S2S VPN: CS-15748: Deleting customer vpn gateway when delete account

server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDao.java

@@ -1,9 +1,12 @@
 package com.cloud.network.dao;
 
+import java.util.List;
+
 import com.cloud.network.Site2SiteCustomerGatewayVO;
 import com.cloud.utils.db.GenericDao;
 
 public interface Site2SiteCustomerGatewayDao extends GenericDao<Site2SiteCustomerGatewayVO, Long> {
     Site2SiteCustomerGatewayVO findByGatewayIp(String ip);
     Site2SiteCustomerGatewayVO findByName(String name);
+    List<Site2SiteCustomerGatewayVO> listByAccountId(long accountId);
 }

server/src/com/cloud/network/dao/Site2SiteCustomerGatewayDaoImpl.java

@@ -1,5 +1,7 @@
 package com.cloud.network.dao;
 
+import java.util.List;
+
 import javax.ejb.Local;
 
 import org.apache.log4j.Logger;
@@ -19,6 +21,7 @@ public class Site2SiteCustomerGatewayDaoImpl extends GenericDaoBase<Site2SiteCus
         AllFieldsSearch = createSearchBuilder();
         AllFieldsSearch.and("gatewayIp", AllFieldsSearch.entity().getGatewayIp(), SearchCriteria.Op.EQ);
         AllFieldsSearch.and("name", AllFieldsSearch.entity().getName(), SearchCriteria.Op.EQ);
+        AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
         AllFieldsSearch.done();
     }
     
@@ -36,4 +39,10 @@ public class Site2SiteCustomerGatewayDaoImpl extends GenericDaoBase<Site2SiteCus
         return findOneBy(sc);
     }
 
+    @Override
+    public List<Site2SiteCustomerGatewayVO> listByAccountId(long accountId) {
+        SearchCriteria<Site2SiteCustomerGatewayVO> sc = AllFieldsSearch.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc, null);
+    }
 }

server/src/com/cloud/network/vpn/Site2SiteVpnManager.java

@@ -10,4 +10,5 @@ public interface Site2SiteVpnManager extends Site2SiteVpnService {
     boolean cleanupVpnGatewayByVpc(long vpcId);
     void markDisconnectVpnConnByVpc(long vpcId);
     List<Site2SiteVpnConnectionVO> getConnectionsForRouter(DomainRouterVO router);
+    boolean deleteCustomerGatewayByAccount(long accountId);
 }

server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java

@@ -269,11 +269,16 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
             throw new InvalidParameterValueException("Fail to find customer gateway by id", null);
         }
         _accountMgr.checkAccess(caller, null, false, customerGateway);
+        
+        return doDeleteCustomerGateway(customerGateway);
+    }
 
+    protected boolean doDeleteCustomerGateway(Site2SiteCustomerGateway gw) {
+        long id = gw.getId();
         List<Site2SiteVpnConnectionVO> vpnConnections = _vpnConnectionDao.listByCustomerGatewayId(id);
         if (vpnConnections != null && vpnConnections.size() != 0) {
             List<IdentityProxy> idList = new ArrayList<IdentityProxy>();
-            idList.add(new IdentityProxy(customerGateway, id, "customerGatewayId"));
+            idList.add(new IdentityProxy(gw, id, "customerGatewayId"));
             throw new InvalidParameterValueException("Unable to delete VPN customer gateway with specified id because there is still related VPN connections!", idList);
         }
         _customerGatewayDao.remove(id);
@@ -613,4 +618,14 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         conns.addAll(_vpnConnectionDao.listByVpcId(vpcId));
         return conns;
     }
+
+    @Override
+    public boolean deleteCustomerGatewayByAccount(long accountId) {
+        boolean result = true;;
+        List<Site2SiteCustomerGatewayVO> gws = _customerGatewayDao.listByAccountId(accountId);
+        for (Site2SiteCustomerGatewayVO gw : gws) {
+            result = result & doDeleteCustomerGateway(gw);
+        }
+        return result;
+    }
 }

server/src/com/cloud/user/AccountManagerImpl.java

@@ -70,16 +70,22 @@ import com.cloud.network.IpAddress;
 import com.cloud.network.NetworkManager;
 import com.cloud.network.NetworkVO;
 import com.cloud.network.RemoteAccessVpnVO;
+import com.cloud.network.Site2SiteCustomerGatewayVO;
+import com.cloud.network.Site2SiteVpnConnectionVO;
 import com.cloud.network.VpnUserVO;
 import com.cloud.network.dao.IPAddressDao;
 import com.cloud.network.dao.NetworkDao;
 import com.cloud.network.dao.RemoteAccessVpnDao;
+import com.cloud.network.dao.Site2SiteCustomerGatewayDao;
+import com.cloud.network.dao.Site2SiteVpnConnectionDao;
+import com.cloud.network.dao.Site2SiteVpnGatewayDao;
 import com.cloud.network.dao.VpnUserDao;
 import com.cloud.network.security.SecurityGroupManager;
 import com.cloud.network.security.dao.SecurityGroupDao;
 import com.cloud.network.vpc.Vpc;
 import com.cloud.network.vpc.VpcManager;
 import com.cloud.network.vpn.RemoteAccessVpnService;
+import com.cloud.network.vpn.Site2SiteVpnManager;
 import com.cloud.projects.Project;
 import com.cloud.projects.Project.ListProjectResourcesCriteria;
 import com.cloud.projects.ProjectInvitationVO;
@@ -208,6 +214,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
     private VpcManager _vpcMgr;
     @Inject
     private DomainRouterDao _routerDao;
+    @Inject
+    Site2SiteVpnManager _vpnMgr;
 
     private Adapters<UserAuthenticator> _userAuthenticators;
 
@@ -560,7 +568,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
                 s_logger.warn("Failed to cleanup remote access vpn resources as a part of account id=" + accountId + " cleanup due to Exception: ", ex);
                 accountCleanupNeeded = true;
             }
-
+            
             // Cleanup security groups
             int numRemoved = _securityGroupDao.removeByAccountId(accountId);
             s_logger.info("deleteAccount: Deleted " + numRemoved + " network groups for account " + accountId);
@@ -611,6 +619,12 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
                 }
             }
 
+            // Delete Site 2 Site VPN customer gateway
+            s_logger.debug("Deleting site-to-site VPN customer gateways for account " + accountId);
+            if (!_vpnMgr.deleteCustomerGatewayByAccount(accountId)) {
+                s_logger.warn("Fail to delete site-to-site VPN customer gateways for account " + accountId);
+            }
+
             // delete account specific Virtual vlans (belong to system Public Network) - only when networks are cleaned
             // up successfully
             if (networksDeleted) {