@Override public FirewallRuleVO doInTransaction(TransactionStatus status) throws NetworkRuleConflictException { FirewallRuleVO newRule = new FirewallRuleVO(xId, ipAddrId, portStart, portEnd, protocol.toLowerCase(), networkId, accountIdFinal, domainIdFinal, Purpose.Firewall, sourceCidrList, destCidrList, icmpCode, icmpType, relatedRuleId, trafficType); newRule.setType(type); if (forDisplay != null) { newRule.setDisplay(forDisplay); } newRule = _firewallDao.persist(newRule); if (type == FirewallRuleType.User) detectRulesConflict(newRule); if (!_firewallDao.setStateToAdd(newRule)) { throw new CloudRuntimeException("Unable to update the state to add for " + newRule); } CallContext.current().setEventDetails("Rule Id: " + newRule.getId()); return newRule; } });
protected FirewallRule updateFirewallRule(long ruleId, String customId, Account caller, Boolean forDisplay) { FirewallRuleVO rule = _firewallDao.findById(ruleId); if (rule == null || rule.getPurpose() != Purpose.Firewall) { throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.Firewall); } if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) { throw new InvalidParameterValueException("Only root admin can update the system wide firewall rule"); } _accountMgr.checkAccess(caller, null, true, rule); if (customId != null) { rule.setUuid(customId); } if (forDisplay != null) { rule.setDisplay(forDisplay); } _firewallDao.update(ruleId, rule); return _firewallDao.findById(ruleId); }