Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5541211EB6 for ; Mon, 13 May 2013 17:51:03 +0000 (UTC) Received: (qmail 27791 invoked by uid 500); 13 May 2013 15:53:26 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 27725 invoked by uid 500); 13 May 2013 15:53:26 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 25990 invoked by uid 99); 13 May 2013 15:53:24 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 13 May 2013 15:53:24 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 2E01D88F7E1; Mon, 13 May 2013 15:53:24 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: muralireddy@apache.org To: commits@cloudstack.apache.org Date: Mon, 13 May 2013 15:54:27 -0000 Message-Id: In-Reply-To: <3dd7f1ce499f4ed180dff4676f352f9b@git.apache.org> References: <3dd7f1ce499f4ed180dff4676f352f9b@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [67/93] [abbrv] git commit: updated refs/heads/portablepublicip to a718d35 CLOUDSTACK-763: Added APIs to create, delete and list NetworkACLlist. Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ebf8a7fd Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ebf8a7fd Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ebf8a7fd Branch: refs/heads/portablepublicip Commit: ebf8a7fd1e56c7ffe8c9942a4d70327a6e317d0d Parents: df39196 Author: Kishan Kavala Authored: Tue Apr 16 16:48:56 2013 +0530 Committer: Kishan Kavala Committed: Mon May 13 12:03:38 2013 +0530 ---------------------------------------------------------------------- api/src/com/cloud/event/EventTypes.java | 5 + .../cloud/network/firewall/NetworkACLService.java | 16 ++- api/src/com/cloud/network/vpc/NetworkACL.java | 32 ++++ .../apache/cloudstack/api/ResponseGenerator.java | 102 ++----------- .../command/user/network/CreateNetworkACLCmd.java | 6 +- .../user/network/CreateNetworkACLListCmd.java | 117 +++++++++++++++ .../command/user/network/DeleteNetworkACLCmd.java | 2 +- .../user/network/DeleteNetworkACLListCmd.java | 102 +++++++++++++ .../user/network/ListNetworkACLListsCmd.java | 84 +++++++++++ .../command/user/network/ListNetworkACLsCmd.java | 4 +- .../api/response/NetworkACLListResponse.java | 57 +++++++ client/tomcatconf/applicationContext.xml.in | 1 + client/tomcatconf/commands.properties.in | 4 + server/src/com/cloud/api/ApiResponseHelper.java | 27 +++- .../com/cloud/network/vpc/NetworkACLManager.java | 1 + .../cloud/network/vpc/NetworkACLManagerImpl.java | 41 +++++- server/src/com/cloud/network/vpc/NetworkACLVO.java | 78 ++++++++++ .../com/cloud/network/vpc/dao/NetworkACLDao.java | 23 +++ .../cloud/network/vpc/dao/NetworkACLDaoImpl.java | 35 +++++ .../src/com/cloud/server/ManagementServerImpl.java | 3 + setup/db/create-schema.sql | 35 +++++ 21 files changed, 666 insertions(+), 109 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/com/cloud/event/EventTypes.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java index 45a904e..0125f36 100755 --- a/api/src/com/cloud/event/EventTypes.java +++ b/api/src/com/cloud/event/EventTypes.java @@ -344,6 +344,11 @@ public class EventTypes { public static final String EVENT_VPC_DELETE = "VPC.DELETE"; public static final String EVENT_VPC_RESTART = "VPC.RESTART"; + // Network ACL + public static final String EVENT_NETWORK_ACL_CREATE = "NETWORK.ACL.CREATE"; + public static final String EVENT_NETWORK_ACL_UPDATE = "NETWORK.ACL.UPDATE"; + public static final String EVENT_NETWORK_ACL_DELETE = "NETWORK.ACL.DELETE"; + // VPC offerings public static final String EVENT_VPC_OFFERING_CREATE = "VPC.OFFERING.CREATE"; public static final String EVENT_VPC_OFFERING_UPDATE = "VPC.OFFERING.UPDATE"; http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/com/cloud/network/firewall/NetworkACLService.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/network/firewall/NetworkACLService.java b/api/src/com/cloud/network/firewall/NetworkACLService.java index 97de496..8621e48 100644 --- a/api/src/com/cloud/network/firewall/NetworkACLService.java +++ b/api/src/com/cloud/network/firewall/NetworkACLService.java @@ -19,6 +19,9 @@ package com.cloud.network.firewall; import java.util.List; +import com.cloud.network.vpc.NetworkACL; +import org.apache.cloudstack.api.command.user.network.CreateNetworkACLListCmd; +import org.apache.cloudstack.api.command.user.network.ListNetworkACLListsCmd; import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd; import com.cloud.exception.NetworkRuleConflictException; @@ -28,14 +31,14 @@ import com.cloud.user.Account; import com.cloud.utils.Pair; public interface NetworkACLService { - FirewallRule getNetworkACL(long ruleId); + FirewallRule getNetworkACLItem(long ruleId); boolean applyNetworkACLs(long networkId, Account caller) throws ResourceUnavailableException; /** * @param createNetworkACLCmd * @return */ - FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException; + FirewallRule createNetworkACLItem(FirewallRule acl) throws NetworkRuleConflictException; /** * @param ruleId * @param apply @@ -46,6 +49,13 @@ public interface NetworkACLService { * @param listNetworkACLsCmd * @return */ - Pair, Integer> listNetworkACLs(ListNetworkACLsCmd cmd); + Pair, Integer> listNetworkACLItems(ListNetworkACLsCmd cmd); + NetworkACL createNetworkACL(CreateNetworkACLListCmd cmd); + + NetworkACL getNetworkACL(long id); + + boolean deleteNetworkACL(long id); + + Pair,Integer> listNetworkACLs(ListNetworkACLListsCmd listNetworkACLListsCmd); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/com/cloud/network/vpc/NetworkACL.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/network/vpc/NetworkACL.java b/api/src/com/cloud/network/vpc/NetworkACL.java new file mode 100644 index 0000000..8839ffd --- /dev/null +++ b/api/src/com/cloud/network/vpc/NetworkACL.java @@ -0,0 +1,32 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package com.cloud.network.vpc; + +import org.apache.cloudstack.api.InternalIdentity; + +public interface NetworkACL extends InternalIdentity{ + String getDescription(); + + String getUuid(); + + Long getVpcId(); + + long getId(); + + String getName(); +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/ResponseGenerator.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/ResponseGenerator.java b/api/src/org/apache/cloudstack/api/ResponseGenerator.java index ab8f995..f765dcb 100644 --- a/api/src/org/apache/cloudstack/api/ResponseGenerator.java +++ b/api/src/org/apache/cloudstack/api/ResponseGenerator.java @@ -21,94 +21,18 @@ import java.util.EnumSet; import java.util.List; import java.util.Map; +import com.cloud.vm.NicSecondaryIp; import org.apache.cloudstack.affinity.AffinityGroup; import org.apache.cloudstack.affinity.AffinityGroupResponse; +import com.cloud.network.vpc.NetworkACL; +import com.cloud.network.vpc.PrivateGateway; +import com.cloud.network.vpc.StaticRoute; +import com.cloud.network.vpc.Vpc; +import com.cloud.network.vpc.VpcOffering; import org.apache.cloudstack.api.ApiConstants.HostDetails; import org.apache.cloudstack.api.ApiConstants.VMDetails; import org.apache.cloudstack.api.command.user.job.QueryAsyncJobResultCmd; -import org.apache.cloudstack.api.response.AccountResponse; -import org.apache.cloudstack.api.response.ApplicationLoadBalancerResponse; -import org.apache.cloudstack.api.response.AsyncJobResponse; -import org.apache.cloudstack.api.response.AutoScalePolicyResponse; -import org.apache.cloudstack.api.response.AutoScaleVmGroupResponse; -import org.apache.cloudstack.api.response.AutoScaleVmProfileResponse; -import org.apache.cloudstack.api.response.CapacityResponse; -import org.apache.cloudstack.api.response.ClusterResponse; -import org.apache.cloudstack.api.response.ConditionResponse; -import org.apache.cloudstack.api.response.ConfigurationResponse; -import org.apache.cloudstack.api.response.CounterResponse; -import org.apache.cloudstack.api.response.CreateCmdResponse; -import org.apache.cloudstack.api.response.DiskOfferingResponse; -import org.apache.cloudstack.api.response.DomainResponse; -import org.apache.cloudstack.api.response.DomainRouterResponse; -import org.apache.cloudstack.api.response.EventResponse; -import org.apache.cloudstack.api.response.ExtractResponse; -import org.apache.cloudstack.api.response.FirewallResponse; -import org.apache.cloudstack.api.response.FirewallRuleResponse; -import org.apache.cloudstack.api.response.GlobalLoadBalancerResponse; -import org.apache.cloudstack.api.response.GuestOSResponse; -import org.apache.cloudstack.api.response.GuestVlanRangeResponse; -import org.apache.cloudstack.api.response.HostForMigrationResponse; -import org.apache.cloudstack.api.response.HostResponse; -import org.apache.cloudstack.api.response.HypervisorCapabilitiesResponse; -import org.apache.cloudstack.api.response.IPAddressResponse; -import org.apache.cloudstack.api.response.InstanceGroupResponse; -import org.apache.cloudstack.api.response.InternalLoadBalancerElementResponse; -import org.apache.cloudstack.api.response.IpForwardingRuleResponse; -import org.apache.cloudstack.api.response.IsolationMethodResponse; -import org.apache.cloudstack.api.response.LBHealthCheckResponse; -import org.apache.cloudstack.api.response.LBStickinessResponse; -import org.apache.cloudstack.api.response.LDAPConfigResponse; -import org.apache.cloudstack.api.response.LoadBalancerResponse; -import org.apache.cloudstack.api.response.NetworkACLResponse; -import org.apache.cloudstack.api.response.NetworkOfferingResponse; -import org.apache.cloudstack.api.response.NetworkResponse; -import org.apache.cloudstack.api.response.NicResponse; -import org.apache.cloudstack.api.response.NicSecondaryIpResponse; -import org.apache.cloudstack.api.response.PhysicalNetworkResponse; -import org.apache.cloudstack.api.response.PodResponse; -import org.apache.cloudstack.api.response.PrivateGatewayResponse; -import org.apache.cloudstack.api.response.ProjectAccountResponse; -import org.apache.cloudstack.api.response.ProjectInvitationResponse; -import org.apache.cloudstack.api.response.ProjectResponse; -import org.apache.cloudstack.api.response.ProviderResponse; -import org.apache.cloudstack.api.response.RegionResponse; -import org.apache.cloudstack.api.response.RemoteAccessVpnResponse; -import org.apache.cloudstack.api.response.ResourceCountResponse; -import org.apache.cloudstack.api.response.ResourceLimitResponse; -import org.apache.cloudstack.api.response.ResourceTagResponse; -import org.apache.cloudstack.api.response.S3Response; -import org.apache.cloudstack.api.response.SecurityGroupResponse; -import org.apache.cloudstack.api.response.ServiceOfferingResponse; -import org.apache.cloudstack.api.response.ServiceResponse; -import org.apache.cloudstack.api.response.Site2SiteCustomerGatewayResponse; -import org.apache.cloudstack.api.response.Site2SiteVpnConnectionResponse; -import org.apache.cloudstack.api.response.Site2SiteVpnGatewayResponse; -import org.apache.cloudstack.api.response.SnapshotPolicyResponse; -import org.apache.cloudstack.api.response.SnapshotResponse; -import org.apache.cloudstack.api.response.SnapshotScheduleResponse; -import org.apache.cloudstack.api.response.StaticRouteResponse; -import org.apache.cloudstack.api.response.StorageNetworkIpRangeResponse; -import org.apache.cloudstack.api.response.StoragePoolForMigrationResponse; -import org.apache.cloudstack.api.response.StoragePoolResponse; -import org.apache.cloudstack.api.response.SwiftResponse; -import org.apache.cloudstack.api.response.SystemVmInstanceResponse; -import org.apache.cloudstack.api.response.SystemVmResponse; -import org.apache.cloudstack.api.response.TemplatePermissionsResponse; -import org.apache.cloudstack.api.response.TemplateResponse; -import org.apache.cloudstack.api.response.TrafficMonitorResponse; -import org.apache.cloudstack.api.response.TrafficTypeResponse; -import org.apache.cloudstack.api.response.UsageRecordResponse; -import org.apache.cloudstack.api.response.UserResponse; -import org.apache.cloudstack.api.response.UserVmResponse; -import org.apache.cloudstack.api.response.VMSnapshotResponse; -import org.apache.cloudstack.api.response.VirtualRouterProviderResponse; -import org.apache.cloudstack.api.response.VlanIpRangeResponse; -import org.apache.cloudstack.api.response.VolumeResponse; -import org.apache.cloudstack.api.response.VpcOfferingResponse; -import org.apache.cloudstack.api.response.VpcResponse; -import org.apache.cloudstack.api.response.VpnUsersResponse; -import org.apache.cloudstack.api.response.ZoneResponse; +import org.apache.cloudstack.api.response.*; import org.apache.cloudstack.network.lb.ApplicationLoadBalancerRule; import org.apache.cloudstack.region.Region; import org.apache.cloudstack.usage.Usage; @@ -154,10 +78,6 @@ import com.cloud.network.rules.StaticNatRule; import com.cloud.network.rules.StickinessPolicy; import com.cloud.network.security.SecurityGroup; import com.cloud.network.security.SecurityRule; -import com.cloud.network.vpc.PrivateGateway; -import com.cloud.network.vpc.StaticRoute; -import com.cloud.network.vpc.Vpc; -import com.cloud.network.vpc.VpcOffering; import com.cloud.offering.DiskOffering; import com.cloud.offering.NetworkOffering; import com.cloud.offering.ServiceOffering; @@ -382,10 +302,16 @@ public interface ResponseGenerator { VpcResponse createVpcResponse(Vpc vpc); /** + * @param networkACLItem + * @return + */ + NetworkACLResponse createNetworkACLItemResponse(FirewallRule networkACLItem); + + /** * @param networkACL * @return */ - NetworkACLResponse createNetworkACLResponse(FirewallRule networkACL); + NetworkACLListResponse createNetworkACLResponse(NetworkACL networkACL); /** * @param result http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java index 2e30701..ae1ea90 100644 --- a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java @@ -149,7 +149,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR public void execute() throws ResourceUnavailableException { UserContext callerContext = UserContext.current(); boolean success = false; - FirewallRule rule = _networkACLService.getNetworkACL(getEntityId()); + FirewallRule rule = _networkACLService.getNetworkACLItem(getEntityId()); try { UserContext.current().setEventDetails("Rule Id: " + getEntityId()); success = _networkACLService.applyNetworkACLs(rule.getNetworkId(), callerContext.getCaller()); @@ -157,7 +157,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR // State is different after the rule is applied, so get new object here NetworkACLResponse aclResponse = new NetworkACLResponse(); if (rule != null) { - aclResponse = _responseGenerator.createNetworkACLResponse(rule); + aclResponse = _responseGenerator.createNetworkACLItemResponse(rule); setResponseObject(aclResponse); } aclResponse.setResponseName(getCommandName()); @@ -256,7 +256,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR } try { - FirewallRule result = _networkACLService.createNetworkACL(this); + FirewallRule result = _networkACLService.createNetworkACLItem(this); setEntityId(result.getId()); setEntityUuid(result.getUuid()); } catch (NetworkRuleConflictException ex) { http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLListCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLListCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLListCmd.java new file mode 100644 index 0000000..9c71497 --- /dev/null +++ b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLListCmd.java @@ -0,0 +1,117 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.command.user.network; + +import com.cloud.event.EventTypes; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.vpc.NetworkACL; +import com.cloud.network.vpc.Vpc; +import com.cloud.user.Account; +import com.cloud.user.UserContext; +import org.apache.cloudstack.api.*; +import org.apache.cloudstack.api.response.NetworkACLListResponse; +import org.apache.cloudstack.api.response.VpcResponse; +import org.apache.log4j.Logger; + +@APICommand(name = "createNetworkACLList", description = "Creates a Network ACL for the given VPC", +responseObject = NetworkACLListResponse.class) +public class CreateNetworkACLListCmd extends BaseAsyncCreateCmd { + public static final Logger s_logger = Logger.getLogger(CreateNetworkACLListCmd.class.getName()); + + private static final String s_name = "createnetworkacllistresponse"; + + // /////////////////////////////////////////////////// + // ////////////// API parameters ///////////////////// + // /////////////////////////////////////////////////// + + @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "Name of the network ACL List") + private String name; + + @Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "Description of the network ACL List") + private String description; + + @Parameter(name = ApiConstants.VPC_ID, type = CommandType.UUID, required = true, entityType = VpcResponse.class, description = "Id of the VPC associated with this network ACL List") + private Long vpcId; + + // /////////////////////////////////////////////////// + // ///////////////// Accessors /////////////////////// + // /////////////////////////////////////////////////// + + public String getName() { + return name; + } + + public String getDescription() { + return description; + } + + public Long getVpcId() { + return vpcId; + } + + // /////////////////////////////////////////////////// + // ///////////// API Implementation/////////////////// + // /////////////////////////////////////////////////// + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public void create() { + NetworkACL result = _networkACLService.createNetworkACL(this); + setEntityId(result.getId()); + setEntityUuid(result.getUuid()); + } + + @Override + public void execute() throws ResourceUnavailableException { + UserContext callerContext = UserContext.current(); + boolean success = false; + NetworkACL acl = _networkACLService.getNetworkACL(getEntityId()); + if(acl != null){ + NetworkACLListResponse aclResponse = _responseGenerator.createNetworkACLResponse(acl); + setResponseObject(aclResponse); + aclResponse.setResponseName(getCommandName()); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create network ACL"); + } + } + + @Override + public long getEntityOwnerId() { + Vpc vpc = _vpcService.getVpc(getVpcId()); + if (vpc == null) { + throw new InvalidParameterValueException("Invalid vpcId is given"); + } + + Account account = _accountService.getAccount(vpc.getAccountId()); + return account.getId(); + } + + @Override + public String getEventType() { + return EventTypes.EVENT_NETWORK_ACL_CREATE; + } + + @Override + public String getEventDescription() { + return "Creating Network ACL with id: "+getEntityUuid(); + } +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java index 2a2444b..272a129 100644 --- a/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java @@ -80,7 +80,7 @@ public class DeleteNetworkACLCmd extends BaseAsyncCmd { @Override public long getEntityOwnerId() { if (ownerId == null) { - FirewallRule rule = _networkACLService.getNetworkACL(id); + FirewallRule rule = _networkACLService.getNetworkACLItem(id); if (rule == null) { throw new InvalidParameterValueException("Unable to find network ACL by id=" + id); } else { http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLListCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLListCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLListCmd.java new file mode 100644 index 0000000..f502475 --- /dev/null +++ b/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLListCmd.java @@ -0,0 +1,102 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.command.user.network; + +import com.cloud.async.AsyncJob; +import com.cloud.event.EventTypes; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.vpc.NetworkACL; +import com.cloud.network.vpc.Vpc; +import com.cloud.user.UserContext; +import org.apache.cloudstack.api.*; +import org.apache.cloudstack.api.response.AccountResponse; +import org.apache.cloudstack.api.response.FirewallRuleResponse; +import org.apache.cloudstack.api.response.NetworkACLListResponse; +import org.apache.cloudstack.api.response.SuccessResponse; +import org.apache.log4j.Logger; + +@APICommand(name = "deleteNetworkACLList", description="Deletes a Network ACL", responseObject=SuccessResponse.class) +public class DeleteNetworkACLListCmd extends BaseAsyncCmd { + public static final Logger s_logger = Logger.getLogger(DeleteNetworkACLListCmd.class.getName()); + private static final String s_name = "deletenetworkacllistresponse"; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLListResponse.class, + required=true, description="the ID of the network ACL") + private Long id; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getId() { + return id; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + @Override + public String getCommandName() { + return s_name; + } + + @Override + public String getEventType() { + return EventTypes.EVENT_NETWORK_ACL_DELETE; + } + + @Override + public String getEventDescription() { + return ("Deleting Network ACL id=" + id); + } + + @Override + public long getEntityOwnerId() { + NetworkACL acl = _networkACLService.getNetworkACL(id); + if (acl == null) { + throw new InvalidParameterValueException("Unable to find network ACL by id=" + id); + } else { + long vpcId = acl.getVpcId(); + Vpc vpc = _vpcService.getVpc(vpcId); + if(vpc != null){ + return vpc.getAccountId(); + } else { + throw new InvalidParameterValueException("Unable to find VPC associated with network ACL by id=" + id); + } + } + } + + @Override + public void execute() throws ResourceUnavailableException { + UserContext.current().setEventDetails("Network ACL Id: " + id); + boolean result = _networkACLService.deleteNetworkACL(id); + + if (result) { + SuccessResponse response = new SuccessResponse(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete network ACL"); + } + } +} + http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLListsCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLListsCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLListsCmd.java new file mode 100644 index 0000000..b043eed --- /dev/null +++ b/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLListsCmd.java @@ -0,0 +1,84 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.command.user.network; + +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.vpc.NetworkACL; +import com.cloud.utils.Pair; +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.BaseListTaggedResourcesCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.response.*; +import org.apache.log4j.Logger; + +import java.util.ArrayList; +import java.util.List; + +@APICommand(name = "listNetworkACLLists", description="Lists all network ACLs", responseObject=NetworkACLListResponse.class) +public class ListNetworkACLListsCmd extends BaseListTaggedResourcesCmd { + public static final Logger s_logger = Logger.getLogger(ListNetworkACLListsCmd.class.getName()); + + private static final String s_name = "listnetworkacllistsresponse"; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + @Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLResponse.class, + description="Lists network ACL with the specified ID.") + private Long id; + + @Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class, + description="list network ACLs by network Id") + private Long networkId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getNetworkId() { + return networkId; + } + + public Long getId() { + return id; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public void execute(){ + Pair,Integer> result = _networkACLService.listNetworkACLs(this); + ListResponse response = new ListResponse(); + List aclResponses = new ArrayList(); + + for (NetworkACL acl : result.first()) { + NetworkACLListResponse aclResponse = _responseGenerator.createNetworkACLResponse(acl); + aclResponses.add(aclResponse); + } + response.setResponses(aclResponses, result.second()); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java b/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java index d166974..93842d5 100644 --- a/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java @@ -79,12 +79,12 @@ public class ListNetworkACLsCmd extends BaseListTaggedResourcesCmd { @Override public void execute(){ - Pair,Integer> result = _networkACLService.listNetworkACLs(this); + Pair,Integer> result = _networkACLService.listNetworkACLItems(this); ListResponse response = new ListResponse(); List aclResponses = new ArrayList(); for (FirewallRule acl : result.first()) { - NetworkACLResponse ruleData = _responseGenerator.createNetworkACLResponse(acl); + NetworkACLResponse ruleData = _responseGenerator.createNetworkACLItemResponse(acl); aclResponses.add(ruleData); } response.setResponses(aclResponses, result.second()); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/api/src/org/apache/cloudstack/api/response/NetworkACLListResponse.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/response/NetworkACLListResponse.java b/api/src/org/apache/cloudstack/api/response/NetworkACLListResponse.java new file mode 100644 index 0000000..3487851 --- /dev/null +++ b/api/src/org/apache/cloudstack/api/response/NetworkACLListResponse.java @@ -0,0 +1,57 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.response; + +import com.cloud.network.vpc.NetworkACL; +import com.cloud.serializer.Param; +import com.google.gson.annotations.SerializedName; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.BaseResponse; +import org.apache.cloudstack.api.EntityReference; + +import java.util.List; + +@EntityReference(value = NetworkACL.class) +public class NetworkACLListResponse extends BaseResponse { + @SerializedName(ApiConstants.ID) @Param(description="the ID of the ACL") + private String id; + + @SerializedName(ApiConstants.NAME) @Param(description="the Name of the ACL") + private String name; + + @SerializedName(ApiConstants.DESCRIPTION) @Param(description="Description of the ACL") + private String description; + + @SerializedName(ApiConstants.VPC_ID) @Param(description="Id of the VPC this ACL is associated with") + private String vpcId; + + public void setId(String id) { + this.id = id; + } + + public void setName(String name) { + this.name = name; + } + + public void setDescription(String description) { + this.description = description; + } + + public void setVpcId(String vpcId) { + this.vpcId = vpcId; + } +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/client/tomcatconf/applicationContext.xml.in ---------------------------------------------------------------------- diff --git a/client/tomcatconf/applicationContext.xml.in b/client/tomcatconf/applicationContext.xml.in index 67c8ccf..6050992 100644 --- a/client/tomcatconf/applicationContext.xml.in +++ b/client/tomcatconf/applicationContext.xml.in @@ -246,6 +246,7 @@ + http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/client/tomcatconf/commands.properties.in ---------------------------------------------------------------------- diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in index 0a6ec70..2078c8d 100644 --- a/client/tomcatconf/commands.properties.in +++ b/client/tomcatconf/commands.properties.in @@ -435,6 +435,10 @@ deletePrivateGateway=1 createNetworkACL=15 deleteNetworkACL=15 listNetworkACLs=15 +createNetworkACLList=15 +deleteNetworkACLList=15 +listNetworkACLLists=15 + #### Static route commands createStaticRoute=15 http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/api/ApiResponseHelper.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java index d5960ab..494ca8e 100755 --- a/server/src/com/cloud/api/ApiResponseHelper.java +++ b/server/src/com/cloud/api/ApiResponseHelper.java @@ -34,6 +34,11 @@ import java.util.TimeZone; import javax.inject.Inject; +import com.cloud.network.vpc.NetworkACL; +import com.cloud.network.vpc.PrivateGateway; +import com.cloud.network.vpc.StaticRoute; +import com.cloud.network.vpc.Vpc; +import com.cloud.network.vpc.VpcOffering; import org.apache.cloudstack.acl.ControlledEntity; import org.apache.cloudstack.acl.ControlledEntity.ACLType; import org.apache.cloudstack.affinity.AffinityGroup; @@ -84,6 +89,7 @@ import org.apache.cloudstack.api.response.LBStickinessPolicyResponse; import org.apache.cloudstack.api.response.LBStickinessResponse; import org.apache.cloudstack.api.response.LDAPConfigResponse; import org.apache.cloudstack.api.response.LoadBalancerResponse; +import org.apache.cloudstack.api.response.NetworkACLListResponse; import org.apache.cloudstack.api.response.NetworkACLResponse; import org.apache.cloudstack.api.response.NetworkOfferingResponse; import org.apache.cloudstack.api.response.NetworkResponse; @@ -230,10 +236,6 @@ import com.cloud.network.security.SecurityGroup; import com.cloud.network.security.SecurityGroupVO; import com.cloud.network.security.SecurityRule; import com.cloud.network.security.SecurityRule.SecurityRuleType; -import com.cloud.network.vpc.PrivateGateway; -import com.cloud.network.vpc.StaticRoute; -import com.cloud.network.vpc.Vpc; -import com.cloud.network.vpc.VpcOffering; import com.cloud.offering.DiskOffering; import com.cloud.offering.NetworkOffering; import com.cloud.offering.NetworkOffering.Detail; @@ -2547,7 +2549,7 @@ public class ApiResponseHelper implements ResponseGenerator { } @Override - public NetworkACLResponse createNetworkACLResponse(FirewallRule networkACL) { + public NetworkACLResponse createNetworkACLItemResponse(FirewallRule networkACL) { NetworkACLResponse response = new NetworkACLResponse(); response.setId(networkACL.getUuid()); @@ -3808,7 +3810,6 @@ public class ApiResponseHelper implements ResponseGenerator { } } - @Override public InternalLoadBalancerElementResponse createInternalLbElementResponse(VirtualRouterProvider result) { if (result.getType() != VirtualRouterProvider.VirtualRouterProviderType.InternalLbVm) { @@ -3826,7 +3827,6 @@ public class ApiResponseHelper implements ResponseGenerator { return response; } - @Override public IsolationMethodResponse createIsolationMethodResponse(IsolationType method) { IsolationMethodResponse response = new IsolationMethodResponse(); @@ -3834,4 +3834,17 @@ public class ApiResponseHelper implements ResponseGenerator { response.setObjectName("isolationmethod"); return response; } + + public NetworkACLListResponse createNetworkACLResponse(NetworkACL networkACL) { + NetworkACLListResponse response = new NetworkACLListResponse(); + response.setId(networkACL.getUuid()); + response.setName(networkACL.getName()); + response.setDescription(networkACL.getDescription()); + Vpc vpc = ApiDBUtils.findVpcById(networkACL.getVpcId()); + if(vpc != null){ + response.setVpcId(vpc.getUuid()); + } + response.setObjectName("networkacllist"); + return response; + } } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/network/vpc/NetworkACLManager.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/NetworkACLManager.java b/server/src/com/cloud/network/vpc/NetworkACLManager.java index 91891c0..515c251 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManager.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManager.java @@ -22,6 +22,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.firewall.NetworkACLService; import com.cloud.network.rules.FirewallRule; import com.cloud.user.Account; +import org.apache.cloudstack.api.command.user.network.CreateNetworkACLListCmd; public interface NetworkACLManager extends NetworkACLService{ http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java index cb44866..b00f8a1 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java @@ -24,6 +24,9 @@ import javax.ejb.Local; import javax.inject.Inject; import javax.naming.ConfigurationException; +import com.cloud.network.vpc.dao.NetworkACLDao; +import org.apache.cloudstack.api.command.user.network.CreateNetworkACLListCmd; +import org.apache.cloudstack.api.command.user.network.ListNetworkACLListsCmd; import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd; import org.apache.log4j.Logger; import org.springframework.stereotype.Component; @@ -85,6 +88,8 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana VpcManager _vpcMgr; @Inject ResourceTagDao _resourceTagDao; + @Inject + NetworkACLDao _networkACLDao; @Override public boolean applyNetworkACLs(long networkId, Account caller) throws ResourceUnavailableException { @@ -93,7 +98,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana } @Override - public FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException { + public FirewallRule createNetworkACLItem(FirewallRule acl) throws NetworkRuleConflictException { if (acl.getSourceCidrList() == null && (acl.getPurpose() == Purpose.Firewall || acl.getPurpose() == Purpose.NetworkACL)) { _firewallDao.loadSourceCidrs((FirewallRuleVO)acl); } @@ -174,7 +179,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana txn.commit(); - return getNetworkACL(newRule.getId()); + return getNetworkACLItem(newRule.getId()); } @@ -320,7 +325,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana @Override - public FirewallRule getNetworkACL(long ACLId) { + public FirewallRule getNetworkACLItem(long ACLId) { FirewallRule rule = _firewallDao.findById(ACLId); if (rule != null && rule.getPurpose() == Purpose.NetworkACL) { return rule; @@ -330,7 +335,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana @Override - public Pair,Integer> listNetworkACLs(ListNetworkACLsCmd cmd) { + public Pair,Integer> listNetworkACLItems(ListNetworkACLsCmd cmd) { Long networkId = cmd.getNetworkId(); Long id = cmd.getId(); String trafficType = cmd.getTrafficType(); @@ -438,5 +443,31 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana return success; } - + + @Override + public NetworkACL createNetworkACL(CreateNetworkACLListCmd cmd){ + NetworkACLVO acl = new NetworkACLVO(cmd.getName(), cmd.getDescription(), cmd.getVpcId()); + _networkACLDao.persist(acl); + return acl; + } + + @Override + public NetworkACL getNetworkACL(long id) { + return _networkACLDao.findById(id); + } + + @Override + public boolean deleteNetworkACL(long id) { + return _networkACLDao.remove(id); + } + + @Override + public Pair, Integer> listNetworkACLs(ListNetworkACLListsCmd listNetworkACLListsCmd) { + SearchBuilder sb = _networkACLDao.createSearchBuilder(); + SearchCriteria sc = sb.create(); + Filter filter = new Filter(NetworkACLVO.class, "id", false, null, null); + Pair, Integer> acls = _networkACLDao.searchAndCount(sc, filter); + return new Pair, Integer>(acls.first(), acls.second()); + } + } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/network/vpc/NetworkACLVO.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/NetworkACLVO.java b/server/src/com/cloud/network/vpc/NetworkACLVO.java new file mode 100644 index 0000000..29afc00 --- /dev/null +++ b/server/src/com/cloud/network/vpc/NetworkACLVO.java @@ -0,0 +1,78 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package com.cloud.network.vpc; + +import javax.persistence.*; +import java.util.UUID; + +@Entity +@Table(name="network_acl") +public class NetworkACLVO implements NetworkACL{ + + @Id + @GeneratedValue(strategy= GenerationType.IDENTITY) + @Column(name="id") + private long id; + + @Column(name="vpc_id") + Long vpcId; + + @Column(name="uuid") + private String uuid; + + @Column(name="name") + private String name; + + @Column(name="description") + private String description; + + protected NetworkACLVO(){ + } + + protected NetworkACLVO(String name, String description, long vpcId){ + this.uuid = UUID.randomUUID().toString(); + this.name = name; + this.description = description; + this.vpcId = vpcId; + } + + @Override + public String getDescription() { + return description; + } + + @Override + public String getUuid() { + return uuid; + } + + @Override + public Long getVpcId() { + return vpcId; + } + + @Override + public long getId() { + return id; + } + + @Override + public String getName() { + return name; + } +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/network/vpc/dao/NetworkACLDao.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/dao/NetworkACLDao.java b/server/src/com/cloud/network/vpc/dao/NetworkACLDao.java new file mode 100644 index 0000000..fb2b331 --- /dev/null +++ b/server/src/com/cloud/network/vpc/dao/NetworkACLDao.java @@ -0,0 +1,23 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.vpc.dao; + +import com.cloud.network.vpc.NetworkACLVO; +import com.cloud.utils.db.GenericDao; + +public interface NetworkACLDao extends GenericDao{ +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/network/vpc/dao/NetworkACLDaoImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/dao/NetworkACLDaoImpl.java b/server/src/com/cloud/network/vpc/dao/NetworkACLDaoImpl.java new file mode 100644 index 0000000..fd3308d --- /dev/null +++ b/server/src/com/cloud/network/vpc/dao/NetworkACLDaoImpl.java @@ -0,0 +1,35 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.vpc.dao; + +import com.cloud.network.vpc.NetworkACLVO; +import com.cloud.utils.db.DB; +import com.cloud.utils.db.GenericDaoBase; +import com.cloud.utils.db.SearchBuilder; +import org.springframework.stereotype.Component; + +import javax.ejb.Local; + +@Component +@Local(value = NetworkACLDao.class) +@DB(txn = false) +public class NetworkACLDaoImpl extends GenericDaoBase implements NetworkACLDao{ + + protected NetworkACLDaoImpl() { + } + +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/server/src/com/cloud/server/ManagementServerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index 86c1a64..ec19942 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -2879,6 +2879,9 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe cmdList.add(ListNetworkIsolationMethodsCmd.class); cmdList.add(ListNetworkIsolationMethodsCmd.class); + cmdList.add(CreateNetworkACLListCmd.class); + cmdList.add(DeleteNetworkACLListCmd.class); + cmdList.add(ListNetworkACLListsCmd.class); return cmdList; } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ebf8a7fd/setup/db/create-schema.sql ---------------------------------------------------------------------- diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql index b1feb02..832ecc6 100755 --- a/setup/db/create-schema.sql +++ b/setup/db/create-schema.sql @@ -196,6 +196,8 @@ DROP TABLE IF EXISTS `cloud`.`vm_network_map`; DROP TABLE IF EXISTS `cloud`.`netapp_volume`; DROP TABLE IF EXISTS `cloud`.`netapp_pool`; DROP TABLE IF EXISTS `cloud`.`netapp_lun`; +DROP TABLE IF EXISTS `cloud`.`network_acl`; +DROP TABLE IF EXISTS `cloud`.`network_acl_item`; CREATE TABLE `cloud`.`version` ( `id` bigint unsigned NOT NULL UNIQUE AUTO_INCREMENT COMMENT 'id', @@ -268,6 +270,7 @@ CREATE TABLE `cloud`.`networks` ( `removed` datetime COMMENT 'date removed if not null', `specify_ip_ranges` int(1) unsigned NOT NULL DEFAULT 0 COMMENT 'true if the network provides an ability to define ip ranges', `vpc_id` bigint unsigned COMMENT 'vpc this network belongs to', + `network_acl_id` bigint unsigned COMMENT 'network acl id', PRIMARY KEY (`id`), CONSTRAINT `fk_networks__network_offering_id` FOREIGN KEY (`network_offering_id`) REFERENCES `network_offerings`(`id`), CONSTRAINT `fk_networks__data_center_id` FOREIGN KEY (`data_center_id`) REFERENCES `data_center`(`id`) ON DELETE CASCADE, @@ -2475,5 +2478,37 @@ CREATE TABLE `cloud`.`nicira_nvp_nic_map` ( CONSTRAINT `fk_nicira_nvp_nic_map__nic` FOREIGN KEY(`nic`) REFERENCES `nics`(`uuid`) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8; +CREATE TABLE `cloud`.`network_acl` ( + `id` bigint unsigned NOT NULL auto_increment COMMENT 'id', + `name` varchar(255) NOT NULL COMMENT 'name of the network acl', + `uuid` varchar(40), + `vpc_id` bigint unsigned COMMENT 'vpc this network acl belongs to', + `description` varchar(1024), + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +CREATE TABLE `cloud`.`network_acl_item` ( + `id` bigint unsigned NOT NULL auto_increment COMMENT 'id', + `uuid` varchar(40), + `network_acl_id` bigint unsigned NOT NULL COMMENT 'network acl id', + `start_port` int(10) COMMENT 'starting port of a port range', + `end_port` int(10) COMMENT 'end port of a port range', + `state` char(32) NOT NULL COMMENT 'current state of this rule', + `protocol` char(16) NOT NULL default 'TCP' COMMENT 'protocol to open these ports for', + `account_id` bigint unsigned NOT NULL COMMENT 'owner id', + `domain_id` bigint unsigned NOT NULL COMMENT 'domain id', + `xid` char(40) NOT NULL COMMENT 'external id', + `created` datetime COMMENT 'Date created', + `icmp_code` int(10) COMMENT 'The ICMP code (if protocol=ICMP). A value of -1 means all codes for the given ICMP type.', + `icmp_type` int(10) COMMENT 'The ICMP type (if protocol=ICMP). A value of -1 means all types.', + `type` varchar(10) NOT NULL DEFAULT 'USER', + `traffic_type` char(32) COMMENT 'the traffic type of the rule, can be Ingress or Egress', + PRIMARY KEY (`id`), + CONSTRAINT `fk_network_acl_item__account_id` FOREIGN KEY(`account_id`) REFERENCES `account`(`id`) ON DELETE CASCADE, + CONSTRAINT `fk_network_acl_item__domain_id` FOREIGN KEY(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE, + CONSTRAINT `fk_network_acl_item__acl_id` FOREIGN KEY(`network_acl_id`) REFERENCES `network_acl`(`id`) ON DELETE CASCADE, + CONSTRAINT `uc_network_acl_item__uuid` UNIQUE (`uuid`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + SET foreign_key_checks = 1;