github.com/vnpaycloud-console/gophercloud/v2@v2.0.5/openstack/networking/v2/extensions/security/rules/requests.go (about) 1 package rules 2 3 import ( 4 "context" 5 6 "github.com/vnpaycloud-console/gophercloud/v2" 7 "github.com/vnpaycloud-console/gophercloud/v2/pagination" 8 ) 9 10 // ListOpts allows the filtering and sorting of paginated collections through 11 // the API. Filtering is achieved by passing in struct field values that map to 12 // the security group rule attributes you want to see returned. SortKey allows 13 // you to sort by a particular network attribute. SortDir sets the direction, 14 // and is either `asc' or `desc'. Marker and Limit are used for pagination. 15 type ListOpts struct { 16 Direction string `q:"direction"` 17 EtherType string `q:"ethertype"` 18 ID string `q:"id"` 19 Description string `q:"description"` 20 PortRangeMax int `q:"port_range_max"` 21 PortRangeMin int `q:"port_range_min"` 22 Protocol string `q:"protocol"` 23 RemoteGroupID string `q:"remote_group_id"` 24 RemoteIPPrefix string `q:"remote_ip_prefix"` 25 SecGroupID string `q:"security_group_id"` 26 TenantID string `q:"tenant_id"` 27 ProjectID string `q:"project_id"` 28 Limit int `q:"limit"` 29 Marker string `q:"marker"` 30 SortKey string `q:"sort_key"` 31 SortDir string `q:"sort_dir"` 32 } 33 34 // List returns a Pager which allows you to iterate over a collection of 35 // security group rules. It accepts a ListOpts struct, which allows you to filter 36 // and sort the returned collection for greater efficiency. 37 func List(c *gophercloud.ServiceClient, opts ListOpts) pagination.Pager { 38 q, err := gophercloud.BuildQueryString(&opts) 39 if err != nil { 40 return pagination.Pager{Err: err} 41 } 42 u := rootURL(c) + q.String() 43 return pagination.NewPager(c, u, func(r pagination.PageResult) pagination.Page { 44 return SecGroupRulePage{pagination.LinkedPageBase{PageResult: r}} 45 }) 46 } 47 48 type RuleDirection string 49 type RuleProtocol string 50 type RuleEtherType string 51 52 // Constants useful for CreateOpts 53 const ( 54 DirIngress RuleDirection = "ingress" 55 DirEgress RuleDirection = "egress" 56 EtherType4 RuleEtherType = "IPv4" 57 EtherType6 RuleEtherType = "IPv6" 58 ProtocolAH RuleProtocol = "ah" 59 ProtocolDCCP RuleProtocol = "dccp" 60 ProtocolEGP RuleProtocol = "egp" 61 ProtocolESP RuleProtocol = "esp" 62 ProtocolGRE RuleProtocol = "gre" 63 ProtocolICMP RuleProtocol = "icmp" 64 ProtocolIGMP RuleProtocol = "igmp" 65 ProtocolIPIP RuleProtocol = "ipip" 66 ProtocolIPv6Encap RuleProtocol = "ipv6-encap" 67 ProtocolIPv6Frag RuleProtocol = "ipv6-frag" 68 ProtocolIPv6ICMP RuleProtocol = "ipv6-icmp" 69 ProtocolIPv6NoNxt RuleProtocol = "ipv6-nonxt" 70 ProtocolIPv6Opts RuleProtocol = "ipv6-opts" 71 ProtocolIPv6Route RuleProtocol = "ipv6-route" 72 ProtocolOSPF RuleProtocol = "ospf" 73 ProtocolPGM RuleProtocol = "pgm" 74 ProtocolRSVP RuleProtocol = "rsvp" 75 ProtocolSCTP RuleProtocol = "sctp" 76 ProtocolTCP RuleProtocol = "tcp" 77 ProtocolUDP RuleProtocol = "udp" 78 ProtocolUDPLite RuleProtocol = "udplite" 79 ProtocolVRRP RuleProtocol = "vrrp" 80 ProtocolAny RuleProtocol = "" 81 ) 82 83 // CreateOptsBuilder allows extensions to add additional parameters to the 84 // Create request. 85 type CreateOptsBuilder interface { 86 ToSecGroupRuleCreateMap() (map[string]any, error) 87 } 88 89 // CreateOpts contains all the values needed to create a new security group 90 // rule. 91 type CreateOpts struct { 92 // Must be either "ingress" or "egress": the direction in which the security 93 // group rule is applied. 94 Direction RuleDirection `json:"direction" required:"true"` 95 96 // String description of each rule, optional 97 Description string `json:"description,omitempty"` 98 99 // Must be "IPv4" or "IPv6", and addresses represented in CIDR must match the 100 // ingress or egress rules. 101 EtherType RuleEtherType `json:"ethertype" required:"true"` 102 103 // The security group ID to associate with this security group rule. 104 SecGroupID string `json:"security_group_id" required:"true"` 105 106 // The maximum port number in the range that is matched by the security group 107 // rule. The PortRangeMin attribute constrains the PortRangeMax attribute. If 108 // the protocol is ICMP, this value must be an ICMP type. 109 PortRangeMax int `json:"port_range_max,omitempty"` 110 111 // The minimum port number in the range that is matched by the security group 112 // rule. If the protocol is TCP or UDP, this value must be less than or equal 113 // to the value of the PortRangeMax attribute. If the protocol is ICMP, this 114 // value must be an ICMP type. 115 PortRangeMin int `json:"port_range_min,omitempty"` 116 117 // The protocol that is matched by the security group rule. Valid values are 118 // "tcp", "udp", "icmp" or an empty string. 119 Protocol RuleProtocol `json:"protocol,omitempty"` 120 121 // The remote group ID to be associated with this security group rule. You can 122 // specify either RemoteGroupID or RemoteIPPrefix. 123 RemoteGroupID string `json:"remote_group_id,omitempty"` 124 125 // The remote IP prefix to be associated with this security group rule. You can 126 // specify either RemoteGroupID or RemoteIPPrefix. This attribute matches the 127 // specified IP prefix as the source IP address of the IP packet. 128 RemoteIPPrefix string `json:"remote_ip_prefix,omitempty"` 129 130 // TenantID is the UUID of the project who owns the Rule. 131 // Only administrative users can specify a project UUID other than their own. 132 ProjectID string `json:"project_id,omitempty"` 133 } 134 135 // ToSecGroupRuleCreateMap builds a request body from CreateOpts. 136 func (opts CreateOpts) ToSecGroupRuleCreateMap() (map[string]any, error) { 137 return gophercloud.BuildRequestBody(opts, "security_group_rule") 138 } 139 140 // Create is an operation which adds a new security group rule and associates it 141 // with an existing security group (whose ID is specified in CreateOpts). 142 func Create(ctx context.Context, c *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 143 b, err := opts.ToSecGroupRuleCreateMap() 144 if err != nil { 145 r.Err = err 146 return 147 } 148 resp, err := c.Post(ctx, rootURL(c), b, &r.Body, nil) 149 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 150 return 151 } 152 153 // CreateBulk is an operation which adds new security group rules and associates them 154 // with an existing security group (whose ID is specified in CreateOpts). 155 // As of Dalmatian (2024.2) neutron only allows bulk creation of rules when 156 // they all belong to the same tenant and security group. 157 // https://github.com/openstack/neutron/blob/6183792/neutron/db/securitygroups_db.py#L814-L828 158 func CreateBulk(ctx context.Context, c *gophercloud.ServiceClient, opts []CreateOpts) (r CreateBulkResult) { 159 body, err := gophercloud.BuildRequestBody(opts, "security_group_rules") 160 if err != nil { 161 r.Err = err 162 return 163 } 164 165 resp, err := c.Post(ctx, rootURL(c), body, &r.Body, nil) 166 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 167 return 168 } 169 170 // Get retrieves a particular security group rule based on its unique ID. 171 func Get(ctx context.Context, c *gophercloud.ServiceClient, id string) (r GetResult) { 172 resp, err := c.Get(ctx, resourceURL(c, id), &r.Body, nil) 173 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 174 return 175 } 176 177 // Delete will permanently delete a particular security group rule based on its 178 // unique ID. 179 func Delete(ctx context.Context, c *gophercloud.ServiceClient, id string) (r DeleteResult) { 180 resp, err := c.Delete(ctx, resourceURL(c, id), nil) 181 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 182 return 183 }