github.com/gophercloud/gophercloud@v1.11.0/openstack/networking/v2/extensions/security/rules/requests.go

github.com/gophercloud/gophercloud@v1.11.0/openstack/networking/v2/extensions/security/rules/requests.go (about)

     1  package rules
     2  
     3  import (
     4  	"github.com/gophercloud/gophercloud"
     5  	"github.com/gophercloud/gophercloud/pagination"
     6  )
     7  
     8  // ListOpts allows the filtering and sorting of paginated collections through
     9  // the API. Filtering is achieved by passing in struct field values that map to
    10  // the security group rule attributes you want to see returned. SortKey allows
    11  // you to sort by a particular network attribute. SortDir sets the direction,
    12  // and is either `asc' or `desc'. Marker and Limit are used for pagination.
    13  type ListOpts struct {
    14  	Direction      string `q:"direction"`
    15  	EtherType      string `q:"ethertype"`
    16  	ID             string `q:"id"`
    17  	Description    string `q:"description"`
    18  	PortRangeMax   int    `q:"port_range_max"`
    19  	PortRangeMin   int    `q:"port_range_min"`
    20  	Protocol       string `q:"protocol"`
    21  	RemoteGroupID  string `q:"remote_group_id"`
    22  	RemoteIPPrefix string `q:"remote_ip_prefix"`
    23  	SecGroupID     string `q:"security_group_id"`
    24  	TenantID       string `q:"tenant_id"`
    25  	ProjectID      string `q:"project_id"`
    26  	Limit          int    `q:"limit"`
    27  	Marker         string `q:"marker"`
    28  	SortKey        string `q:"sort_key"`
    29  	SortDir        string `q:"sort_dir"`
    30  }
    31  
    32  // List returns a Pager which allows you to iterate over a collection of
    33  // security group rules. It accepts a ListOpts struct, which allows you to filter
    34  // and sort the returned collection for greater efficiency.
    35  func List(c *gophercloud.ServiceClient, opts ListOpts) pagination.Pager {
    36  	q, err := gophercloud.BuildQueryString(&opts)
    37  	if err != nil {
    38  		return pagination.Pager{Err: err}
    39  	}
    40  	u := rootURL(c) + q.String()
    41  	return pagination.NewPager(c, u, func(r pagination.PageResult) pagination.Page {
    42  		return SecGroupRulePage{pagination.LinkedPageBase{PageResult: r}}
    43  	})
    44  }
    45  
    46  type RuleDirection string
    47  type RuleProtocol string
    48  type RuleEtherType string
    49  
    50  // Constants useful for CreateOpts
    51  const (
    52  	DirIngress        RuleDirection = "ingress"
    53  	DirEgress         RuleDirection = "egress"
    54  	EtherType4        RuleEtherType = "IPv4"
    55  	EtherType6        RuleEtherType = "IPv6"
    56  	ProtocolAH        RuleProtocol  = "ah"
    57  	ProtocolDCCP      RuleProtocol  = "dccp"
    58  	ProtocolEGP       RuleProtocol  = "egp"
    59  	ProtocolESP       RuleProtocol  = "esp"
    60  	ProtocolGRE       RuleProtocol  = "gre"
    61  	ProtocolICMP      RuleProtocol  = "icmp"
    62  	ProtocolIGMP      RuleProtocol  = "igmp"
    63  	ProtocolIPIP      RuleProtocol  = "ipip"
    64  	ProtocolIPv6Encap RuleProtocol  = "ipv6-encap"
    65  	ProtocolIPv6Frag  RuleProtocol  = "ipv6-frag"
    66  	ProtocolIPv6ICMP  RuleProtocol  = "ipv6-icmp"
    67  	ProtocolIPv6NoNxt RuleProtocol  = "ipv6-nonxt"
    68  	ProtocolIPv6Opts  RuleProtocol  = "ipv6-opts"
    69  	ProtocolIPv6Route RuleProtocol  = "ipv6-route"
    70  	ProtocolOSPF      RuleProtocol  = "ospf"
    71  	ProtocolPGM       RuleProtocol  = "pgm"
    72  	ProtocolRSVP      RuleProtocol  = "rsvp"
    73  	ProtocolSCTP      RuleProtocol  = "sctp"
    74  	ProtocolTCP       RuleProtocol  = "tcp"
    75  	ProtocolUDP       RuleProtocol  = "udp"
    76  	ProtocolUDPLite   RuleProtocol  = "udplite"
    77  	ProtocolVRRP      RuleProtocol  = "vrrp"
    78  	ProtocolAny       RuleProtocol  = "any"
    79  )
    80  
    81  // CreateOptsBuilder allows extensions to add additional parameters to the
    82  // Create request.
    83  type CreateOptsBuilder interface {
    84  	ToSecGroupRuleCreateMap() (map[string]interface{}, error)
    85  }
    86  
    87  // CreateOpts contains all the values needed to create a new security group
    88  // rule.
    89  type CreateOpts struct {
    90  	// Must be either "ingress" or "egress": the direction in which the security
    91  	// group rule is applied.
    92  	Direction RuleDirection `json:"direction" required:"true"`
    93  
    94  	// String description of each rule, optional
    95  	Description string `json:"description,omitempty"`
    96  
    97  	// Must be "IPv4" or "IPv6", and addresses represented in CIDR must match the
    98  	// ingress or egress rules.
    99  	EtherType RuleEtherType `json:"ethertype" required:"true"`
   100  
   101  	// The security group ID to associate with this security group rule.
   102  	SecGroupID string `json:"security_group_id" required:"true"`
   103  
   104  	// The maximum port number in the range that is matched by the security group
   105  	// rule. The PortRangeMin attribute constrains the PortRangeMax attribute. If
   106  	// the protocol is ICMP, this value must be an ICMP type.
   107  	PortRangeMax int `json:"port_range_max,omitempty"`
   108  
   109  	// The minimum port number in the range that is matched by the security group
   110  	// rule. If the protocol is TCP or UDP, this value must be less than or equal
   111  	// to the value of the PortRangeMax attribute. If the protocol is ICMP, this
   112  	// value must be an ICMP type.
   113  	PortRangeMin int `json:"port_range_min,omitempty"`
   114  
   115  	// The protocol that is matched by the security group rule. Valid values are
   116  	// "tcp", "udp", "icmp" or an empty string.
   117  	Protocol RuleProtocol `json:"protocol,omitempty"`
   118  
   119  	// The remote group ID to be associated with this security group rule. You can
   120  	// specify either RemoteGroupID or RemoteIPPrefix.
   121  	RemoteGroupID string `json:"remote_group_id,omitempty"`
   122  
   123  	// The remote IP prefix to be associated with this security group rule. You can
   124  	// specify either RemoteGroupID or RemoteIPPrefix. This attribute matches the
   125  	// specified IP prefix as the source IP address of the IP packet.
   126  	RemoteIPPrefix string `json:"remote_ip_prefix,omitempty"`
   127  
   128  	// TenantID is the UUID of the project who owns the Rule.
   129  	// Only administrative users can specify a project UUID other than their own.
   130  	ProjectID string `json:"project_id,omitempty"`
   131  }
   132  
   133  // ToSecGroupRuleCreateMap builds a request body from CreateOpts.
   134  func (opts CreateOpts) ToSecGroupRuleCreateMap() (map[string]interface{}, error) {
   135  	return gophercloud.BuildRequestBody(opts, "security_group_rule")
   136  }
   137  
   138  // Create is an operation which adds a new security group rule and associates it
   139  // with an existing security group (whose ID is specified in CreateOpts).
   140  func Create(c *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) {
   141  	b, err := opts.ToSecGroupRuleCreateMap()
   142  	if err != nil {
   143  		r.Err = err
   144  		return
   145  	}
   146  	resp, err := c.Post(rootURL(c), b, &r.Body, nil)
   147  	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
   148  	return
   149  }
   150  
   151  // Get retrieves a particular security group rule based on its unique ID.
   152  func Get(c *gophercloud.ServiceClient, id string) (r GetResult) {
   153  	resp, err := c.Get(resourceURL(c, id), &r.Body, nil)
   154  	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
   155  	return
   156  }
   157  
   158  // Delete will permanently delete a particular security group rule based on its
   159  // unique ID.
   160  func Delete(c *gophercloud.ServiceClient, id string) (r DeleteResult) {
   161  	resp, err := c.Delete(resourceURL(c, id), nil)
   162  	_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
   163  	return
   164  }