package org.jclouds.openstack.nova.v2_0.compute.extensions;

import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.base.Predicates;
import com.google.common.base.Supplier;
import com.google.common.cache.LoadingCache;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Multimap;
import com.google.common.collect.Sets;
import com.google.inject.Inject;
import jakarta.annotation.Resource;
import jakarta.inject.Named;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.jclouds.Context;
import org.jclouds.compute.domain.SecurityGroup;
import org.jclouds.compute.extensions.SecurityGroupExtension;
import org.jclouds.compute.functions.GroupNamingConvention;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.domain.Location;
import org.jclouds.gogrid.reference.GoGridQueryParams;
import org.jclouds.javax.annotation.Nullable;
import org.jclouds.location.Region;
import org.jclouds.logging.Logger;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.net.domain.IpProtocol;
import org.jclouds.openstack.neutron.v2.NeutronApi;
import org.jclouds.openstack.neutron.v2.domain.Rule;
import org.jclouds.openstack.neutron.v2.domain.RuleDirection;
import org.jclouds.openstack.neutron.v2.domain.RuleEthertype;
import org.jclouds.openstack.neutron.v2.domain.RuleProtocol;
import org.jclouds.openstack.neutron.v2.features.SecurityGroupApi;
import org.jclouds.openstack.nova.v2_0.NovaApi;
import org.jclouds.openstack.nova.v2_0.compute.functions.NeutronSecurityGroupToSecurityGroup;
import org.jclouds.openstack.nova.v2_0.compute.functions.NovaSecurityGroupToSecurityGroup;
import org.jclouds.openstack.nova.v2_0.domain.regionscoped.RegionAndId;
import org.jclouds.openstack.nova.v2_0.domain.regionscoped.RegionAndName;
import org.jclouds.openstack.nova.v2_0.domain.regionscoped.RegionSecurityGroupNameAndPorts;
import org.jclouds.rest.ApiContext;

/* loaded from: input_file:org/jclouds/openstack/nova/v2_0/compute/extensions/NeutronSecurityGroupExtension.class */
public class NeutronSecurityGroupExtension implements SecurityGroupExtension {

    @Named(ComputeServiceConstants.COMPUTE_LOGGER)
    @Resource
    protected Logger logger = Logger.NULL;
    private final NovaApi api;
    private final Supplier<Set<String>> regionIds;
    private final GroupNamingConvention.Factory namingConvention;
    private final LoadingCache<RegionAndName, SecurityGroup> groupCreator;
    private final Supplier<Map<String, Location>> locationIndex;
    private final NeutronSecurityGroupToSecurityGroup.Factory neutronSecurityGroupToSecurityGroup;
    private final NovaSecurityGroupToSecurityGroup.Factory novaSecurityGroupToSecurityGroup;

    @Named("openstack-neutron")
    @Inject(optional = true)
    private Supplier<Context> neutronContextSupplier;

    @Inject
    NeutronSecurityGroupExtension(NovaApi novaApi, @Region Supplier<Set<String>> supplier, GroupNamingConvention.Factory factory, LoadingCache<RegionAndName, SecurityGroup> loadingCache, Supplier<Map<String, Location>> supplier2, NeutronSecurityGroupToSecurityGroup.Factory factory2, NovaSecurityGroupToSecurityGroup.Factory factory3) {
        this.api = novaApi;
        this.regionIds = (Supplier) Preconditions.checkNotNull(supplier, "regionIds");
        this.namingConvention = (GroupNamingConvention.Factory) Preconditions.checkNotNull(factory, "namingConvention");
        this.groupCreator = loadingCache;
        this.locationIndex = supplier2;
        this.neutronSecurityGroupToSecurityGroup = factory2;
        this.novaSecurityGroupToSecurityGroup = factory3;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup createSecurityGroup(String str, Location location) {
        String id = location.getId();
        if (id == null) {
            return null;
        }
        this.logger.debug(">> creating security group %s in %s...", str, location);
        return (SecurityGroup) this.groupCreator.getUnchecked(new RegionSecurityGroupNameAndPorts(id, this.namingConvention.create().sharedNameForGroup(str), ImmutableSet.of()));
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public Set<SecurityGroup> listSecurityGroups() {
        HashSet newHashSet = Sets.newHashSet();
        Iterator it = ((Set) this.regionIds.get()).iterator();
        while (it.hasNext()) {
            newHashSet.addAll(listSecurityGroupsInLocation((Location) ((Map) this.locationIndex.get()).get((String) it.next())));
        }
        return ImmutableSet.copyOf(newHashSet);
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public Set<SecurityGroup> listSecurityGroupsInLocation(Location location) {
        String id = location.getId();
        return id == null ? ImmutableSet.of() : getSecurityGroupApi(id).listSecurityGroups().concat().transform(this.neutronSecurityGroupToSecurityGroup.create(location)).toSet();
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public Set<SecurityGroup> listSecurityGroupsForNode(String str) {
        RegionAndId fromSlashEncoded = RegionAndId.fromSlashEncoded((String) Preconditions.checkNotNull(str, GoGridQueryParams.ID_KEY));
        String region = fromSlashEncoded.getRegion();
        return ImmutableSet.copyOf(Iterables.transform(Iterables.filter(this.api.getServerApi(region).listSecurityGroupForServer(fromSlashEncoded.getId()), Predicates.notNull()), this.novaSecurityGroupToSecurityGroup.create((Location) ((Map) this.locationIndex.get()).get(region))));
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup getSecurityGroupById(String str) {
        RegionAndId fromSlashEncoded = RegionAndId.fromSlashEncoded((String) Preconditions.checkNotNull(str, GoGridQueryParams.ID_KEY));
        String region = fromSlashEncoded.getRegion();
        String id = fromSlashEncoded.getId();
        SecurityGroupApi securityGroupApi = getSecurityGroupApi(region);
        return this.neutronSecurityGroupToSecurityGroup.create((Location) ((Map) this.locationIndex.get()).get(region)).apply(securityGroupApi.getSecurityGroup(id));
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean removeSecurityGroup(String str) {
        Preconditions.checkNotNull(str, GoGridQueryParams.ID_KEY);
        RegionAndId fromSlashEncoded = RegionAndId.fromSlashEncoded(str);
        String region = fromSlashEncoded.getRegion();
        boolean deleteSecurityGroup = getSecurityGroupApi(region).deleteSecurityGroup(fromSlashEncoded.getId());
        Iterator it = this.groupCreator.asMap().values().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SecurityGroup securityGroup = (SecurityGroup) it.next();
            if (str.equals(securityGroup.getId())) {
                this.groupCreator.invalidate(new RegionSecurityGroupNameAndPorts(region, securityGroup.getName(), ImmutableSet.of()));
                break;
            }
        }
        return deleteSecurityGroup;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup securityGroup) {
        String id = securityGroup.getLocation().getId();
        String id2 = RegionAndId.fromSlashEncoded(securityGroup.getId()).getId();
        SecurityGroupApi securityGroupApi = getSecurityGroupApi(id);
        if (!ipPermission.getCidrBlocks().isEmpty()) {
            Iterator<String> it = ipPermission.getCidrBlocks().iterator();
            while (it.hasNext()) {
                securityGroupApi.create(Rule.CreateRule.createBuilder(RuleDirection.INGRESS, securityGroup.getProviderId()).protocol(RuleProtocol.fromValue(ipPermission.getIpProtocol().name())).ethertype(RuleEthertype.IPV4).portRangeMin(Integer.valueOf(ipPermission.getFromPort())).portRangeMax(Integer.valueOf(ipPermission.getToPort())).remoteIpPrefix(it.next()).build());
            }
        }
        if (!ipPermission.getGroupIds().isEmpty()) {
            Iterator<String> it2 = ipPermission.getGroupIds().iterator();
            while (it2.hasNext()) {
                String id3 = RegionAndId.fromSlashEncoded(it2.next()).getId();
                securityGroupApi.create(Rule.CreateRule.createBuilder(RuleDirection.INGRESS, id3).protocol(RuleProtocol.fromValue(ipPermission.getIpProtocol().name())).ethertype(RuleEthertype.IPV4).portRangeMin(Integer.valueOf(ipPermission.getFromPort())).portRangeMax(Integer.valueOf(ipPermission.getToPort())).remoteGroupId(id3).build());
            }
        }
        return getSecurityGroupById(RegionAndId.fromRegionAndId(id, id2).slashEncode());
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup addIpPermission(IpProtocol ipProtocol, int i, int i2, Multimap<String, String> multimap, Iterable<String> iterable, Iterable<String> iterable2, SecurityGroup securityGroup) {
        IpPermission.Builder builder = IpPermission.builder();
        builder.ipProtocol(ipProtocol);
        builder.fromPort(i);
        builder.toPort(i2);
        builder.tenantIdGroupNamePairs(multimap);
        builder.cidrBlocks(iterable);
        builder.groupIds(iterable2);
        return addIpPermission(builder.build(), securityGroup);
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup removeIpPermission(final IpPermission ipPermission, SecurityGroup securityGroup) {
        String id = securityGroup.getLocation().getId();
        String id2 = RegionAndId.fromSlashEncoded(securityGroup.getId()).getId();
        SecurityGroupApi securityGroupApi = getSecurityGroupApi(id);
        org.jclouds.openstack.neutron.v2.domain.SecurityGroup securityGroup2 = securityGroupApi.getSecurityGroup(id2);
        if (!ipPermission.getCidrBlocks().isEmpty()) {
            for (final String str : ipPermission.getCidrBlocks()) {
                Iterator it = Iterables.filter(securityGroup2.getRules(), new Predicate<Rule>() { // from class: org.jclouds.openstack.nova.v2_0.compute.extensions.NeutronSecurityGroupExtension.1
                    public boolean apply(@Nullable Rule rule) {
                        return rule.getRemoteIpPrefix() != null && rule.getRemoteIpPrefix().equals(str) && rule.getProtocol() != null && rule.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && rule.getPortRangeMin() != null && rule.getPortRangeMin().intValue() == ipPermission.getFromPort() && rule.getPortRangeMax() != null && rule.getPortRangeMax().intValue() == ipPermission.getToPort();
                    }
                }).iterator();
                while (it.hasNext()) {
                    securityGroupApi.deleteRule(((Rule) it.next()).getId());
                }
            }
        }
        if (!ipPermission.getGroupIds().isEmpty()) {
            for (final String str2 : ipPermission.getGroupIds()) {
                Iterator it2 = Iterables.filter(securityGroup2.getRules(), new Predicate<Rule>() { // from class: org.jclouds.openstack.nova.v2_0.compute.extensions.NeutronSecurityGroupExtension.2
                    public boolean apply(@Nullable Rule rule) {
                        return rule.getRemoteGroupId() != null && rule.getRemoteGroupId().equals(str2) && rule.getProtocol() != null && rule.getProtocol().name().equals(ipPermission.getIpProtocol().name()) && rule.getPortRangeMin() != null && rule.getPortRangeMin().intValue() == ipPermission.getFromPort() && rule.getPortRangeMax() != null && rule.getPortRangeMax().intValue() == ipPermission.getToPort();
                    }
                }).iterator();
                while (it2.hasNext()) {
                    securityGroupApi.deleteRule(((Rule) it2.next()).getId());
                }
            }
        }
        return getSecurityGroupById(RegionAndId.fromRegionAndId(id, id2).slashEncode());
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public SecurityGroup removeIpPermission(IpProtocol ipProtocol, int i, int i2, Multimap<String, String> multimap, Iterable<String> iterable, Iterable<String> iterable2, SecurityGroup securityGroup) {
        IpPermission.Builder builder = IpPermission.builder();
        builder.ipProtocol(ipProtocol);
        builder.fromPort(i);
        builder.toPort(i2);
        builder.tenantIdGroupNamePairs(multimap);
        builder.cidrBlocks(iterable);
        builder.groupIds(iterable2);
        return removeIpPermission(builder.build(), securityGroup);
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean supportsTenantIdGroupNamePairs() {
        return false;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean supportsTenantIdGroupIdPairs() {
        return false;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean supportsGroupIds() {
        return true;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean supportsPortRangesForGroups() {
        return false;
    }

    @Override // org.jclouds.compute.extensions.SecurityGroupExtension
    public boolean supportsExclusionCidrBlocks() {
        return false;
    }

    private SecurityGroupApi getSecurityGroupApi(String str) {
        return ((NeutronApi) ((ApiContext) this.neutronContextSupplier.get()).getApi()).getSecurityGroupApi(str);
    }
}
