apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-2319: fix "unable to add egress rules" in SecurityGroup

Browse Source 
Signed-off-by: Chip Childers <chip.childers@gmail.com>
This commit is contained in:
Wei Zhou 2013-05-06 20:57:02 +01:00 committed by Chip Childers
parent 599023b61b
commit af5bf94b43
4 changed files with 168 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/src/com/cloud/network/security/SecurityGroupRules.java
View File

@ -31,6 +31,8 @@ public interface SecurityGroupRules extends InternalIdentity {
Long getRuleId(); Long getRuleId();
String getRuleUuid();
int getStartPort(); int getStartPort();
int getEndPort(); int getEndPort();

15
core/src/com/cloud/network/security/SecurityGroupRulesVO.java
View File

@ -54,6 +54,9 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
@Column(name = "id", table = "security_group_rule", insertable = false, updatable = false) @Column(name = "id", table = "security_group_rule", insertable = false, updatable = false)
private Long ruleId; private Long ruleId;
@Column(name = "uuid", table = "security_group_rule", insertable = false, updatable = false)
private String ruleUuid;
@Column(name = "start_port", table = "security_group_rule", insertable = false, updatable = false) @Column(name = "start_port", table = "security_group_rule", insertable = false, updatable = false)
private int startPort; private int startPort;
@ -75,7 +78,11 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
public SecurityGroupRulesVO() { public SecurityGroupRulesVO() {
} }
public SecurityGroupRulesVO(long id, String name, String description, Long domainId, Long accountId, Long ruleId, int startPort, int endPort, String protocol, Long allowedNetworkId, public SecurityGroupRulesVO(long id) {
this.id = id;
}
public SecurityGroupRulesVO(long id, String name, String description, Long domainId, Long accountId, Long ruleId, String ruleUuid, int startPort, int endPort, String protocol, Long allowedNetworkId,
String allowedSourceIpCidr) { String allowedSourceIpCidr) {
this.id = id; this.id = id;
this.name = name; this.name = name;
@ -83,6 +90,7 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
this.domainId = domainId; this.domainId = domainId;
this.accountId = accountId; this.accountId = accountId;
this.ruleId = ruleId; this.ruleId = ruleId;
this.ruleUuid = ruleUuid;
this.startPort = startPort; this.startPort = startPort;
this.endPort = endPort; this.endPort = endPort;
this.protocol = protocol; this.protocol = protocol;
@ -120,6 +128,11 @@ public class SecurityGroupRulesVO implements SecurityGroupRules {
return ruleId; return ruleId;
} }
@Override
public String getRuleUuid() {
return ruleUuid;
}
@Override @Override
public int getStartPort() { public int getStartPort() {
return startPort; return startPort;

9
server/src/com/cloud/network/security/dao/SecurityGroupRulesDaoImpl.java
View File

@ -84,4 +84,13 @@ public class SecurityGroupRulesDaoImpl extends GenericDaoBase<SecurityGroupRules
sc.setParameters("groupId", groupId); sc.setParameters("groupId", groupId);
return listBy(sc, searchFilter); return listBy(sc, searchFilter);
} }
@Override
public SecurityGroupRulesVO findByUuidIncludingRemoved(final String uuid) {
SearchCriteria<SecurityGroupRulesVO> sc = createSearchCriteria();
sc.addAnd("ruleUuid", SearchCriteria.Op.EQ, uuid);
SecurityGroupRulesVO rule = findOneIncludingRemovedBy(sc);
SecurityGroupRulesVO newRule = new SecurityGroupRulesVO(rule.getRuleId());
return newRule;
}
} }

89
ui/scripts/network.js
View File

@ -3981,13 +3981,12 @@
account: args.context.securityGroups[0].account account: args.context.securityGroups[0].account
}; };
// TCP / ICMP
if (args.data.icmptype && args.data.icmpcode) { // ICMP if (args.data.icmptype && args.data.icmpcode) { // ICMP
$.extend(data, { $.extend(data, {
icmptype: args.data.icmptype, icmptype: args.data.icmptype,
icmpcode: args.data.icmpcode icmpcode: args.data.icmpcode
}); });
} else { // TCP } else { // TCP/UDP
$.extend(data, { $.extend(data, {
startport: args.data.startport, startport: args.data.startport,
endport: args.data.endport endport: args.data.endport
@ -4081,15 +4080,10 @@
egressRules: { egressRules: {
title: 'label.egress.rule', title: 'label.egress.rule',
custom: function(args) { custom: cloudStack.uiCustom.securityRules({
var context = args.context;
return $('<div>').multiEdit({
context: context,
noSelect: true, noSelect: true,
noHeaderActionsColumn: true, noHeaderActionsColumn: true,
fields: { fields: {
'cidrlist': { edit: true, label: 'label.cidr' },
'protocol': { 'protocol': {
label: 'label.protocol', label: 'label.protocol',
select: function(args) { select: function(args) {
@ -4106,11 +4100,13 @@
var $otherFields = $inputs.filter(function() { var $otherFields = $inputs.filter(function() {
var name = $(this).attr('rel'); var name = $(this).attr('rel');
return name != 'cidrlist' && return name != 'icmptype' &&
name != 'icmptype' &&
name != 'icmpcode' && name != 'icmpcode' &&
name != 'protocol' && name != 'protocol' &&
name != 'add-rule'; name != 'add-rule' &&
name != 'cidr' &&
name != 'accountname' &&
name != 'securitygroup';
}); });
if ($(this).val() == 'icmp') { if ($(this).val() == 'icmp') {
@ -4135,6 +4131,13 @@
'endport': { edit: true, label: 'label.end.port' }, 'endport': { edit: true, label: 'label.end.port' },
'icmptype': { edit: true, label: 'ICMP.type', isHidden: true }, 'icmptype': { edit: true, label: 'ICMP.type', isHidden: true },
'icmpcode': { edit: true, label: 'ICMP.code', isHidden: true }, 'icmpcode': { edit: true, label: 'ICMP.code', isHidden: true },
'cidr': { edit: true, label: 'label.cidr', isHidden: true },
'accountname': {
edit: true,
label: 'label.account.and.security.group',
isHidden: true,
range: ['accountname', 'securitygroup']
},
'add-rule': { 'add-rule': {
label: 'label.add', label: 'label.add',
addButton: true addButton: true
@ -4144,9 +4147,10 @@
label: 'label.add', label: 'label.add',
action: function(args) { action: function(args) {
var data = { var data = {
securitygroupid: args.context.securityGroups[0].id,
protocol: args.data.protocol, protocol: args.data.protocol,
cidrlist: args.data.cidrlist, domainid: args.context.securityGroups[0].domainid,
trafficType: 'Egress' account: args.context.securityGroups[0].account
}; };
if (args.data.icmptype && args.data.icmpcode) { // ICMP if (args.data.icmptype && args.data.icmpcode) { // ICMP
@ -4161,34 +4165,21 @@
}); });
} }
// Get Source NAT IP // CIDR / account
var sourceNATIP; if (args.data.cidr) {
data.cidrlist = args.data.cidr;
$.ajax({ } else {
url: createURL('listPublicIpAddresses'), data['usersecuritygrouplist[0].account'] = args.data.accountname;
data: { data['usersecuritygrouplist[0].group'] = args.data.securitygroup;
listAll: true,
associatednetworkid: args.context.networks[0].id
},
async: false,
success: function(json) {
var ipAddresses = json.listpublicipaddressesresponse.publicipaddress;
sourceNATIP = $.grep(ipAddresses, function(ipAddress) {
return ipAddress.issourcenat;
})[0];
} }
});
data.ipaddressid = sourceNATIP.id;
$.ajax({ $.ajax({
url: createURL('createFirewallRule'), url: createURL('authorizeSecurityGroupEgress'),
data: data, data: data,
dataType: 'json', dataType: 'json',
async: true, async: true,
success: function(json) { success: function(data) {
var jobId = json.createfirewallruleresponse.jobid; var jobId = data.authorizesecuritygroupegressresponse.jobid;
args.response.success({ args.response.success({
_custom: { _custom: {
@ -4199,9 +4190,6 @@
poll: pollAsyncJobResult poll: pollAsyncJobResult
} }
}); });
},
error: function(json) {
args.response.error(parseXMLHttpResponse(json));
} }
}); });
} }
@ -4211,14 +4199,16 @@
label: 'label.remove.rule', label: 'label.remove.rule',
action: function(args) { action: function(args) {
$.ajax({ $.ajax({
url: createURL('deleteFirewallRule'), url: createURL('revokeSecurityGroupEgress'),
data: { data: {
domainid: args.context.securityGroups[0].domainid,
account: args.context.securityGroups[0].account,
id: args.context.multiRule[0].id id: args.context.multiRule[0].id
}, },
dataType: 'json', dataType: 'json',
async: true, async: true,
success: function(data) { success: function(data) {
var jobID = data.deletefirewallruleresponse.jobid; var jobID = data.revokesecuritygroupegress.jobid;
args.response.success({ args.response.success({
_custom: { _custom: {
@ -4240,25 +4230,24 @@
ignoreEmptyFields: true, ignoreEmptyFields: true,
dataProvider: function(args) { dataProvider: function(args) {
$.ajax({ $.ajax({
url: createURL('listFirewallRules'), url: createURL('listSecurityGroups'),
data: { data: {
listAll: true, id: args.context.securityGroups[0].id
networkid: args.context.networks[0].id,
trafficType: 'Egress'
}, },
dataType: 'json', dataType: 'json',
async: true, async: true,
success: function(json) { success: function(data) {
var response = json.listfirewallrulesresponse.firewallrule;
args.response.success({ args.response.success({
data: response data: $.map(
}); data.listsecuritygroupsresponse.securitygroup[0].egressrule ?
} data.listsecuritygroupsresponse.securitygroup[0].egressrule : [],
ingressEgressDataMap
)
}); });
} }
}); });
} }
})
} }
}, },