package org.jclouds.azurecompute.compute.extensions;

import com.google.common.base.Function;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.base.Splitter;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.Iterables;
import com.google.common.collect.Multimap;
import java.util.Set;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import org.jclouds.azurecompute.AzureComputeApi;
import org.jclouds.azurecompute.compute.AzureComputeServiceAdapter;
import org.jclouds.azurecompute.compute.config.AzureComputeServiceContextModule;
import org.jclouds.azurecompute.domain.Deployment;
import org.jclouds.azurecompute.domain.NetworkConfiguration;
import org.jclouds.azurecompute.domain.NetworkSecurityGroup;
import org.jclouds.azurecompute.domain.Role;
import org.jclouds.azurecompute.domain.Rule;
import org.jclouds.azurecompute.util.ConflictManagementPredicate;
import org.jclouds.azurecompute.util.NetworkSecurityGroups;
import org.jclouds.compute.domain.SecurityGroup;
import org.jclouds.compute.domain.SecurityGroupBuilder;
import org.jclouds.compute.extensions.SecurityGroupExtension;
import org.jclouds.domain.Location;
import org.jclouds.logging.Logger;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.net.domain.IpProtocol;

/* loaded from: input_file:org/jclouds/azurecompute/compute/extensions/AzureComputeSecurityGroupExtension.class */
public class AzureComputeSecurityGroupExtension implements SecurityGroupExtension {
    protected final AzureComputeApi api;
    private final Predicate<String> operationSucceededPredicate;
    private final AzureComputeServiceContextModule.AzureComputeConstants azureComputeConstants;

    @Resource
    @Named("jclouds.compute")
    protected Logger logger = Logger.NULL;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jclouds/azurecompute/compute/extensions/AzureComputeSecurityGroupExtension$NetworkSecurityGroupSecurityGroupFunction.class */
    public class NetworkSecurityGroupSecurityGroupFunction implements Function<NetworkSecurityGroup, SecurityGroup> {
        private NetworkSecurityGroupSecurityGroupFunction() {
        }

        public SecurityGroup apply(NetworkSecurityGroup networkSecurityGroup) {
            SecurityGroupBuilder name = new SecurityGroupBuilder().id(networkSecurityGroup.name()).providerId(networkSecurityGroup.label()).name(networkSecurityGroup.name());
            if (networkSecurityGroup.rules() != null) {
                name.ipPermissions(Iterables.transform(NetworkSecurityGroups.getCustomRules(networkSecurityGroup), new RuleToIpPermission()));
            }
            return name.build();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jclouds/azurecompute/compute/extensions/AzureComputeSecurityGroupExtension$RuleToIpPermission.class */
    public class RuleToIpPermission implements Function<Rule, IpPermission> {
        private RuleToIpPermission() {
        }

        public IpPermission apply(Rule rule) {
            IpPermission.Builder builder = IpPermission.builder();
            if (rule.name().matches(AzureComputeSecurityGroupExtension.this.azureComputeConstants.tcpRuleRegexp())) {
                builder.fromPort(extractPort(rule.name(), 0)).toPort(extractPort(rule.name(), 1));
            }
            builder.ipProtocol(rule.protocol().equals(Rule.Protocol.ALL) ? IpProtocol.ALL : IpProtocol.valueOf(rule.protocol().getValue()));
            if (rule.destinationAddressPrefix().equals("*")) {
                builder.cidrBlock("0.0.0.0/0");
            } else {
                builder.cidrBlock(rule.destinationAddressPrefix());
            }
            return builder.build();
        }

        private int extractPort(String str, int i) {
            return Integer.parseInt((String) Iterables.get(Splitter.on("-").omitEmptyStrings().split(str.substring(4, str.length())), i));
        }
    }

    @Inject
    AzureComputeSecurityGroupExtension(AzureComputeApi azureComputeApi, Predicate<String> predicate, AzureComputeServiceContextModule.AzureComputeConstants azureComputeConstants) {
        this.api = azureComputeApi;
        this.operationSucceededPredicate = predicate;
        this.azureComputeConstants = azureComputeConstants;
    }

    public Set<SecurityGroup> listSecurityGroups() {
        return FluentIterable.from(this.api.getNetworkSecurityGroupApi().list()).transform(new NetworkSecurityGroupSecurityGroupFunction()).toSet();
    }

    public Set<SecurityGroup> listSecurityGroupsInLocation(Location location) {
        return FluentIterable.from(this.api.getNetworkSecurityGroupApi().list()).transform(new NetworkSecurityGroupSecurityGroupFunction()).toSet();
    }

    public Set<SecurityGroup> listSecurityGroupsForNode(String str) {
        Preconditions.checkNotNull(str, "name");
        Deployment deployment = this.api.getDeploymentApiForService(str).get(str);
        final String virtualNetworkName = deployment.virtualNetworkName();
        return FluentIterable.from(FluentIterable.from(deployment.roleList()).transformAndConcat(new Function<Role, Iterable<Role.ConfigurationSet>>() { // from class: org.jclouds.azurecompute.compute.extensions.AzureComputeSecurityGroupExtension.3
            public Iterable<Role.ConfigurationSet> apply(Role role) {
                return role.configurationSets();
            }
        }).transformAndConcat(new Function<Role.ConfigurationSet, Iterable<Role.ConfigurationSet.SubnetName>>() { // from class: org.jclouds.azurecompute.compute.extensions.AzureComputeSecurityGroupExtension.2
            public Iterable<Role.ConfigurationSet.SubnetName> apply(Role.ConfigurationSet configurationSet) {
                return configurationSet.subnetNames();
            }
        }).transform(new Function<Role.ConfigurationSet.SubnetName, String>() { // from class: org.jclouds.azurecompute.compute.extensions.AzureComputeSecurityGroupExtension.1
            public String apply(Role.ConfigurationSet.SubnetName subnetName) {
                return subnetName.name();
            }
        }).toList()).transform(new Function<String, NetworkSecurityGroup>() { // from class: org.jclouds.azurecompute.compute.extensions.AzureComputeSecurityGroupExtension.4
            public NetworkSecurityGroup apply(String str2) {
                return AzureComputeSecurityGroupExtension.this.api.getNetworkSecurityGroupApi().getNetworkSecurityGroupAppliedToSubnet(virtualNetworkName, str2);
            }
        }).transform(new NetworkSecurityGroupSecurityGroupFunction()).toSet();
    }

    public SecurityGroup getSecurityGroupById(String str) {
        return transformNetworkSecurityGroupToSecurityGroup(str);
    }

    public SecurityGroup createSecurityGroup(String str, Location location) {
        Preconditions.checkNotNull(str, "name");
        Preconditions.checkNotNull(location, "location");
        String create = this.api.getNetworkSecurityGroupApi().create(NetworkSecurityGroup.create(str, str, location.getId(), null, null));
        if (this.operationSucceededPredicate.apply(create)) {
            return transformNetworkSecurityGroupToSecurityGroup(str);
        }
        String generateIllegalStateExceptionMessage = AzureComputeServiceAdapter.generateIllegalStateExceptionMessage(create, this.azureComputeConstants.operationTimeout().longValue());
        this.logger.warn(generateIllegalStateExceptionMessage, new Object[0]);
        throw new IllegalStateException(generateIllegalStateExceptionMessage);
    }

    private SecurityGroup transformNetworkSecurityGroupToSecurityGroup(String str) {
        NetworkSecurityGroup fullDetails = this.api.getNetworkSecurityGroupApi().getFullDetails(str);
        if (fullDetails == null) {
            return null;
        }
        return new NetworkSecurityGroupSecurityGroupFunction().apply(fullDetails);
    }

    public boolean removeSecurityGroup(final String str) {
        NetworkSecurityGroup networkSecurityGroupAppliedToSubnet;
        NetworkConfiguration networkConfiguration = this.api.getVirtualNetworkApi().getNetworkConfiguration();
        if (networkConfiguration != null) {
            for (NetworkConfiguration.VirtualNetworkSite virtualNetworkSite : networkConfiguration.virtualNetworkConfiguration().virtualNetworkSites()) {
                for (NetworkConfiguration.Subnet subnet : virtualNetworkSite.subnets()) {
                    final String name = virtualNetworkSite.name();
                    final String name2 = subnet.name();
                    if (name != null && name2 != null && (networkSecurityGroupAppliedToSubnet = this.api.getNetworkSecurityGroupApi().getNetworkSecurityGroupAppliedToSubnet(name, name2)) != null && networkSecurityGroupAppliedToSubnet.name().equals(str)) {
                        this.logger.debug("Removing a networkSecurityGroup %s is already applied to subnet '%s' ...", new Object[]{str, name2});
                        if (!new ConflictManagementPredicate(this.api, this.operationSucceededPredicate) { // from class: org.jclouds.azurecompute.compute.extensions.AzureComputeSecurityGroupExtension.5
                            @Override // org.jclouds.azurecompute.util.ConflictManagementPredicate
                            protected String operation() {
                                return AzureComputeSecurityGroupExtension.this.api.getNetworkSecurityGroupApi().removeFromSubnet(name, name2, str);
                            }
                        }.apply(str)) {
                            String generateIllegalStateExceptionMessage = AzureComputeServiceAdapter.generateIllegalStateExceptionMessage("Remove security group from subnet", this.azureComputeConstants.operationTimeout().longValue());
                            this.logger.warn(generateIllegalStateExceptionMessage, new Object[0]);
                            throw new IllegalStateException(generateIllegalStateExceptionMessage);
                        }
                    }
                }
            }
        }
        return this.operationSucceededPredicate.apply(this.api.getNetworkSecurityGroupApi().delete(str));
    }

    public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup securityGroup) {
        Preconditions.checkNotNull(securityGroup, "group");
        Preconditions.checkNotNull(ipPermission, "ipPermission");
        String str = (String) Preconditions.checkNotNull(securityGroup.getId(), "group.getId()");
        addRuleToNetworkSecurityGroup(str, NetworkSecurityGroups.createRuleName(this.azureComputeConstants.tcpRuleFormat(), ipPermission.getFromPort(), ipPermission.getToPort()), NetworkSecurityGroups.getFirstAvailablePriority(NetworkSecurityGroups.getCustomRules(this.api.getNetworkSecurityGroupApi().getFullDetails(securityGroup.getName()))), ipPermission);
        return transformNetworkSecurityGroupToSecurityGroup(str);
    }

    public SecurityGroup addIpPermission(IpProtocol ipProtocol, int i, int i2, Multimap<String, String> multimap, Iterable<String> iterable, Iterable<String> iterable2, SecurityGroup securityGroup) {
        IpPermission.Builder builder = IpPermission.builder();
        builder.ipProtocol(ipProtocol);
        builder.fromPort(i);
        builder.toPort(i2);
        builder.tenantIdGroupNamePairs(multimap);
        builder.cidrBlocks(iterable);
        builder.groupIds(iterable2);
        return addIpPermission(builder.build(), securityGroup);
    }

    public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup securityGroup) {
        Preconditions.checkNotNull(securityGroup, "group");
        Preconditions.checkNotNull(ipPermission, "ipPermission");
        String str = (String) Preconditions.checkNotNull(securityGroup.getId(), "group.getId()");
        removeRuleFromNetworkSecurityGroup(str, NetworkSecurityGroups.createRuleName(this.azureComputeConstants.tcpRuleFormat(), ipPermission.getFromPort(), ipPermission.getToPort()));
        return transformNetworkSecurityGroupToSecurityGroup(str);
    }

    public SecurityGroup removeIpPermission(IpProtocol ipProtocol, int i, int i2, Multimap<String, String> multimap, Iterable<String> iterable, Iterable<String> iterable2, SecurityGroup securityGroup) {
        IpPermission.Builder builder = IpPermission.builder();
        builder.ipProtocol(ipProtocol);
        builder.fromPort(i);
        builder.toPort(i2);
        builder.tenantIdGroupNamePairs(multimap);
        builder.cidrBlocks(iterable);
        builder.groupIds(iterable2);
        return removeIpPermission(builder.build(), securityGroup);
    }

    public boolean supportsTenantIdGroupNamePairs() {
        return false;
    }

    public boolean supportsTenantIdGroupIdPairs() {
        return false;
    }

    public boolean supportsGroupIds() {
        return false;
    }

    public boolean supportsPortRangesForGroups() {
        return false;
    }

    public boolean supportsExclusionCidrBlocks() {
        return false;
    }

    private void addRuleToNetworkSecurityGroup(String str, String str2, int i, IpPermission ipPermission) {
        String name = ipPermission.getIpProtocol().name();
        String rule = this.api.getNetworkSecurityGroupApi().setRule(str, str2, Rule.create(str2, Rule.Type.Inbound, String.valueOf(i), Rule.Action.Allow, "INTERNET", "*", (ipPermission.getCidrBlocks().isEmpty() || ((String) Iterables.get(ipPermission.getCidrBlocks(), 0)).equals("0.0.0.0/0")) ? "*" : (String) Iterables.get(ipPermission.getCidrBlocks(), 0), ipPermission.getFromPort() == ipPermission.getToPort() ? String.valueOf(ipPermission.getToPort()) : String.format("%s-%s", Integer.valueOf(ipPermission.getFromPort()), Integer.valueOf(ipPermission.getToPort())), Rule.Protocol.fromString(name)));
        if (this.operationSucceededPredicate.apply(rule)) {
            return;
        }
        String generateIllegalStateExceptionMessage = AzureComputeServiceAdapter.generateIllegalStateExceptionMessage(rule, this.azureComputeConstants.operationTimeout().longValue());
        this.logger.warn(generateIllegalStateExceptionMessage, new Object[0]);
        throw new IllegalStateException(generateIllegalStateExceptionMessage);
    }

    private void removeRuleFromNetworkSecurityGroup(String str, String str2) {
        String deleteRule = this.api.getNetworkSecurityGroupApi().deleteRule(str, str2);
        if (this.operationSucceededPredicate.apply(deleteRule)) {
            return;
        }
        String generateIllegalStateExceptionMessage = AzureComputeServiceAdapter.generateIllegalStateExceptionMessage(deleteRule, this.azureComputeConstants.operationTimeout().longValue());
        this.logger.warn(generateIllegalStateExceptionMessage, new Object[0]);
        throw new IllegalStateException(generateIllegalStateExceptionMessage);
    }
}
