@DB private void revokeRule(final NetworkACLItemVO rule) { if (rule.getState() == State.Staged) { if (s_logger.isDebugEnabled()) { s_logger.debug("Found a rule that is still in stage state so just removing it: " + rule); } _networkACLItemDao.remove(rule.getId()); } else if (rule.getState() == State.Add || rule.getState() == State.Active) { rule.setState(State.Revoke); _networkACLItemDao.update(rule.getId(), rule); } }
@Override public boolean revokeACLItemsForPrivateGw(final PrivateGateway gateway) throws ResourceUnavailableException { final long networkACLId = gateway.getNetworkACLId(); final List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(networkACLId); if (aclItems.isEmpty()) { s_logger.debug("Found no network ACL Items for private gateway 'id=" + gateway.getId() + "'"); return true; } if (s_logger.isDebugEnabled()) { s_logger.debug("Releasing " + aclItems.size() + " Network ACL Items for private gateway id=" + gateway.getId()); } for (final NetworkACLItemVO aclItem : aclItems) { // Mark all Network ACLs rules as Revoke, but don't update in DB if (aclItem.getState() == State.Add || aclItem.getState() == State.Active) { aclItem.setState(State.Revoke); } } final boolean success = applyACLToPrivateGw(gateway, aclItems); if (s_logger.isDebugEnabled() && success) { s_logger.debug("Successfully released Network ACLs for private gateway id=" + gateway.getId() + " and # of rules now = " + aclItems.size()); } return success; }
@Override public boolean revokeACLItemsForNetwork(final long networkId) throws ResourceUnavailableException { final Network network = _networkDao.findById(networkId); if (network.getNetworkACLId() == null) { return true; } final List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(network.getNetworkACLId()); if (aclItems.isEmpty()) { s_logger.debug("Found no network ACL Items for network id=" + networkId); return true; } if (s_logger.isDebugEnabled()) { s_logger.debug("Releasing " + aclItems.size() + " Network ACL Items for network id=" + networkId); } for (final NetworkACLItemVO aclItem : aclItems) { // Mark all Network ACLs rules as Revoke, but don't update in DB if (aclItem.getState() == State.Add || aclItem.getState() == State.Active) { aclItem.setState(State.Revoke); } } final boolean success = applyACLItemsToNetwork(network.getId(), aclItems); if (s_logger.isDebugEnabled() && success) { s_logger.debug("Successfully released Network ACLs for network id=" + networkId + " and # of rules now = " + aclItems.size()); } return success; }
protected NetworkACLItemDaoImpl() { super(); AllFieldsSearch = createSearchBuilder(); AllFieldsSearch.and("protocol", AllFieldsSearch.entity().getProtocol(), Op.EQ); AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), Op.EQ); AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ); AllFieldsSearch.and("aclId", AllFieldsSearch.entity().getAclId(), Op.EQ); AllFieldsSearch.and("trafficType", AllFieldsSearch.entity().getTrafficType(), Op.EQ); AllFieldsSearch.and("number", AllFieldsSearch.entity().getNumber(), Op.EQ); AllFieldsSearch.and("action", AllFieldsSearch.entity().getAction(), Op.EQ); AllFieldsSearch.done(); NotRevokedSearch = createSearchBuilder(); NotRevokedSearch.and("state", NotRevokedSearch.entity().getState(), Op.NEQ); NotRevokedSearch.and("protocol", NotRevokedSearch.entity().getProtocol(), Op.EQ); NotRevokedSearch.and("sourcePortStart", NotRevokedSearch.entity().getSourcePortStart(), Op.EQ); NotRevokedSearch.and("sourcePortEnd", NotRevokedSearch.entity().getSourcePortEnd(), Op.EQ); NotRevokedSearch.and("aclId", NotRevokedSearch.entity().getAclId(), Op.EQ); NotRevokedSearch.and("trafficType", NotRevokedSearch.entity().getTrafficType(), Op.EQ); NotRevokedSearch.done(); ReleaseSearch = createSearchBuilder(); ReleaseSearch.and("protocol", ReleaseSearch.entity().getProtocol(), Op.EQ); ReleaseSearch.and("ports", ReleaseSearch.entity().getSourcePortStart(), Op.IN); ReleaseSearch.done(); MaxNumberSearch = createSearchBuilder(Integer.class); MaxNumberSearch.select(null, SearchCriteria.Func.MAX, MaxNumberSearch.entity().getNumber()); MaxNumberSearch.and("aclId", MaxNumberSearch.entity().getAclId(), Op.EQ); MaxNumberSearch.done(); }