From dc750e2691067368079eeb3cf5aa9779f04ad9dc Mon Sep 17 00:00:00 2001 From: abhishek Date: Mon, 30 Aug 2010 10:50:27 -0700 Subject: [PATCH] Moving the disassoc logic to network manager --- .../api/commands/DisassociateIPAddrCmd.java | 2 +- .../src/com/cloud/network/NetworkManager.java | 3 + .../com/cloud/network/NetworkManagerImpl.java | 104 +++++++++- .../com/cloud/server/ManagementServer.java | 2 +- .../cloud/server/ManagementServerImpl.java | 182 +++++++++--------- 5 files changed, 199 insertions(+), 94 deletions(-) diff --git a/server/src/com/cloud/api/commands/DisassociateIPAddrCmd.java b/server/src/com/cloud/api/commands/DisassociateIPAddrCmd.java index 4fdcd5a03f7..60e1320c3cf 100644 --- a/server/src/com/cloud/api/commands/DisassociateIPAddrCmd.java +++ b/server/src/com/cloud/api/commands/DisassociateIPAddrCmd.java @@ -25,7 +25,7 @@ import com.cloud.api.Implementation; import com.cloud.api.Parameter; import com.cloud.api.BaseCmd.Manager; -@Implementation(method="disassociateIpAddress", manager=Manager.ManagementServer) +@Implementation(method="disassociateIpAddress", manager=Manager.NetworkManager) public class DisassociateIPAddrCmd extends BaseCmd { public static final Logger s_logger = Logger.getLogger(DisassociateIPAddrCmd.class.getName()); diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index 93378ba25c5..4bd9f60d790 100644 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -24,6 +24,7 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd; import com.cloud.api.commands.CreateIPForwardingRuleCmd; import com.cloud.api.commands.CreateLoadBalancerRuleCmd; import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd; +import com.cloud.api.commands.DisassociateIPAddrCmd; import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd; import com.cloud.dc.DataCenterVO; import com.cloud.dc.HostPodVO; @@ -241,4 +242,6 @@ public interface NetworkManager extends Manager { public boolean deleteNetworkRuleConfig(DeletePortForwardingServiceRuleCmd cmd) throws PermissionDeniedException; + boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException; + } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index 012b3f26ac5..f929cbc1663 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -62,6 +62,7 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd; import com.cloud.api.commands.CreateIPForwardingRuleCmd; import com.cloud.api.commands.CreateLoadBalancerRuleCmd; import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd; +import com.cloud.api.commands.DisassociateIPAddrCmd; import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd; import com.cloud.async.AsyncJobExecutor; import com.cloud.async.AsyncJobManager; @@ -78,6 +79,7 @@ import com.cloud.dc.HostPodVO; import com.cloud.dc.Vlan; import com.cloud.dc.Vlan.VlanType; import com.cloud.dc.VlanVO; +import com.cloud.dc.dao.AccountVlanMapDao; import com.cloud.dc.dao.DataCenterDao; import com.cloud.dc.dao.HostPodDao; import com.cloud.dc.dao.VlanDao; @@ -202,7 +204,7 @@ public class NetworkManagerImpl implements NetworkManager, VirtualMachineManager @Inject UserVmDao _userVmDao; @Inject FirewallRulesDao _firewallRulesDao; @Inject NetworkRuleConfigDao _networkRuleConfigDao; - + @Inject AccountVlanMapDao _accountVlanMapDao; long _routerTemplateId = -1; int _routerRamSize; // String _privateNetmask; @@ -2979,4 +2981,104 @@ public class NetworkManagerImpl implements NetworkManager, VirtualMachineManager return true; } + private Account findAccountByIpAddress(String ipAddress) { + IPAddressVO address = _ipAddressDao.findById(ipAddress); + if ((address != null) && (address.getAccountId() != null)) { + return _accountDao.findById(address.getAccountId()); + } + return null; + } + + @Override + @DB + public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException { + Transaction txn = Transaction.currentTxn(); + + Long userId = UserContext.current().getUserId(); + Account account = (Account)UserContext.current().getAccountObject(); + String ipAddress = cmd.getIpAddress(); + + // Verify input parameters + Account accountByIp = findAccountByIpAddress(ipAddress); + if(accountByIp == null) { + throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress); + } + + Long accountId = accountByIp.getId(); + if (account != null) { + if (!isAdmin(account.getType())) { + if (account.getId().longValue() != accountId.longValue()) { + throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress); + } + } else if (!_domainDao.isChildDomain(account.getDomainId(), accountByIp.getDomainId())) { + throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied."); + } + } + + // If command is executed via 8096 port, set userId to the id of System account (1) + if (userId == null) { + userId = Long.valueOf(1); + } + + try { + IPAddressVO ipVO = _ipAddressDao.findById(ipAddress); + if (ipVO == null) { + return false; + } + + if (ipVO.getAllocated() == null) { + return true; + } + + AccountVO accountVO = _accountDao.findById(accountId); + if (accountVO == null) { + return false; + } + + if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) { + // FIXME: is the user visible in the admin account's domain???? + if (!BaseCmd.isAdmin(accountVO.getType())) { + if (s_logger.isDebugEnabled()) { + s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): " + + ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated()); + } + throw new PermissionDeniedException("User/account does not own supplied address"); + } + } + + if (ipVO.getAllocated() == null) { + return true; + } + + if (ipVO.isSourceNat()) { + throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated."); + } + + VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId()); + if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) { + throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated."); + } + + //Check for account wide pool. It will have an entry for account_vlan_map. + if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){ + throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated"); + } + + txn.start(); + boolean success = releasePublicIpAddress(userId, ipAddress); + if (success) + _accountMgr.decrementResourceCount(accountId, ResourceType.public_ip); + txn.commit(); + return success; + + } catch (PermissionDeniedException pde) { + throw pde; + } catch (IllegalArgumentException iae) { + throw iae; + } catch (Throwable t) { + s_logger.error("Disassociate IP address threw an exception."); + throw new IllegalArgumentException("Disassociate IP address threw an exception"); + } + } + } diff --git a/server/src/com/cloud/server/ManagementServer.java b/server/src/com/cloud/server/ManagementServer.java index 89d51c6c7f7..52905608de8 100644 --- a/server/src/com/cloud/server/ManagementServer.java +++ b/server/src/com/cloud/server/ManagementServer.java @@ -416,7 +416,7 @@ public interface ManagementServer { * @param ipAddress * @return success */ - boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException; +// boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException; long disassociateIpAddressAsync(long userId, long accountId, String ipAddress); /** diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index 0ea3cc998d6..f9c227103bf 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -1608,97 +1608,97 @@ public class ManagementServerImpl implements ManagementServer { return _asyncMgr.submitAsyncJob(job, true); } - @Override - @DB - public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException { - Transaction txn = Transaction.currentTxn(); - - Long userId = UserContext.current().getUserId(); - Account account = (Account)UserContext.current().getAccountObject(); - String ipAddress = cmd.getIpAddress(); - - // Verify input parameters - Account accountByIp = findAccountByIpAddress(ipAddress); - if(accountByIp == null) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress); - } - - Long accountId = accountByIp.getId(); - if (account != null) { - if (!isAdmin(account.getType())) { - if (account.getId().longValue() != accountId.longValue()) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress); - } - } else if (!isChildDomain(account.getDomainId(), accountByIp.getDomainId())) { - throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied."); - } - } - - // If command is executed via 8096 port, set userId to the id of System account (1) - if (userId == null) { - userId = Long.valueOf(1); - } - - try { - IPAddressVO ipVO = _publicIpAddressDao.findById(ipAddress); - if (ipVO == null) { - return false; - } - - if (ipVO.getAllocated() == null) { - return true; - } - - AccountVO accountVO = _accountDao.findById(accountId); - if (accountVO == null) { - return false; - } - - if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) { - // FIXME: is the user visible in the admin account's domain???? - if (!BaseCmd.isAdmin(accountVO.getType())) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): " - + ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated()); - } - throw new PermissionDeniedException("User/account does not own supplied address"); - } - } - - if (ipVO.getAllocated() == null) { - return true; - } - - if (ipVO.isSourceNat()) { - throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated."); - } - - VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId()); - if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) { - throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated."); - } - - //Check for account wide pool. It will have an entry for account_vlan_map. - if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){ - throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated"); - } - - txn.start(); - boolean success = _networkMgr.releasePublicIpAddress(userId, ipAddress); - if (success) - _accountMgr.decrementResourceCount(accountId, ResourceType.public_ip); - txn.commit(); - return success; - - } catch (PermissionDeniedException pde) { - throw pde; - } catch (IllegalArgumentException iae) { - throw iae; - } catch (Throwable t) { - s_logger.error("Disassociate IP address threw an exception."); - throw new IllegalArgumentException("Disassociate IP address threw an exception"); - } - } +// @Override +// @DB +// public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException { +// Transaction txn = Transaction.currentTxn(); +// +// Long userId = UserContext.current().getUserId(); +// Account account = (Account)UserContext.current().getAccountObject(); +// String ipAddress = cmd.getIpAddress(); +// +// // Verify input parameters +// Account accountByIp = findAccountByIpAddress(ipAddress); +// if(accountByIp == null) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress); +// } +// +// Long accountId = accountByIp.getId(); +// if (account != null) { +// if (!isAdmin(account.getType())) { +// if (account.getId().longValue() != accountId.longValue()) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress); +// } +// } else if (!isChildDomain(account.getDomainId(), accountByIp.getDomainId())) { +// throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied."); +// } +// } +// +// // If command is executed via 8096 port, set userId to the id of System account (1) +// if (userId == null) { +// userId = Long.valueOf(1); +// } +// +// try { +// IPAddressVO ipVO = _publicIpAddressDao.findById(ipAddress); +// if (ipVO == null) { +// return false; +// } +// +// if (ipVO.getAllocated() == null) { +// return true; +// } +// +// AccountVO accountVO = _accountDao.findById(accountId); +// if (accountVO == null) { +// return false; +// } +// +// if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) { +// // FIXME: is the user visible in the admin account's domain???? +// if (!BaseCmd.isAdmin(accountVO.getType())) { +// if (s_logger.isDebugEnabled()) { +// s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): " +// + ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated()); +// } +// throw new PermissionDeniedException("User/account does not own supplied address"); +// } +// } +// +// if (ipVO.getAllocated() == null) { +// return true; +// } +// +// if (ipVO.isSourceNat()) { +// throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated."); +// } +// +// VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId()); +// if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) { +// throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated."); +// } +// +// //Check for account wide pool. It will have an entry for account_vlan_map. +// if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){ +// throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated"); +// } +// +// txn.start(); +// boolean success = _networkMgr.releasePublicIpAddress(userId, ipAddress); +// if (success) +// _accountMgr.decrementResourceCount(accountId, ResourceType.public_ip); +// txn.commit(); +// return success; +// +// } catch (PermissionDeniedException pde) { +// throw pde; +// } catch (IllegalArgumentException iae) { +// throw iae; +// } catch (Throwable t) { +// s_logger.error("Disassociate IP address threw an exception."); +// throw new IllegalArgumentException("Disassociate IP address threw an exception"); +// } +// } @Override public long disassociateIpAddressAsync(long userId, long accountId, String ipAddress) {