CLOUDSTACK-7308 - Adds tagging support for security group rules

api/src/com/cloud/server/ResourceTag.java

@@ -35,6 +35,7 @@ public interface ResourceTag extends ControlledEntity, Identity, InternalIdentit
         PortForwardingRule(true, true),
         FirewallRule(true, true),
         SecurityGroup(true, false),
+        SecurityGroupRule(true, false),
         PublicIpAddress(true, true),
         Project(true, false),
         Vpc(true, true),

api/src/org/apache/cloudstack/api/response/SecurityGroupRuleResponse.java

@@ -25,6 +25,8 @@ import org.apache.cloudstack.api.EntityReference;
 import com.cloud.network.security.SecurityRule;
 import com.cloud.serializer.Param;
 
+import java.util.Set;
+
 @EntityReference(value = SecurityRule.class)
 public class SecurityGroupRuleResponse extends BaseResponse {
     @SerializedName("ruleid")
@@ -63,6 +65,10 @@ public class SecurityGroupRuleResponse extends BaseResponse {
     @Param(description = "the CIDR notation for the base IP address of the security group rule")
     private String cidr;
 
+    @SerializedName(ApiConstants.TAGS)
+    @Param(description = "the list of resource tags associated with the rule", responseObject = ResourceTagResponse.class)
+    private java.util.Set<ResourceTagResponse> tags;
+
     public String getRuleId() {
         return ruleId;
     }
@@ -161,4 +167,12 @@ public class SecurityGroupRuleResponse extends BaseResponse {
             return false;
         return true;
     }
+
+    public void setTags(Set<ResourceTagResponse> tags) {
+        this.tags = tags;
+    }
+
+    public void addTag(ResourceTagResponse tag) {
+        this.tags.add(tag);
+    }
 }

server/src/com/cloud/api/query/dao/SecurityGroupJoinDaoImpl.java

@@ -17,11 +17,15 @@
 package com.cloud.api.query.dao;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.ejb.Local;
 import javax.inject.Inject;
 
+import com.cloud.server.ResourceTag;
+import org.apache.cloudstack.api.response.ResourceTagResponse;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -48,6 +52,9 @@ public class SecurityGroupJoinDaoImpl extends GenericDaoBase<SecurityGroupJoinVO
     @Inject
     private ConfigurationDao _configDao;
 
+    @Inject
+    private ResourceTagJoinDao _resourceTagJoinDao;
+
     private final SearchBuilder<SecurityGroupJoinVO> sgSearch;
 
     private final SearchBuilder<SecurityGroupJoinVO> sgIdSearch;
@@ -99,6 +106,16 @@ public class SecurityGroupJoinDaoImpl extends GenericDaoBase<SecurityGroupJoinVO
                 ruleData.setCidr(vsg.getRuleAllowedSourceIpCidr());
             }
 
+            // list the tags by rule uuid
+            List<ResourceTagJoinVO> tags = _resourceTagJoinDao.listBy(vsg.getRuleUuid(), ResourceTag.ResourceObjectType.SecurityGroupRule);
+            Set<ResourceTagResponse> tagResponse = new HashSet<ResourceTagResponse>();
+            for (ResourceTagJoinVO tag: tags) {
+                tagResponse.add(ApiDBUtils.newResourceTagResponse(tag, false));
+            }
+
+            // add the tags to the rule data
+            ruleData.setTags(tagResponse);
+
             if (vsg.getRuleType() == SecurityRuleType.IngressRule) {
                 ruleData.setObjectName("ingressrule");
                 sgResponse.addSecurityGroupIngressRule(ruleData);

server/src/com/cloud/tags/TaggedResourceManagerImpl.java

@@ -55,6 +55,7 @@ import com.cloud.network.dao.Site2SiteVpnGatewayVO;
 import com.cloud.network.rules.FirewallRuleVO;
 import com.cloud.network.rules.PortForwardingRuleVO;
 import com.cloud.network.security.SecurityGroupVO;
+import com.cloud.network.security.SecurityGroupRuleVO;
 import com.cloud.network.vpc.NetworkACLItemVO;
 import com.cloud.network.vpc.NetworkACLVO;
 import com.cloud.network.vpc.StaticRouteVO;
@@ -103,6 +104,7 @@ public class TaggedResourceManagerImpl extends ManagerBase implements TaggedReso
         s_typeMap.put(ResourceObjectType.PortForwardingRule, PortForwardingRuleVO.class);
         s_typeMap.put(ResourceObjectType.FirewallRule, FirewallRuleVO.class);
         s_typeMap.put(ResourceObjectType.SecurityGroup, SecurityGroupVO.class);
+        s_typeMap.put(ResourceObjectType.SecurityGroupRule, SecurityGroupRuleVO.class);
         s_typeMap.put(ResourceObjectType.PublicIpAddress, IPAddressVO.class);
         s_typeMap.put(ResourceObjectType.Project, ProjectVO.class);
         s_typeMap.put(ResourceObjectType.Vpc, VpcVO.class);
@@ -178,6 +180,16 @@ public class TaggedResourceManagerImpl extends ManagerBase implements TaggedReso
         Object entity = _entityMgr.findById(clazz, resourceId);
         Long accountId = null;
         Long domainId = null;
+
+        // if the resource type is a security group rule, get the accountId and domainId from the security group itself
+        if (resourceType == ResourceObjectType.SecurityGroupRule) {
+            SecurityGroupRuleVO rule = (SecurityGroupRuleVO)entity;
+            Object SecurityGroup = _entityMgr.findById(s_typeMap.get(ResourceObjectType.SecurityGroup), rule.getSecurityGroupId());
+
+            accountId = ((SecurityGroupVO)SecurityGroup).getAccountId();
+            domainId = ((SecurityGroupVO)SecurityGroup).getDomainId();
+        }
+
         if (entity instanceof OwnedBy) {
             accountId = ((OwnedBy)entity).getAccountId();
         }