Example #1
0
 @Override
 public IpPermissionType apply(final NetworkRule rule) {
   final IpPermissionType ipPerm =
       new IpPermissionType(rule.getProtocol(), rule.getLowPort(), rule.getHighPort());
   final Iterable<UserIdGroupPairType> peers =
       Iterables.transform(
           rule.getNetworkPeers(),
           TypeMappers.lookup(NetworkPeer.class, UserIdGroupPairType.class));
   Iterables.addAll(ipPerm.getGroups(), peers);
   ipPerm.setCidrIpRanges(rule.getIpRanges());
   return ipPerm;
 }
Example #2
0
 @Override
 public Collection<NetworkPeer> apply(IpPermissionType ipPerm) {
   final Collection<NetworkPeer> networkPeers = Lists.newArrayList();
   for (UserIdGroupPairType peerInfo : ipPerm.getGroups()) {
     networkPeers.add(
         new NetworkPeer(
             peerInfo.getSourceUserId(),
             peerInfo.getSourceGroupName(),
             peerInfo.getSourceGroupId()));
   }
   return networkPeers;
 }
Example #3
0
 /**
  * Resolve Group Names / Identifiers for the given permissions.
  *
  * <p>Caller must have open transaction.
  *
  * @param permissions - The permissions to update
  * @throws MetadataException If an error occurs
  */
 public static void resolvePermissions(final Iterable<IpPermissionType> permissions)
     throws MetadataException {
   for (final IpPermissionType ipPermission : permissions) {
     if (ipPermission.getGroups() != null)
       for (final UserIdGroupPairType groupInfo : ipPermission.getGroups()) {
         if (!Strings.isNullOrEmpty(groupInfo.getSourceGroupId())) {
           final NetworkGroup networkGroup =
               NetworkGroups.lookupByGroupId(groupInfo.getSourceGroupId());
           groupInfo.setSourceUserId(networkGroup.getOwnerAccountNumber());
           groupInfo.setSourceGroupName(networkGroup.getDisplayName());
         } else if (Strings.isNullOrEmpty(groupInfo.getSourceUserId())
             || Strings.isNullOrEmpty(groupInfo.getSourceGroupName())) {
           throw new MetadataException("Group ID or User ID/Group Name required.");
         } else {
           final NetworkGroup networkGroup =
               NetworkGroups.lookup(
                   AccountFullName.getInstance(groupInfo.getSourceUserId()),
                   groupInfo.getSourceGroupName());
           groupInfo.setSourceGroupId(networkGroup.getGroupId());
         }
       }
   }
 }
Example #4
0
 /** @see com.google.common.base.Function#apply(java.lang.Object) */
 @Override
 public List<NetworkRule> apply(IpPermissionType ipPerm) {
   List<NetworkRule> ruleList = new ArrayList<NetworkRule>();
   if (!ipPerm.getGroups().isEmpty()) {
     if (ipPerm.getFromPort() == 0 && ipPerm.getToPort() == 0) {
       ipPerm.setToPort(65535);
     }
     List<String> empty = Lists.newArrayList();
     // :: fixes handling of under-specified named-network rules sent by some clients :://
     if (ipPerm.getIpProtocol() == null) {
       NetworkRule rule =
           NetworkRule.create(
               NetworkRule.Protocol.tcp,
               ipPerm.getFromPort(),
               ipPerm.getToPort(),
               IpPermissionTypeExtractNetworkPeers.INSTANCE.apply(ipPerm),
               empty);
       ruleList.add(rule);
       NetworkRule rule1 =
           NetworkRule.create(
               NetworkRule.Protocol.udp,
               ipPerm.getFromPort(),
               ipPerm.getToPort(),
               IpPermissionTypeExtractNetworkPeers.INSTANCE.apply(ipPerm),
               empty);
       ruleList.add(rule1);
       NetworkRule rule2 =
           NetworkRule.create(
               NetworkRule.Protocol.tcp,
               -1,
               -1,
               IpPermissionTypeExtractNetworkPeers.INSTANCE.apply(ipPerm),
               empty);
       ruleList.add(rule2);
     } else {
       NetworkRule rule =
           NetworkRule.create(
               ipPerm.getIpProtocol(),
               ipPerm.getFromPort(),
               ipPerm.getToPort(),
               IpPermissionTypeExtractNetworkPeers.INSTANCE.apply(ipPerm),
               empty);
       ruleList.add(rule);
     }
   } else if (!ipPerm.getCidrIpRanges().isEmpty()) {
     List<String> ipRanges = Lists.newArrayList();
     for (String range : ipPerm.getCidrIpRanges()) {
       String[] rangeParts = range.split("/");
       try {
         if (Integer.parseInt(rangeParts[1]) > 32 || Integer.parseInt(rangeParts[1]) < 0)
           continue;
         if (rangeParts.length != 2) continue;
         if (InetAddress.getByName(rangeParts[0]) != null) {
           ipRanges.add(range);
         }
       } catch (NumberFormatException e) {
       } catch (UnknownHostException e) {
       }
     }
     NetworkRule rule =
         NetworkRule.create(
             ipPerm.getIpProtocol(),
             ipPerm.getFromPort(),
             ipPerm.getToPort(),
             IpPermissionTypeExtractNetworkPeers.INSTANCE.apply(ipPerm),
             ipRanges);
     ruleList.add(rule);
   } else {
     throw new IllegalArgumentException(
         "Invalid Ip Permissions:  must specify either a source cidr or user");
   }
   return ruleList;
 }