zhouyuhuan
/
Cloudpods


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
							// Copyright 2019 Yunion
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package compute

import (
	"fmt"
	"strconv"
	"strings"

	"yunion.io/x/jsonutils"
	"yunion.io/x/pkg/errors"
	"yunion.io/x/pkg/util/secrules"

	"yunion.io/x/onecloud/pkg/apis"
	baseoptions "yunion.io/x/onecloud/pkg/mcclient/options"
)

type SecgroupListOptions struct {
	baseoptions.BaseListOptions

	Equals         string `help:"Secgroup ID or Name, filter secgroups whose rules equals the specified one"`
	Server         string `help:"Filter secgroups bound to specified server"`
	Ip             string `help:"Filter secgroup by ip"`
	Ports          string `help:"Filter secgroup by ports"`
	Direction      string `help:"Filter secgroup by ports" choices:"all|in|out"`
	DBInstance     string `help:"Filter secgroups bound to specified rds" json:"dbinstance"`
	Cloudregion    string `help:"Filter secgroups by region"`
	VpcId          string
	Cloudaccount   string `help:"Filter secgroups by account"`
	LoadbalancerId string
}

func (opts *SecgroupListOptions) Params() (jsonutils.JSONObject, error) {
	return baseoptions.ListStructToParams(opts)
}

type SecgroupCreateOptions struct {
	baseoptions.BaseCreateOptions
	VpcId string
	Tags  []string
	Rules []string `help:"security rule to create"`
}

func (opts *SecgroupCreateOptions) Params() (jsonutils.JSONObject, error) {
	params := jsonutils.Marshal(opts).(*jsonutils.JSONDict)
	params.Remove("rules")
	rules := []secrules.SecurityRule{}
	for i, ruleStr := range opts.Rules {
		rule, err := secrules.ParseSecurityRule(ruleStr)
		if err != nil {
			return nil, errors.Wrapf(err, "ParseSecurityRule(%s)", ruleStr)
		}
		rule.Priority = i + 1
		rules = append(rules, *rule)
	}
	if len(rules) > 0 {
		params.Add(jsonutils.Marshal(rules), "rules")
	}
	params.Remove("tags")
	tags := map[string]string{}
	for _, tag := range opts.Tags {
		info := strings.Split(tag, "=")
		if len(info) != 2 {
			return nil, fmt.Errorf("invalid tag %s, tag should like key=value", tag)
		}
		tags["user:"+info[0]] = info[1]
	}
	if len(tags) > 0 {
		params.Set("__meta__", jsonutils.Marshal(tags))
	}
	return params, nil
}

type SecgroupIdOptions struct {
	ID string `help:"ID or Name of security group destination"`
}

func (opts *SecgroupIdOptions) GetId() string {
	return opts.ID
}

func (opts *SecgroupIdOptions) Params() (jsonutils.JSONObject, error) {
	return nil, nil
}

type SecgroupMergeOptions struct {
	SecgroupIdOptions
	SECGROUPS []string `help:"source IDs or Names of secgroup"`
}

func (opts *SecgroupMergeOptions) Params() (jsonutils.JSONObject, error) {
	return jsonutils.Marshal(map[string][]string{"secgroup_ids": opts.SECGROUPS}), nil
}

type SecgroupsAddRuleOptions struct {
	SecgroupIdOptions
	DIRECTION   string `help:"Direction of rule" choices:"in|out"`
	PROTOCOL    string `help:"Protocol of rule" choices:"any|tcp|udp|icmp"`
	ACTION      string `help:"Actin of rule" choices:"allow|deny"`
	PRIORITY    int    `help:"Priority for rule, range 1 ~ 100"`
	Cidr        string `help:"IP or CIRD for rule"`
	Description string `help:"Desciption for rule"`
	Ports       string `help:"Port for rule"`
}

func (opts *SecgroupsAddRuleOptions) Params() (jsonutils.JSONObject, error) {
	params := jsonutils.Marshal(opts).(*jsonutils.JSONDict)
	params.Remove("id")
	return params, nil
}

type SecgroupCloneOptions struct {
	SecgroupIdOptions
	NAME string `help:"Name of new secgroup"`
	Desc string `help:"Description of new secgroup"`
}

func (opts *SecgroupCloneOptions) Params() (jsonutils.JSONObject, error) {
	return jsonutils.Marshal(map[string]string{"name": opts.NAME, "description": opts.Desc}), nil
}

type SecurityGroupCacheOptions struct {
	SecgroupIdOptions
	VPC_ID string `help:"ID or Name of vpc"`
}

func (opts *SecurityGroupCacheOptions) Params() (jsonutils.JSONObject, error) {
	params := jsonutils.Marshal(opts).(*jsonutils.JSONDict)
	params.Remove("id")
	return params, nil
}

type SecurityGroupUncacheSecurityGroup struct {
	SecgroupIdOptions
	CACHE string `help:"ID of secgroup cache"`
}

func (opts *SecurityGroupUncacheSecurityGroup) Params() (jsonutils.JSONObject, error) {
	params := jsonutils.Marshal(opts).(*jsonutils.JSONDict)
	params.Remove("id")
	return params, nil
}

type SecgroupChangeOwnerOptions struct {
	SecgroupIdOptions
	apis.ProjectizedResourceInput
}

type SecgroupImportRulesOptions struct {
	SecgroupIdOptions

	RULE []string `help:"rule pattern: rule|priority eg: in:allow any 1"`
}

func (opts *SecgroupImportRulesOptions) Params() (jsonutils.JSONObject, error) {
	rules := jsonutils.NewArray()
	for _, rule := range opts.RULE {
		priority := 1
		var r *secrules.SecurityRule = nil
		var err error
		info := strings.Split(rule, "|")
		switch len(info) {
		case 1:
		case 2:
			priority, err = strconv.Atoi(info[1])
			if err != nil {
				return nil, errors.Wrapf(err, "Parse rule %s priority %s", rule, info[1])
			}
		default:
			return nil, fmt.Errorf("invalid rule %s", rule)
		}
		r, err = secrules.ParseSecurityRule(info[0])
		if err != nil {
			return nil, errors.Wrapf(err, "ParseSecurityRule(%s)", rule)
		}
		r.Priority = priority
		rules.Add(jsonutils.Marshal(r))
	}
	return jsonutils.Marshal(map[string]*jsonutils.JSONArray{"rules": rules}), nil
}

type SecgroupCleanOptions struct {
}

func (opts *SecgroupCleanOptions) Params() (jsonutils.JSONObject, error) {
	return nil, nil
}

type ServerNetworkSecgroupListOptions struct {
	baseoptions.BaseListOptions

	Server       string `help:"Server Id or name"`
	Secgroup     string `help:"Secgroup Id or name"`
	NetworkIndex *int   `help:"Server network index"`
	IsAdmin      bool   `help:"Is admin secgroup"`
}

func (opts *ServerNetworkSecgroupListOptions) Params() (jsonutils.JSONObject, error) {
	return baseoptions.ListStructToParams(opts)
}