Search in sources :

Example 11 with NetworkACL

use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.

the class ApiResponseHelper method createIPAddressResponse.

@Override
public IPAddressResponse createIPAddressResponse(final ResponseView view, final IpAddress ipAddr) {
    final VlanVO vlan = ApiDBUtils.findVlanById(ipAddr.getVlanId());
    final boolean forVirtualNetworks = vlan.getVlanType().equals(VlanType.VirtualNetwork);
    final long zoneId = ipAddr.getDataCenterId();
    final IPAddressResponse ipResponse = new IPAddressResponse();
    ipResponse.setId(ipAddr.getUuid());
    ipResponse.setIpAddress(ipAddr.getAddress().toString());
    if (ipAddr.getAllocatedTime() != null) {
        ipResponse.setAllocated(ipAddr.getAllocatedTime());
    }
    final DataCenter zone = ApiDBUtils.findZoneById(ipAddr.getDataCenterId());
    if (zone != null) {
        ipResponse.setZoneId(zone.getUuid());
        ipResponse.setZoneName(zone.getName());
    }
    ipResponse.setSourceNat(ipAddr.isSourceNat());
    ipResponse.setIsSystem(ipAddr.getSystem());
    // get account information
    if (ipAddr.getAllocatedToAccountId() != null) {
        populateOwner(ipResponse, ipAddr);
    }
    ipResponse.setForVirtualNetwork(forVirtualNetworks);
    ipResponse.setStaticNat(ipAddr.isOneToOneNat());
    if (ipAddr.getAssociatedWithVmId() != null) {
        final UserVm vm = ApiDBUtils.findUserVmById(ipAddr.getAssociatedWithVmId());
        if (vm != null) {
            ipResponse.setVirtualMachineId(vm.getUuid());
            ipResponse.setVirtualMachineName(vm.getHostName());
            if (vm.getDisplayName() != null) {
                ipResponse.setVirtualMachineDisplayName(vm.getDisplayName());
            } else {
                ipResponse.setVirtualMachineDisplayName(vm.getHostName());
            }
        }
    }
    if (ipAddr.getVmIp() != null) {
        ipResponse.setVirtualMachineIp(ipAddr.getVmIp());
    }
    if (ipAddr.getAssociatedWithNetworkId() != null) {
        final Network ntwk = ApiDBUtils.findNetworkById(ipAddr.getAssociatedWithNetworkId());
        if (ntwk != null) {
            ipResponse.setAssociatedNetworkId(ntwk.getUuid());
            ipResponse.setAssociatedNetworkName(ntwk.getName());
        }
    }
    if (ipAddr.getVpcId() != null) {
        final Vpc vpc = ApiDBUtils.findVpcById(ipAddr.getVpcId());
        if (vpc != null) {
            ipResponse.setVpcId(vpc.getUuid());
        }
    }
    // Network id the ip is associated with (if associated networkId is
    // null, try to get this information from vlan)
    final Long vlanNetworkId = ApiDBUtils.getVlanNetworkId(ipAddr.getVlanId());
    // Network id the ip belongs to
    final Long networkId;
    if (vlanNetworkId != null) {
        networkId = vlanNetworkId;
    } else {
        networkId = ApiDBUtils.getPublicNetworkIdByZone(zoneId);
    }
    if (networkId != null) {
        final NetworkVO nw = ApiDBUtils.findNetworkById(networkId);
        if (nw != null) {
            ipResponse.setNetworkId(nw.getUuid());
            ipResponse.setAssociatedNetworkName(nw.getName());
        }
    }
    ipResponse.setState(ipAddr.getState().toString());
    final NetworkACL acl = ApiDBUtils.findByNetworkACLId(ipAddr.getIpACLId());
    if (acl != null) {
        ipResponse.setAclId(acl.getUuid());
        ipResponse.setAclName(acl.getName());
    }
    if (ipAddr.getPhysicalNetworkId() != null) {
        final PhysicalNetworkVO pnw = ApiDBUtils.findPhysicalNetworkById(ipAddr.getPhysicalNetworkId());
        if (pnw != null) {
            ipResponse.setPhysicalNetworkId(pnw.getUuid());
        }
    }
    // show this info to full view only
    if (view == ResponseView.Full) {
        final VlanVO vl = ApiDBUtils.findVlanById(ipAddr.getVlanId());
        if (vl != null) {
            ipResponse.setVlanId(vl.getUuid());
            ipResponse.setVlanName(vl.getVlanTag());
        }
    }
    if (ipAddr.getSystem()) {
        if (ipAddr.isOneToOneNat()) {
            ipResponse.setPurpose(IpAddress.Purpose.StaticNat.toString());
        } else {
            ipResponse.setPurpose(IpAddress.Purpose.Lb.toString());
        }
    }
    ipResponse.setForDisplay(ipAddr.isDisplay());
    // set tag information
    final List<? extends ResourceTag> tags = ApiDBUtils.listByResourceTypeAndId(ResourceObjectType.PublicIpAddress, ipAddr.getId());
    final List<ResourceTagResponse> tagResponses = new ArrayList<>();
    for (final ResourceTag tag : tags) {
        final ResourceTagResponse tagResponse = createResourceTagResponse(tag, true);
        if (tagResponse != null) {
            tagResponses.add(tagResponse);
        }
    }
    ipResponse.setTags(tagResponses);
    ipResponse.setObjectName("ipaddress");
    return ipResponse;
}
Also used : PhysicalNetworkVO(com.cloud.network.dao.PhysicalNetworkVO) NetworkVO(com.cloud.network.dao.NetworkVO) Vpc(com.cloud.legacymodel.network.vpc.Vpc) ArrayList(java.util.ArrayList) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL) UserVm(com.cloud.uservm.UserVm) DataCenter(com.cloud.legacymodel.dc.DataCenter) ResourceTag(com.cloud.server.ResourceTag) PhysicalNetwork(com.cloud.network.PhysicalNetwork) Network(com.cloud.legacymodel.network.Network) PhysicalNetworkVO(com.cloud.network.dao.PhysicalNetworkVO) ResourceTagResponse(com.cloud.api.response.ResourceTagResponse) VlanVO(com.cloud.dc.VlanVO) IPAddressResponse(com.cloud.api.response.IPAddressResponse)

Example 12 with NetworkACL

use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.

the class NetworkACLServiceImpl method replaceNetworkACLonPrivateGw.

@Override
public boolean replaceNetworkACLonPrivateGw(final long aclId, final long privateGatewayId) throws ResourceUnavailableException {
    final Account caller = CallContext.current().getCallingAccount();
    final VpcGateway gateway = _vpcGatewayDao.findById(privateGatewayId);
    if (gateway == null) {
        throw new InvalidParameterValueException("Unable to find specified private gateway");
    }
    final VpcGatewayVO vo = _vpcGatewayDao.findById(privateGatewayId);
    if (vo.getState() != VpcGateway.State.Ready) {
        throw new InvalidParameterValueException("Gateway is not in Ready state");
    }
    final NetworkACL acl = _networkACLDao.findById(aclId);
    if (acl == null) {
        throw new InvalidParameterValueException("Unable to find specified NetworkACL");
    }
    if (gateway.getVpcId() == null) {
        throw new InvalidParameterValueException("Unable to find specified vpc id");
    }
    if (aclId != NetworkACL.DEFAULT_DENY && aclId != NetworkACL.DEFAULT_ALLOW) {
        final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
        if (vpc == null) {
            throw new InvalidParameterValueException("Unable to find Vpc associated with the NetworkACL");
        }
        _accountMgr.checkAccess(caller, null, true, vpc);
        if (!gateway.getVpcId().equals(acl.getVpcId())) {
            throw new InvalidParameterValueException("private gateway: " + privateGatewayId + " and ACL: " + aclId + " do not belong to the same VPC");
        }
    }
    final PrivateGateway privateGateway = _vpcSvc.getVpcPrivateGateway(gateway.getId());
    _accountMgr.checkAccess(caller, null, true, privateGateway);
    return _networkAclMgr.replaceNetworkACLForPrivateGw(acl, privateGateway);
}
Also used : Account(com.cloud.legacymodel.user.Account) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) VpcGateway(com.cloud.legacymodel.network.vpc.VpcGateway) Vpc(com.cloud.legacymodel.network.vpc.Vpc) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL) PrivateGateway(com.cloud.legacymodel.network.vpc.PrivateGateway)

Example 13 with NetworkACL

use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.

the class NetworkACLServiceImpl method revokeNetworkACLItem.

@Override
@ActionEvent(eventType = EventTypes.EVENT_NETWORK_ACL_ITEM_DELETE, eventDescription = "Deleting Network ACL Item", async = true)
public boolean revokeNetworkACLItem(final long ruleId) {
    final NetworkACLItemVO aclItem = _networkACLItemDao.findById(ruleId);
    if (aclItem != null) {
        final NetworkACL acl = _networkAclMgr.getNetworkACL(aclItem.getAclId());
        final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
        if (aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW || aclItem.getAclId() == NetworkACL.DEFAULT_DENY) {
            throw new InvalidParameterValueException("ACL Items in default ACL cannot be deleted");
        }
        final Account caller = CallContext.current().getCallingAccount();
        _accountMgr.checkAccess(caller, null, true, vpc);
    }
    return _networkAclMgr.revokeNetworkACLItem(ruleId);
}
Also used : Account(com.cloud.legacymodel.user.Account) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) Vpc(com.cloud.legacymodel.network.vpc.Vpc) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL) ActionEvent(com.cloud.event.ActionEvent)

Example 14 with NetworkACL

use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.

the class NetworkACLServiceImpl method deleteNetworkACL.

@Override
@ActionEvent(eventType = EventTypes.EVENT_NETWORK_ACL_DELETE, eventDescription = "Deleting Network ACL List", async = true)
public boolean deleteNetworkACL(final long id) {
    final Account caller = CallContext.current().getCallingAccount();
    final NetworkACL acl = _networkACLDao.findById(id);
    if (acl == null) {
        throw new InvalidParameterValueException("Unable to find specified ACL");
    }
    // Do not allow deletion of default ACLs
    if (acl.getId() == NetworkACL.DEFAULT_ALLOW || acl.getId() == NetworkACL.DEFAULT_DENY) {
        throw new InvalidParameterValueException("Default ACL cannot be removed");
    }
    final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
    if (vpc == null) {
        throw new InvalidParameterValueException("Unable to find specified VPC associated with the ACL");
    }
    _accountMgr.checkAccess(caller, null, true, vpc);
    return _networkAclMgr.deleteNetworkACL(acl);
}
Also used : Account(com.cloud.legacymodel.user.Account) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) Vpc(com.cloud.legacymodel.network.vpc.Vpc) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL) ActionEvent(com.cloud.event.ActionEvent)

Example 15 with NetworkACL

use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.

the class NetworkACLServiceImpl method createNetworkACLItem.

@Override
public NetworkACLItem createNetworkACLItem(final CreateNetworkACLCmd aclItemCmd) {
    final Account caller = CallContext.current().getCallingAccount();
    Long aclId = aclItemCmd.getACLId();
    if (aclId == null) {
        // ACL id is not specified. Get the ACL details from network
        if (aclItemCmd.getNetworkId() == null) {
            throw new InvalidParameterValueException("Cannot create Network ACL Item. ACL Id or network Id is required");
        }
        final Network network = _networkMgr.getNetwork(aclItemCmd.getNetworkId());
        if (network.getVpcId() == null) {
            throw new InvalidParameterValueException("Network: " + network.getUuid() + " does not belong to VPC");
        }
        aclId = network.getNetworkACLId();
        if (aclId == null) {
            // Network is not associated with any ACL. Create a new ACL and add aclItem in it for backward compatibility
            s_logger.debug("Network " + network.getId() + " is not associated with any ACL. Creating an ACL before adding acl item");
            // verify that ACLProvider is supported by network offering
            if (!_networkModel.areServicesSupportedByNetworkOffering(network.getNetworkOfferingId(), Network.Service.NetworkACL)) {
                throw new InvalidParameterValueException("Network Offering does not support NetworkACL service");
            }
            final Vpc vpc = _entityMgr.findById(Vpc.class, network.getVpcId());
            if (vpc == null) {
                throw new InvalidParameterValueException("Unable to find Vpc associated with the Network");
            }
            // Create new ACL
            final String aclName = "VPC_" + vpc.getName() + "_Tier_" + network.getName() + "_ACL_" + network.getUuid();
            final String description = "ACL for " + aclName;
            final NetworkACL acl = _networkAclMgr.createNetworkACL(aclName, description, network.getVpcId(), aclItemCmd.getDisplay());
            if (acl == null) {
                throw new CloudRuntimeException("Error while create ACL before adding ACL Item for network " + network.getId());
            }
            s_logger.debug("Created ACL: " + aclName + " for network " + network.getId());
            aclId = acl.getId();
            // Apply acl to network
            try {
                if (!_networkAclMgr.replaceNetworkACL(acl, (NetworkVO) network)) {
                    throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId());
                }
                s_logger.debug("Created ACL is applied to network " + network.getId());
            } catch (final ResourceUnavailableException e) {
                throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId(), e);
            }
        }
    }
    final NetworkACL acl = _networkAclMgr.getNetworkACL(aclId);
    if (acl == null) {
        throw new InvalidParameterValueException("Unable to find specified ACL");
    }
    if (aclId == NetworkACL.DEFAULT_DENY || aclId == NetworkACL.DEFAULT_ALLOW) {
        throw new InvalidParameterValueException("Default ACL cannot be modified");
    }
    final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
    if (vpc == null) {
        throw new InvalidParameterValueException("Unable to find Vpc associated with the NetworkACL");
    }
    _accountMgr.checkAccess(caller, null, true, vpc);
    // Ensure that number is unique within the ACL
    if (aclItemCmd.getNumber() != null) {
        if (_networkACLItemDao.findByAclAndNumber(aclId, aclItemCmd.getNumber()) != null) {
            throw new InvalidParameterValueException("ACL item with number " + aclItemCmd.getNumber() + " already exists in ACL: " + acl.getUuid());
        }
    }
    validateNetworkACLItem(aclItemCmd.getSourcePortStart(), aclItemCmd.getSourcePortEnd(), aclItemCmd.getSourceCidrList(), aclItemCmd.getProtocol(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getAction(), aclItemCmd.getNumber());
    return _networkAclMgr.createNetworkACLItem(aclItemCmd.getSourcePortStart(), aclItemCmd.getSourcePortEnd(), aclItemCmd.getProtocol(), aclItemCmd.getSourceCidrList(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getTrafficType(), aclId, aclItemCmd.getAction(), aclItemCmd.getNumber(), aclItemCmd.getDisplay());
}
Also used : Account(com.cloud.legacymodel.user.Account) NetworkVO(com.cloud.network.dao.NetworkVO) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) CloudRuntimeException(com.cloud.legacymodel.exceptions.CloudRuntimeException) Network(com.cloud.legacymodel.network.Network) Vpc(com.cloud.legacymodel.network.vpc.Vpc) ResourceUnavailableException(com.cloud.legacymodel.exceptions.ResourceUnavailableException) NetworkACL(com.cloud.legacymodel.network.vpc.NetworkACL)

Aggregations

NetworkACL (com.cloud.legacymodel.network.vpc.NetworkACL)16 Vpc (com.cloud.legacymodel.network.vpc.Vpc)11 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)8 Account (com.cloud.legacymodel.user.Account)8 ArrayList (java.util.ArrayList)5 Network (com.cloud.legacymodel.network.Network)4 NetworkVO (com.cloud.network.dao.NetworkVO)4 NetworkACLResponse (com.cloud.api.response.NetworkACLResponse)3 ResourceTagResponse (com.cloud.api.response.ResourceTagResponse)3 DataCenter (com.cloud.legacymodel.dc.DataCenter)3 ResourceTag (com.cloud.server.ResourceTag)3 ActionEvent (com.cloud.event.ActionEvent)2 NetworkACLItem (com.cloud.legacymodel.network.vpc.NetworkACLItem)2 PhysicalNetwork (com.cloud.network.PhysicalNetwork)2 PhysicalNetworkVO (com.cloud.network.dao.PhysicalNetworkVO)2 List (java.util.List)2 ServerApiException (com.cloud.api.ServerApiException)1 CapabilityResponse (com.cloud.api.response.CapabilityResponse)1 IPAddressResponse (com.cloud.api.response.IPAddressResponse)1 ListResponse (com.cloud.api.response.ListResponse)1