You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ki...@apache.org on 2013/06/20 12:07:43 UTC

git commit: updated refs/heads/master to 03d1346

Updated Branches:
  refs/heads/master 289939580 -> 03d1346dc


CLOUDSTACK-2915: Create network ACL when adding ACL item to a tier without ACL for backward compatibility


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/03d1346d
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/03d1346d
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/03d1346d

Branch: refs/heads/master
Commit: 03d1346dc3b4464ed26eb333b338dcab3834e2b9
Parents: 2899395
Author: Kishan Kavala <ki...@cloud.com>
Authored: Thu Jun 20 15:36:21 2013 +0530
Committer: Kishan Kavala <ki...@cloud.com>
Committed: Thu Jun 20 15:36:58 2013 +0530

----------------------------------------------------------------------
 .../network/vpc/NetworkACLManagerImpl.java      |  2 +-
 .../network/vpc/NetworkACLServiceImpl.java      | 35 ++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/03d1346d/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
index bf6b859..227975e 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -153,7 +153,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana
         network.setNetworkACLId(acl.getId());
         //Update Network ACL
         if(_networkDao.update(network.getId(), network)){
-            s_logger.debug("Updated network: "+network.getId()+ "with Network ACL Id: "+acl.getId()+", Applying ACL items");
+            s_logger.debug("Updated network: "+network.getId()+ " with Network ACL Id: "+acl.getId()+", Applying ACL items");
             //Apply ACL to network
             return applyACLToNetwork(network.getId());
         }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/03d1346d/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java b/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
index a28657b..b4ec22d 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
@@ -40,6 +40,7 @@ import com.cloud.utils.db.JoinBuilder;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 import com.cloud.utils.db.SearchCriteria.Op;
+import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.net.NetUtils;
 import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.ServerApiException;
@@ -247,6 +248,40 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
                 throw new InvalidParameterValueException("Network: "+network.getUuid()+" does not belong to VPC");
             }
             aclId = network.getNetworkACLId();
+
+            if(aclId == null){
+                //Network is not associated with any ACL. Create a new ACL and add aclItem in it for backward compatibility
+                s_logger.debug("Network "+network.getId()+" is not associated with any ACL. Creating an ACL before adding acl item");
+
+                //verify that ACLProvider is supported by network offering
+                if(!_networkModel.areServicesSupportedByNetworkOffering(network.getNetworkOfferingId(), Network.Service.NetworkACL)){
+                    throw new InvalidParameterValueException("Network Offering does not support NetworkACL service");
+                }
+
+                Vpc vpc = _vpcMgr.getVpc(network.getVpcId());
+                if(vpc == null){
+                    throw new InvalidParameterValueException("Unable to find Vpc associated with the Network");
+                }
+
+                //Create new ACL
+                String aclName = "VPC_"+vpc.getName()+"_Tier_"+network.getName()+"_ACL_"+network.getUuid();
+                String description = "ACL for "+aclName;
+                NetworkACL acl = _networkAclMgr.createNetworkACL(aclName, description, network.getVpcId());
+                if(acl == null){
+                    throw new CloudRuntimeException("Error while create ACL before adding ACL Item for network "+network.getId());
+                }
+                s_logger.debug("Created ACL: "+aclName+" for network "+network.getId());
+                aclId = acl.getId();
+                //Apply acl to network
+                try {
+                    if(!_networkAclMgr.replaceNetworkACL(acl, (NetworkVO)network)){
+                        throw new CloudRuntimeException("Unable to apply auto created ACL to network "+network.getId());
+                    }
+                    s_logger.debug("Created ACL is applied to network "+network.getId());
+                } catch (ResourceUnavailableException e) {
+                    throw new CloudRuntimeException("Unable to apply auto created ACL to network "+network.getId(), e);
+                }
+            }
         }
 
         NetworkACL acl = _networkAclMgr.getNetworkACL(aclId);