Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B5AF911246 for ; Tue, 17 Jun 2014 11:39:03 +0000 (UTC) Received: (qmail 22266 invoked by uid 500); 17 Jun 2014 11:39:03 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 22240 invoked by uid 500); 17 Jun 2014 11:39:03 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 22231 invoked by uid 99); 17 Jun 2014 11:39:03 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Jun 2014 11:39:03 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 4776F9803FF; Tue, 17 Jun 2014 11:39:03 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: dahn@apache.org To: commits@cloudstack.apache.org Message-Id: <53fa1fd295bb4c8884cdf8b24a3c876e@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: git commit: updated refs/heads/4.4 to c82b61a Date: Tue, 17 Jun 2014 11:39:03 +0000 (UTC) Repository: cloudstack Updated Branches: refs/heads/4.4 f8fe4c879 -> c82b61a92 CLOUDSTACK-6922: Updated events for firewall ingress and egress (cherry picked from commit 2214bd2502a34ee8e671eb6b4efe8cd26e29ac5a) Conflicts: api/src/com/cloud/event/EventTypes.java Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c82b61a9 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c82b61a9 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c82b61a9 Branch: refs/heads/4.4 Commit: c82b61a92fd711bca3f4caa0fcdcb855403d99c2 Parents: f8fe4c8 Author: Jayapal Authored: Tue Jun 17 12:06:03 2014 +0530 Committer: Daan Hoogland Committed: Tue Jun 17 13:21:50 2014 +0200 ---------------------------------------------------------------------- api/src/com/cloud/event/EventTypes.java | 19 ++++++++--- .../cloud/network/firewall/FirewallService.java | 8 +++-- .../firewall/CreateEgressFirewallRuleCmd.java | 4 +-- .../user/firewall/CreateFirewallRuleCmd.java | 4 +-- .../firewall/DeleteEgressFirewallRuleCmd.java | 4 +-- .../user/firewall/DeleteFirewallRuleCmd.java | 2 +- .../firewall/UpdateEgressFirewallRuleCmd.java | 4 +-- .../user/firewall/UpdateFirewallRuleCmd.java | 2 +- .../network/firewall/FirewallManagerImpl.java | 36 +++++++++++++++++--- .../cloud/network/MockFirewallManagerImpl.java | 35 ++++++++++++++----- 10 files changed, 89 insertions(+), 29 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/com/cloud/event/EventTypes.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java index 5c20dbf..8f770c1 100755 --- a/api/src/com/cloud/event/EventTypes.java +++ b/api/src/com/cloud/event/EventTypes.java @@ -126,6 +126,10 @@ public class EventTypes { public static final String EVENT_FIREWALL_CLOSE = "FIREWALL.CLOSE"; public static final String EVENT_FIREWALL_UPDATE = "FIREWALL.UPDATE"; + public static final String EVENT_FIREWALL_EGRESS_OPEN = "FIREWALL.EGRESS.OPEN"; + public static final String EVENT_FIREWALL_EGRESS_CLOSE = "FIREWALL.EGRESS.CLOSE"; + public static final String EVENT_FIREWALL_EGRESS_UPDATE = "FIREWALL.EGRESS.UPDATE"; + //NIC Events public static final String EVENT_NIC_CREATE = "NIC.CREATE"; public static final String EVENT_NIC_DELETE = "NIC.DELETE"; @@ -546,12 +550,17 @@ public class EventTypes { entityEventDetails.put(EVENT_NETWORK_UPDATE, Network.class); entityEventDetails.put(EVENT_NETWORK_RESTART, Network.class); entityEventDetails.put(EVENT_NET_IP_ASSIGN, PublicIpAddress.class); + entityEventDetails.put(EVENT_PORTABLE_IP_ASSIGN, PublicIpAddress.class); + entityEventDetails.put(EVENT_PORTABLE_IP_RELEASE, PublicIpAddress.class); entityEventDetails.put(EVENT_NET_IP_RELEASE, PublicIpAddress.class); - entityEventDetails.put(EVENT_NET_RULE_ADD, Network.class); - entityEventDetails.put(EVENT_NET_RULE_DELETE, Network.class); - entityEventDetails.put(EVENT_NET_RULE_MODIFY, Network.class); - entityEventDetails.put(EVENT_FIREWALL_OPEN, Network.class); - entityEventDetails.put(EVENT_FIREWALL_CLOSE, Network.class); + entityEventDetails.put(EVENT_NET_RULE_ADD, FirewallRule.class); + entityEventDetails.put(EVENT_NET_RULE_DELETE, FirewallRule.class); + entityEventDetails.put(EVENT_NET_RULE_MODIFY, FirewallRule.class); + entityEventDetails.put(EVENT_FIREWALL_OPEN, FirewallRule.class); + entityEventDetails.put(EVENT_FIREWALL_CLOSE, FirewallRule.class); + entityEventDetails.put(EVENT_FIREWALL_EGRESS_OPEN, FirewallRule.class); + entityEventDetails.put(EVENT_FIREWALL_EGRESS_CLOSE, FirewallRule.class); + entityEventDetails.put(EVENT_FIREWALL_EGRESS_UPDATE, FirewallRule.class); // Load Balancers entityEventDetails.put(EVENT_ASSIGN_TO_LOAD_BALANCER_RULE, FirewallRule.class); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/com/cloud/network/firewall/FirewallService.java ---------------------------------------------------------------------- diff --git a/api/src/com/cloud/network/firewall/FirewallService.java b/api/src/com/cloud/network/firewall/FirewallService.java index 5ab7891..41b170d 100644 --- a/api/src/com/cloud/network/firewall/FirewallService.java +++ b/api/src/com/cloud/network/firewall/FirewallService.java @@ -40,7 +40,8 @@ public interface FirewallService { * the id of the rule to revoke. * @return */ - boolean revokeFirewallRule(long ruleId, boolean apply); + boolean revokeIngressFirewallRule(long ruleId, boolean apply); + boolean revokeEgressFirewallRule(long ruleId, boolean apply); boolean applyEgressFirewallRules(FirewallRule rule, Account caller) throws ResourceUnavailableException; @@ -50,6 +51,9 @@ public interface FirewallService { boolean revokeRelatedFirewallRule(long ruleId, boolean apply); - FirewallRule updateFirewallRule(long ruleId, String customId, Boolean forDisplay); + FirewallRule updateIngressFirewallRule(long ruleId, String customId, Boolean forDisplay); + FirewallRule updateEgressFirewallRule(long ruleId, String customId, Boolean forDisplay); + boolean applyIngressFwRules(long ipId, Account caller) throws ResourceUnavailableException; + boolean revokeIngressFwRule(long ruleId, boolean apply); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java index 579cccb..90aed5e 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java @@ -154,7 +154,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F fwResponse.setResponseName(getCommandName()); } finally { if (!success || rule == null) { - _firewallService.revokeFirewallRule(getEntityId(), true); + _firewallService.revokeEgressFirewallRule(getEntityId(), true); throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create firewall rule"); } } @@ -270,7 +270,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F @Override public String getEventType() { - return EventTypes.EVENT_FIREWALL_OPEN; + return EventTypes.EVENT_FIREWALL_EGRESS_OPEN; } @Override http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java index b09d3a7..0666935 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java @@ -134,7 +134,7 @@ public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements Firewal FirewallRule rule = _entityMgr.findById(FirewallRule.class, getEntityId()); try { CallContext.current().setEventDetails("Rule Id: " + getEntityId()); - success = _firewallService.applyIngressFirewallRules(rule.getSourceIpAddressId(), callerContext.getCallingAccount()); + success = _firewallService.applyIngressFwRules(rule.getSourceIpAddressId(), callerContext.getCallingAccount()); // State is different after the rule is applied, so get new object here rule = _entityMgr.findById(FirewallRule.class, getEntityId()); @@ -146,7 +146,7 @@ public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements Firewal fwResponse.setResponseName(getCommandName()); } finally { if (!success || rule == null) { - _firewallService.revokeFirewallRule(getEntityId(), true); + _firewallService.revokeIngressFwRule(getEntityId(), true); throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create firewall rule"); } } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java index 4d22772..17968fc 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java @@ -74,7 +74,7 @@ public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd { @Override public String getEventType() { - return EventTypes.EVENT_FIREWALL_CLOSE; + return EventTypes.EVENT_FIREWALL_EGRESS_CLOSE; } @Override @@ -98,7 +98,7 @@ public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd { @Override public void execute() throws ResourceUnavailableException { CallContext.current().setEventDetails("Rule Id: " + id); - boolean result = _firewallService.revokeFirewallRule(id, true); + boolean result = _firewallService.revokeEgressFirewallRule(id, true); if (result) { SuccessResponse response = new SuccessResponse(getCommandName()); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java index 66dcc03..f8d1c18 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java @@ -96,7 +96,7 @@ public class DeleteFirewallRuleCmd extends BaseAsyncCmd { @Override public void execute() throws ResourceUnavailableException { CallContext.current().setEventDetails("Rule Id: " + id); - boolean result = _firewallService.revokeFirewallRule(id, true); + boolean result = _firewallService.revokeIngressFwRule(id, true); if (result) { SuccessResponse response = new SuccessResponse(getCommandName()); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java index 0795396..b597a89 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java @@ -78,7 +78,7 @@ public class UpdateEgressFirewallRuleCmd extends BaseAsyncCustomIdCmd { @Override public void execute() throws ResourceUnavailableException { CallContext.current().setEventDetails("Rule Id: " + id); - FirewallRule rule = _firewallService.updateFirewallRule(id, this.getCustomId(), getDisplay()); + FirewallRule rule = _firewallService.updateEgressFirewallRule(id, this.getCustomId(), getDisplay()); FirewallResponse fwResponse = new FirewallResponse(); if (rule != null) { @@ -97,7 +97,7 @@ public class UpdateEgressFirewallRuleCmd extends BaseAsyncCustomIdCmd { @Override public String getEventType() { - return EventTypes.EVENT_FIREWALL_UPDATE; + return EventTypes.EVENT_FIREWALL_EGRESS_UPDATE; } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java index f684371..e9c87d0 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java @@ -79,7 +79,7 @@ public class UpdateFirewallRuleCmd extends BaseAsyncCustomIdCmd { @Override public void execute() throws ResourceUnavailableException { CallContext.current().setEventDetails("Rule Id: " + id); - FirewallRule rule = _firewallService.updateFirewallRule(id, this.getCustomId(), getDisplay()); + FirewallRule rule = _firewallService.updateIngressFirewallRule(id, this.getCustomId(), getDisplay()); FirewallResponse fwResponse = new FirewallResponse(); if (rule != null) { http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/server/src/com/cloud/network/firewall/FirewallManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index 4f853b3..dd928d8 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -161,7 +161,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } @Override - @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_OPEN, eventDescription = "creating firewall rule", create = true) + @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_EGRESS_OPEN, eventDescription = "creating egress firewall rule for network", create = true) public FirewallRule createEgressFirewallRule(FirewallRule rule) throws NetworkRuleConflictException { Account caller = CallContext.current().getCallingAccount(); @@ -613,12 +613,19 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } @Override + @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_OPEN, eventDescription = "creating firewall rule", async = true) + public boolean applyIngressFwRules(long ipId, Account caller) throws ResourceUnavailableException { + return applyIngressFirewallRules(ipId, caller); + } + + @Override public boolean applyIngressFirewallRules(long ipId, Account caller) throws ResourceUnavailableException { List rules = _firewallDao.listByIpAndPurpose(ipId, Purpose.Firewall); return applyFirewallRules(rules, false, caller); } @Override + @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_EGRESS_OPEN, eventDescription = "creating egress firewall rule", async = true) public boolean applyEgressFirewallRules(FirewallRule rule, Account caller) throws ResourceUnavailableException { List rules = _firewallDao.listByNetworkPurposeTrafficType(rule.getNetworkId(), Purpose.Firewall, FirewallRule.TrafficType.Egress); return applyFirewallRules(rules, false, caller); @@ -719,7 +726,21 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, @Override @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_CLOSE, eventDescription = "revoking firewall rule", async = true) - public boolean revokeFirewallRule(long ruleId, boolean apply) { + public boolean revokeIngressFwRule(long ruleId, boolean apply) { + return revokeIngressFirewallRule(ruleId, apply); + } + + + @Override + public boolean revokeIngressFirewallRule(long ruleId, boolean apply) { + Account caller = CallContext.current().getCallingAccount(); + long userId = CallContext.current().getCallingUserId(); + return revokeFirewallRule(ruleId, apply, caller, userId); + } + + @Override + @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_EGRESS_CLOSE, eventDescription = "revoking egress firewall rule", async = true) + public boolean revokeEgressFirewallRule(long ruleId, boolean apply) { Account caller = CallContext.current().getCallingAccount(); long userId = CallContext.current().getCallingUserId(); return revokeFirewallRule(ruleId, apply, caller, userId); @@ -727,7 +748,14 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, @Override @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_UPDATE, eventDescription = "updating firewall rule", async = true) - public FirewallRule updateFirewallRule(long ruleId, String customId, Boolean forDisplay) { + public FirewallRule updateIngressFirewallRule(long ruleId, String customId, Boolean forDisplay) { + Account caller = CallContext.current().getCallingAccount(); + return updateFirewallRule(ruleId, customId, caller, forDisplay); + } + + @Override + @ActionEvent(eventType = EventTypes.EVENT_FIREWALL_EGRESS_UPDATE, eventDescription = "updating egress firewall rule", async = true) + public FirewallRule updateEgressFirewallRule(long ruleId, String customId, Boolean forDisplay) { Account caller = CallContext.current().getCallingAccount(); return updateFirewallRule(ruleId, customId, caller, forDisplay); } @@ -881,7 +909,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } s_logger.debug("Revoking Firewall rule id=" + fwRule.getId() + " as a part of rule delete id=" + ruleId + " with apply=" + apply); - return revokeFirewallRule(fwRule.getId(), apply); + return revokeIngressFirewallRule(fwRule.getId(), apply); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c82b61a9/server/test/com/cloud/network/MockFirewallManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/test/com/cloud/network/MockFirewallManagerImpl.java b/server/test/com/cloud/network/MockFirewallManagerImpl.java index 3c02613..e484e61 100644 --- a/server/test/com/cloud/network/MockFirewallManagerImpl.java +++ b/server/test/com/cloud/network/MockFirewallManagerImpl.java @@ -70,9 +70,13 @@ public class MockFirewallManagerImpl extends ManagerBase implements FirewallMana } @Override - public boolean revokeFirewallRule(long ruleId, boolean apply) { - // TODO Auto-generated method stub - return false; + public boolean revokeIngressFirewallRule(long ruleId, boolean apply) { + return false; //To change body of implemented methods use File | Settings | File Templates. + } + + @Override + public boolean revokeEgressFirewallRule(long ruleId, boolean apply) { + return false; //To change body of implemented methods use File | Settings | File Templates. } @Override @@ -88,6 +92,26 @@ public class MockFirewallManagerImpl extends ManagerBase implements FirewallMana } @Override + public FirewallRule updateIngressFirewallRule(long ruleId, String customId, Boolean forDisplay) { + return null; //To change body of implemented methods use File | Settings | File Templates. + } + + @Override + public FirewallRule updateEgressFirewallRule(long ruleId, String customId, Boolean forDisplay) { + return null; //To change body of implemented methods use File | Settings | File Templates. + } + + @Override + public boolean applyIngressFwRules(long ipId, Account caller) throws ResourceUnavailableException { + return false; //To change body of implemented methods use File | Settings | File Templates. + } + + @Override + public boolean revokeIngressFwRule(long ruleId, boolean apply) { + return false; //To change body of implemented methods use File | Settings | File Templates. + } + + @Override public void detectRulesConflict(FirewallRule newRule) throws NetworkRuleConflictException { // TODO Auto-generated method stub @@ -184,10 +208,5 @@ public class MockFirewallManagerImpl extends ManagerBase implements FirewallMana return null; } - @Override - public FirewallRule updateFirewallRule(long ruleId, String customId, Boolean forDisplay) { - // TODO Auto-generated method stub - return null; - } }