package org.apache.brooklyn.location.jclouds.networking;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Function;
import com.google.common.base.Strings;
import com.google.common.base.Suppliers;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Range;
import com.google.common.collect.RangeSet;
import java.util.List;
import javax.annotation.Nullable;
import org.apache.brooklyn.location.jclouds.BasicJcloudsLocationCustomizer;
import org.apache.brooklyn.location.jclouds.JcloudsLocation;
import org.apache.brooklyn.location.jclouds.JcloudsMachineLocation;
import org.apache.brooklyn.util.net.Cidr;
import org.apache.brooklyn.util.net.Networking;
import org.jclouds.compute.ComputeService;
import org.jclouds.compute.domain.Template;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.net.domain.IpProtocol;

/* loaded from: input_file:org/apache/brooklyn/location/jclouds/networking/SharedLocationSecurityGroupCustomizer.class */
public class SharedLocationSecurityGroupCustomizer extends BasicJcloudsLocationCustomizer {
    private String locationName = null;
    private String cidr = null;
    private int[] inboundPorts;
    private RangeSet<Integer> tcpPortRanges;
    private RangeSet<Integer> udpPortRanges;

    public void setLocationName(String str) {
        this.locationName = str;
    }

    public void setTcpPortRanges(List<String> list) {
        this.tcpPortRanges = Networking.portRulesToRanges(list);
    }

    public void setUdpPortRanges(ImmutableList<String> immutableList) {
        this.udpPortRanges = Networking.portRulesToRanges(immutableList);
    }

    public void setCidr(String str) {
        this.cidr = str;
    }

    @Override // org.apache.brooklyn.location.jclouds.BasicJcloudsLocationCustomizer, org.apache.brooklyn.location.jclouds.JcloudsLocationCustomizer
    public void customize(JcloudsLocation jcloudsLocation, ComputeService computeService, Template template) {
        super.customize(jcloudsLocation, computeService, template);
        this.inboundPorts = template.getOptions().getInboundPorts();
        JcloudsLocationSecurityGroupCustomizer sharedLocationSecurityGroupCustomizer = getInstance(getSharedGroupId(jcloudsLocation));
        if (this.cidr != null) {
            sharedLocationSecurityGroupCustomizer.setSshCidrSupplier(Suppliers.ofInstance(new Cidr(this.cidr)));
        }
        sharedLocationSecurityGroupCustomizer.customize(jcloudsLocation, computeService, template);
    }

    @Override // org.apache.brooklyn.location.jclouds.BasicJcloudsLocationCustomizer, org.apache.brooklyn.location.jclouds.JcloudsLocationCustomizer
    public void customize(JcloudsLocation jcloudsLocation, ComputeService computeService, JcloudsMachineLocation jcloudsMachineLocation) {
        super.customize(jcloudsLocation, computeService, jcloudsMachineLocation);
        JcloudsLocationSecurityGroupCustomizer sharedLocationSecurityGroupCustomizer = getInstance(getSharedGroupId(jcloudsLocation));
        ImmutableList.Builder builder = ImmutableList.builder();
        builder.addAll(getIpPermissions(sharedLocationSecurityGroupCustomizer, this.tcpPortRanges, IpProtocol.TCP));
        builder.addAll(getIpPermissions(sharedLocationSecurityGroupCustomizer, this.udpPortRanges, IpProtocol.UDP));
        if (this.inboundPorts != null) {
            for (int i : this.inboundPorts) {
                builder.add(IpPermission.builder().fromPort(i).toPort(i).ipProtocol(IpProtocol.TCP).cidrBlock(sharedLocationSecurityGroupCustomizer.getBrooklynCidrBlock()).build());
            }
        }
        sharedLocationSecurityGroupCustomizer.addPermissionsToLocation(jcloudsMachineLocation, (Iterable<IpPermission>) builder.build());
    }

    private List<IpPermission> getIpPermissions(JcloudsLocationSecurityGroupCustomizer jcloudsLocationSecurityGroupCustomizer, RangeSet<Integer> rangeSet, IpProtocol ipProtocol) {
        ImmutableList of = ImmutableList.of();
        if (rangeSet != null) {
            of = FluentIterable.from(rangeSet.asRanges()).transform(portRangeToPermission(jcloudsLocationSecurityGroupCustomizer, ipProtocol)).toList();
        }
        return of;
    }

    private Function<Range<Integer>, IpPermission> portRangeToPermission(final JcloudsLocationSecurityGroupCustomizer jcloudsLocationSecurityGroupCustomizer, final IpProtocol ipProtocol) {
        return new Function<Range<Integer>, IpPermission>() { // from class: org.apache.brooklyn.location.jclouds.networking.SharedLocationSecurityGroupCustomizer.1
            @Nullable
            public IpPermission apply(@Nullable Range<Integer> range) {
                return IpPermission.builder().fromPort(((Integer) range.lowerEndpoint()).intValue()).toPort(((Integer) range.upperEndpoint()).intValue()).ipProtocol(ipProtocol).cidrBlock(jcloudsLocationSecurityGroupCustomizer.getBrooklynCidrBlock()).build();
            }
        };
    }

    private String getSharedGroupId(JcloudsLocation jcloudsLocation) {
        return Strings.isNullOrEmpty(this.locationName) ? jcloudsLocation.getId() : this.locationName + "-" + jcloudsLocation.getId();
    }

    @VisibleForTesting
    JcloudsLocationSecurityGroupCustomizer getInstance(String str) {
        return JcloudsLocationSecurityGroupCustomizer.getInstance(str);
    }
}
