package org.dasein.cloud.aws.network;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import javax.annotation.Nonnegative;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.log4j.Logger;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.OperationNotSupportedException;
import org.dasein.cloud.ProviderContext;
import org.dasein.cloud.Requirement;
import org.dasein.cloud.ResourceStatus;
import org.dasein.cloud.Tag;
import org.dasein.cloud.Taggable;
import org.dasein.cloud.aws.AWSCloud;
import org.dasein.cloud.aws.compute.EC2ComputeServices;
import org.dasein.cloud.aws.compute.EC2Exception;
import org.dasein.cloud.aws.compute.EC2Method;
import org.dasein.cloud.compute.VirtualMachineSupport;
import org.dasein.cloud.identity.ServiceAction;
import org.dasein.cloud.network.AbstractFirewallSupport;
import org.dasein.cloud.network.Direction;
import org.dasein.cloud.network.Firewall;
import org.dasein.cloud.network.FirewallCreateOptions;
import org.dasein.cloud.network.FirewallRule;
import org.dasein.cloud.network.FirewallSupport;
import org.dasein.cloud.network.Permission;
import org.dasein.cloud.network.Protocol;
import org.dasein.cloud.network.RuleTarget;
import org.dasein.cloud.network.RuleTargetType;
import org.dasein.cloud.util.APITrace;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/dasein/cloud/aws/network/SecurityGroup.class */
public class SecurityGroup extends AbstractFirewallSupport {
    private static final Logger logger = AWSCloud.getLogger(SecurityGroup.class);
    private AWSCloud provider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityGroup(AWSCloud aWSCloud) {
        super(aWSCloud);
        this.provider = null;
        this.provider = aWSCloud;
    }

    @Nonnull
    public String authorize(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull RuleTarget ruleTarget, @Nonnull Protocol protocol, @Nonnull RuleTarget ruleTarget2, int i, int i2, @Nonnegative int i3) throws CloudException, InternalException {
        boolean equals;
        APITrace.begin(this.provider, "Firewall.authorize");
        try {
            if (Permission.DENY.equals(permission)) {
                throw new OperationNotSupportedException("AWS does not support DENY rules");
            }
            Firewall firewall = getFirewall(str);
            if (firewall == null) {
                throw new CloudException("No such firewall: " + str);
            }
            if (direction.equals(Direction.EGRESS) && firewall.getProviderVlanId() == null) {
                throw new OperationNotSupportedException("AWS does not support EGRESS rules for non-VPC security groups");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), direction.equals(Direction.INGRESS) ? EC2Method.AUTHORIZE_SECURITY_GROUP_INGRESS : EC2Method.AUTHORIZE_SECURITY_GROUP_EGRESS);
            String str2 = null;
            if (direction.equals(Direction.INGRESS)) {
                equals = ruleTarget.getRuleTargetType().equals(RuleTargetType.GLOBAL);
                if (equals) {
                    str2 = ruleTarget.getProviderFirewallId();
                }
            } else {
                equals = ruleTarget2.getRuleTargetType().equals(RuleTargetType.GLOBAL);
                if (equals) {
                    str2 = ruleTarget2.getProviderFirewallId();
                }
            }
            if (this.provider.getEC2Provider().isEucalyptus()) {
                standardParameters.put("GroupName", str);
                standardParameters.put("IpProtocol", protocol.name().toLowerCase());
                standardParameters.put("FromPort", String.valueOf(i));
                standardParameters.put("ToPort", i2 == -1 ? String.valueOf(i) : String.valueOf(i2));
                if (equals) {
                    standardParameters.put("GroupName", str2);
                } else {
                    standardParameters.put("CidrIp", ruleTarget.getCidr());
                }
            } else {
                standardParameters.put("GroupId", str);
                standardParameters.put("IpPermissions.1.IpProtocol", protocol.name().toLowerCase());
                standardParameters.put("IpPermissions.1.FromPort", String.valueOf(i));
                standardParameters.put("IpPermissions.1.ToPort", i2 == -1 ? String.valueOf(i) : String.valueOf(i2));
                if (equals) {
                    if (str2.startsWith("sg-")) {
                        standardParameters.put("IpPermissions.1.Groups.1.GroupId", str2);
                    } else {
                        standardParameters.put("IpPermissions.1.Groups.1.GroupName", str2);
                    }
                } else if (direction.equals(Direction.INGRESS)) {
                    standardParameters.put("IpPermissions.1.IpRanges.1.CidrIp", ruleTarget.getCidr());
                } else {
                    standardParameters.put("IpPermissions.1.IpRanges.1.CidrIp", ruleTarget2.getCidr());
                }
            }
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("return");
                if (elementsByTagName.getLength() > 0 && !elementsByTagName.item(0).getFirstChild().getNodeValue().equalsIgnoreCase("true")) {
                    throw new CloudException("Failed to authorize security group rule without explanation.");
                }
                String providerRuleId = FirewallRule.getInstance((String) null, str, ruleTarget, direction, protocol, permission, ruleTarget2, i, i2).getProviderRuleId();
                APITrace.end();
                return providerRuleId;
            } catch (EC2Exception e) {
                String code = e.getCode();
                if (code == null || !code.equals("InvalidPermission.Duplicate") || direction.equals(Direction.INGRESS)) {
                }
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public String create(@Nonnull FirewallCreateOptions firewallCreateOptions) throws InternalException, CloudException {
        APITrace.begin(this.provider, "Firewall.create");
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), "CreateSecurityGroup");
            String uniqueName = getUniqueName(firewallCreateOptions.getName());
            standardParameters.put("GroupName", uniqueName);
            standardParameters.put("GroupDescription", firewallCreateOptions.getDescription());
            String providerVlanId = firewallCreateOptions.getProviderVlanId();
            if (providerVlanId != null) {
                standardParameters.put("VpcId", providerVlanId);
            }
            try {
                Document invoke = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke();
                if (this.provider.getEC2Provider().isEucalyptus()) {
                    APITrace.end();
                    return uniqueName;
                }
                NodeList elementsByTagName = invoke.getElementsByTagName("groupId");
                if (elementsByTagName.getLength() <= 0) {
                    throw new CloudException("Failed to create security group without explanation.");
                }
                Map metaData = firewallCreateOptions.getMetaData();
                String trim = elementsByTagName.item(0).getFirstChild().getNodeValue().trim();
                if (!metaData.isEmpty()) {
                    ArrayList arrayList = new ArrayList();
                    for (Map.Entry entry : metaData.entrySet()) {
                        String str = (String) entry.getKey();
                        String str2 = (String) entry.getValue();
                        if (str2 != null) {
                            arrayList.add(new Tag(str, str2));
                        }
                    }
                    this.provider.createTags(trim, (Tag[]) arrayList.toArray(new Tag[arrayList.size()]));
                }
                APITrace.end();
                return trim;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    public void delete(@Nonnull String str) throws InternalException, CloudException {
        APITrace.begin(this.provider, "Firewall.delete");
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), EC2Method.DELETE_SECURITY_GROUP);
            if (this.provider.getEC2Provider().isEucalyptus()) {
                standardParameters.put("GroupName", str);
            } else {
                standardParameters.put("GroupId", str);
            }
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("return");
                if (elementsByTagName.getLength() > 0 && !elementsByTagName.item(0).getFirstChild().getNodeValue().equalsIgnoreCase("true")) {
                    throw new CloudException("Failed to delete security group without explanation.");
                }
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    @Nullable
    public Firewall getFirewall(@Nonnull String str) throws InternalException, CloudException {
        Firewall firewall;
        APITrace.begin(this.provider, "Firewall.getFirewall");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                throw new CloudException("No context has been established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), EC2Method.DESCRIBE_SECURITY_GROUPS);
            if (this.provider.getEC2Provider().isEucalyptus()) {
                standardParameters.put("GroupName.1", str);
            } else {
                standardParameters.put("GroupId.1", str);
            }
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("securityGroupInfo");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    NodeList childNodes = elementsByTagName.item(i).getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        Node item = childNodes.item(i2);
                        if (item.getNodeName().equals("item") && (firewall = toFirewall(context, item)) != null && str.equals(firewall.getProviderFirewallId())) {
                            APITrace.end();
                            return firewall;
                        }
                    }
                }
                APITrace.end();
                return null;
            } catch (EC2Exception e) {
                String code = e.getCode();
                if (code == null || !code.startsWith("InvalidGroup")) {
                    logger.error(e.getSummary());
                    throw new CloudException(e);
                }
                APITrace.end();
                return null;
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public String getProviderTermForFirewall(@Nonnull Locale locale) {
        return "security group";
    }

    @Nonnull
    public Collection<FirewallRule> getRules(@Nonnull String str) throws InternalException, CloudException {
        APITrace.begin(this.provider, "Firewall.getRules");
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), EC2Method.DESCRIBE_SECURITY_GROUPS);
            ArrayList arrayList = new ArrayList();
            if (this.provider.getEC2Provider().isEucalyptus()) {
                standardParameters.put("GroupName.1", str);
            } else {
                standardParameters.put("GroupId.1", str);
            }
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("securityGroupInfo");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    NodeList childNodes = elementsByTagName.item(i).getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        Node item = childNodes.item(i2);
                        if (item.getNodeName().equals("item")) {
                            NodeList childNodes2 = item.getChildNodes();
                            for (int i3 = 0; i3 < childNodes2.getLength(); i3++) {
                                Node item2 = childNodes2.item(i3);
                                if (item2.getNodeName().equals("ipPermissions")) {
                                    NodeList childNodes3 = item2.getChildNodes();
                                    for (int i4 = 0; i4 < childNodes3.getLength(); i4++) {
                                        Node item3 = childNodes3.item(i4);
                                        if (item3.getNodeName().equals("item")) {
                                            arrayList.addAll(toFirewallRules(str, item3, Direction.INGRESS));
                                        }
                                    }
                                } else if (item2.getNodeName().equals("ipPermissionsEgress")) {
                                    NodeList childNodes4 = item2.getChildNodes();
                                    for (int i5 = 0; i5 < childNodes4.getLength(); i5++) {
                                        Node item4 = childNodes4.item(i5);
                                        if (item4.getNodeName().equals("item")) {
                                            arrayList.addAll(toFirewallRules(str, item4, Direction.EGRESS));
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                String code = e.getCode();
                if (code == null || !code.startsWith("InvalidGroup")) {
                    logger.error(e.getSummary());
                    throw new CloudException(e);
                }
                List emptyList = Collections.emptyList();
                APITrace.end();
                return emptyList;
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Requirement identifyPrecedenceRequirement(boolean z) throws InternalException, CloudException {
        return Requirement.NONE;
    }

    @Nonnull
    private String getUniqueName(@Nonnull String str) throws InternalException, CloudException {
        boolean z;
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt == '_' || charAt == '-') {
                sb.append(charAt);
            } else if (i == 0 && Character.isDigit(charAt)) {
                sb.append("e-");
                sb.append(charAt);
            } else if (i == 0 && Character.isLetter(charAt)) {
                sb.append(charAt);
            } else if (i > 0 && Character.isLetterOrDigit(charAt)) {
                sb.append(charAt);
            }
        }
        if (sb.length() < 1) {
            return "new-group";
        }
        String sb2 = sb.toString();
        String str2 = sb2;
        int i2 = 1;
        char c = 'a';
        do {
            z = false;
            Iterator<Firewall> it = list().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String providerFirewallId = it.next().getProviderFirewallId();
                if (providerFirewallId != null && providerFirewallId.equals(str2)) {
                    z = true;
                    str2 = i2 == 1 ? sb2 + "-" + String.valueOf(c) : sb2 + String.valueOf(c);
                    if (c == 'z') {
                        sb2 = i2 == 1 ? sb2 + "-a" : sb2 + "a";
                        c = 'a';
                        i2++;
                        if (i2 > 10) {
                            throw new CloudException("Could not generate a unique firewall name from " + sb2);
                        }
                    } else {
                        c = (char) (c + 1);
                    }
                }
            }
        } while (z);
        return str2;
    }

    public boolean isSubscribed() throws CloudException, InternalException {
        APITrace.begin(this.provider, "Firewall.isSubscribed");
        try {
            EC2ComputeServices m5getComputeServices = this.provider.m5getComputeServices();
            if (m5getComputeServices == null) {
                APITrace.end();
                return false;
            }
            VirtualMachineSupport virtualMachineSupport = m5getComputeServices.getVirtualMachineSupport();
            boolean z = virtualMachineSupport != null && virtualMachineSupport.isSubscribed();
            APITrace.end();
            return z;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    public boolean isZeroPrecedenceHighest() throws InternalException, CloudException {
        return true;
    }

    @Nonnull
    public Collection<Firewall> list() throws InternalException, CloudException {
        Firewall firewall;
        APITrace.begin(this.provider, "Firewall.list");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                throw new CloudException("No context has been established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), EC2Method.DESCRIBE_SECURITY_GROUPS);
            ArrayList arrayList = new ArrayList();
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("securityGroupInfo");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    NodeList childNodes = elementsByTagName.item(i).getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        Node item = childNodes.item(i2);
                        if (item.getNodeName().equals("item") && (firewall = toFirewall(context, item)) != null) {
                            arrayList.add(firewall);
                        }
                    }
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<ResourceStatus> listFirewallStatus() throws InternalException, CloudException {
        ResourceStatus status;
        APITrace.begin(this.provider, "Firewall.listFirewallStatus");
        try {
            if (this.provider.getContext() == null) {
                throw new CloudException("No context has been established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), EC2Method.DESCRIBE_SECURITY_GROUPS);
            ArrayList arrayList = new ArrayList();
            try {
                NodeList elementsByTagName = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters).invoke().getElementsByTagName("securityGroupInfo");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    NodeList childNodes = elementsByTagName.item(i).getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        Node item = childNodes.item(i2);
                        if (item.getNodeName().equals("item") && (status = toStatus(item)) != null) {
                            arrayList.add(status);
                        }
                    }
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<RuleTargetType> listSupportedDestinationTypes(boolean z) throws InternalException, CloudException {
        return Collections.singletonList(RuleTargetType.GLOBAL);
    }

    @Nonnull
    public Iterable<Direction> listSupportedDirections(boolean z) throws InternalException, CloudException {
        if (!z) {
            return Collections.singletonList(Direction.INGRESS);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(Direction.EGRESS);
        arrayList.add(Direction.INGRESS);
        return arrayList;
    }

    @Nonnull
    public Iterable<Permission> listSupportedPermissions(boolean z) throws InternalException, CloudException {
        return Collections.singletonList(Permission.ALLOW);
    }

    @Nonnull
    public Iterable<RuleTargetType> listSupportedSourceTypes(boolean z) throws InternalException, CloudException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(RuleTargetType.CIDR);
        arrayList.add(RuleTargetType.GLOBAL);
        return arrayList;
    }

    @Nonnull
    public String[] mapServiceAction(@Nonnull ServiceAction serviceAction) {
        return serviceAction.equals(FirewallSupport.ANY) ? new String[]{"ec2:*"} : serviceAction.equals(FirewallSupport.AUTHORIZE) ? new String[]{"ec2:AuthorizeSecurityGroupIngress", "ec2:AuthorizeSecurityGroupEgress"} : serviceAction.equals(FirewallSupport.CREATE_FIREWALL) ? new String[]{"ec2:CreateSecurityGroup"} : (serviceAction.equals(FirewallSupport.GET_FIREWALL) || serviceAction.equals(FirewallSupport.LIST_FIREWALL)) ? new String[]{"ec2:DescribeSecurityGroups"} : serviceAction.equals(FirewallSupport.REMOVE_FIREWALL) ? new String[]{"ec2:DeleteSecurityGroup"} : serviceAction.equals(FirewallSupport.REVOKE) ? new String[]{"ec2:RevokeSecurityGroupIngress", "ec2:RevokeSecurityGroupEgress"} : new String[0];
    }

    public void removeTags(@Nonnull String str, @Nonnull Tag... tagArr) throws CloudException, InternalException {
        removeTags(new String[]{str}, tagArr);
    }

    public void removeTags(@Nonnull String[] strArr, @Nonnull Tag... tagArr) throws CloudException, InternalException {
        APITrace.begin(getProvider(), "Firewall.removeTags");
        try {
            this.provider.removeTags(strArr, tagArr);
        } finally {
            APITrace.end();
        }
    }

    public void updateTags(@Nonnull String str, @Nonnull Tag... tagArr) throws CloudException, InternalException {
        removeTags(new String[]{str}, tagArr);
    }

    public void updateTags(@Nonnull String[] strArr, @Nonnull Tag... tagArr) throws CloudException, InternalException {
        APITrace.begin(getProvider(), "Firewall.updateTags");
        try {
            this.provider.createTags(strArr, tagArr);
        } finally {
            APITrace.end();
        }
    }

    public void revoke(@Nonnull String str) throws InternalException, CloudException {
        FirewallRule firewallRule = null;
        Iterator<Firewall> it = list().iterator();
        while (it.hasNext()) {
            String providerFirewallId = it.next().getProviderFirewallId();
            if (providerFirewallId != null) {
                Iterator<FirewallRule> it2 = getRules(providerFirewallId).iterator();
                while (true) {
                    if (it2.hasNext()) {
                        FirewallRule next = it2.next();
                        if (str.equals(next.getProviderRuleId())) {
                            firewallRule = next;
                            break;
                        }
                    }
                }
            }
        }
        if (firewallRule == null) {
            throw new CloudException("Unable to parse rule ID: " + str);
        }
        revoke(firewallRule.getFirewallId(), firewallRule.getDirection(), firewallRule.getPermission(), firewallRule.getSourceEndpoint(), firewallRule.getProtocol(), firewallRule.getDestinationEndpoint(), firewallRule.getStartPort(), firewallRule.getEndPort());
    }

    private void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull RuleTarget ruleTarget, @Nonnull Protocol protocol, @Nonnull RuleTarget ruleTarget2, int i, int i2) throws CloudException, InternalException {
        boolean equals;
        APITrace.begin(this.provider, "Firewall.revoke");
        try {
            if (Permission.DENY.equals(permission)) {
                throw new OperationNotSupportedException("AWS does not support DENY rules");
            }
            Firewall firewall = getFirewall(str);
            if (firewall == null) {
                throw new CloudException("No such firewall: " + str);
            }
            if (direction.equals(Direction.EGRESS) && firewall.getProviderVlanId() == null) {
                throw new OperationNotSupportedException("AWS does not support EGRESS rules for non-VPC security groups");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), direction.equals(Direction.INGRESS) ? EC2Method.REVOKE_SECURITY_GROUP_INGRESS : EC2Method.REVOKE_SECURITY_GROUP_EGRESS);
            String str2 = null;
            if (direction.equals(Direction.INGRESS)) {
                equals = ruleTarget.getRuleTargetType().equals(RuleTargetType.GLOBAL);
                if (equals) {
                    str2 = ruleTarget.getProviderFirewallId();
                }
            } else {
                equals = ruleTarget2.getRuleTargetType().equals(RuleTargetType.GLOBAL);
                if (equals) {
                    str2 = ruleTarget2.getProviderFirewallId();
                }
            }
            if (this.provider.getEC2Provider().isEucalyptus()) {
                standardParameters.put("GroupName", str);
                standardParameters.put("IpProtocol", protocol.name().toLowerCase());
                standardParameters.put("FromPort", String.valueOf(i));
                standardParameters.put("ToPort", i2 == -1 ? String.valueOf(i) : String.valueOf(i2));
                if (equals) {
                    standardParameters.put("GroupName", str2);
                } else {
                    standardParameters.put("CidrIp", ruleTarget.getCidr());
                }
            } else {
                standardParameters.put("GroupId", str);
                standardParameters.put("IpPermissions.1.IpProtocol", protocol.name().toLowerCase());
                standardParameters.put("IpPermissions.1.FromPort", String.valueOf(i));
                standardParameters.put("IpPermissions.1.ToPort", i2 == -1 ? String.valueOf(i) : String.valueOf(i2));
                if (equals) {
                    if (str2.startsWith("sg-")) {
                        standardParameters.put("IpPermissions.1.Groups.1.GroupId", str2);
                    } else {
                        standardParameters.put("IpPermissions.1.Groups.1.GroupName", str2);
                    }
                } else if (direction.equals(Direction.INGRESS)) {
                    standardParameters.put("IpPermissions.1.IpRanges.1.CidrIp", ruleTarget.getCidr());
                } else {
                    standardParameters.put("IpPermissions.1.IpRanges.1.CidrIp", ruleTarget2.getCidr());
                }
            }
            EC2Method eC2Method = new EC2Method(this.provider, this.provider.getEc2Url(), standardParameters);
            try {
                eC2Method.checkSuccess(eC2Method.invoke().getElementsByTagName("return"));
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull Permission permission, @Nonnull String str2, @Nonnull Protocol protocol, @Nonnull RuleTarget ruleTarget, int i, int i2) throws CloudException, InternalException {
        RuleTarget global = str2.startsWith("sg-") ? RuleTarget.getGlobal(str2) : RuleTarget.getCIDR(str2);
        if (direction.equals(Direction.INGRESS)) {
            revoke(str, direction, permission, global, protocol, ruleTarget, i, i2);
        } else {
            revoke(str, direction, permission, ruleTarget, protocol, global, i, i2);
        }
    }

    public boolean supportsFirewallCreation(boolean z) throws CloudException, InternalException {
        return true;
    }

    public boolean supportsFirewallSources() throws CloudException, InternalException {
        return true;
    }

    public boolean supportsRules(@Nonnull Direction direction, @Nonnull Permission permission, boolean z) throws CloudException, InternalException {
        return permission.equals(Permission.ALLOW) && !(z && this.provider.getEC2Provider().isEucalyptus()) && (z || direction.equals(Direction.INGRESS));
    }

    @Nullable
    private Firewall toFirewall(@Nonnull ProviderContext providerContext, @Nullable Node node) {
        if (node == null) {
            return null;
        }
        String str = null;
        String str2 = null;
        String str3 = null;
        NodeList childNodes = node.getChildNodes();
        Taggable firewall = new Firewall();
        String regionId = providerContext.getRegionId();
        String str4 = null;
        if (regionId == null) {
            return null;
        }
        firewall.setRegionId(regionId);
        firewall.setAvailable(true);
        firewall.setActive(true);
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String nodeName = item.getNodeName();
            if (nodeName.equals("groupName")) {
                str = item.getFirstChild().getNodeValue().trim();
            } else if (nodeName.equals("groupDescription")) {
                str3 = item.getFirstChild().getNodeValue().trim();
            } else if (nodeName.equals("groupId")) {
                str2 = item.getFirstChild().getNodeValue().trim();
            } else if (nodeName.equals("vpcId")) {
                if (item.hasChildNodes()) {
                    str4 = item.getFirstChild().getNodeValue();
                    if (str4 != null) {
                        str4 = str4.trim();
                    }
                }
            } else if (nodeName.equals("tagSet")) {
                this.provider.setTags(item, firewall);
            }
        }
        if (str2 == null) {
            if (str == null) {
                return null;
            }
            str2 = str;
        }
        if (str == null) {
            str = str2;
        }
        firewall.setProviderFirewallId(str2);
        firewall.setName(str);
        if (str3 == null) {
            str3 = str;
        }
        firewall.setDescription(str3);
        if (str4 != null) {
            firewall.setName(firewall.getName() + " (VPC " + str4 + ")");
            firewall.setProviderVlanId(str4);
        }
        return firewall;
    }

    @Nonnull
    private Collection<FirewallRule> toFirewallRules(@Nonnull String str, @Nullable Node node, @Nonnull Direction direction) {
        ArrayList arrayList = new ArrayList();
        if (node == null) {
            return arrayList;
        }
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        NodeList childNodes = node.getChildNodes();
        int i = -2;
        int i2 = -2;
        Protocol protocol = Protocol.TCP;
        for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
            Node item = childNodes.item(i3);
            String nodeName = item.getNodeName();
            if (nodeName.equals("ipProtocol")) {
                String trim = item.getFirstChild().getNodeValue().trim();
                protocol = (trim.equals("") || trim.equals("-1")) ? Protocol.ICMP : Protocol.valueOf(item.getFirstChild().getNodeValue().trim().toUpperCase());
            } else if (nodeName.equals("fromPort")) {
                i = Integer.parseInt(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equals("toPort")) {
                i2 = Integer.parseInt(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equals("groups") && item.hasChildNodes()) {
                NodeList childNodes2 = item.getChildNodes();
                for (int i4 = 0; i4 < childNodes2.getLength(); i4++) {
                    Node item2 = childNodes2.item(i4);
                    if (item2.getNodeName().equals("item") && item2.hasChildNodes()) {
                        NodeList childNodes3 = item2.getChildNodes();
                        String str2 = null;
                        String str3 = null;
                        for (int i5 = 0; i5 < childNodes3.getLength(); i5++) {
                            Node item3 = childNodes3.item(i5);
                            if (item3.getNodeName().equals("groupId")) {
                                str2 = item3.getFirstChild().getNodeValue().trim();
                            }
                            if (item3.getNodeName().equals("groupName")) {
                                str3 = item3.getFirstChild().getNodeValue().trim();
                            }
                        }
                        if (str2 != null) {
                            arrayList3.add(str2);
                        } else if (str3 != null) {
                            arrayList3.add(str3);
                        }
                    }
                }
            } else if (nodeName.equals("ipRanges") && item.hasChildNodes()) {
                NodeList childNodes4 = item.getChildNodes();
                for (int i6 = 0; i6 < childNodes4.getLength(); i6++) {
                    Node item4 = childNodes4.item(i6);
                    if (item4.getNodeName().equals("item") && item4.hasChildNodes()) {
                        NodeList childNodes5 = item4.getChildNodes();
                        for (int i7 = 0; i7 < childNodes5.getLength(); i7++) {
                            Node item5 = childNodes5.item(i7);
                            if (item5.getNodeName().equals("cidrIp")) {
                                arrayList2.add(item5.getFirstChild().getNodeValue());
                            }
                        }
                    }
                }
            }
        }
        Iterator it = arrayList3.iterator();
        while (it.hasNext()) {
            String str4 = (String) it.next();
            if (direction.equals(Direction.INGRESS)) {
                arrayList.add(FirewallRule.getInstance((String) null, str, RuleTarget.getGlobal(str4), direction, protocol, Permission.ALLOW, RuleTarget.getGlobal(str), i, i2));
            } else {
                arrayList.add(FirewallRule.getInstance((String) null, str, RuleTarget.getGlobal(str), direction, protocol, Permission.ALLOW, RuleTarget.getGlobal(str4), i, i2));
            }
        }
        Iterator it2 = arrayList2.iterator();
        while (it2.hasNext()) {
            String str5 = (String) it2.next();
            if (direction.equals(Direction.INGRESS)) {
                arrayList.add(FirewallRule.getInstance((String) null, str, RuleTarget.getCIDR(str5), direction, protocol, Permission.ALLOW, RuleTarget.getGlobal(str), i, i2));
            } else {
                arrayList.add(FirewallRule.getInstance((String) null, str, RuleTarget.getGlobal(str), direction, protocol, Permission.ALLOW, RuleTarget.getCIDR(str5), i, i2));
            }
        }
        return arrayList;
    }

    @Nullable
    private ResourceStatus toStatus(@Nullable Node node) {
        if (node == null) {
            return null;
        }
        NodeList childNodes = node.getChildNodes();
        String str = null;
        String str2 = null;
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String nodeName = item.getNodeName();
            if (nodeName.equals("groupName")) {
                str2 = item.getFirstChild().getNodeValue().trim();
            } else if (nodeName.equals("groupId")) {
                str = item.getFirstChild().getNodeValue().trim();
            }
        }
        if (str == null && str2 == null) {
            return null;
        }
        if (str == null) {
            str = str2;
        }
        return new ResourceStatus(str, true);
    }
}
