package org.dasein.cloud.cloudstack.network;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Locale;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.log4j.Logger;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.OperationNotSupportedException;
import org.dasein.cloud.ProviderContext;
import org.dasein.cloud.cloudstack.CSCloud;
import org.dasein.cloud.cloudstack.CSException;
import org.dasein.cloud.cloudstack.CSMethod;
import org.dasein.cloud.cloudstack.Param;
import org.dasein.cloud.identity.ServiceAction;
import org.dasein.cloud.network.Direction;
import org.dasein.cloud.network.Firewall;
import org.dasein.cloud.network.FirewallRule;
import org.dasein.cloud.network.FirewallSupport;
import org.dasein.cloud.network.Permission;
import org.dasein.cloud.network.Protocol;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/dasein/cloud/cloudstack/network/SecurityGroup.class */
public class SecurityGroup implements FirewallSupport {
    private static final Logger logger = Logger.getLogger(SecurityGroup.class);
    public static final String AUTHORIZE_SECURITY_GROUP_INGRESS = "authorizeSecurityGroupIngress";
    public static final String CREATE_SECURITY_GROUP = "createSecurityGroup";
    public static final String DELETE_SECURITY_GROUP = "deleteSecurityGroup";
    public static final String LIST_SECURITY_GROUPS = "listSecurityGroups";
    public static final String REVOKE_SECURITY_GROUP_INGRESS = "revokeSecurityGroupIngress";
    private CSCloud cloudstack;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityGroup(CSCloud cSCloud) {
        this.cloudstack = cSCloud;
    }

    @Nonnull
    @Deprecated
    public String authorize(@Nonnull String str, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        return authorize(str, Direction.INGRESS, str2, protocol, i, i2);
    }

    @Nonnull
    public String authorize(@Nonnull String str, @Nonnull Direction direction, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        if (!direction.equals(Direction.INGRESS)) {
            throw new OperationNotSupportedException("No egress rules are supported");
        }
        Param[] paramArr = {new Param("securitygroupid", str), new Param("cidrlist", str2), new Param("startport", String.valueOf(i)), new Param("endport", String.valueOf(i2)), new Param("protocol", protocol.name())};
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        cSMethod.get(cSMethod.buildUrl(AUTHORIZE_SECURITY_GROUP_INGRESS, paramArr));
        for (FirewallRule firewallRule : getRules(str)) {
            if (str2.equals(firewallRule.getCidr()) && protocol.equals(firewallRule.getProtocol()) && firewallRule.getStartPort() == i && firewallRule.getEndPort() == i2) {
                return firewallRule.getProviderRuleId();
            }
        }
        throw new CloudException("Unable to identify newly created firewall rule ID");
    }

    @Nonnull
    public String create(@Nonnull String str, @Nonnull String str2) throws InternalException, CloudException {
        Param[] paramArr = {new Param("name", str), new Param("description", str2)};
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        NodeList elementsByTagName = cSMethod.get(cSMethod.buildUrl(CREATE_SECURITY_GROUP, paramArr)).getElementsByTagName("id");
        String str3 = null;
        if (elementsByTagName.getLength() > 0) {
            str3 = elementsByTagName.item(0).getFirstChild().getNodeValue();
        }
        if (str3 == null) {
            throw new CloudException("Failed to create firewall");
        }
        return str3;
    }

    @Nonnull
    public String createInVLAN(@Nonnull String str, @Nonnull String str2, @Nonnull String str3) throws InternalException, CloudException {
        throw new OperationNotSupportedException("Firewalls may not be created for specified VLANs");
    }

    public void delete(@Nonnull String str) throws InternalException, CloudException {
        for (FirewallRule firewallRule : getRules(str)) {
            String cidr = firewallRule.getCidr();
            Protocol protocol = firewallRule.getProtocol();
            Direction direction = firewallRule.getDirection();
            revoke(str, direction == null ? Direction.INGRESS : direction, cidr == null ? "0.0.0.0/0" : cidr, protocol == null ? Protocol.TCP : protocol, firewallRule.getStartPort(), firewallRule.getEndPort());
        }
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        cSMethod.get(cSMethod.buildUrl(DELETE_SECURITY_GROUP, new Param("id", str)));
    }

    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable, org.dasein.cloud.cloudstack.CSException] */
    @Nullable
    public Firewall getFirewall(@Nonnull String str) throws InternalException, CloudException {
        Firewall firewall;
        ProviderContext context = this.cloudstack.getContext();
        if (context == null) {
            throw new CloudException("No context was set for this request");
        }
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        try {
            NodeList elementsByTagName = cSMethod.get(cSMethod.buildUrl(LIST_SECURITY_GROUPS, new Param("id", str))).getElementsByTagName("securitygroup");
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Node item = elementsByTagName.item(i);
                if (item != null && (firewall = toFirewall(item, context)) != null) {
                    return firewall;
                }
            }
            return null;
        } catch (CSException e) {
            if (e.getHttpCode() == 431) {
                return null;
            }
            throw e;
        }
    }

    @Nonnull
    public String getProviderTermForFirewall(@Nonnull Locale locale) {
        return "security group";
    }

    @Nonnull
    public Collection<FirewallRule> getRules(@Nonnull String str) throws InternalException, CloudException {
        FirewallRule rule;
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        Document document = cSMethod.get(cSMethod.buildUrl(LIST_SECURITY_GROUPS, new Param("id", str)));
        ArrayList arrayList = new ArrayList();
        NodeList elementsByTagName = document.getElementsByTagName("ingressrule");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item != null && (rule = toRule(str, item)) != null) {
                arrayList.add(rule);
            }
        }
        return arrayList;
    }

    public boolean isSubscribed() throws CloudException, InternalException {
        ProviderContext context = this.cloudstack.getContext();
        if (context == null) {
            throw new CloudException("No context was set for this request");
        }
        String regionId = context.getRegionId();
        if (regionId == null) {
            throw new CloudException("No region was set for this request");
        }
        return this.cloudstack.m2getDataCenterServices().supportsSecurityGroups(regionId, false);
    }

    @Nonnull
    public Collection<Firewall> list() throws InternalException, CloudException {
        Firewall firewall;
        ProviderContext context = this.cloudstack.getContext();
        if (context == null) {
            throw new CloudException("No context was set for this request");
        }
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        Document document = cSMethod.get(cSMethod.buildUrl(LIST_SECURITY_GROUPS, new Param[0]));
        ArrayList arrayList = new ArrayList();
        NodeList elementsByTagName = document.getElementsByTagName("securitygroup");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item != null && (firewall = toFirewall(item, context)) != null) {
                arrayList.add(firewall);
            }
        }
        return arrayList;
    }

    @Nonnull
    public Iterable<String> listFirewallsForVM(@Nonnull String str) throws CloudException, InternalException {
        Firewall firewall;
        ProviderContext context = this.cloudstack.getContext();
        if (context == null) {
            throw new CloudException("No context was set for this request");
        }
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        Document document = cSMethod.get(cSMethod.buildUrl(LIST_SECURITY_GROUPS, new Param("virtualmachineId", str)));
        ArrayList arrayList = new ArrayList();
        NodeList elementsByTagName = document.getElementsByTagName("securitygroup");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item != null && (firewall = toFirewall(item, context)) != null) {
                arrayList.add(firewall.getProviderFirewallId());
            }
        }
        return arrayList;
    }

    @Nonnull
    public String[] mapServiceAction(@Nonnull ServiceAction serviceAction) {
        return new String[0];
    }

    public void revoke(@Nonnull String str, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        revoke(str, Direction.INGRESS, str2, protocol, i, i2);
    }

    public void revoke(@Nonnull String str, @Nonnull Direction direction, @Nonnull String str2, @Nonnull Protocol protocol, int i, int i2) throws CloudException, InternalException {
        FirewallRule firewallRule = null;
        if (!Direction.INGRESS.equals(direction)) {
            throw new OperationNotSupportedException("Only ingress rules are supported");
        }
        Iterator<FirewallRule> it = getRules(str).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            FirewallRule next = it.next();
            if (str2.equals(next.getCidr()) && protocol.equals(next.getProtocol()) && next.getStartPort() == i && next.getEndPort() == i2) {
                firewallRule = next;
                break;
            }
        }
        if (firewallRule == null) {
            logger.warn("No such rule for " + str + ": " + str2 + "/" + protocol + "/" + i + "/" + i2);
            return;
        }
        Param[] paramArr = {new Param("id", firewallRule.getProviderRuleId())};
        CSMethod cSMethod = new CSMethod(this.cloudstack);
        cSMethod.get(cSMethod.buildUrl(REVOKE_SECURITY_GROUP_INGRESS, paramArr));
    }

    public boolean supportsRules(@Nonnull Direction direction, boolean z) throws CloudException, InternalException {
        return Direction.INGRESS.equals(direction) && !z;
    }

    @Nullable
    private Firewall toFirewall(@Nullable Node node, @Nonnull ProviderContext providerContext) throws CloudException, InternalException {
        if (node == null) {
            return null;
        }
        String regionId = providerContext.getRegionId();
        if (regionId == null) {
            throw new CloudException("No region was specified for this request");
        }
        NodeList childNodes = node.getChildNodes();
        Firewall firewall = new Firewall();
        firewall.setActive(true);
        firewall.setAvailable(true);
        firewall.setRegionId(regionId);
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String lowerCase = item.getNodeName().toLowerCase();
            String nodeValue = item.getChildNodes().getLength() > 0 ? item.getFirstChild().getNodeValue() : null;
            if (lowerCase.equalsIgnoreCase("id") && nodeValue != null) {
                firewall.setProviderFirewallId(nodeValue);
            } else if (lowerCase.equalsIgnoreCase("description") && nodeValue != null) {
                firewall.setDescription(nodeValue);
            } else if (lowerCase.equalsIgnoreCase("name") && nodeValue != null) {
                firewall.setName(nodeValue);
            }
        }
        if (firewall.getProviderFirewallId() == null) {
            logger.warn("Discovered firewall " + firewall.getProviderFirewallId() + " with an empty firewall ID");
            return null;
        }
        String providerFirewallId = firewall.getProviderFirewallId();
        if (providerFirewallId == null) {
            return null;
        }
        String name = firewall.getName();
        if (name == null) {
            name = providerFirewallId;
            firewall.setName(name);
        }
        if (firewall.getDescription() == null) {
            firewall.setDescription(name);
        }
        return firewall;
    }

    private FirewallRule toRule(String str, Node node) {
        if (node == null) {
            return null;
        }
        NodeList childNodes = node.getChildNodes();
        FirewallRule firewallRule = new FirewallRule();
        firewallRule.setFirewallId(str);
        firewallRule.setPermission(Permission.ALLOW);
        firewallRule.setDirection(Direction.INGRESS);
        firewallRule.setCidr("0.0.0.0/0");
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String lowerCase = item.getNodeName().toLowerCase();
            String nodeValue = item.getChildNodes().getLength() > 0 ? item.getFirstChild().getNodeValue() : null;
            if (lowerCase.equalsIgnoreCase("cidr") && nodeValue != null) {
                firewallRule.setCidr(nodeValue);
            } else if (lowerCase.equalsIgnoreCase("endport") && nodeValue != null) {
                firewallRule.setEndPort(Integer.parseInt(nodeValue));
            } else if (lowerCase.equalsIgnoreCase("startport") && nodeValue != null) {
                firewallRule.setStartPort(Integer.parseInt(nodeValue));
            } else if (lowerCase.equalsIgnoreCase("protocol") && nodeValue != null) {
                firewallRule.setProtocol(Protocol.valueOf(nodeValue.toUpperCase()));
            } else if (lowerCase.equalsIgnoreCase("ruleId") && nodeValue != null) {
                firewallRule.setProviderRuleId(nodeValue);
            }
        }
        return firewallRule;
    }
}
