summaryrefslogtreecommitdiffstats
path: root/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java
diff options
context:
space:
mode:
authorJan Srnicek <jsrnicek@cisco.com>2016-12-16 13:07:56 +0100
committerMarek Gradzki <mgradzki@cisco.com>2016-12-20 13:59:56 +0100
commitf8273e10b19ecc82bdda81feef9982ce28d5de21 (patch)
tree98d2d9686bcf24f64c0c18c633554e8629f2e22e /acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java
parente3b9212110528217c2477f588ebccc0d76ee31e1 (diff)
HONEYCOMB-310: translation layer for acl plugin
Not covered by this patch (moved to subsequent commits): - postman collection - distinguish ingress/egress ACLs while reading assigned acls - proper support for acl tag - unit tests improvements - read for acls (not necessarily assigned) - initializers Change-Id: I5a198ce1a6e20d0b1d95b4d2d83d0464fb86580c Signed-off-by: Jan Srnicek <jsrnicek@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java')
-rw-r--r--acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java110
1 files changed, 110 insertions, 0 deletions
diff --git a/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java
new file mode 100644
index 000000000..a2956784f
--- /dev/null
+++ b/acl/acl-impl/src/main/java/io/fd/hc2vpp/acl/write/VppAclCustomizer.java
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.fd.hc2vpp.acl.write;
+
+import io.fd.hc2vpp.acl.util.FutureJVppAclCustomizer;
+import io.fd.hc2vpp.acl.util.acl.AclDataExtractor;
+import io.fd.hc2vpp.acl.util.acl.AclValidator;
+import io.fd.hc2vpp.acl.util.acl.AclWriter;
+import io.fd.hc2vpp.common.translate.util.NamingContext;
+import io.fd.honeycomb.translate.MappingContext;
+import io.fd.honeycomb.translate.spi.write.ListWriterCustomizer;
+import io.fd.honeycomb.translate.write.WriteContext;
+import io.fd.honeycomb.translate.write.WriteFailedException;
+import io.fd.vpp.jvpp.acl.future.FutureJVppAclFacade;
+import javax.annotation.Nonnull;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.Acl;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.AclKey;
+import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+
+public class VppAclCustomizer extends FutureJVppAclCustomizer
+ implements ListWriterCustomizer<Acl, AclKey>, AclValidator, AclDataExtractor, AclWriter {
+
+ private final NamingContext standardAclContext;
+ private final NamingContext macIpAclContext;
+
+ public VppAclCustomizer(@Nonnull final FutureJVppAclFacade jVppAclFacade,
+ @Nonnull final NamingContext standardAclContext,
+ @Nonnull final NamingContext macIpAclContext) {
+ super(jVppAclFacade);
+ this.standardAclContext = standardAclContext;
+ this.macIpAclContext = macIpAclContext;
+ }
+
+ @Override
+ public void writeCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataAfter,
+ @Nonnull final WriteContext writeContext) throws WriteFailedException {
+ validateAcl(dataAfter);
+
+ final MappingContext mappingContext = writeContext.getMappingContext();
+
+ if (isStandardAcl(dataAfter)) {
+ addStandardAcl(getjVppAclFacade(), id, dataAfter, standardAclContext, mappingContext);
+ } else if (isMacIpAcl(dataAfter)) {
+ addMacIpAcl(getjVppAclFacade(), id, dataAfter, macIpAclContext, mappingContext);
+ } else {
+ // double check, first one done by validation
+ throw new WriteFailedException.CreateFailedException(id, dataAfter,
+ new IllegalArgumentException("Unsupported acl option"));
+ }
+ }
+
+ @Override
+ public void updateCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataBefore,
+ @Nonnull final Acl dataAfter, @Nonnull final WriteContext writeContext)
+ throws WriteFailedException {
+ validateAcl(dataAfter);
+
+ final MappingContext mappingContext = writeContext.getMappingContext();
+
+ if (isStandardAcl(dataAfter)) {
+ updateStandardAcl(getjVppAclFacade(), id, dataAfter, standardAclContext, mappingContext);
+ } else if (isMacIpAcl(dataAfter)) {
+ synchronized (macIpAclContext) {
+ // there is no direct support for update of mac-ip acl, but only one is allowed per interface
+ // so it is atomic from vpp standpoint. Enclosed in synchronized block to prevent issues with
+ // multiple threads managing naming context
+ deleteMacIpAcl(getjVppAclFacade(), id, dataBefore, macIpAclContext, mappingContext);
+ addMacIpAcl(getjVppAclFacade(), id, dataAfter, macIpAclContext, mappingContext);
+ }
+ } else {
+ // double check, first one done by validation
+ throw new WriteFailedException.CreateFailedException(id, dataAfter,
+ new IllegalArgumentException("Unsupported acl option"));
+ }
+ }
+
+ @Override
+ public void deleteCurrentAttributes(@Nonnull final InstanceIdentifier<Acl> id, @Nonnull final Acl dataBefore,
+ @Nonnull final WriteContext writeContext) throws WriteFailedException {
+ // According to VPP team, acl references should be removed before trying to remove ACL
+ // For mac-ip, reference should be removed during removal of mac-ip, so no need to check in hc
+ validateAcl(dataBefore);
+
+ final MappingContext mappingContext = writeContext.getMappingContext();
+
+ if (isStandardAcl(dataBefore)) {
+ deleteStandardAcl(getjVppAclFacade(), id, dataBefore, standardAclContext, mappingContext);
+ } else if (isMacIpAcl(dataBefore)) {
+ deleteMacIpAcl(getjVppAclFacade(), id, dataBefore, macIpAclContext, mappingContext);
+ } else {
+ // double check, first one done by validation
+ throw new WriteFailedException.DeleteFailedException(id,
+ new IllegalArgumentException("Unsupported acl option"));
+ }
+ }
+}