Make reorder ACL items invoke Netris controller (apache#90)

nvazquez · web-flow · commit b84fc572fc79 · 2025-05-16T10:12:17.000-03:00
diff --git a/engine/components-api/src/main/java/com/cloud/network/vpc/NetworkACLManager.java b/engine/components-api/src/main/java/com/cloud/network/vpc/NetworkACLManager.java
@@ -93,5 +93,5 @@ public interface NetworkACLManager {
 
     boolean applyACLToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException;
 
-    boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems);
+    boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems, Network.Provider networkProvider);
 }
diff --git a/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/main/java/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -369,15 +369,16 @@ public boolean applyACLToPrivateGw(final PrivateGateway gateway) throws Resource
     }
 
     @Override
-    public boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems) {
-        List<NetworkACLServiceProvider> nsxElements = new ArrayList<>();
-        nsxElements.add((NetworkACLServiceProvider) _ntwkModel.getElementImplementingProvider(Network.Provider.Nsx.getName()));
+    public boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks,
+                                   List<? extends NetworkACLItem> networkACLItems, Network.Provider networkProvider) {
+        List<NetworkACLServiceProvider> providers = new ArrayList<>();
+        providers.add((NetworkACLServiceProvider) _ntwkModel.getElementImplementingProvider(networkProvider.getName()));
         try {
-            for (final NetworkACLServiceProvider provider : nsxElements) {
+            for (final NetworkACLServiceProvider provider : providers) {
                 return provider.reorderAclRules(vpc, networks, networkACLItems);
             }
         } catch (final Exception ex) {
-            logger.debug("Failed to reorder ACLs on NSX due to: " + ex.getLocalizedMessage());
+            logger.debug(String.format("Failed to reorder ACLs on %s due to: %s", networkProvider.getName(), ex.getLocalizedMessage()));
         }
         return false;
     }
diff --git a/server/src/main/java/com/cloud/network/vpc/NetworkACLServiceImpl.java b/server/src/main/java/com/cloud/network/vpc/NetworkACLServiceImpl.java
@@ -28,7 +28,9 @@
 
 import com.cloud.dc.DataCenter;
 import com.cloud.exception.PermissionDeniedException;
+import com.cloud.network.dao.NetrisProviderDao;
 import com.cloud.network.dao.NsxProviderDao;
+import com.cloud.network.element.NetrisProviderVO;
 import com.cloud.network.element.NsxProviderVO;
 import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.ServerApiException;
@@ -41,6 +43,7 @@
 import org.apache.cloudstack.context.CallContext;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Component;
 
@@ -104,6 +107,8 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
     private VpcService _vpcSvc;
     @Inject
     private NsxProviderDao nsxProviderDao;
+    @Inject
+    private NetrisProviderDao netrisProviderDao;
 
     private String supportedProtocolsForAclRules = "tcp,udp,icmp,all";
 
@@ -1031,10 +1036,12 @@ public NetworkACLItem moveNetworkAclRuleToNewPosition(MoveNetworkAclItemCmd move
             }
             final DataCenter dc = _entityMgr.findById(DataCenter.class, vpc.getZoneId());
             final NsxProviderVO nsxProvider = nsxProviderDao.findByZoneId(dc.getId());
+            final NetrisProviderVO netrisProvider = netrisProviderDao.findByZoneId(dc.getId());
             List<NetworkVO> networks = _networkDao.listByAclId(lockedAcl.getId());
-            if (Objects.nonNull(nsxProvider) && !networks.isEmpty()) {
+            if (ObjectUtils.anyNotNull(nsxProvider, netrisProvider) && !networks.isEmpty()) {
                 allAclRules = getAllAclRulesSortedByNumber(lockedAcl.getId());
-                _networkAclMgr.reorderAclRules(vpc, networks, allAclRules);
+                Network.Provider networkProvider = nsxProvider != null ? Network.Provider.Nsx : Network.Provider.Netris;
+                _networkAclMgr.reorderAclRules(vpc, networks, allAclRules, networkProvider);
             }
             return networkACLItem;
         } finally {

Original file line number	Diff line number	Diff line change
`@@ -93,5 +93,5 @@ public interface NetworkACLManager {`
`93`	`93`
`94`	`94`	`boolean applyACLToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException;`
`95`	`95`
`96`		`- boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems);`
	`96`	`+ boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems, Network.Provider networkProvider);`
`97`	`97`	`}`
Original file line number	Diff line number	Diff line change
`@@ -369,15 +369,16 @@ public boolean applyACLToPrivateGw(final PrivateGateway gateway) throws Resource`
`369`	`369`	`}`
`370`	`370`
`371`	`371`	`@Override`
`372`		`- public boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks, List<? extends NetworkACLItem> networkACLItems) {`
`373`		`- List<NetworkACLServiceProvider> nsxElements = new ArrayList<>();`
`374`		`- nsxElements.add((NetworkACLServiceProvider) _ntwkModel.getElementImplementingProvider(Network.Provider.Nsx.getName()));`
	`372`	`+ public boolean reorderAclRules(VpcVO vpc, List<? extends Network> networks,`
	`373`	`+ List<? extends NetworkACLItem> networkACLItems, Network.Provider networkProvider) {`
	`374`	`+ List<NetworkACLServiceProvider> providers = new ArrayList<>();`
	`375`	`+ providers.add((NetworkACLServiceProvider) _ntwkModel.getElementImplementingProvider(networkProvider.getName()));`
`375`	`376`	`try {`
`376`		`- for (final NetworkACLServiceProvider provider : nsxElements) {`
	`377`	`+ for (final NetworkACLServiceProvider provider : providers) {`
`377`	`378`	`return provider.reorderAclRules(vpc, networks, networkACLItems);`
`378`	`379`	`}`
`379`	`380`	`} catch (final Exception ex) {`
`380`		`- logger.debug("Failed to reorder ACLs on NSX due to: " + ex.getLocalizedMessage());`
	`381`	`+ logger.debug(String.format("Failed to reorder ACLs on %s due to: %s", networkProvider.getName(), ex.getLocalizedMessage()));`
`381`	`382`	`}`
`382`	`383`	`return false;`
`383`	`384`	`}`