HONEYCOMB-310: translation layer for acl plugin

Not covered by this patch (moved to subsequent commits): - postman collection - distinguish ingress/egress ACLs while reading assigned acls - proper support for acl tag - unit tests improvements - read for acls (not necessarily assigned) - initializers Change-Id: I5a198ce1a6e20d0b1d95b4d2d83d0464fb86580c Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
author: Jan Srnicek <jsrnicek@cisco.com> 2016-12-16 13:07:56 +0100
committer: Marek Gradzki <mgradzki@cisco.com> 2016-12-20 13:59:56 +0100
commit: f8273e10b19ecc82bdda81feef9982ce28d5de21 (patch)
tree: 98d2d9686bcf24f64c0c18c633554e8629f2e22e /acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/acl/AclValidator.java
parent: e3b9212110528217c2477f588ebccc0d76ee31e1 (diff)
1 files changed, 84 insertions, 0 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/acl/AclValidator.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/acl/AclValidator.java
new file mode 100644
index 000000000..3779b82bf
--- /dev/null
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/acl/AclValidator.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.fd.hc2vpp.acl.util.acl;
+
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+import javax.annotation.Nonnull;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.AclBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.Acl;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.matches.AceType;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAcl;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppMacipAcl;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.VppAce;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.VppMacipAce;
+
+/**
+ * Validate Acl data if processable by vpp
+ */
+public interface AclValidator {
+
+    Set<Class<? extends AclBase>> SUPPORTED_ACL_TYPES = ImmutableSet.of(VppAcl.class, VppMacipAcl.class);
+
+    Map<Class<? extends AclBase>, Class<? extends AceType>> ACL_ACE_PAIRS = ImmutableMap.of(
+            VppAcl.class, VppAce.class,
+            VppMacipAcl.class, VppMacipAce.class);
+
+    static void isSupportedAclType(final Acl acl) {
+        checkArgument(SUPPORTED_ACL_TYPES.contains(acl.getAclType()),
+                "Unsupported Acl type %s detected for acl %s, allowed types are %s", acl.getAclType(),
+                acl.getAclName(), SUPPORTED_ACL_TYPES);
+    }
+
+    static void hasConsistentAceTypeForAclType(final Acl acl) {
+        checkTypesSame(acl.getAccessListEntries().getAce(), acl.getAclName(),
+                checkNotNull(ACL_ACE_PAIRS.get(acl.getAclType()), "Unsupported ACL type %s for ACL %s",
+                        acl.getAclType(), acl.getAclName()));
+    }
+
+    static void checkTypesSame(final List<Ace> aces, final String aclName, final Class<? extends AceType> aceType) {
+        final Set<AceType> unsupportedAceTypes = aces.stream()
+                .map(Ace::getMatches)
+                .map(Matches::getAceType)
+                .filter(aceType::equals)
+                .collect(Collectors.toSet());
+        checkArgument(unsupportedAceTypes.isEmpty(), "Detected unsupported ace types [%s] for ACL %s, expected %s",
+                unsupportedAceTypes, aclName, aceType);
+    }
+
+    static void hasAceList(final Acl acl) {
+        //checks if aces are defined
+        checkArgument(!checkNotNull(checkNotNull(acl.getAccessListEntries(), "No access list entries defined")
+                .getAce(), "No aces defined")
+                .isEmpty(), "Empty ace list defined");
+    }
+
+    default void validateAcl(@Nonnull final Acl acl) {
+        hasAceList(acl);
+        isSupportedAclType(acl);
+        hasConsistentAceTypeForAclType(acl);
+    }
+}
author	Jan Srnicek <jsrnicek@cisco.com>	2016-12-16 13:07:56 +0100
committer	Marek Gradzki <mgradzki@cisco.com>	2016-12-20 13:59:56 +0100
commit	f8273e10b19ecc82bdda81feef9982ce28d5de21 (patch)
tree	98d2d9686bcf24f64c0c18c633554e8629f2e22e /acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/util/acl/AclValidator.java
parent	e3b9212110528217c2477f588ebccc0d76ee31e1 (diff)