From f41b352d3643f3daa5ff9ec3f8651f1877cf11f4 Mon Sep 17 00:00:00 2001 From: Chiradeep Vittal Date: Mon, 12 Sep 2011 14:42:55 -0700 Subject: [PATCH] revert egress rules implementation pending review Reverts a19212703b9734ebd44ebf55cfdd81ebdc9d7fe4 Reverts 24e4e44b8f0712a37147a3777833de3f9e24829e --- .../computing/LibvirtComputingResource.java | 44 +----- .../security/SecurityGroupEgressRulesVO.java | 141 ------------------ .../src/com/cloud/api/ApiResponseHelper.java | 34 +---- .../response/SecurityGroupResultObject.java | 49 +----- .../DefaultComponentLibrary.java | 2 - .../security/SecurityGroupManagerImpl.java | 13 +- .../dao/SecurityGroupEgressRulesDao.java | 53 ------- .../dao/SecurityGroupEgressRulesDaoImpl.java | 85 ----------- .../dao/SecurityGroupRulesDaoImpl.java | 4 +- 9 files changed, 14 insertions(+), 411 deletions(-) delete mode 100644 core/src/com/cloud/network/security/SecurityGroupEgressRulesVO.java delete mode 100644 server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDao.java delete mode 100644 server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDaoImpl.java diff --git a/agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java b/agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java index 900174e2e24..a3fde1c1d0a 100644 --- a/agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java +++ b/agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java @@ -57,7 +57,6 @@ import org.libvirt.DomainInfo; import org.libvirt.DomainInterfaceStats; import org.libvirt.DomainSnapshot; import org.libvirt.LibvirtException; -import org.libvirt.Network; import org.libvirt.NodeInfo; import org.libvirt.StoragePool; import org.libvirt.StoragePoolInfo; @@ -122,8 +121,6 @@ import com.cloud.agent.api.RebootCommand; import com.cloud.agent.api.RebootRouterCommand; import com.cloud.agent.api.SecurityIngressRuleAnswer; import com.cloud.agent.api.SecurityIngressRulesCmd; -import com.cloud.agent.api.SecurityEgressRuleAnswer; -import com.cloud.agent.api.SecurityEgressRulesCmd; import com.cloud.agent.api.StartAnswer; import com.cloud.agent.api.StartCommand; import com.cloud.agent.api.StartupCommand; @@ -138,8 +135,8 @@ import com.cloud.agent.api.check.CheckSshCommand; import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand; import com.cloud.agent.api.proxy.ConsoleProxyLoadAnswer; import com.cloud.agent.api.proxy.WatchConsoleProxyLoadCommand; -import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.IpAssocAnswer; +import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.NetworkElementCommand; import com.cloud.agent.api.storage.CopyVolumeAnswer; import com.cloud.agent.api.storage.CopyVolumeCommand; @@ -906,8 +903,6 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv return execute((ModifyStoragePoolCommand) cmd); } else if (cmd instanceof SecurityIngressRulesCmd) { return execute((SecurityIngressRulesCmd) cmd); - } else if (cmd instanceof SecurityEgressRulesCmd) { - return execute((SecurityEgressRulesCmd) cmd); } else if (cmd instanceof DeleteStoragePoolCommand) { return execute((DeleteStoragePoolCommand) cmd); } else if (cmd instanceof FenceCommand ) { @@ -1614,7 +1609,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv return new SecurityIngressRuleAnswer(cmd, false, e.toString()); } - boolean result = add_network_rules("ingress",cmd.getVmName(), + boolean result = add_network_rules(cmd.getVmName(), Long.toString(cmd.getVmId()), cmd.getGuestIp(),cmd.getSignature(), Long.toString(cmd.getSeqNum()), @@ -1630,34 +1625,6 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } } - private Answer execute(SecurityEgressRulesCmd cmd) { - String vif = null; - String brname = null; - try { - Connect conn = LibvirtConnection.getConnection(); - List nics = getInterfaces(conn, cmd.getVmName()); - vif = nics.get(0).getDevName(); - brname = nics.get(0).getBrName(); - } catch (LibvirtException e) { - return new SecurityEgressRuleAnswer(cmd, false, e.toString()); - } - - boolean result = add_network_rules("egress", cmd.getVmName(), - Long.toString(cmd.getVmId()), - cmd.getGuestIp(),cmd.getSignature(), - Long.toString(cmd.getSeqNum()), - cmd.getGuestMac(), - cmd.stringifyRules(), vif, brname); - - if (!result) { - s_logger.warn("Failed to program network rules for vm " + cmd.getVmName()); - return new SecurityEgressRuleAnswer(cmd, false, "programming network rules failed"); - } else { - s_logger.debug("Programmed network rules for vm " + cmd.getVmName() + " guestIp=" + cmd.getGuestIp() + ", numrules=" + cmd.getRuleSet().length); - return new SecurityEgressRuleAnswer(cmd); - } - } - private Answer execute(CleanupNetworkRulesCmd cmd) { boolean result = cleanup_rules(); return new Answer(cmd, result, ""); @@ -2038,6 +2005,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } catch (Exception e) { } + get_rule_logs_for_vms(); return new RebootAnswer(cmd, null, bytesSent, bytesReceived, vncPort); } else { return new RebootAnswer(cmd, result); @@ -2521,9 +2489,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv } DiskDef disk = new DiskDef(); - disk.defFileBasedDisk(sourceFile, deviceId, DiskDef.diskBus.VIRTIO, DiskDef.diskFmtType.QCOW2); - String xml = disk.toString(); return attachOrDetachDevice(conn, attach, vmName, xml); } finally { @@ -3504,7 +3470,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv return true; } - private boolean add_network_rules(String type, String vmName, String vmId, String guestIP, String sig, String seq, String mac, String rules, String vif, String brname) { + private boolean add_network_rules(String vmName, String vmId, String guestIP, String sig, String seq, String mac, String rules, String vif, String brname) { if (!_can_bridge_firewall) { return false; } @@ -3515,8 +3481,6 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv cmd.add("--vmname", vmName); cmd.add("--vmid", vmId); cmd.add("--vmip", guestIP); - /* type of the rule : ingress or egress */ - cmd.add("--type", type); cmd.add("--sig", sig); cmd.add("--seq", seq); cmd.add("--vmmac", mac); diff --git a/core/src/com/cloud/network/security/SecurityGroupEgressRulesVO.java b/core/src/com/cloud/network/security/SecurityGroupEgressRulesVO.java deleted file mode 100644 index e4b269ecd76..00000000000 --- a/core/src/com/cloud/network/security/SecurityGroupEgressRulesVO.java +++ /dev/null @@ -1,141 +0,0 @@ -/** - * Copyright (C) 2010 Cloud.com, Inc. All rights reserved. - * - * This software is licensed under the GNU General Public License v3 or later. - * - * It is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or any later version. - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - */ - -package com.cloud.network.security; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.PrimaryKeyJoinColumn; -import javax.persistence.SecondaryTable; -import javax.persistence.Table; - -@Entity -@Table(name = ("security_group")) -@SecondaryTable(name = "security_egress_rule", join = "left", pkJoinColumns = { @PrimaryKeyJoinColumn(name = "id", referencedColumnName = "security_group_id") }) -public class SecurityGroupEgressRulesVO implements SecurityGroupRules { - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - private long id; - - @Column(name = "name") - private String name; - - @Column(name = "description") - private String description; - - @Column(name = "domain_id") - private Long domainId; - - @Column(name = "account_id") - private Long accountId; - - @Column(name = "id", table = "security_egress_rule", insertable = false, updatable = false) - private Long ruleId; - - @Column(name = "start_port", table = "security_egress_rule", insertable = false, updatable = false) - private int startPort; - - @Column(name = "end_port", table = "security_egress_rule", insertable = false, updatable = false) - private int endPort; - - @Column(name = "protocol", table = "security_egress_rule", insertable = false, updatable = false) - private String protocol; - - @Column(name = "allowed_network_id", table = "security_egress_rule", insertable = false, updatable = false, nullable = true) - private Long allowedNetworkId = null; - - @Column(name = "allowed_ip_cidr", table = "security_egress_rule", insertable = false, updatable = false, nullable = true) - private String allowedDestinationIpCidr = null; - - public SecurityGroupEgressRulesVO() { - } - - public SecurityGroupEgressRulesVO(long id, String name, String description, Long domainId, Long accountId, Long ruleId, int startPort, int endPort, String protocol, Long allowedNetworkId, - String allowedDestinationIpCidr) { - this.id = id; - this.name = name; - this.description = description; - this.domainId = domainId; - this.accountId = accountId; - this.ruleId = ruleId; - this.startPort = startPort; - this.endPort = endPort; - this.protocol = protocol; - this.allowedNetworkId = allowedNetworkId; - this.allowedDestinationIpCidr = allowedDestinationIpCidr; - } - - @Override - public long getId() { - return id; - } - - @Override - public String getName() { - return name; - } - - @Override - public String getDescription() { - return description; - } - - @Override - public Long getDomainId() { - return domainId; - } - - @Override - public Long getAccountId() { - return accountId; - } - - @Override - public Long getRuleId() { - return ruleId; - } - - @Override - public int getStartPort() { - return startPort; - } - - @Override - public int getEndPort() { - return endPort; - } - - @Override - public String getProtocol() { - return protocol; - } - - @Override - public Long getAllowedNetworkId() { - return allowedNetworkId; - } - - @Override - public String getAllowedSourceIpCidr() { /* FIXME: need to rename the method name, for this the interface need to change or need create a new interface */ - return allowedDestinationIpCidr; - } -} diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java index 2129f9dbd06..a471a0432f3 100755 --- a/server/src/com/cloud/api/ApiResponseHelper.java +++ b/server/src/com/cloud/api/ApiResponseHelper.java @@ -44,7 +44,6 @@ import com.cloud.api.response.DiskOfferingResponse; import com.cloud.api.response.DomainResponse; import com.cloud.api.response.DomainRouterResponse; import com.cloud.api.response.EgressRuleResponse; -import com.cloud.api.response.EgressRuleResultObject; import com.cloud.api.response.EventResponse; import com.cloud.api.response.ExtractResponse; import com.cloud.api.response.FirewallResponse; @@ -453,6 +452,7 @@ public class ApiResponseHelper implements ResponseGenerator { offeringResponse.setDomain(ApiDBUtils.findDomainById(offering.getDomainId()).getName()); offeringResponse.setDomainId(offering.getDomainId()); } + offeringResponse.setNetworkRate(offering.getRateMbps()); offeringResponse.setHostTag(offering.getHostTag()); offeringResponse.setObjectName("serviceoffering"); @@ -1611,35 +1611,6 @@ public class ApiResponseHelper implements ResponseGenerator { } netGrpResponse.setIngressRules(ingressRulesResponse); } - List egressRules = networkGroup.getEgressRules(); - if ((egressRules != null) && !egressRules.isEmpty()) { - List egressRulesResponse = new ArrayList(); - - for (EgressRuleResultObject egressRule : egressRules) { - EgressRuleResponse egressData = new EgressRuleResponse(); - - egressData.setRuleId(egressRule.getId()); - egressData.setProtocol(egressRule.getProtocol()); - if ("icmp".equalsIgnoreCase(egressRule.getProtocol())) { - egressData.setIcmpType(egressRule.getStartPort()); - egressData.setIcmpCode(egressRule.getEndPort()); - } else { - egressData.setStartPort(egressRule.getStartPort()); - egressData.setEndPort(egressRule.getEndPort()); - } - - if (egressRule.getAllowedSecurityGroup() != null) { - egressData.setSecurityGroupName(egressRule.getAllowedSecurityGroup()); - egressData.setAccountName(egressRule.getAllowedSecGroupAcct()); - } else { - egressData.setCidr(egressRule.getAllowedDestinationIpCidr()); - } - - egressData.setObjectName("egressrule"); - egressRulesResponse.add(egressData); - } - netGrpResponse.setEgressRules(egressRulesResponse); - } netGrpResponse.setObjectName("securitygroup"); netGrpResponses.add(netGrpResponse); } @@ -2267,7 +2238,8 @@ public class ApiResponseHelper implements ResponseGenerator { response.setObjectName("project"); return response; } - + + public FirewallResponse createFirewallResponse(FirewallRule fwRule) { FirewallResponse response = new FirewallResponse(); diff --git a/server/src/com/cloud/api/response/SecurityGroupResultObject.java b/server/src/com/cloud/api/response/SecurityGroupResultObject.java index 221955b4238..15050e492c1 100644 --- a/server/src/com/cloud/api/response/SecurityGroupResultObject.java +++ b/server/src/com/cloud/api/response/SecurityGroupResultObject.java @@ -26,8 +26,6 @@ import java.util.Map; import com.cloud.api.ApiDBUtils; import com.cloud.network.security.SecurityGroup; import com.cloud.network.security.SecurityGroupRules; -import com.cloud.network.security.SecurityGroupRulesVO; -import com.cloud.network.security.SecurityGroupEgressRulesVO; import com.cloud.serializer.Param; import com.cloud.user.Account; @@ -52,9 +50,6 @@ public class SecurityGroupResultObject { @Param(name = "ingressrules") private List ingressRules = null; - - @Param(name = "egressrules") - private List egressRules = null; public SecurityGroupResultObject() { } @@ -125,14 +120,6 @@ public class SecurityGroupResultObject { this.ingressRules = ingressRules; } - public List getEgressRules() { - return egressRules; - } - - public void setEgressRules(List egressRules) { - this.egressRules = egressRules; - } - public static List transposeNetworkGroups(List groups) { List resultObjects = new ArrayList(); Map allowedSecurityGroups = new HashMap(); @@ -140,7 +127,6 @@ public class SecurityGroupResultObject { if ((groups != null) && !groups.isEmpty()) { List ingressDataList = new ArrayList(); - List egressDataList = new ArrayList(); SecurityGroupResultObject currentGroup = null; List processedGroups = new ArrayList(); @@ -175,13 +161,8 @@ public class SecurityGroupResultObject { currentGroup = groupResult; } - SecurityGroupRulesVO dummyIngressobj=new SecurityGroupRulesVO(); - SecurityGroupEgressRulesVO dummyEgressobj=new SecurityGroupEgressRulesVO() ; -String str=dummyIngressobj.getClass().getName(); - -String s1=netGroupRule.getClass().getSimpleName(); - if (netGroupRule.getRuleId() != null && netGroupRule.getClass().getSimpleName().indexOf("SecurityGroupRulesVO") != -1) { + if (netGroupRule.getRuleId() != null) { // there's at least one ingress rule for this network group, add the ingress rule data IngressRuleResultObject ingressData = new IngressRuleResultObject(); ingressData.setEndPort(netGroupRule.getEndPort()); @@ -210,34 +191,6 @@ String s1=netGroupRule.getClass().getSimpleName(); ingressData.setAllowedSourceIpCidr(netGroupRule.getAllowedSourceIpCidr()); } ingressDataList.add(ingressData); - }else if (netGroupRule.getRuleId() != null && netGroupRule.getClass().getSimpleName().indexOf("SecurityGroupEgressRulesVO") != -1) { - EgressRuleResultObject egressData = new EgressRuleResultObject(); - egressData.setEndPort(netGroupRule.getEndPort()); - egressData.setStartPort(netGroupRule.getStartPort()); - egressData.setId(netGroupRule.getRuleId()); - egressData.setProtocol(netGroupRule.getProtocol()); - - Long allowedSecurityGroupId = netGroupRule.getAllowedNetworkId(); - if (allowedSecurityGroupId != null) { - SecurityGroup allowedSecurityGroup = allowedSecurityGroups.get(allowedSecurityGroupId); - if (allowedSecurityGroup == null) { - allowedSecurityGroup = ApiDBUtils.findSecurityGroupById(allowedSecurityGroupId); - allowedSecurityGroups.put(allowedSecurityGroupId, allowedSecurityGroup); - } - - egressData.setAllowedSecurityGroup(allowedSecurityGroup.getName()); - - Account allowedAccount = accounts.get(allowedSecurityGroup.getAccountId()); - if (allowedAccount == null) { - allowedAccount = ApiDBUtils.findAccountById(allowedSecurityGroup.getAccountId()); - accounts.put(allowedAccount.getId(), allowedAccount); - } - - egressData.setAllowedSecGroupAcct(allowedAccount.getAccountName()); - } else if (netGroupRule.getAllowedSourceIpCidr() != null) { - egressData.setAllowedDestinationIpCidr(netGroupRule.getAllowedSourceIpCidr()); - } - egressDataList.add(egressData); } } diff --git a/server/src/com/cloud/configuration/DefaultComponentLibrary.java b/server/src/com/cloud/configuration/DefaultComponentLibrary.java index a1b3a52fc6a..d1f6b8b39b9 100755 --- a/server/src/com/cloud/configuration/DefaultComponentLibrary.java +++ b/server/src/com/cloud/configuration/DefaultComponentLibrary.java @@ -101,7 +101,6 @@ import com.cloud.network.security.SecurityGroupManagerImpl; import com.cloud.network.security.dao.EgressRuleDaoImpl; import com.cloud.network.security.dao.IngressRuleDaoImpl; import com.cloud.network.security.dao.SecurityGroupDaoImpl; -import com.cloud.network.security.dao.SecurityGroupEgressRulesDaoImpl; import com.cloud.network.security.dao.SecurityGroupRulesDaoImpl; import com.cloud.network.security.dao.SecurityGroupVMMapDaoImpl; import com.cloud.network.security.dao.SecurityGroupWorkDaoImpl; @@ -207,7 +206,6 @@ public class DefaultComponentLibrary extends ComponentLibraryBase implements Com addDao("EgressRuleDao", EgressRuleDaoImpl.class); addDao("SecurityGroupVMMapDao", SecurityGroupVMMapDaoImpl.class); addDao("SecurityGroupRulesDao", SecurityGroupRulesDaoImpl.class); - addDao("SecurityGroupEgressRulesDao", SecurityGroupEgressRulesDaoImpl.class); addDao("SecurityGroupWorkDao", SecurityGroupWorkDaoImpl.class); addDao("VmRulesetLogDao", VmRulesetLogDaoImpl.class); addDao("AlertDao", AlertDaoImpl.class); diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java index 789d6e99639..cd43a6c10d9 100755 --- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java +++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java @@ -73,7 +73,6 @@ import com.cloud.network.security.dao.EgressRuleDao; import com.cloud.network.security.dao.IngressRuleDao; import com.cloud.network.security.dao.SecurityGroupDao; import com.cloud.network.security.dao.SecurityGroupRulesDao; -import com.cloud.network.security.dao.SecurityGroupEgressRulesDao; import com.cloud.network.security.dao.SecurityGroupVMMapDao; import com.cloud.network.security.dao.SecurityGroupWorkDao; import com.cloud.network.security.dao.VmRulesetLogDao; @@ -126,8 +125,6 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG @Inject SecurityGroupRulesDao _securityGroupRulesDao; @Inject - SecurityGroupEgressRulesDao _securityGroupEgressRulesDao; - @Inject UserVmDao _userVMDao; @Inject AccountDao _accountDao; @@ -1302,7 +1299,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG } @Override - public List searchForSecurityGroupRules(ListSecurityGroupsCmd cmd) throws PermissionDeniedException, InvalidParameterValueException { + public List searchForSecurityGroupRules(ListSecurityGroupsCmd cmd) throws PermissionDeniedException, InvalidParameterValueException { Account caller = UserContext.current().getCaller(); Long domainId = cmd.getDomainId(); String accountName = cmd.getAccountName(); @@ -1341,8 +1338,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG accountId = caller.getId(); } - List securityRulesList = new ArrayList(); - // List securityEgressRulesList = new ArrayList(); + List securityRulesList = new ArrayList(); Filter searchFilter = new Filter(SecurityGroupVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); Object keyword = cmd.getKeyword(); @@ -1389,14 +1385,13 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG List securityGroups = _securityGroupDao.search(sc, searchFilter); for (SecurityGroupVO group : securityGroups) { securityRulesList.addAll(_securityGroupRulesDao.listSecurityRulesByGroupId(group.getId())); - securityRulesList.addAll(_securityGroupEgressRulesDao.listSecurityEgressRulesByGroupId(group.getId())); } return securityRulesList; } - private List listSecurityGroupRulesByVM(long vmId) { - List results = new ArrayList(); + private List listSecurityGroupRulesByVM(long vmId) { + List results = new ArrayList(); List networkGroupMappings = _securityGroupVMMapDao.listByInstanceId(vmId); if (networkGroupMappings != null) { for (SecurityGroupVMMapVO networkGroupMapping : networkGroupMappings) { diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDao.java b/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDao.java deleted file mode 100644 index bba79b7eca7..00000000000 --- a/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDao.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Copyright (C) 2010 Cloud.com, Inc. All rights reserved. - * - * This software is licensed under the GNU General Public License v3 or later. - * - * It is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or any later version. - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - */ - -package com.cloud.network.security.dao; - -import java.util.List; - -import com.cloud.network.security.SecurityGroupEgressRulesVO; -import com.cloud.utils.db.GenericDao; - -public interface SecurityGroupEgressRulesDao extends GenericDao { - /** - * List a security group and associated ingress rules - * @param accountId the account id of the owner of the security group - * @param groupName the name of the group for which to list rules - * @return the list of ingress rules associated with the security group (and security group info) - */ - List listSecurityGroupEgressRules(long accountId, String groupName); - - /** - * List security groups and associated ingress rules - * @param accountId the id of the account for which to list groups and associated rules - * @return the list of security groups with associated ingress rules - */ - List listSecurityGroupEgressRules(long accountId); - - /** - * List all security groups and associated ingress rules - * @return the list of security groups with associated ingress rules - */ - List listSecurityGroupEgressRules(); - - /** - * List all security rules belonging to the specific group - * @return the security group with associated ingress rules - */ - List listSecurityEgressRulesByGroupId(long groupId); -} diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDaoImpl.java b/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDaoImpl.java deleted file mode 100644 index b92e0e1b031..00000000000 --- a/server/src/com/cloud/network/security/dao/SecurityGroupEgressRulesDaoImpl.java +++ /dev/null @@ -1,85 +0,0 @@ -/** - * Copyright (C) 2010 Cloud.com, Inc. All rights reserved. - * - * This software is licensed under the GNU General Public License v3 or later. - * - * It is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or any later version. - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - * - */ - -package com.cloud.network.security.dao; - -import java.util.List; - -import javax.ejb.Local; - -import com.cloud.network.security.SecurityGroupEgressRulesVO; -import com.cloud.utils.db.Filter; -import com.cloud.utils.db.GenericDaoBase; -import com.cloud.utils.db.SearchBuilder; -import com.cloud.utils.db.SearchCriteria; - -@Local(value={SecurityGroupEgressRulesDao.class}) -public class SecurityGroupEgressRulesDaoImpl extends GenericDaoBase implements SecurityGroupEgressRulesDao { - private SearchBuilder AccountGroupNameSearch; - private SearchBuilder AccountSearch; - private SearchBuilder GroupSearch; - - protected SecurityGroupEgressRulesDaoImpl() { - AccountGroupNameSearch = createSearchBuilder(); - AccountGroupNameSearch.and("accountId", AccountGroupNameSearch.entity().getAccountId(), SearchCriteria.Op.EQ); - AccountGroupNameSearch.and("name", AccountGroupNameSearch.entity().getName(), SearchCriteria.Op.EQ); - AccountGroupNameSearch.done(); - - AccountSearch = createSearchBuilder(); - AccountSearch.and("accountId", AccountSearch.entity().getAccountId(), SearchCriteria.Op.EQ); - AccountSearch.done(); - - GroupSearch = createSearchBuilder(); - GroupSearch.and("groupId", GroupSearch.entity().getId(), SearchCriteria.Op.EQ); - GroupSearch.done(); - - } - - @Override - public List listSecurityGroupEgressRules() { - Filter searchFilter = new Filter(SecurityGroupEgressRulesVO.class, "id", true, null, null); - return listAll(searchFilter); - } - - @Override - public List listSecurityGroupEgressRules(long accountId, String groupName) { - Filter searchFilter = new Filter(SecurityGroupEgressRulesVO.class, "id", true, null, null); - - SearchCriteria sc = AccountGroupNameSearch.create(); - sc.setParameters("accountId", accountId); - sc.setParameters("name", groupName); - return listBy(sc, searchFilter); - } - - @Override - public List listSecurityGroupEgressRules(long accountId) { - Filter searchFilter = new Filter(SecurityGroupEgressRulesVO.class, "id", true, null, null); - SearchCriteria sc = AccountSearch.create(); - sc.setParameters("accountId", accountId); - return listBy(sc, searchFilter); - } - - - @Override - public List listSecurityEgressRulesByGroupId(long groupId) { - Filter searchFilter = new Filter(SecurityGroupEgressRulesVO.class, "id", true, null, null); - SearchCriteria sc = GroupSearch.create(); - sc.setParameters("groupId", groupId); - return listBy(sc, searchFilter); - } -} diff --git a/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java b/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java index 4d39e0d7f61..ed751ddc0e9 100644 --- a/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java +++ b/server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java @@ -34,6 +34,7 @@ public class SecurityGroupRulesDaoImpl extends GenericDaoBase AccountSearch; private SearchBuilder GroupSearch; + protected SecurityGroupRulesDaoImpl() { AccountGroupNameSearch = createSearchBuilder(); AccountGroupNameSearch.and("accountId", AccountGroupNameSearch.entity().getAccountId(), SearchCriteria.Op.EQ); @@ -73,8 +74,7 @@ public class SecurityGroupRulesDaoImpl extends GenericDaoBase sc = AccountSearch.create(); sc.setParameters("accountId", accountId); return listBy(sc, searchFilter); - } - + } @Override public List listSecurityRulesByGroupId(long groupId) {