use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class Site2SiteVpnManagerImpl method createVpnGateway.
@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_GATEWAY_CREATE, eventDescription = "creating s2s vpn gateway", async = true)
public Site2SiteVpnGateway createVpnGateway(final CreateVpnGatewayCmd cmd) {
final Account caller = CallContext.current().getCallingAccount();
final Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
// Verify that caller can perform actions in behalf of vpc owner
_accountMgr.checkAccess(caller, null, false, owner);
final Long vpcId = cmd.getVpcId();
final VpcVO vpc = _vpcDao.findById(vpcId);
if (vpc == null) {
throw new InvalidParameterValueException("Invalid VPC " + vpcId + " for site to site vpn gateway creation!");
}
final Site2SiteVpnGatewayVO gws = _vpnGatewayDao.findByVpcId(vpcId);
if (gws != null) {
throw new InvalidParameterValueException("The VPN gateway of VPC " + vpcId + " already exists!");
}
// Use source NAT ip for VPC
final List<IPAddressVO> ips = _ipAddressDao.listByVpc(vpcId, true);
if (ips.size() != 1) {
throw new CloudRuntimeException("Vpc " + vpcId + " does not have a Public IP address with SourceNat, so no VPN is possible.");
}
final Site2SiteVpnGatewayVO gw = new Site2SiteVpnGatewayVO(owner.getAccountId(), owner.getDomainId(), ips.get(0).getId(), vpcId);
if (cmd.getDisplay() != null) {
gw.setDisplay(cmd.getDisplay());
}
_vpnGatewayDao.persist(gw);
return gw;
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class Site2SiteVpnManagerImpl method searchForVpnConnections.
@Override
public Pair<List<? extends Site2SiteVpnConnection>, Integer> searchForVpnConnections(final ListVpnConnectionsCmd cmd) {
final Long id = cmd.getId();
final Long vpcId = cmd.getVpcId();
final Boolean display = cmd.getDisplay();
Long domainId = cmd.getDomainId();
boolean isRecursive = cmd.isRecursive();
final String accountName = cmd.getAccountName();
final boolean listAll = cmd.listAll();
final long startIndex = cmd.getStartIndex();
final long pageSizeVal = cmd.getPageSizeVal();
final Account caller = CallContext.current().getCallingAccount();
final List<Long> permittedAccounts = new ArrayList<>();
final Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, isRecursive, null);
_accountMgr.buildACLSearchParameters(caller, id, accountName, cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, listAll, false);
domainId = domainIdRecursiveListProject.first();
isRecursive = domainIdRecursiveListProject.second();
final ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
final Filter searchFilter = new Filter(Site2SiteVpnConnectionVO.class, "id", false, startIndex, pageSizeVal);
final SearchBuilder<Site2SiteVpnConnectionVO> sb = _vpnConnectionDao.createSearchBuilder();
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("display", sb.entity().isDisplay(), SearchCriteria.Op.EQ);
if (vpcId != null) {
final SearchBuilder<Site2SiteVpnGatewayVO> gwSearch = _vpnGatewayDao.createSearchBuilder();
gwSearch.and("vpcId", gwSearch.entity().getVpcId(), SearchCriteria.Op.EQ);
sb.join("gwSearch", gwSearch, sb.entity().getVpnGatewayId(), gwSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
final SearchCriteria<Site2SiteVpnConnectionVO> sc = sb.create();
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (display != null) {
sc.setParameters("display", display);
}
if (id != null) {
sc.addAnd("id", SearchCriteria.Op.EQ, id);
}
if (vpcId != null) {
sc.setJoinParameters("gwSearch", "vpcId", vpcId);
}
final Pair<List<Site2SiteVpnConnectionVO>, Integer> result = _vpnConnectionDao.searchAndCount(sc, searchFilter);
return new Pair<>(result.first(), result.second());
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class Site2SiteVpnManagerImpl method searchForCustomerGateways.
@Override
public Pair<List<? extends Site2SiteCustomerGateway>, Integer> searchForCustomerGateways(final ListVpnCustomerGatewaysCmd cmd) {
final Long id = cmd.getId();
Long domainId = cmd.getDomainId();
boolean isRecursive = cmd.isRecursive();
final String accountName = cmd.getAccountName();
final boolean listAll = cmd.listAll();
final long startIndex = cmd.getStartIndex();
final long pageSizeVal = cmd.getPageSizeVal();
String keyword = cmd.getKeyword();
final Account caller = CallContext.current().getCallingAccount();
final List<Long> permittedAccounts = new ArrayList<>();
final Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, isRecursive, null);
_accountMgr.buildACLSearchParameters(caller, id, accountName, cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, listAll, false);
domainId = domainIdRecursiveListProject.first();
isRecursive = domainIdRecursiveListProject.second();
final ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
final Filter searchFilter = new Filter(Site2SiteCustomerGatewayVO.class, "id", false, startIndex, pageSizeVal);
final SearchBuilder<Site2SiteCustomerGatewayVO> sb = _customerGatewayDao.createSearchBuilder();
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
final SearchCriteria<Site2SiteCustomerGatewayVO> sc = sb.create();
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (id != null) {
sc.setParameters("id", id);
}
if (keyword != null && !keyword.isEmpty()) {
sc.setParameters("name", "%" + keyword + "%");
}
final Pair<List<Site2SiteCustomerGatewayVO>, Integer> result = _customerGatewayDao.searchAndCount(sc, searchFilter);
return new Pair<>(result.first(), result.second());
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class Site2SiteVpnManagerImpl method createVpnConnection.
@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_CONNECTION_CREATE, eventDescription = "creating s2s vpn connection", create = true)
public Site2SiteVpnConnection createVpnConnection(final CreateVpnConnectionCmd cmd) throws NetworkRuleConflictException {
final Account caller = CallContext.current().getCallingAccount();
final Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
// Verify that caller can perform actions in behalf of vpc owner
_accountMgr.checkAccess(caller, null, false, owner);
final Long customerGatewayId = cmd.getCustomerGatewayId();
final Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(customerGatewayId);
if (customerGateway == null) {
throw new InvalidParameterValueException("Unable to found specified Site to Site VPN customer gateway " + customerGatewayId + " !");
}
_accountMgr.checkAccess(caller, null, false, customerGateway);
final Long vpnGatewayId = cmd.getVpnGatewayId();
final Site2SiteVpnGateway vpnGateway = _vpnGatewayDao.findById(vpnGatewayId);
if (vpnGateway == null) {
throw new InvalidParameterValueException("Unable to found specified Site to Site VPN gateway " + vpnGatewayId + " !");
}
_accountMgr.checkAccess(caller, null, false, vpnGateway);
if (customerGateway.getAccountId() != vpnGateway.getAccountId() || customerGateway.getDomainId() != vpnGateway.getDomainId()) {
throw new InvalidParameterValueException("VPN connection can only be esitablished between same account's VPN gateway and customer gateway!");
}
if (_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, customerGatewayId) != null) {
throw new InvalidParameterValueException("The vpn connection with customer gateway id " + customerGatewayId + " and vpn gateway id " + vpnGatewayId + " already existed!");
}
final String[] cidrList = customerGateway.getGuestCidrList().split(",");
// Remote sub nets cannot overlap VPC's sub net
final String vpcCidr = _vpcDao.findById(vpnGateway.getVpcId()).getCidr();
for (final String cidr : cidrList) {
if (NetUtils.isNetworksOverlap(vpcCidr, cidr)) {
throw new InvalidParameterValueException("The subnets of customer gateway " + customerGatewayId + "'s subnet " + cidr + " is overlapped with VPC cidr " + vpcCidr + "!");
}
}
// We also need to check if the new connection's remote CIDR is overlapped with existed connections
final List<Site2SiteVpnConnectionVO> conns = _vpnConnectionDao.listByVpnGatewayId(vpnGatewayId);
if (conns.size() >= _connLimit) {
throw new InvalidParameterValueException("There are too many VPN connections with current VPN gateway! The limit is " + _connLimit);
}
for (final Site2SiteVpnConnectionVO vc : conns) {
if (vc == null) {
continue;
}
final Site2SiteCustomerGatewayVO gw = _customerGatewayDao.findById(vc.getCustomerGatewayId());
final String[] oldCidrList = gw.getGuestCidrList().split(",");
for (final String oldCidr : oldCidrList) {
for (final String cidr : cidrList) {
if (NetUtils.isNetworksOverlap(cidr, oldCidr)) {
throw new InvalidParameterValueException("The new connection's remote subnet " + cidr + " is overlapped with existed VPN connection to customer gateway " + gw.getName() + "'s subnet " + oldCidr);
}
}
}
}
final Site2SiteVpnConnectionVO conn = new Site2SiteVpnConnectionVO(owner.getAccountId(), owner.getDomainId(), vpnGatewayId, customerGatewayId, cmd.isPassive());
conn.setState(State.Pending);
if (cmd.getDisplay() != null) {
conn.setDisplay(cmd.getDisplay());
}
_vpnConnectionDao.persist(conn);
return conn;
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class Site2SiteVpnManagerImpl method deleteCustomerGateway.
@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_CUSTOMER_GATEWAY_DELETE, eventDescription = "deleting s2s vpn customer gateway", create = true)
public boolean deleteCustomerGateway(final DeleteVpnCustomerGatewayCmd cmd) {
CallContext.current().setEventDetails(" Id: " + cmd.getId());
final Account caller = CallContext.current().getCallingAccount();
final Long id = cmd.getId();
final Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(id);
if (customerGateway == null) {
throw new InvalidParameterValueException("Fail to find customer gateway with " + id + " !");
}
_accountMgr.checkAccess(caller, null, false, customerGateway);
return doDeleteCustomerGateway(customerGateway);
}
Aggregations