                custom: cloudStack.uiCustom.securityRules({
+                  noSelect: true,
+                  noHeaderActionsColumn: true,
+                  fields: {
+                    'protocol': {
+                      label: 'label.protocol',
+                      select: function(args) {
+                        args.$select.change(function() {
+                          var $inputs = args.$form.find('th, td');
+                          var $icmpFields = $inputs.filter(function() {
+                            var name = $(this).attr('rel');
 
-                            if ($(this).val() == 'icmp') {
-                              $icmpFields.show();
-                              $otherFields.hide();
-                            } else {
-                              $icmpFields.hide();
-                              $otherFields.show();
-                            }
+                            return $.inArray(name, [
+                              'icmptype',
+                              'icmpcode'
+                            ]) > -1;
                           });
+                          var $otherFields = $inputs.filter(function() {
+                            var name = $(this).attr('rel');
 
-                          args.response.success({
-                            data: [
-                              { name: 'tcp', description: 'TCP' },
-                              { name: 'udp', description: 'UDP' },
-                              { name: 'icmp', description: 'ICMP' }
-                            ]
+                            return name != 'icmptype' &&
+                              name != 'icmpcode' &&
+                              name != 'protocol' &&
+                              name != 'add-rule' &&
+                              name != 'cidr' &&
+                              name != 'accountname' &&
+                              name != 'securitygroup';
                           });
-                        }
-                      },
-                      'startport': { edit: true, label: 'label.start.port' },
-                      'endport': { edit: true, label: 'label.end.port' },
-                      'icmptype': { edit: true, label: 'ICMP.type', isHidden: true },
-                      'icmpcode': { edit: true, label: 'ICMP.code', isHidden: true },
-                      'add-rule': {
-                        label: 'label.add',
-                        addButton: true
+
+                          if ($(this).val() == 'icmp') {
+                            $icmpFields.show();
+                            $otherFields.hide();
+                          } else {
+                            $icmpFields.hide();
+                            $otherFields.show();
+                          }
+                        });
+
+                        args.response.success({
+                          data: [
+                            { name: 'tcp', description: 'TCP' },
+                            { name: 'udp', description: 'UDP' },
+                            { name: 'icmp', description: 'ICMP' }
+                          ]
+                        });
                       }
                     },
-                    add: {
+                    'startport': { edit: true, label: 'label.start.port' },
+                    'endport': { edit: true, label: 'label.end.port' },
+                    'icmptype': { edit: true, label: 'ICMP.type', isHidden: true },
+                    'icmpcode': { edit: true, label: 'ICMP.code', isHidden: true },
+                    'cidr': { edit: true, label: 'label.cidr', isHidden: true },
+                    'accountname': {
+                      edit: true,
+                      label: 'label.account.and.security.group',
+                      isHidden: true,
+                      range: ['accountname', 'securitygroup']
+                    },
+                    'add-rule': {
                       label: 'label.add',
-                      action: function(args) {
-                        var data = {
-                          protocol: args.data.protocol,
-                          cidrlist: args.data.cidrlist,
-                          trafficType: 'Egress'
-                        };
+                      addButton: true
+                    }
+                  },
+                  add: {
+                    label: 'label.add',
+                    action: function(args) {
+                      var data = {
+                        securitygroupid: args.context.securityGroups[0].id,
+                        protocol: args.data.protocol,
+                        domainid: args.context.securityGroups[0].domainid,
+                        account: args.context.securityGroups[0].account
+                      };
 
-                        if (args.data.icmptype && args.data.icmpcode) { // ICMP
-                          $.extend(data, {
-                            icmptype: args.data.icmptype,
-                            icmpcode: args.data.icmpcode
-                          });
-                        } else { // TCP/UDP
-                          $.extend(data, {
-                            startport: args.data.startport,
-                            endport: args.data.endport
-                          });
-                        }
+                      if (args.data.icmptype && args.data.icmpcode) { // ICMP
+                        $.extend(data, {
+                          icmptype: args.data.icmptype,
+                          icmpcode: args.data.icmpcode
+                        });
+                      } else { // TCP/UDP
+                        $.extend(data, {
+                          startport: args.data.startport,
+                          endport: args.data.endport
+                        });
+                      }
+
+                      // CIDR / account
+                      if (args.data.cidr) {
+                        data.cidrlist = args.data.cidr;
+                      } else {
+                        data['usersecuritygrouplist[0].account'] = args.data.accountname;
+                        data['usersecuritygrouplist[0].group'] = args.data.securitygroup;
+                      }
 
-                        // Get Source NAT IP
-                        var sourceNATIP;
+                      $.ajax({
+                        url: createURL('authorizeSecurityGroupEgress'),
+                        data: data,
+                        dataType: 'json',
+                        async: true,
+                        success: function(data) {
+                          var jobId = data.authorizesecuritygroupegressresponse.jobid;
 
+                          args.response.success({
+                            _custom: {
+                              jobId: jobId
+                            },
+                            notification: {
+                              label: 'label.add.egress.rule',
+                              poll: pollAsyncJobResult
+                            }
+                          });
+                        }
+                      });
+                    }
+                  },
+                  actions: {
+                    destroy: {
+                      label: 'label.remove.rule',
+                      action: function(args) {
                         $.ajax({
-                          url: createURL('listPublicIpAddresses'),
+                          url: createURL('revokeSecurityGroupEgress'),
                           data: {
-                            listAll: true,
-                            associatednetworkid: args.context.networks[0].id
+                            domainid: args.context.securityGroups[0].domainid,
+                            account: args.context.securityGroups[0].account,
+                            id: args.context.multiRule[0].id
                           },
-                          async: false,
-                          success: function(json) {
-                            var ipAddresses = json.listpublicipaddressesresponse.publicipaddress;
-                            
-                            sourceNATIP = $.grep(ipAddresses, function(ipAddress) {
-                              return ipAddress.issourcenat;
-                            })[0];
-                          }
-                        });
-
-                        data.ipaddressid = sourceNATIP.id;
-
-                        $.ajax({
-                          url: createURL('createFirewallRule'),
-                          data: data,
                           dataType: 'json',
                           async: true,
-                          success: function(json) {
-                            var jobId = json.createfirewallruleresponse.jobid;
+                          success: function(data) {
+                            var jobID = data.revokesecuritygroupegress.jobid;
 
                             args.response.success({
                               _custom: {
-                                jobId: jobId
+                                jobId: jobID
                               },
                               notification: {
-                                label: 'label.add.egress.rule',
+                                label: 'label.remove.egress.rule',
                                 poll: pollAsyncJobResult
                               }
                             });
@@ -3978,60 +3998,29 @@
                           }
                         });
                       }
-                    },
-                    actions: {
-                      destroy: {
-                        label: 'label.remove.rule',
-                        action: function(args) {
-                          $.ajax({
-                            url: createURL('deleteFirewallRule'),
-                            data: {
-                              id: args.context.multiRule[0].id
-                            },
-                            dataType: 'json',
-                            async: true,
-                            success: function(data) {
-                              var jobID = data.deletefirewallruleresponse.jobid;
-
-                              args.response.success({
-                                _custom: {
-                                  jobId: jobID
-                                },
-                                notification: {
-                                  label: 'label.remove.egress.rule',
-                                  poll: pollAsyncJobResult
-                                }
-                              });
-                            },
-                            error: function(json) {
-                              args.response.error(parseXMLHttpResponse(json));
-                            }
-                          });
-                        }
-                      }
-                    },
-                    ignoreEmptyFields: true,
-                    dataProvider: function(args) {
-                      $.ajax({
-                        url: createURL('listFirewallRules'),
-                        data: {
-                          listAll: true,
-                          networkid: args.context.networks[0].id,
-                          trafficType: 'Egress'
-                        },
-                        dataType: 'json',
-                        async: true,
-                        success: function(json) {
-                          var response = json.listfirewallrulesresponse.firewallrule;
-                          
-                          args.response.success({
-                            data: response
-                          });
-                        }
-                      });
                     }
-                  });
-                }
+                  },
+                  ignoreEmptyFields: true,
+                  dataProvider: function(args) {
+                    $.ajax({
+                      url: createURL('listSecurityGroups'),
+                      data: {
+                        id: args.context.securityGroups[0].id
+                      },
+                      dataType: 'json',
+                      async: true,
+                      success: function(data) {
+                        args.response.success({
+                          data: $.map(
+                            data.listsecuritygroupsresponse.securitygroup[0].egressrule ?
+                              data.listsecuritygroupsresponse.securitygroup[0].egressrule
: [],
+                            ingressEgressDataMap
+                          )
+                        });
+                      }
+                    });
+                  }
+                })
               }
             },
 


Mime
View raw message