listFirewallRules - added optional networkId parameter allowing to search for firewall rules by guest network id

2025-11-02 20:02:29 +01:00 · 2013-11-12 15:44:17 -08:00 · 2013-11-12 15:44:17 -08:00 · d905c10214
commit d905c10214
parent 81949ec644
5 changed files with 26 additions and 23 deletions
--- a/api/src/com/cloud/server/ResourceTag.java
+++ b/api/src/com/cloud/server/ResourceTag.java
@ -31,7 +31,7 @@ public interface ResourceTag extends ControlledEntity, Identity, InternalIdentit
        Snapshot (true, false),
        Network (true, true),
        Nic (false, true),
-        LoadBalancer (true, false),
+        LoadBalancer (true, true),
        PortForwardingRule (true, true),
        FirewallRule (true, true),
        SecurityGroup (true, false),
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
@ -23,10 +23,12 @@ import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
 import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.BaseCmd.CommandType;
 import org.apache.cloudstack.api.response.FirewallResponse;
 import org.apache.cloudstack.api.response.FirewallRuleResponse;
 import org.apache.cloudstack.api.response.IPAddressResponse;
 import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.api.response.NetworkResponse;
 import org.apache.log4j.Logger;

 import com.cloud.network.rules.FirewallRule;
@ -47,6 +49,10 @@ public class ListFirewallRulesCmd extends BaseListTaggedResourcesCmd {
    @Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.UUID, entityType = IPAddressResponse.class,
            description="the id of IP address of the firwall services")
    private Long ipAddressId;
+    
+    @Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class,
+            description="list firewall rules for ceratin network", since="4.3")
+    private Long networkId;

    /////////////////////////////////////////////////////
    /////////////////// Accessors ///////////////////////
@ -63,6 +69,10 @@ public class ListFirewallRulesCmd extends BaseListTaggedResourcesCmd {
    public Long getId() {
        return id;
    }
+    
+    public Long getNetworkId() {
+        return networkId;
+    }

    /////////////////////////////////////////////////////
    /////////////// API Implementation///////////////////
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@ -2374,12 +2374,11 @@ public class ApiResponseHelper implements ResponseGenerator {
            IpAddress ip = ApiDBUtils.findIpAddressById(fwRule.getSourceIpAddressId());
            response.setPublicIpAddressId(ip.getUuid());
            response.setPublicIpAddress(ip.getAddress().addr());
-        } else if (fwRule.getTrafficType() == FirewallRule.TrafficType.Egress) {
-            response.setPublicIpAddress(null);
-            Network network = ApiDBUtils.findNetworkById(fwRule.getNetworkId());
-            response.setNetworkId(network.getUuid());
        }
-
+        
+        Network network = ApiDBUtils.findNetworkById(fwRule.getNetworkId());
+        response.setNetworkId(network.getUuid());
+        
        FirewallRule.State state = fwRule.getState();
        String stateToSet = state.toString();
        if (state.equals(FirewallRule.State.Revoke)) {
--- a/server/src/com/cloud/metadata/ResourceMetaDataManagerImpl.java
+++ b/server/src/com/cloud/metadata/ResourceMetaDataManagerImpl.java
@ -96,6 +96,7 @@ public class ResourceMetaDataManagerImpl extends ManagerBase implements Resource
        _daoMap.put(ResourceObjectType.FirewallRule, _firewallRuleDetailsDao);
        _daoMap.put(ResourceObjectType.PublicIpAddress, _userIpAddressDetailsDao);
        _daoMap.put(ResourceObjectType.PortForwardingRule, _firewallRuleDetailsDao);
+        _daoMap.put(ResourceObjectType.LoadBalancer, _firewallRuleDetailsDao);

        return true;
    }
--- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
+++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java
@ -27,13 +27,12 @@ import javax.ejb.Local;
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;

-import org.apache.log4j.Logger;
-import org.springframework.stereotype.Component;
-import org.apache.cloudstack.api.command.user.firewall.ListEgressFirewallRulesCmd;
 import org.apache.cloudstack.api.command.user.firewall.ListFirewallRulesCmd;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;

 import com.cloud.configuration.Config;
 import com.cloud.domain.dao.DomainDao;
@ -70,7 +69,6 @@ import com.cloud.network.rules.FirewallRule.State;
 import com.cloud.network.rules.FirewallRuleVO;
 import com.cloud.network.rules.PortForwardingRule;
 import com.cloud.network.rules.PortForwardingRuleVO;
-import com.cloud.network.rules.StaticNat;
 import com.cloud.network.rules.dao.PortForwardingRulesDao;
 import com.cloud.network.vpc.VpcManager;
 import com.cloud.projects.Project.ListProjectResourcesCriteria;
@ -88,11 +86,11 @@ import com.cloud.utils.db.Filter;
 import com.cloud.utils.db.JoinBuilder;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.utils.db.Transaction;
 import com.cloud.utils.db.TransactionCallbackNoReturn;
 import com.cloud.utils.db.TransactionCallbackWithException;
 import com.cloud.utils.db.TransactionStatus;
-import com.cloud.utils.db.SearchCriteria.Op;
-import com.cloud.utils.db.Transaction;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.net.NetUtils;
 import com.cloud.vm.UserVmVO;
@ -256,7 +254,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
    public Pair<List<? extends FirewallRule>, Integer> listFirewallRules(ListFirewallRulesCmd cmd) {
        Long ipId = cmd.getIpAddressId();
        Long id = cmd.getId();
-        Long networkId = null;
+        Long networkId = cmd.getNetworkId();
        Map<String, String> tags = cmd.getTags();
        FirewallRule.TrafficType trafficType = cmd.getTrafficType();

@ -283,15 +281,10 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,

        sb.and("id", sb.entity().getId(), Op.EQ);
        sb.and("trafficType", sb.entity().getTrafficType(), Op.EQ);
-        if (cmd instanceof ListEgressFirewallRulesCmd ) {
-            networkId =((ListEgressFirewallRulesCmd)cmd).getNetworkId();
-            sb.and("networkId", sb.entity().getNetworkId(), Op.EQ);
-        } else {
+        sb.and("networkId", sb.entity().getNetworkId(), Op.EQ);
        sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
-        }
        sb.and("purpose", sb.entity().getPurpose(), Op.EQ);

-
        if (tags != null && !tags.isEmpty()) {
            SearchBuilder<ResourceTagVO> tagSearch = _resourceTagDao.createSearchBuilder();
            for (int count=0; count < tags.size(); count++) {
@ -323,10 +316,10 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,

        if (ipId != null) {
            sc.setParameters("ip", ipId);
-        } else if (cmd instanceof ListEgressFirewallRulesCmd) {
-            if (networkId != null) {
-                sc.setParameters("networkId", networkId);
-            }
+        }
+        
+        if (networkId != null) {
+            sc.setParameters("networkId", networkId);
        }

        sc.setParameters("purpose", Purpose.Firewall);