VO should not contain any DAO. Transient should be loaded by the caller using the Dao.
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/02185d42 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/02185d42 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/02185d42 Branch: refs/heads/javelin Commit: 02185d42405bfad5f2852025c01c232154912994 Parents: 3cc9f3f Author: Prachi Damle <[email protected]> Authored: Fri Jan 18 11:37:08 2013 -0800 Committer: Prachi Damle <[email protected]> Committed: Tue Jan 22 12:54:16 2013 -0800 ---------------------------------------------------------------------- .../network/ExternalFirewallDeviceManagerImpl.java | 5 +++++ .../com/cloud/network/dao/FirewallRulesDao.java | 3 +++ .../cloud/network/dao/FirewallRulesDaoImpl.java | 7 +++++++ .../network/firewall/FirewallManagerImpl.java | 10 ++++++++++ .../router/VirtualNetworkApplianceManagerImpl.java | 6 +++++- .../VpcVirtualNetworkApplianceManagerImpl.java | 5 +++++ .../com/cloud/network/rules/FirewallRuleVO.java | 4 ---- .../cloud/network/vpc/NetworkACLManagerImpl.java | 4 ++++ 8 files changed, 39 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java b/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java index 7623b3f..f6ab778 100644 --- a/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java +++ b/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java @@ -80,8 +80,10 @@ import com.cloud.network.dao.PhysicalNetworkServiceProviderVO; import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.network.dao.VpnUserDao; import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.StaticNat; +import com.cloud.network.rules.FirewallRule.Purpose; import com.cloud.network.rules.dao.PortForwardingRulesDao; import com.cloud.offering.NetworkOffering; import com.cloud.offerings.dao.NetworkOfferingDao; @@ -536,6 +538,9 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl List<FirewallRuleTO> rulesTO = new ArrayList<FirewallRuleTO>(); for (FirewallRule rule : rules) { + if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { + _fwRulesDao.loadSourceCidrs((FirewallRuleVO)rule); + } IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId()); FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr()); rulesTO.add(ruleTO); http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/dao/FirewallRulesDao.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/dao/FirewallRulesDao.java b/server/src/com/cloud/network/dao/FirewallRulesDao.java index cc184c8..c461fd6 100644 --- a/server/src/com/cloud/network/dao/FirewallRulesDao.java +++ b/server/src/com/cloud/network/dao/FirewallRulesDao.java @@ -18,6 +18,7 @@ package com.cloud.network.dao; import java.util.List; +import com.cloud.host.HostVO; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.FirewallRuleVO; import com.cloud.utils.db.GenericDao; @@ -58,4 +59,6 @@ public interface FirewallRulesDao extends GenericDao<FirewallRuleVO, Long> { List<FirewallRuleVO> listByNetworkPurposeTrafficTypeAndNotRevoked(long networkId, FirewallRule.Purpose purpose, FirewallRule.TrafficType trafficType); List<FirewallRuleVO> listByIpAndPurposeWithState(Long addressId, FirewallRule.Purpose purpose, FirewallRule.State state); + + void loadSourceCidrs(FirewallRuleVO rule); } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java b/server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java index e671f6f..b9391f8 100644 --- a/server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java +++ b/server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java @@ -209,6 +209,7 @@ public class FirewallRulesDaoImpl extends GenericDaoBase<FirewallRuleVO, Long> i FirewallRuleVO dbfirewallRule = super.persist(firewallRule); saveSourceCidrs(firewallRule, firewallRule.getSourceCidrList()); + loadSourceCidrs(dbfirewallRule); txn.commit(); return dbfirewallRule; @@ -326,4 +327,10 @@ public class FirewallRulesDaoImpl extends GenericDaoBase<FirewallRuleVO, Long> i return listBy(sc); } + + @Override + public void loadSourceCidrs(FirewallRuleVO rule) { + List<String> sourceCidrs = _firewallRulesCidrsDao.getSourceCidrs(rule.getId()); + rule.setSourceCidrList(sourceCidrs); + } } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/firewall/FirewallManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index d912350..5b32c2f 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -164,6 +164,10 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ne @Override public FirewallRule createFirewallRule(FirewallRule rule) throws NetworkRuleConflictException { Account caller = UserContext.current().getCaller(); + + if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { + _firewallDao.loadSourceCidrs((FirewallRuleVO)rule); + } return createFirewallRule(rule.getSourceIpAddressId(), caller, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(), @@ -318,6 +322,9 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ne boolean duplicatedCidrs = false; if (bothRulesFirewall) { // Verify that the rules have different cidrs + _firewallDao.loadSourceCidrs(rule); + _firewallDao.loadSourceCidrs((FirewallRuleVO)newRule); + List<String> ruleCidrList = rule.getSourceCidrList(); List<String> newRuleCidrList = newRule.getSourceCidrList(); @@ -789,6 +796,9 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ne List<FirewallRuleVO> systemRules = _firewallDao.listSystemRules(); for (FirewallRuleVO rule : systemRules) { try { + if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { + _firewallDao.loadSourceCidrs(rule); + } this.createFirewallRule(ip.getId(), acct, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(), rule.getIcmpType(), rule.getRelated(), FirewallRuleType.System, rule.getNetworkId()); } catch (Exception e) { http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index e40dca3..d15d25f 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -172,6 +172,7 @@ import com.cloud.network.router.VirtualRouter.RedundantState; import com.cloud.network.router.VirtualRouter.Role; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.FirewallRule.Purpose; +import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.RulesManager; import com.cloud.network.rules.StaticNat; @@ -3253,7 +3254,10 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian if (rules != null) { rulesTO = new ArrayList<FirewallRuleTO>(); for (FirewallRule rule : rules) { - IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); + IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId()); + if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { + _rulesDao.loadSourceCidrs((FirewallRuleVO)rule); + } FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr()); rulesTO.add(ruleTO); } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index 01a46b5..8e192b0 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -91,6 +91,8 @@ import com.cloud.network.dao.Site2SiteVpnConnectionDao; import com.cloud.network.dao.Site2SiteVpnGatewayDao; import com.cloud.network.dao.Site2SiteVpnGatewayVO; import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.FirewallRule.Purpose; +import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.vpc.NetworkACLManager; import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.PrivateIpAddress; @@ -733,6 +735,9 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian rulesTO = new ArrayList<NetworkACLTO>(); for (FirewallRule rule : rules) { + if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { + _firewallDao.loadSourceCidrs((FirewallRuleVO)rule); + } NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType()); rulesTO.add(ruleTO); } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/rules/FirewallRuleVO.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/rules/FirewallRuleVO.java b/server/src/com/cloud/network/rules/FirewallRuleVO.java index 8ef5067..83057e0 100644 --- a/server/src/com/cloud/network/rules/FirewallRuleVO.java +++ b/server/src/com/cloud/network/rules/FirewallRuleVO.java @@ -44,7 +44,6 @@ import com.cloud.utils.net.NetUtils; @Inheritance(strategy=InheritanceType.JOINED) @DiscriminatorColumn(name="purpose", discriminatorType=DiscriminatorType.STRING, length=32) public class FirewallRuleVO implements FirewallRule { - @Inject protected FirewallRulesCidrsDao _firewallRulesCidrsDao; @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @@ -121,9 +120,6 @@ public class FirewallRuleVO implements FirewallRule { @Override public List<String> getSourceCidrList() { - if (sourceCidrs == null && (purpose == Purpose.Firewall || purpose == Purpose.NetworkACL)) { - return _firewallRulesCidrsDao.getSourceCidrs(id); - } return sourceCidrs; } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/02185d42/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java index f69b76d..431f1b9 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java @@ -117,6 +117,9 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ @Override public FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException { + if (acl.getSourceCidrList() == null && (acl.getPurpose() == Purpose.Firewall || acl.getPurpose() == Purpose.NetworkACL)) { + _firewallDao.loadSourceCidrs((FirewallRuleVO)acl); + } return createNetworkACL(UserContext.current().getCaller(), acl.getXid(), acl.getSourcePortStart(), acl.getSourcePortEnd(), acl.getProtocol(), acl.getSourceCidrList(), acl.getIcmpCode(), acl.getIcmpType(), null, acl.getType(), acl.getNetworkId(), acl.getTrafficType()); @@ -249,6 +252,7 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ // if one cidr overlaps another, do port veirficatino boolean duplicatedCidrs = false; // Verify that the rules have different cidrs + _firewallDao.loadSourceCidrs(rule); List<String> ruleCidrList = rule.getSourceCidrList(); List<String> newRuleCidrList = newRule.getSourceCidrList();
