use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.
the class ApiResponseHelper method createIPAddressResponse.
@Override
public IPAddressResponse createIPAddressResponse(final ResponseView view, final IpAddress ipAddr) {
final VlanVO vlan = ApiDBUtils.findVlanById(ipAddr.getVlanId());
final boolean forVirtualNetworks = vlan.getVlanType().equals(VlanType.VirtualNetwork);
final long zoneId = ipAddr.getDataCenterId();
final IPAddressResponse ipResponse = new IPAddressResponse();
ipResponse.setId(ipAddr.getUuid());
ipResponse.setIpAddress(ipAddr.getAddress().toString());
if (ipAddr.getAllocatedTime() != null) {
ipResponse.setAllocated(ipAddr.getAllocatedTime());
}
final DataCenter zone = ApiDBUtils.findZoneById(ipAddr.getDataCenterId());
if (zone != null) {
ipResponse.setZoneId(zone.getUuid());
ipResponse.setZoneName(zone.getName());
}
ipResponse.setSourceNat(ipAddr.isSourceNat());
ipResponse.setIsSystem(ipAddr.getSystem());
// get account information
if (ipAddr.getAllocatedToAccountId() != null) {
populateOwner(ipResponse, ipAddr);
}
ipResponse.setForVirtualNetwork(forVirtualNetworks);
ipResponse.setStaticNat(ipAddr.isOneToOneNat());
if (ipAddr.getAssociatedWithVmId() != null) {
final UserVm vm = ApiDBUtils.findUserVmById(ipAddr.getAssociatedWithVmId());
if (vm != null) {
ipResponse.setVirtualMachineId(vm.getUuid());
ipResponse.setVirtualMachineName(vm.getHostName());
if (vm.getDisplayName() != null) {
ipResponse.setVirtualMachineDisplayName(vm.getDisplayName());
} else {
ipResponse.setVirtualMachineDisplayName(vm.getHostName());
}
}
}
if (ipAddr.getVmIp() != null) {
ipResponse.setVirtualMachineIp(ipAddr.getVmIp());
}
if (ipAddr.getAssociatedWithNetworkId() != null) {
final Network ntwk = ApiDBUtils.findNetworkById(ipAddr.getAssociatedWithNetworkId());
if (ntwk != null) {
ipResponse.setAssociatedNetworkId(ntwk.getUuid());
ipResponse.setAssociatedNetworkName(ntwk.getName());
}
}
if (ipAddr.getVpcId() != null) {
final Vpc vpc = ApiDBUtils.findVpcById(ipAddr.getVpcId());
if (vpc != null) {
ipResponse.setVpcId(vpc.getUuid());
}
}
// Network id the ip is associated with (if associated networkId is
// null, try to get this information from vlan)
final Long vlanNetworkId = ApiDBUtils.getVlanNetworkId(ipAddr.getVlanId());
// Network id the ip belongs to
final Long networkId;
if (vlanNetworkId != null) {
networkId = vlanNetworkId;
} else {
networkId = ApiDBUtils.getPublicNetworkIdByZone(zoneId);
}
if (networkId != null) {
final NetworkVO nw = ApiDBUtils.findNetworkById(networkId);
if (nw != null) {
ipResponse.setNetworkId(nw.getUuid());
ipResponse.setAssociatedNetworkName(nw.getName());
}
}
ipResponse.setState(ipAddr.getState().toString());
final NetworkACL acl = ApiDBUtils.findByNetworkACLId(ipAddr.getIpACLId());
if (acl != null) {
ipResponse.setAclId(acl.getUuid());
ipResponse.setAclName(acl.getName());
}
if (ipAddr.getPhysicalNetworkId() != null) {
final PhysicalNetworkVO pnw = ApiDBUtils.findPhysicalNetworkById(ipAddr.getPhysicalNetworkId());
if (pnw != null) {
ipResponse.setPhysicalNetworkId(pnw.getUuid());
}
}
// show this info to full view only
if (view == ResponseView.Full) {
final VlanVO vl = ApiDBUtils.findVlanById(ipAddr.getVlanId());
if (vl != null) {
ipResponse.setVlanId(vl.getUuid());
ipResponse.setVlanName(vl.getVlanTag());
}
}
if (ipAddr.getSystem()) {
if (ipAddr.isOneToOneNat()) {
ipResponse.setPurpose(IpAddress.Purpose.StaticNat.toString());
} else {
ipResponse.setPurpose(IpAddress.Purpose.Lb.toString());
}
}
ipResponse.setForDisplay(ipAddr.isDisplay());
// set tag information
final List<? extends ResourceTag> tags = ApiDBUtils.listByResourceTypeAndId(ResourceObjectType.PublicIpAddress, ipAddr.getId());
final List<ResourceTagResponse> tagResponses = new ArrayList<>();
for (final ResourceTag tag : tags) {
final ResourceTagResponse tagResponse = createResourceTagResponse(tag, true);
if (tagResponse != null) {
tagResponses.add(tagResponse);
}
}
ipResponse.setTags(tagResponses);
ipResponse.setObjectName("ipaddress");
return ipResponse;
}
use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.
the class NetworkACLServiceImpl method replaceNetworkACLonPrivateGw.
@Override
public boolean replaceNetworkACLonPrivateGw(final long aclId, final long privateGatewayId) throws ResourceUnavailableException {
final Account caller = CallContext.current().getCallingAccount();
final VpcGateway gateway = _vpcGatewayDao.findById(privateGatewayId);
if (gateway == null) {
throw new InvalidParameterValueException("Unable to find specified private gateway");
}
final VpcGatewayVO vo = _vpcGatewayDao.findById(privateGatewayId);
if (vo.getState() != VpcGateway.State.Ready) {
throw new InvalidParameterValueException("Gateway is not in Ready state");
}
final NetworkACL acl = _networkACLDao.findById(aclId);
if (acl == null) {
throw new InvalidParameterValueException("Unable to find specified NetworkACL");
}
if (gateway.getVpcId() == null) {
throw new InvalidParameterValueException("Unable to find specified vpc id");
}
if (aclId != NetworkACL.DEFAULT_DENY && aclId != NetworkACL.DEFAULT_ALLOW) {
final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Unable to find Vpc associated with the NetworkACL");
}
_accountMgr.checkAccess(caller, null, true, vpc);
if (!gateway.getVpcId().equals(acl.getVpcId())) {
throw new InvalidParameterValueException("private gateway: " + privateGatewayId + " and ACL: " + aclId + " do not belong to the same VPC");
}
}
final PrivateGateway privateGateway = _vpcSvc.getVpcPrivateGateway(gateway.getId());
_accountMgr.checkAccess(caller, null, true, privateGateway);
return _networkAclMgr.replaceNetworkACLForPrivateGw(acl, privateGateway);
}
use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.
the class NetworkACLServiceImpl method revokeNetworkACLItem.
@Override
@ActionEvent(eventType = EventTypes.EVENT_NETWORK_ACL_ITEM_DELETE, eventDescription = "Deleting Network ACL Item", async = true)
public boolean revokeNetworkACLItem(final long ruleId) {
final NetworkACLItemVO aclItem = _networkACLItemDao.findById(ruleId);
if (aclItem != null) {
final NetworkACL acl = _networkAclMgr.getNetworkACL(aclItem.getAclId());
final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
if (aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW || aclItem.getAclId() == NetworkACL.DEFAULT_DENY) {
throw new InvalidParameterValueException("ACL Items in default ACL cannot be deleted");
}
final Account caller = CallContext.current().getCallingAccount();
_accountMgr.checkAccess(caller, null, true, vpc);
}
return _networkAclMgr.revokeNetworkACLItem(ruleId);
}
use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.
the class NetworkACLServiceImpl method deleteNetworkACL.
@Override
@ActionEvent(eventType = EventTypes.EVENT_NETWORK_ACL_DELETE, eventDescription = "Deleting Network ACL List", async = true)
public boolean deleteNetworkACL(final long id) {
final Account caller = CallContext.current().getCallingAccount();
final NetworkACL acl = _networkACLDao.findById(id);
if (acl == null) {
throw new InvalidParameterValueException("Unable to find specified ACL");
}
// Do not allow deletion of default ACLs
if (acl.getId() == NetworkACL.DEFAULT_ALLOW || acl.getId() == NetworkACL.DEFAULT_DENY) {
throw new InvalidParameterValueException("Default ACL cannot be removed");
}
final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Unable to find specified VPC associated with the ACL");
}
_accountMgr.checkAccess(caller, null, true, vpc);
return _networkAclMgr.deleteNetworkACL(acl);
}
use of com.cloud.legacymodel.network.vpc.NetworkACL in project cosmic by MissionCriticalCloud.
the class NetworkACLServiceImpl method createNetworkACLItem.
@Override
public NetworkACLItem createNetworkACLItem(final CreateNetworkACLCmd aclItemCmd) {
final Account caller = CallContext.current().getCallingAccount();
Long aclId = aclItemCmd.getACLId();
if (aclId == null) {
// ACL id is not specified. Get the ACL details from network
if (aclItemCmd.getNetworkId() == null) {
throw new InvalidParameterValueException("Cannot create Network ACL Item. ACL Id or network Id is required");
}
final Network network = _networkMgr.getNetwork(aclItemCmd.getNetworkId());
if (network.getVpcId() == null) {
throw new InvalidParameterValueException("Network: " + network.getUuid() + " does not belong to VPC");
}
aclId = network.getNetworkACLId();
if (aclId == null) {
// Network is not associated with any ACL. Create a new ACL and add aclItem in it for backward compatibility
s_logger.debug("Network " + network.getId() + " is not associated with any ACL. Creating an ACL before adding acl item");
// verify that ACLProvider is supported by network offering
if (!_networkModel.areServicesSupportedByNetworkOffering(network.getNetworkOfferingId(), Network.Service.NetworkACL)) {
throw new InvalidParameterValueException("Network Offering does not support NetworkACL service");
}
final Vpc vpc = _entityMgr.findById(Vpc.class, network.getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Unable to find Vpc associated with the Network");
}
// Create new ACL
final String aclName = "VPC_" + vpc.getName() + "_Tier_" + network.getName() + "_ACL_" + network.getUuid();
final String description = "ACL for " + aclName;
final NetworkACL acl = _networkAclMgr.createNetworkACL(aclName, description, network.getVpcId(), aclItemCmd.getDisplay());
if (acl == null) {
throw new CloudRuntimeException("Error while create ACL before adding ACL Item for network " + network.getId());
}
s_logger.debug("Created ACL: " + aclName + " for network " + network.getId());
aclId = acl.getId();
// Apply acl to network
try {
if (!_networkAclMgr.replaceNetworkACL(acl, (NetworkVO) network)) {
throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId());
}
s_logger.debug("Created ACL is applied to network " + network.getId());
} catch (final ResourceUnavailableException e) {
throw new CloudRuntimeException("Unable to apply auto created ACL to network " + network.getId(), e);
}
}
}
final NetworkACL acl = _networkAclMgr.getNetworkACL(aclId);
if (acl == null) {
throw new InvalidParameterValueException("Unable to find specified ACL");
}
if (aclId == NetworkACL.DEFAULT_DENY || aclId == NetworkACL.DEFAULT_ALLOW) {
throw new InvalidParameterValueException("Default ACL cannot be modified");
}
final Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Unable to find Vpc associated with the NetworkACL");
}
_accountMgr.checkAccess(caller, null, true, vpc);
// Ensure that number is unique within the ACL
if (aclItemCmd.getNumber() != null) {
if (_networkACLItemDao.findByAclAndNumber(aclId, aclItemCmd.getNumber()) != null) {
throw new InvalidParameterValueException("ACL item with number " + aclItemCmd.getNumber() + " already exists in ACL: " + acl.getUuid());
}
}
validateNetworkACLItem(aclItemCmd.getSourcePortStart(), aclItemCmd.getSourcePortEnd(), aclItemCmd.getSourceCidrList(), aclItemCmd.getProtocol(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getAction(), aclItemCmd.getNumber());
return _networkAclMgr.createNetworkACLItem(aclItemCmd.getSourcePortStart(), aclItemCmd.getSourcePortEnd(), aclItemCmd.getProtocol(), aclItemCmd.getSourceCidrList(), aclItemCmd.getIcmpCode(), aclItemCmd.getIcmpType(), aclItemCmd.getTrafficType(), aclId, aclItemCmd.getAction(), aclItemCmd.getNumber(), aclItemCmd.getDisplay());
}
Aggregations