| // Licensed to the Apache Software Foundation (ASF) under one |
| // or more contributor license agreements. See the NOTICE file |
| // distributed with this work for additional information |
| // regarding copyright ownership. The ASF licenses this file |
| // to you under the Apache License, Version 2.0 (the |
| // "License"); you may not use this file except in compliance |
| // with the License. You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, |
| // software distributed under the License is distributed on an |
| // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| // KIND, either express or implied. See the License for the |
| // specific language governing permissions and limitations |
| // under the License. |
| package org.apache.cloudstack.api.command.user.vpn; |
| |
| import org.apache.cloudstack.api.ApiCommandResourceType; |
| import org.apache.log4j.Logger; |
| |
| import org.apache.cloudstack.acl.RoleType; |
| import org.apache.cloudstack.api.APICommand; |
| import org.apache.cloudstack.api.ApiConstants; |
| import org.apache.cloudstack.api.ApiErrorCode; |
| import org.apache.cloudstack.api.BaseAsyncCmd; |
| import org.apache.cloudstack.api.BaseAsyncCreateCmd; |
| import org.apache.cloudstack.api.Parameter; |
| import org.apache.cloudstack.api.ServerApiException; |
| import org.apache.cloudstack.api.response.DomainResponse; |
| import org.apache.cloudstack.api.response.IPAddressResponse; |
| import org.apache.cloudstack.api.response.RemoteAccessVpnResponse; |
| |
| import com.cloud.event.EventTypes; |
| import com.cloud.exception.InvalidParameterValueException; |
| import com.cloud.exception.NetworkRuleConflictException; |
| import com.cloud.exception.ResourceUnavailableException; |
| import com.cloud.network.IpAddress; |
| import com.cloud.network.RemoteAccessVpn; |
| |
| @APICommand(name = "createRemoteAccessVpn", description = "Creates a l2tp/ipsec remote access vpn", responseObject = RemoteAccessVpnResponse.class, entityType = {RemoteAccessVpn.class}, |
| requestHasSensitiveInfo = false, responseHasSensitiveInfo = false) |
| public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd { |
| public static final Logger s_logger = Logger.getLogger(CreateRemoteAccessVpnCmd.class.getName()); |
| |
| |
| ///////////////////////////////////////////////////// |
| //////////////// API parameters ///////////////////// |
| ///////////////////////////////////////////////////// |
| @Parameter(name = ApiConstants.PUBLIC_IP_ID, |
| type = CommandType.UUID, |
| entityType = IPAddressResponse.class, |
| required = true, |
| description = "public ip address id of the vpn server") |
| private Long publicIpId; |
| |
| @Parameter(name = "iprange", |
| type = CommandType.STRING, |
| required = false, |
| description = "the range of ip addresses to allocate to vpn clients. The first ip in the range will be taken by the vpn server") |
| private String ipRange; |
| |
| @Deprecated |
| @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an optional account for the VPN. Must be used with domainId.") |
| private String accountName; |
| |
| @Deprecated |
| @Parameter(name = ApiConstants.DOMAIN_ID, |
| type = CommandType.UUID, |
| entityType = DomainResponse.class, |
| description = "an optional domainId for the VPN. If the account parameter is used, domainId must also be used.") |
| private Long domainId; |
| |
| @Parameter(name = ApiConstants.OPEN_FIREWALL, |
| type = CommandType.BOOLEAN, |
| description = "if true, firewall rule for source/end public port is automatically created; if false - firewall rule has to be created explicitly. Has value true by default") |
| private Boolean openFirewall; |
| |
| @Parameter(name = ApiConstants.FOR_DISPLAY, type = CommandType.BOOLEAN, description = "an optional field, whether to the display the vpn to the end user or not", since = "4.4", authorized = {RoleType.Admin}) |
| private Boolean display; |
| |
| ///////////////////////////////////////////////////// |
| /////////////////// Accessors /////////////////////// |
| ///////////////////////////////////////////////////// |
| |
| |
| public Long getPublicIpId() { |
| return publicIpId; |
| } |
| |
| public String getAccountName() { |
| return accountName; |
| } |
| |
| public Long getDomainId() { |
| return domainId; |
| } |
| |
| public String getIpRange() { |
| return ipRange; |
| } |
| |
| public void setIpRange(String ipRange) { |
| this.ipRange = ipRange; |
| } |
| |
| public Boolean getOpenFirewall() { |
| if (openFirewall != null) { |
| return openFirewall; |
| } else { |
| return true; |
| } |
| } |
| |
| ///////////////////////////////////////////////////// |
| /////////////// API Implementation/////////////////// |
| ///////////////////////////////////////////////////// |
| |
| @Override |
| public long getEntityOwnerId() { |
| IpAddress ip = _networkService.getIp(publicIpId); |
| |
| if (ip == null) { |
| throw new InvalidParameterValueException("Unable to find ip address by id=" + publicIpId); |
| } |
| |
| return ip.getAccountId(); |
| } |
| |
| @Override |
| public String getEventDescription() { |
| return "Create Remote Access VPN for account " + getEntityOwnerId() + " using public ip id=" + publicIpId; |
| } |
| |
| @Override |
| public String getEventType() { |
| return EventTypes.EVENT_REMOTE_ACCESS_VPN_CREATE; |
| } |
| |
| @Override |
| public void create() { |
| try { |
| RemoteAccessVpn vpn = _ravService.createRemoteAccessVpn(publicIpId, ipRange, getOpenFirewall(), isDisplay()); |
| if (vpn != null) { |
| setEntityId(vpn.getId()); |
| setEntityUuid(vpn.getUuid()); |
| } else { |
| throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create remote access vpn"); |
| } |
| } catch (NetworkRuleConflictException e) { |
| s_logger.info("Network rule conflict: " + e.getMessage()); |
| s_logger.trace("Network Rule Conflict: ", e); |
| throw new ServerApiException(ApiErrorCode.NETWORK_RULE_CONFLICT_ERROR, e.getMessage()); |
| } |
| } |
| |
| @Override |
| public void execute() { |
| try { |
| RemoteAccessVpn result = _ravService.startRemoteAccessVpn(publicIpId, getOpenFirewall()); |
| if (result != null) { |
| RemoteAccessVpnResponse response = _responseGenerator.createRemoteAccessVpnResponse(result); |
| response.setResponseName(getCommandName()); |
| setResponseObject(response); |
| } else { |
| throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create remote access vpn"); |
| } |
| } catch (ResourceUnavailableException ex) { |
| s_logger.warn("Exception: ", ex); |
| throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, ex.getMessage()); |
| } |
| } |
| |
| @Override |
| public String getSyncObjType() { |
| return BaseAsyncCmd.networkSyncObject; |
| } |
| |
| @Override |
| public Long getSyncObjId() { |
| return getIp().getAssociatedWithNetworkId(); |
| } |
| |
| private IpAddress getIp() { |
| IpAddress ip = _networkService.getIp(publicIpId); |
| if (ip == null) { |
| throw new InvalidParameterValueException("Unable to find ip address by id " + publicIpId); |
| } |
| return ip; |
| } |
| |
| @Override |
| public boolean isDisplay() { |
| if(display == null) |
| return true; |
| else |
| return display; |
| } |
| |
| @Override |
| public Long getApiResourceId() { |
| return getPublicIpId(); |
| } |
| |
| @Override |
| public ApiCommandResourceType getApiResourceType() { |
| return ApiCommandResourceType.IpAddress; |
| } |
| } |