From 47831394265509b6fd85af2faa93ae4d847c78f8 Mon Sep 17 00:00:00 2001
From: Sheng Yang <sheng.yang@citrix.com>
Date: Mon, 27 Aug 2012 14:32:41 -0700
Subject: [PATCH] CS-16188: S2S VPN: Limit VPN customer gateway name duplicate
 checking within account

Reviewed-by: Anthony Xu
---
 .../dao/Site2SiteCustomerGatewayDao.java      |  2 +-
 .../dao/Site2SiteCustomerGatewayDaoImpl.java  |  3 ++-
 .../network/vpn/Site2SiteVpnManagerImpl.java  | 19 ++++++++++++++-----
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDao.java b/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDao.java
index 78546891770..c531137a1f9 100644
--- a/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDao.java
+++ b/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDao.java
@@ -7,6 +7,6 @@ import com.cloud.utils.db.GenericDao;
 
 public interface Site2SiteCustomerGatewayDao extends GenericDao<Site2SiteCustomerGatewayVO, Long> {
     Site2SiteCustomerGatewayVO findByGatewayIp(String ip);
-    Site2SiteCustomerGatewayVO findByName(String name);
+    Site2SiteCustomerGatewayVO findByNameAndAccountId(String name, long accountId);
     List<Site2SiteCustomerGatewayVO> listByAccountId(long accountId);
 }
diff --git a/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDaoImpl.java b/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDaoImpl.java
index c3a4d9446cd..955d77ec102 100644
--- a/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDaoImpl.java
+++ b/server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDaoImpl.java
@@ -33,9 +33,10 @@ public class Site2SiteCustomerGatewayDaoImpl extends GenericDaoBase<Site2SiteCus
     }
 
     @Override
-    public Site2SiteCustomerGatewayVO findByName(String name) {
+    public Site2SiteCustomerGatewayVO findByNameAndAccountId(String name, long accountId) {
         SearchCriteria<Site2SiteCustomerGatewayVO> sc = AllFieldsSearch.create();
         sc.setParameters("name", name);
+        sc.setParameters("accountId", accountId);
         return findOneBy(sc);
     }
 
diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index 1f55ca6a89a..d61c8d7553d 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -206,7 +206,7 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         }
         Long espLifetime = cmd.getEspLifetime();
         if (espLifetime == null) {
-            // Default value of lifetime is 1 day
+            // Default value of lifetime is 1 hour
             espLifetime = (long) 3600;
         }
         if (espLifetime > 86400) {
@@ -218,16 +218,17 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
             dpd = false;
         }
         
+        long accountId = owner.getAccountId();
         if (_customerGatewayDao.findByGatewayIp(gatewayIp) != null) {
-            throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed!", null);
+            throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed in the system!", null);
         }
-        if (_customerGatewayDao.findByName(name) != null) {
+        if (_customerGatewayDao.findByNameAndAccountId(name, accountId) != null) {
             throw new InvalidParameterValueException("The customer gateway with name " + name + " already existed!", null);
         }
         
         checkCustomerGatewayCidrList(guestCidrList);
         
-        Site2SiteCustomerGatewayVO gw = new Site2SiteCustomerGatewayVO(name, owner.getAccountId(), owner.getDomainId(), gatewayIp, guestCidrList, ipsecPsk,
+        Site2SiteCustomerGatewayVO gw = new Site2SiteCustomerGatewayVO(name, accountId, owner.getDomainId(), gatewayIp, guestCidrList, ipsecPsk,
                 ikePolicy, espPolicy, ikeLifetime, espLifetime, dpd);
         _customerGatewayDao.persist(gw);
         return gw;
@@ -466,7 +467,7 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         }
         Long espLifetime = cmd.getEspLifetime();
         if (espLifetime == null) {
-            // Default value of lifetime is 1 day
+            // Default value of lifetime is 1 hour
             espLifetime = (long) 3600;
         }
         if (espLifetime > 86400) {
@@ -480,6 +481,14 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         
         checkCustomerGatewayCidrList(guestCidrList);
         
+        long accountId = gw.getAccountId();
+        if (_customerGatewayDao.findByGatewayIp(gatewayIp) != null) {
+            throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed in the system!", null);
+        }
+        if (_customerGatewayDao.findByNameAndAccountId(name, accountId) != null) {
+            throw new InvalidParameterValueException("The customer gateway with name " + name + " already existed!", null);
+        }
+
         gw.setName(name);
         gw.setGatewayIp(gatewayIp);
         gw.setGuestCidrList(guestCidrList);