package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import java.util.ArrayList;
import java.util.List;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;
import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.EtherTypeClassifier;
import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.IpProtoClassifier;
import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.L4Classifier;
import org.opendaylight.neutron.spi.NeutronSecurityRule;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.RuleName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRefBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRefBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraintsBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraintsBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.l3.endpoint.identification.constraints.PrefixConstraintBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.parameter.value.RangeValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.Clause;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.ClauseBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.Subject;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.SubjectBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.clause.ConsumerMatchersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.clause.ProviderMatchersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.subject.Rule;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.contract.subject.RuleBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.subject.feature.instances.ClassifierInstance;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.subject.feature.instances.ClassifierInstanceBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/groupbasedpolicy/neutron/mapper/mapping/TransformSecRule.class */
public class TransformSecRule {
    private static final Logger LOG = LoggerFactory.getLogger(TransformSecRule.class);
    private static final List<ActionRef> ACTION_REF_ALLOW = ImmutableList.of(new ActionRefBuilder().setName(MappingUtils.ACTION_ALLOW.getName()).setOrder(0).build());
    private final NeutronSecurityRule secRule;
    private final TenantId tenantId;
    private final EndpointGroupId providerEpgId;
    private final EndpointGroupId consumerEpgId;
    private final SubjectName subjectName;
    private final ClauseName clauseName;
    private final IpPrefix ipPrefix;
    private final int subjectOrder;
    private final ClassifierName classifierName;
    private final RuleName ruleName;

    public TransformSecRule(NeutronSecurityRule neutronSecurityRule) {
        this.secRule = (NeutronSecurityRule) Preconditions.checkNotNull(neutronSecurityRule);
        this.tenantId = new TenantId(Utils.normalizeUuid(neutronSecurityRule.getSecurityRuleTenantID()));
        this.providerEpgId = new EndpointGroupId(neutronSecurityRule.getSecurityRuleGroupID());
        if (!Strings.isNullOrEmpty(neutronSecurityRule.getSecurityRemoteGroupID())) {
            this.consumerEpgId = new EndpointGroupId(neutronSecurityRule.getSecurityRemoteGroupID());
            if (!isEpgIdRouterOrDhcp(this.providerEpgId) || Strings.isNullOrEmpty(neutronSecurityRule.getSecurityRuleRemoteIpPrefix())) {
                this.ipPrefix = null;
            } else {
                this.ipPrefix = Utils.createIpPrefix(neutronSecurityRule.getSecurityRuleRemoteIpPrefix());
            }
            this.subjectOrder = 0;
        } else if (Strings.isNullOrEmpty(neutronSecurityRule.getSecurityRuleRemoteIpPrefix())) {
            this.consumerEpgId = MappingUtils.EPG_ANY_ID;
            this.ipPrefix = null;
            this.subjectOrder = 1;
        } else {
            this.consumerEpgId = MappingUtils.EPG_ANY_ID;
            this.ipPrefix = Utils.createIpPrefix(neutronSecurityRule.getSecurityRuleRemoteIpPrefix());
            this.subjectOrder = 0;
        }
        this.subjectName = createSubjectName();
        this.clauseName = new ClauseName(this.subjectName.getValue());
        this.classifierName = new ClassifierName(MappingUtils.NEUTRON_RULE__ + neutronSecurityRule.getSecurityRuleUUID());
        this.ruleName = new RuleName("neutron_rule__Allow--" + this.classifierName.getValue());
    }

    private SubjectName createSubjectName() {
        if (this.ipPrefix == null) {
            return new SubjectName(MappingUtils.NEUTRON_RULE__ + this.providerEpgId.getValue() + "__" + this.consumerEpgId.getValue());
        }
        return new SubjectName(MappingUtils.NEUTRON_RULE__ + this.providerEpgId.getValue() + "__" + Utils.getStringIpPrefix(this.ipPrefix).replace('/', '_') + "__" + this.consumerEpgId.getValue());
    }

    public Clause createClause() {
        ClauseBuilder subjectRefs = new ClauseBuilder().setName(this.clauseName).setSubjectRefs(ImmutableList.of(this.subjectName));
        if (this.ipPrefix != null) {
            subjectRefs.setConsumerMatchers(new ConsumerMatchersBuilder().setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder().setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder().setPrefixConstraint(ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(this.ipPrefix).build())).build()).build()).build());
            if (isEpgIdRouterOrDhcp(this.providerEpgId)) {
                subjectRefs.setProviderMatchers(new ProviderMatchersBuilder().setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder().setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder().setPrefixConstraint(ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(this.ipPrefix).build())).build()).build()).build());
            }
        }
        return subjectRefs.build();
    }

    private static boolean isEpgIdRouterOrDhcp(EndpointGroupId endpointGroupId) {
        return MappingUtils.EPG_ROUTER_ID.equals(endpointGroupId) || MappingUtils.EPG_DHCP_ID.equals(endpointGroupId);
    }

    public ClassifierInstance createClassifier() {
        ClassifierInstanceBuilder name = new ClassifierInstanceBuilder().setName(this.classifierName);
        ArrayList arrayList = new ArrayList();
        Integer securityRulePortMin = this.secRule.getSecurityRulePortMin();
        Integer securityRulePortMax = this.secRule.getSecurityRulePortMax();
        if (securityRulePortMin != null && securityRulePortMax != null) {
            name.setClassifierDefinitionId(L4Classifier.DEFINITION.getId());
            if (securityRulePortMin.equals(securityRulePortMax)) {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("destport")).setIntValue(Long.valueOf(securityRulePortMin.longValue())).build());
            } else {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("destport_range")).setRangeValue(new RangeValueBuilder().setMin(Long.valueOf(securityRulePortMin.longValue())).setMax(Long.valueOf(securityRulePortMax.longValue())).build()).build());
            }
        }
        String securityRuleProtocol = this.secRule.getSecurityRuleProtocol();
        if (!Strings.isNullOrEmpty(securityRuleProtocol)) {
            if (name.getClassifierDefinitionId() == null) {
                name.setClassifierDefinitionId(IpProtoClassifier.DEFINITION.getId());
            }
            if (NeutronUtils.TCP.equals(securityRuleProtocol)) {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(IpProtoClassifier.TCP_VALUE).build());
            } else if (NeutronUtils.UDP.equals(securityRuleProtocol)) {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(IpProtoClassifier.UDP_VALUE).build());
            } else if (NeutronUtils.ICMP.equals(securityRuleProtocol)) {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(1L).build());
            } else {
                if (!NeutronUtils.NULL.equals(securityRuleProtocol)) {
                    throw new IllegalArgumentException("Protocol " + securityRuleProtocol + " is not supported.");
                }
                LOG.debug("Protocol is not specified in security group rule {}", this.secRule.getSecurityRuleUUID());
            }
        }
        String securityRuleEthertype = this.secRule.getSecurityRuleEthertype();
        if (!Strings.isNullOrEmpty(securityRuleEthertype)) {
            if (name.getClassifierDefinitionId() == null) {
                name.setClassifierDefinitionId(EtherTypeClassifier.DEFINITION.getId());
            }
            if (NeutronUtils.IPv4.equals(securityRuleEthertype)) {
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("ethertype")).setIntValue(EtherTypeClassifier.IPv4_VALUE).build());
            } else {
                if (!NeutronUtils.IPv6.equals(securityRuleEthertype)) {
                    throw new IllegalArgumentException("Ethertype " + securityRuleEthertype + " is not supported.");
                }
                arrayList.add(new ParameterValueBuilder().setName(new ParameterName("ethertype")).setIntValue(EtherTypeClassifier.IPv6_VALUE).build());
            }
        }
        return name.setParameterValue(arrayList).build();
    }

    public Rule createRule(int i) {
        return new RuleBuilder().setName(this.ruleName).setOrder(Integer.valueOf(i)).setActionRef(ACTION_REF_ALLOW).setClassifierRef(ImmutableList.of(createClassifierRef())).build();
    }

    public Subject createSubject() {
        return new SubjectBuilder().setName(this.subjectName).setOrder(Integer.valueOf(this.subjectOrder)).build();
    }

    private ClassifierRef createClassifierRef() {
        ClassifierRefBuilder instanceName = new ClassifierRefBuilder().setName(this.classifierName).setConnectionTracking(ClassifierRef.ConnectionTracking.Reflexive).setInstanceName(this.classifierName);
        String securityRuleDirection = this.secRule.getSecurityRuleDirection();
        if (NeutronUtils.INGRESS.equals(securityRuleDirection)) {
            instanceName.setDirection(HasDirection.Direction.In);
        } else {
            if (!NeutronUtils.EGRESS.equals(securityRuleDirection)) {
                throw new IllegalArgumentException("Direction " + securityRuleDirection + " from security group rule " + this.secRule.getSecurityRuleUUID() + " is not supported. Direction can be only 'ingress' or 'egress'.");
            }
            instanceName.setDirection(HasDirection.Direction.Out);
        }
        return instanceName.build();
    }

    public TenantId getTenantId() {
        return this.tenantId;
    }

    public EndpointGroupId getProviderEpgId() {
        return this.providerEpgId;
    }

    public EndpointGroupId getConsumerEpgId() {
        return this.consumerEpgId;
    }

    public SubjectName getSubjectName() {
        return this.subjectName;
    }

    public ClauseName getClauseName() {
        return this.clauseName;
    }

    public IpPrefix getIpPrefix() {
        return this.ipPrefix;
    }

    public ClassifierName getClassifierName() {
        return this.classifierName;
    }

    public RuleName getRuleName() {
        return this.ruleName;
    }
}
