package org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl;

import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.ImmutableTable;
import com.google.common.collect.Sets;
import com.google.common.collect.UnmodifiableIterator;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.VppPathMapper;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.PolicyContext;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListUtil;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
import org.opendaylight.groupbasedpolicy.util.EndpointUtils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.L2BridgeDomain;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/groupbasedpolicy/renderer/vpp/policy/acl/AclManager.class */
public class AclManager {
    private static final Logger LOG = LoggerFactory.getLogger(AclManager.class);
    private final MountedDataBrokerProvider mountDataProvider;
    private static ImmutableTable<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> multipleEndpointsOnInterface;

    public AclManager(@Nonnull MountedDataBrokerProvider mountedDataBrokerProvider) {
        this.mountDataProvider = (MountedDataBrokerProvider) Preconditions.checkNotNull(mountedDataBrokerProvider);
    }

    public List<AccessListWrapper> resolveAclsOnInterface(RendererEndpointKey rendererEndpointKey, PolicyContext policyContext) {
        ArrayList arrayList = new ArrayList();
        for (AccessListUtil.ACE_DIRECTION ace_direction : new AccessListUtil.ACE_DIRECTION[]{AccessListUtil.ACE_DIRECTION.INGRESS, AccessListUtil.ACE_DIRECTION.EGRESS}) {
            arrayList.add(buildAccessListWrappers(ace_direction, policyContext, rendererEndpointKey));
        }
        return arrayList;
    }

    private static AccessListWrapper buildAccessListWrappers(AccessListUtil.ACE_DIRECTION ace_direction, PolicyContext policyContext, RendererEndpointKey rendererEndpointKey) {
        LOG.trace("Resolving policy for VPP renderer endpoint {} in a separate thread in {} direction.", rendererEndpointKey, ace_direction);
        AccessListWrapper ingressAccessListWrapper = AccessListUtil.ACE_DIRECTION.INGRESS.equals(ace_direction) ? new IngressAccessListWrapper() : new EgressAccessListWrapper();
        AccessListUtil.configureLocalRules(policyContext, rendererEndpointKey, ace_direction, ingressAccessListWrapper);
        UnmodifiableIterator it = otherEndpointsOnTheSameInterface(policyContext, AddressEndpointUtils.fromRendererEpKey(rendererEndpointKey)).iterator();
        while (it.hasNext()) {
            AccessListUtil.configureLocalRules(policyContext, AddressEndpointUtils.toRendererEpKey((AddressEndpointKey) it.next()), ace_direction, ingressAccessListWrapper);
        }
        ingressAccessListWrapper.writeRules(AccessListUtil.denyDomainSubnets(policyContext, ace_direction));
        if (rendererEndpointKey.getContextType().isAssignableFrom(L2BridgeDomain.class) && AccessListUtil.findAddrEp(policyContext, rendererEndpointKey) != null) {
            Optional<GbpAceBuilder> allowExternalNetworksForEp = AccessListUtil.allowExternalNetworksForEp(AccessListUtil.findAddrEp(policyContext, rendererEndpointKey), ace_direction);
            if (allowExternalNetworksForEp.isPresent()) {
                ingressAccessListWrapper.writeRule((GbpAceBuilder) allowExternalNetworksForEp.get());
            }
        }
        return ingressAccessListWrapper;
    }

    public void updateAclsForPeers(PolicyContext policyContext, RendererEndpointKey rendererEndpointKey) {
        Iterator it = ((List) ((List) policyContext.getPolicyTable().row(rendererEndpointKey).keySet().stream().map(AddressEndpointUtils::fromPeerEpKey).collect(Collectors.toList())).stream().map(AddressEndpointUtils::toRendererEpKey).collect(Collectors.toList())).iterator();
        while (it.hasNext()) {
            updateAclsForRendEp((RendererEndpointKey) it.next(), policyContext);
        }
    }

    public void updateAclsForRendEp(RendererEndpointKey rendererEndpointKey, PolicyContext policyContext) {
        LOG.info("Updating policy for endpoint {}", rendererEndpointKey);
        AddressEndpointWithLocation addressEndpointWithLocation = (AddressEndpointWithLocation) policyContext.getAddrEpByKey().get(KeyFactory.addressEndpointKey(rendererEndpointKey));
        try {
            ExternalLocationCase resolveAndValidateLocation = InterfaceManager.resolveAndValidateLocation(addressEndpointWithLocation);
            InstanceIdentifier<?> externalNodeMountPoint = resolveAndValidateLocation.getExternalNodeMountPoint();
            Optional<InstanceIdentifier<Interface>> interfaceToInstanceIdentifier = VppPathMapper.interfaceToInstanceIdentifier(resolveAndValidateLocation.getExternalNodeConnector());
            if (!interfaceToInstanceIdentifier.isPresent()) {
                LOG.warn("Cannot  find interface for endpoint {}. ACLs for endpoint not updated {}. ", rendererEndpointKey);
            } else {
                Optional<DataBroker> dataBrokerForMountPoint = this.mountDataProvider.getDataBrokerForMountPoint(externalNodeMountPoint);
                resolveAclsOnInterface(rendererEndpointKey, policyContext).forEach(accessListWrapper -> {
                    accessListWrapper.writeAcl((DataBroker) dataBrokerForMountPoint.get(), (InterfaceKey) ((InstanceIdentifier) interfaceToInstanceIdentifier.get()).firstKeyOf(Interface.class));
                });
            }
        } catch (IllegalArgumentException | NullPointerException e) {
            LOG.warn("Peer {} has no location. Moving on...", addressEndpointWithLocation, e.getMessage());
        }
    }

    public void cacheMultiInterfaces(@Nonnull PolicyContext policyContext) {
        ImmutableTable.Builder<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> builder = new ImmutableTable.Builder<>();
        resolveEndpointsOnMultipleInterface(ImmutableList.copyOf(policyContext.getAddrEpByKey().values()), builder);
        multipleEndpointsOnInterface = builder.build();
    }

    private void resolveEndpointsOnMultipleInterface(@Nullable List<AddressEndpointWithLocation> list, @Nonnull ImmutableTable.Builder<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> builder) {
        if (list == null || list.isEmpty()) {
            return;
        }
        final java.util.Optional<AddressEndpointWithLocation> findAny = list.stream().filter(addressEndpointWithLocation -> {
            return EndpointUtils.getExternalLocationFrom(addressEndpointWithLocation).isPresent();
        }).findAny();
        if (findAny.isPresent()) {
            Predicate<AddressEndpointWithLocation> predicate = new Predicate<AddressEndpointWithLocation>() { // from class: org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager.1
                @Override // java.util.function.Predicate
                public boolean test(AddressEndpointWithLocation addressEndpointWithLocation2) {
                    return AddressEndpointUtils.sameExternalLocationCase((AddressEndpointWithLocation) findAny.get(), addressEndpointWithLocation2);
                }
            };
            Optional externalLocationFrom = EndpointUtils.getExternalLocationFrom(findAny.get());
            builder.put(((ExternalLocationCase) externalLocationFrom.get()).getExternalNodeMountPoint().firstKeyOf(Node.class).getNodeId(), new InterfaceKey(((ExternalLocationCase) externalLocationFrom.get()).getExternalNodeConnector()), ImmutableSet.copyOf((Set) list.stream().filter(predicate).map(addressEndpointWithLocation2 -> {
                return AddressEndpointUtils.fromAddressEndpointWithLocationKey(addressEndpointWithLocation2.getKey());
            }).collect(Collectors.toSet())));
            List<AddressEndpointWithLocation> list2 = (List) list.stream().filter(predicate.negate().or(addressEndpointWithLocation3 -> {
                return !EndpointUtils.getExternalLocationFrom(addressEndpointWithLocation3).isPresent();
            })).collect(Collectors.toList());
            if (list2.isEmpty()) {
                return;
            }
            resolveEndpointsOnMultipleInterface(list2, builder);
        }
    }

    @Nonnull
    public static ImmutableSet<AddressEndpointKey> otherEndpointsOnTheSameInterface(@Nonnull PolicyContext policyContext, @Nonnull AddressEndpointKey addressEndpointKey) {
        if (multipleEndpointsOnInterface != null) {
            UnmodifiableIterator it = multipleEndpointsOnInterface.columnKeySet().iterator();
            while (it.hasNext()) {
                InterfaceKey interfaceKey = (InterfaceKey) it.next();
                UnmodifiableIterator it2 = multipleEndpointsOnInterface.column(interfaceKey).keySet().iterator();
                while (it2.hasNext()) {
                    NodeId nodeId = (NodeId) it2.next();
                    ImmutableSet immutableSet = (ImmutableSet) multipleEndpointsOnInterface.get(nodeId, interfaceKey);
                    if (immutableSet != null && immutableSet.contains(addressEndpointKey) && immutableSet.size() > 1) {
                        return (ImmutableSet) multipleEndpointsOnInterface.get(nodeId, interfaceKey);
                    }
                }
            }
        }
        return ImmutableSet.copyOf(Sets.newHashSet());
    }
}
