Add new command to update security group name

.travis.yml

@@ -98,6 +98,7 @@ env:
              smoke/test_ssvm
              smoke/test_staticroles
              smoke/test_templates
+             smoke/test_update_security_group
              smoke/test_usage
              smoke/test_usage_events"
 

api/src/main/java/com/cloud/event/EventTypes.java

@@ -322,6 +322,7 @@ public class EventTypes {
     public static final String EVENT_SECURITY_GROUP_DELETE = "SG.DELETE";
     public static final String EVENT_SECURITY_GROUP_ASSIGN = "SG.ASSIGN";
     public static final String EVENT_SECURITY_GROUP_REMOVE = "SG.REMOVE";
+    public static final String EVENT_SECURITY_GROUP_UPDATE = "SG.UPDATE";
 
     // Host
     public static final String EVENT_HOST_RECONNECT = "HOST.RECONNECT";

api/src/main/java/com/cloud/network/security/SecurityGroupService.java

@@ -18,16 +18,17 @@
 
 import java.util.List;
 
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.exception.ResourceInUseException;
+
 import org.apache.cloudstack.api.command.user.securitygroup.AuthorizeSecurityGroupEgressCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.AuthorizeSecurityGroupIngressCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.CreateSecurityGroupCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.DeleteSecurityGroupCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupEgressCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupIngressCmd;
-
-import com.cloud.exception.InvalidParameterValueException;
-import com.cloud.exception.PermissionDeniedException;
-import com.cloud.exception.ResourceInUseException;
+import org.apache.cloudstack.api.command.user.securitygroup.UpdateSecurityGroupCmd;
 
 public interface SecurityGroupService {
     /**
@@ -43,6 +44,8 @@ public interface SecurityGroupService {
 
     boolean deleteSecurityGroup(DeleteSecurityGroupCmd cmd) throws ResourceInUseException;
 
+    SecurityGroup updateSecurityGroup(UpdateSecurityGroupCmd cmd);
+
     public List<? extends SecurityRule> authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressCmd cmd);
 
     public List<? extends SecurityRule> authorizeSecurityGroupEgress(AuthorizeSecurityGroupEgressCmd cmd);

api/src/main/java/org/apache/cloudstack/api/command/user/securitygroup/UpdateSecurityGroupCmd.java

@@ -0,0 +1,105 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.securitygroup;
+
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCustomIdCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.SecurityGroupResponse;
+
+import com.cloud.network.security.SecurityGroup;
+import com.cloud.user.Account;
+
+@APICommand(name = UpdateSecurityGroupCmd.APINAME, description = "Updates a security group", responseObject = SecurityGroupResponse.class, entityType = {SecurityGroup.class},
+        requestHasSensitiveInfo = false, responseHasSensitiveInfo = false,
+        since = "4.14.0.0",
+        authorized = {RoleType.Admin})
+public class UpdateSecurityGroupCmd extends BaseCustomIdCmd {
+    public static final String APINAME = "updateSecurityGroup";
+    public static final Logger s_logger = Logger.getLogger(UpdateSecurityGroupCmd.class.getName());
+    private static final String s_name = "updatesecuritygroupresponse";
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+
+    @ACL(accessType = AccessType.OperateEntry)
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, required=true, description="The ID of the security group.", entityType=SecurityGroupResponse.class)
+    private Long id;
+
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "The new name of the security group.")
+    private String name;
+
+    /////////////////////////////////////////////////////
+    /////////////////// Accessors ///////////////////////
+    /////////////////////////////////////////////////////
+
+    public Long getId() {
+        return id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    /////////////////////////////////////////////////////
+    /////////////// API Implementation///////////////////
+    /////////////////////////////////////////////////////
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        SecurityGroup securityGroup = _entityMgr.findById(SecurityGroup.class, getId());
+        if (securityGroup != null) {
+            return securityGroup.getAccountId();
+        }
+
+        return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
+    }
+
+    @Override
+    public void execute() {
+        SecurityGroup result = _securityGroupService.updateSecurityGroup(this);
+        if (result != null) {
+            SecurityGroupResponse response = _responseGenerator.createSecurityGroupResponse(result);
+            response.setResponseName(getCommandName());
+            setResponseObject(response);
+        } else {
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to update security group");
+        }
+    }
+
+    @Override
+    public void checkUuid() {
+        if (getCustomId() != null) {
+            _uuidMgr.checkUuid(getCustomId(), SecurityGroup.class);
+        }
+    }
+
+}

engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVO.java

@@ -70,6 +70,10 @@ public String getName() {
         return name;
     }
 
+    public void setName(String name) {
+        this.name = name;
+    }
+
     @Override
     public String getDescription() {
         return description;

server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java

@@ -44,6 +44,7 @@
 import org.apache.cloudstack.api.command.user.securitygroup.DeleteSecurityGroupCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupEgressCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupIngressCmd;
+import org.apache.cloudstack.api.command.user.securitygroup.UpdateSecurityGroupCmd;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
@@ -879,6 +880,10 @@ public SecurityGroupVO createSecurityGroup(CreateSecurityGroupCmd cmd) throws Pe
         Account caller = CallContext.current().getCallingAccount();
         Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
 
+        if (StringUtils.isBlank(name)) {
+            throw new InvalidParameterValueException("Security group name cannot be empty");
+        }
+
         if (_securityGroupDao.isNameInUse(owner.getId(), owner.getDomainId(), cmd.getSecurityGroupName())) {
             throw new InvalidParameterValueException("Unable to create security group, a group with name " + name + " already exists.");
         }
@@ -1117,6 +1122,60 @@ public void doInTransactionWithoutResult(TransactionStatus status) {
         s_logger.debug("Security group mappings are removed successfully for vm id=" + userVmId);
     }
 
+    @DB
+    @Override
+    @ActionEvent(eventType = EventTypes.EVENT_SECURITY_GROUP_UPDATE, eventDescription = "updating security group")
+    public SecurityGroup updateSecurityGroup(UpdateSecurityGroupCmd cmd) {
+        final Long groupId = cmd.getId();
+        final String newName = cmd.getName();
+        Account caller = CallContext.current().getCallingAccount();
+
+        SecurityGroupVO group = _securityGroupDao.findById(groupId);
+        if (group == null) {
+            throw new InvalidParameterValueException("Unable to find security group: " + groupId + "; failed to update security group.");
+        }
+
+        if (newName == null) {
+            s_logger.debug("security group name is not changed. id=" + groupId);
+            return group;
+        }
+
+        if (StringUtils.isBlank(newName)) {
+            throw new InvalidParameterValueException("Security group name cannot be empty");
+        }
+
+        // check permissions
+        _accountMgr.checkAccess(caller, null, true, group);
+
+        return Transaction.execute(new TransactionCallback<SecurityGroupVO>() {
+            @Override
+            public SecurityGroupVO doInTransaction(TransactionStatus status) {
+                SecurityGroupVO group = _securityGroupDao.lockRow(groupId, true);
+                if (group == null) {
+                    throw new InvalidParameterValueException("Unable to find security group by id " + groupId);
+                }
+
+                if (newName.equals(group.getName())) {
+                    s_logger.debug("security group name is not changed. id=" + groupId);
+                    return group;
+                } else if (newName.equalsIgnoreCase(SecurityGroupManager.DEFAULT_GROUP_NAME)) {
+                    throw new InvalidParameterValueException("The security group name " + SecurityGroupManager.DEFAULT_GROUP_NAME + " is reserved");
+                }
+
+                if (group.getName().equalsIgnoreCase(SecurityGroupManager.DEFAULT_GROUP_NAME)) {
+                    throw new InvalidParameterValueException("The default security group cannot be renamed");
+                }
+
+                group.setName(newName);
+                _securityGroupDao.update(groupId, group);
+
+                s_logger.debug("Updated security group id=" + groupId);
+
+                return group;
+            }
+        });
+    }
+
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_SECURITY_GROUP_DELETE, eventDescription = "deleting security group")

server/src/main/java/com/cloud/server/ManagementServerImpl.java

@@ -422,6 +422,7 @@
 import org.apache.cloudstack.api.command.user.securitygroup.ListSecurityGroupsCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupEgressCmd;
 import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupIngressCmd;
+import org.apache.cloudstack.api.command.user.securitygroup.UpdateSecurityGroupCmd;
 import org.apache.cloudstack.api.command.user.snapshot.ArchiveSnapshotCmd;
 import org.apache.cloudstack.api.command.user.snapshot.CreateSnapshotCmd;
 import org.apache.cloudstack.api.command.user.snapshot.CreateSnapshotFromVMSnapshotCmd;
@@ -2889,6 +2890,7 @@ public List<Class<?>> getCommands() {
         cmdList.add(ListSecurityGroupsCmd.class);
         cmdList.add(RevokeSecurityGroupEgressCmd.class);
         cmdList.add(RevokeSecurityGroupIngressCmd.class);
+        cmdList.add(UpdateSecurityGroupCmd.class);
         cmdList.add(CreateSnapshotCmd.class);
         cmdList.add(CreateSnapshotFromVMSnapshotCmd.class);
         cmdList.add(DeleteSnapshotCmd.class);