|
26 | 26 | import org.apache.cloudstack.annotation.AnnotationService; |
27 | 27 | import org.apache.cloudstack.annotation.dao.AnnotationDao; |
28 | 28 | import org.apache.log4j.Logger; |
| 29 | +import org.jetbrains.annotations.NotNull; |
29 | 30 | import org.springframework.stereotype.Component; |
30 | 31 |
|
31 | 32 | import org.apache.cloudstack.api.command.user.vpn.CreateVpnConnectionCmd; |
@@ -263,27 +264,15 @@ public Site2SiteVpnConnection createVpnConnection(CreateVpnConnectionCmd cmd) th |
263 | 264 | _accountMgr.checkAccess(caller, null, false, owner); |
264 | 265 |
|
265 | 266 | Long customerGatewayId = cmd.getCustomerGatewayId(); |
266 | | - Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(customerGatewayId); |
267 | | - if (customerGateway == null) { |
268 | | - throw new InvalidParameterValueException("Unable to found specified Site to Site VPN customer gateway " + customerGatewayId + " !"); |
269 | | - } |
270 | | - _accountMgr.checkAccess(caller, null, false, customerGateway); |
| 267 | + Site2SiteCustomerGateway customerGateway = getAndValidateSite2SiteCustomerGateway(customerGatewayId, "Unable to found specified Site to Site VPN customer gateway %s !", caller); |
271 | 268 |
|
272 | 269 | Long vpnGatewayId = cmd.getVpnGatewayId(); |
273 | | - Site2SiteVpnGateway vpnGateway = _vpnGatewayDao.findById(vpnGatewayId); |
274 | | - if (vpnGateway == null) { |
275 | | - throw new InvalidParameterValueException("Unable to found specified Site to Site VPN gateway " + vpnGatewayId + " !"); |
276 | | - } |
277 | | - _accountMgr.checkAccess(caller, null, false, vpnGateway); |
| 270 | + Site2SiteVpnGateway vpnGateway = getAndValidateSite2SiteVpnGateway(vpnGatewayId, "Unable to found specified Site to Site VPN gateway %s !", caller); |
278 | 271 |
|
279 | | - if (customerGateway.getAccountId() != vpnGateway.getAccountId() || customerGateway.getDomainId() != vpnGateway.getDomainId()) { |
280 | | - throw new InvalidParameterValueException("VPN connection can only be esitablished between same account's VPN gateway and customer gateway!"); |
281 | | - } |
| 272 | + validateVpnConnectionOfTheRightAccount(customerGateway, vpnGateway); |
| 273 | + validateVpnConnectionDoesntExist(vpnGatewayId, customerGatewayId); |
| 274 | + validatePrerequisiteVpnGateway(vpnGateway); |
282 | 275 |
|
283 | | - if (_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, customerGatewayId) != null) { |
284 | | - throw new InvalidParameterValueException("The vpn connection with customer gateway id " + customerGatewayId + " and vpn gateway id " + vpnGatewayId + |
285 | | - " already existed!"); |
286 | | - } |
287 | 276 | String[] cidrList = customerGateway.getGuestCidrList().split(","); |
288 | 277 |
|
289 | 278 | // Remote sub nets cannot overlap VPC's sub net |
@@ -326,6 +315,46 @@ public Site2SiteVpnConnection createVpnConnection(CreateVpnConnectionCmd cmd) th |
326 | 315 | return conn; |
327 | 316 | } |
328 | 317 |
|
| 318 | + @NotNull |
| 319 | + private Site2SiteCustomerGateway getAndValidateSite2SiteCustomerGateway(Long customerGatewayId, String errMsg, Account caller) { |
| 320 | + Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(customerGatewayId); |
| 321 | + if (customerGateway == null) { |
| 322 | + throw new InvalidParameterValueException(String.format(errMsg, customerGatewayId)); |
| 323 | + } |
| 324 | + _accountMgr.checkAccess(caller, null, false, customerGateway); |
| 325 | + return customerGateway; |
| 326 | + } |
| 327 | + |
| 328 | + @NotNull |
| 329 | + private Site2SiteVpnGateway getAndValidateSite2SiteVpnGateway(Long vpnGatewayId, String errMsg, Account caller) { |
| 330 | + Site2SiteVpnGateway vpnGateway = _vpnGatewayDao.findById(vpnGatewayId); |
| 331 | + if (vpnGateway == null) { |
| 332 | + throw new InvalidParameterValueException(String.format(errMsg, vpnGatewayId)); |
| 333 | + } |
| 334 | + _accountMgr.checkAccess(caller, null, false, vpnGateway); |
| 335 | + return vpnGateway; |
| 336 | + } |
| 337 | + |
| 338 | + private static void validateVpnConnectionOfTheRightAccount(Site2SiteCustomerGateway customerGateway, Site2SiteVpnGateway vpnGateway) { |
| 339 | + if (customerGateway.getAccountId() != vpnGateway.getAccountId() || customerGateway.getDomainId() != vpnGateway.getDomainId()) { |
| 340 | + throw new InvalidParameterValueException("VPN connection can only be esitablished between same account's VPN gateway and customer gateway!"); |
| 341 | + } |
| 342 | + } |
| 343 | + |
| 344 | + private void validateVpnConnectionDoesntExist(Long vpnGatewayId, Long customerGatewayId) { |
| 345 | + if (_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, customerGatewayId) != null) { |
| 346 | + throw new InvalidParameterValueException("The vpn connection with customer gateway id " + customerGatewayId + " and vpn gateway id " + vpnGatewayId + |
| 347 | + " already existed!"); |
| 348 | + } |
| 349 | + } |
| 350 | + |
| 351 | + private void validatePrerequisiteVpnGateway(Site2SiteVpnGateway vpnGateway) { |
| 352 | + // check if gateway has been defined on the VPC |
| 353 | + if (_vpnGatewayDao.findByVpcId(vpnGateway.getVpcId()) == null) { |
| 354 | + throw new InvalidParameterValueException("we can not create a VPN connection for a VPC that does not have a VPN gateway defined"); |
| 355 | + } |
| 356 | + } |
| 357 | + |
329 | 358 | @Override |
330 | 359 | @DB |
331 | 360 | @ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_CONNECTION_CREATE, eventDescription = "starting s2s vpn connection", async = true) |
@@ -382,11 +411,7 @@ public boolean deleteCustomerGateway(DeleteVpnCustomerGatewayCmd cmd) { |
382 | 411 | Account caller = CallContext.current().getCallingAccount(); |
383 | 412 |
|
384 | 413 | Long id = cmd.getId(); |
385 | | - Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(id); |
386 | | - if (customerGateway == null) { |
387 | | - throw new InvalidParameterValueException("Fail to find customer gateway with " + id + " !"); |
388 | | - } |
389 | | - _accountMgr.checkAccess(caller, null, false, customerGateway); |
| 414 | + Site2SiteCustomerGateway customerGateway = getAndValidateSite2SiteCustomerGateway(id, "Fail to find customer gateway with %s !", caller); |
390 | 415 |
|
391 | 416 | return doDeleteCustomerGateway(customerGateway); |
392 | 417 | } |
@@ -417,12 +442,7 @@ public boolean deleteVpnGateway(DeleteVpnGatewayCmd cmd) { |
417 | 442 | Account caller = CallContext.current().getCallingAccount(); |
418 | 443 |
|
419 | 444 | Long id = cmd.getId(); |
420 | | - Site2SiteVpnGateway vpnGateway = _vpnGatewayDao.findById(id); |
421 | | - if (vpnGateway == null) { |
422 | | - throw new InvalidParameterValueException("Fail to find vpn gateway with " + id + " !"); |
423 | | - } |
424 | | - |
425 | | - _accountMgr.checkAccess(caller, null, false, vpnGateway); |
| 445 | + Site2SiteVpnGateway vpnGateway = getAndValidateSite2SiteVpnGateway(id, "Fail to find vpn gateway with %s !", caller); |
426 | 446 |
|
427 | 447 | doDeleteVpnGateway(vpnGateway); |
428 | 448 | return true; |
|
0 commit comments