package org.opendaylight.plugin2oc.neutron;

import java.io.IOException;
import java.util.Iterator;
import java.util.ListIterator;
import java.util.UUID;
import net.juniper.contrail.api.ApiConnector;
import net.juniper.contrail.api.types.PolicyEntriesType;
import net.juniper.contrail.api.types.SecurityGroup;
import net.juniper.contrail.api.types.SubnetType;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpStatus;
import org.opendaylight.controller.networkconfig.neutron.INeutronSecurityRuleAware;
import org.opendaylight.controller.networkconfig.neutron.NeutronSecurityRule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/plugin2oc/neutron/SecurityGroupRulesHandler.class */
public class SecurityGroupRulesHandler implements INeutronSecurityRuleAware {
    static final Logger LOGGER = LoggerFactory.getLogger(SecurityGroupRulesHandler.class);
    static ApiConnector apiConnector;

    public int canCreateNeutronSecurityRule(NeutronSecurityRule neutronSecurityRule) {
        apiConnector = Activator.apiConnector;
        if (neutronSecurityRule == null) {
            LOGGER.error("SecurityGroupRule object can't be null..");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (neutronSecurityRule.getSecurityRuleUUID() == null || neutronSecurityRule.getSecurityRuleUUID() == StringUtils.EMPTY) {
            LOGGER.error("SecurityGroup Rule UUID can't be null/empty...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        String securityRuleUUID = neutronSecurityRule.getSecurityRuleUUID();
        if (!neutronSecurityRule.getSecurityRuleUUID().contains("-")) {
            securityRuleUUID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleUUID());
        }
        if (!Utils.isValidHexNumber(securityRuleUUID)) {
            LOGGER.info("Badly formed Hexadecimal UUID...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        UUID.fromString(securityRuleUUID).toString();
        if (neutronSecurityRule.getSecurityRuleDirection() == null || neutronSecurityRule.getSecurityRuleDirection().equals(StringUtils.EMPTY)) {
            LOGGER.error("SecurityGroup Rule direction can't be null/empty...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (!neutronSecurityRule.getSecurityRuleDirection().equalsIgnoreCase("ingress") && !neutronSecurityRule.getSecurityRuleDirection().equalsIgnoreCase("egress")) {
            LOGGER.error("SecurityGroup Rule direction invalid : Valid values are ingress/egress");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (neutronSecurityRule.getSecurityRulePortMin() == null || neutronSecurityRule.getSecurityRulePortMax() == null) {
            LOGGER.error("SecurityGroup port min/max range can't be null/empty...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (neutronSecurityRule.getSecurityRuleProtocol() == null || StringUtils.EMPTY.equals(neutronSecurityRule.getSecurityRuleProtocol())) {
            LOGGER.error("Security protocol can't be null/empty...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (!neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("tcp") && !neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("udp") && !neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("icmp") && !neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("any")) {
            LOGGER.error("Security protocol invalid : Valid values are tcp,udp,icmp and any");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if ((neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("tcp") || neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("udp")) && neutronSecurityRule.getSecurityRulePortMin().intValue() > neutronSecurityRule.getSecurityRulePortMax().intValue()) {
            LOGGER.error("SecurityGroup port min range can't be greator than port max range");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (neutronSecurityRule.getSecurityRuleProtocol().equalsIgnoreCase("icmp") && neutronSecurityRule.getSecurityRulePortMin().intValue() > 255) {
            LOGGER.error("SecurityGroup ICMP type can't be greator 255");
            return HttpStatus.SC_BAD_REQUEST;
        }
        if (neutronSecurityRule.getSecurityRuleGroupID() == null || neutronSecurityRule.getSecurityRuleGroupID().equals(StringUtils.EMPTY)) {
            LOGGER.error("Security Group ID can't be null/empty...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        if (!neutronSecurityRule.getSecurityRuleGroupID().contains("-")) {
            securityRuleGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleGroupID());
        }
        if (!Utils.isValidHexNumber(securityRuleGroupID)) {
            LOGGER.info("Badly formed Hexadecimal UUID...");
            return HttpStatus.SC_BAD_REQUEST;
        }
        try {
            SecurityGroup securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, UUID.fromString(securityRuleGroupID).toString());
            if (securityGroup == null) {
                LOGGER.warn("SecurityGroup does not exists for the specified security group ID");
                return HttpStatus.SC_FORBIDDEN;
            }
            if (securityGroup.getEntries() != null && !securityGroup.getEntries().getPolicyRule().isEmpty()) {
                ListIterator<PolicyEntriesType.PolicyRuleType> listIterator = securityGroup.getEntries().getPolicyRule().listIterator();
                while (listIterator.hasNext()) {
                    if (listIterator.next().getRuleUuid().equalsIgnoreCase(neutronSecurityRule.getSecurityRuleUUID())) {
                        LOGGER.warn("SecurityGroup rule already exsist for the specified security group");
                        return HttpStatus.SC_CONFLICT;
                    }
                }
            }
            if (neutronSecurityRule.getSecurityRemoteGroupID() == null && neutronSecurityRule.getSecurityRuleRemoteIpPrefix() == null) {
                LOGGER.error("Both SecurityGroup  remote ID and remote IP prefix can nor be null");
                return HttpStatus.SC_BAD_REQUEST;
            }
            if (neutronSecurityRule.getSecurityRuleRemoteIpPrefix() == null && neutronSecurityRule.getSecurityRemoteGroupID() != null) {
                String securityRemoteGroupID = neutronSecurityRule.getSecurityRemoteGroupID();
                if (!neutronSecurityRule.getSecurityRemoteGroupID().contains("-")) {
                    securityRemoteGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRemoteGroupID());
                }
                if (!Utils.isValidHexNumber(securityRemoteGroupID)) {
                    LOGGER.info("Badly formed Hexadecimal UUID...");
                    return HttpStatus.SC_BAD_REQUEST;
                }
                try {
                    if (((SecurityGroup) apiConnector.findById(SecurityGroup.class, UUID.fromString(securityRemoteGroupID).toString())) == null) {
                        LOGGER.warn("SecurityRemoteGroup does not exists for the specified security group ID");
                        return HttpStatus.SC_FORBIDDEN;
                    }
                } catch (IOException e) {
                    LOGGER.error("Exception :     " + e);
                    return HttpStatus.SC_INTERNAL_SERVER_ERROR;
                }
            }
            LOGGER.info("SecurityGroupRules object " + neutronSecurityRule);
            return HttpStatus.SC_OK;
        } catch (IOException e2) {
            LOGGER.error("Exception :     " + e2);
            return HttpStatus.SC_INTERNAL_SERVER_ERROR;
        }
    }

    private void createSecurityGroupRules(NeutronSecurityRule neutronSecurityRule) throws IOException {
        SecurityGroup securityGroup = null;
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        if (!neutronSecurityRule.getSecurityRuleGroupID().contains("-")) {
            securityRuleGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleGroupID());
        }
        try {
            securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, UUID.fromString(securityRuleGroupID).toString());
        } catch (IOException e) {
            LOGGER.error("Exception :     " + e);
        }
        PolicyEntriesType entries = securityGroup.getEntries();
        if (entries == null) {
            entries = new PolicyEntriesType();
        }
        securityGroup.setEntries(mapSecurityGroupRuleProperties(neutronSecurityRule, entries));
        try {
            if (!apiConnector.update(securityGroup)) {
                LOGGER.warn("SecurityGroup rule creation failed1..");
            } else {
                LOGGER.info("SecurityGroup rule creation success..");
                LOGGER.info("SecurityGroup : " + securityGroup.getName() + "  having UUID : " + securityGroup.getUuid() + "  sucessfully added with Security Group Rule");
            }
        } catch (IOException e2) {
            LOGGER.warn("SecurityGroup rule creation failed2..");
        }
    }

    public void neutronSecurityRuleCreated(NeutronSecurityRule neutronSecurityRule) {
        apiConnector = Activator.apiConnector;
        try {
            createSecurityGroupRules(neutronSecurityRule);
        } catch (IOException e) {
            LOGGER.error("Exception :     " + e);
        }
        SecurityGroup securityGroup = null;
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        if (!neutronSecurityRule.getSecurityRuleGroupID().contains("-")) {
            securityRuleGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleGroupID());
        }
        try {
            securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, UUID.fromString(securityRuleGroupID).toString());
        } catch (IOException e2) {
            LOGGER.error("Exception :     " + e2);
        }
        if (securityGroup.getEntries() == null || securityGroup.getEntries().getPolicyRule().isEmpty()) {
            return;
        }
        Iterator<PolicyEntriesType.PolicyRuleType> it = securityGroup.getEntries().getPolicyRule().iterator();
        while (it.hasNext()) {
            if (it.next().getRuleUuid().equalsIgnoreCase(neutronSecurityRule.getSecurityRuleUUID())) {
                LOGGER.info("SecurityGroup rule creation for the specified security group is verfied");
            }
        }
    }

    public int canUpdateNeutronSecurityRule(NeutronSecurityRule neutronSecurityRule, NeutronSecurityRule neutronSecurityRule2) {
        return 0;
    }

    public void neutronSecurityRuleUpdated(NeutronSecurityRule neutronSecurityRule) {
    }

    public int canDeleteNeutronSecurityRule(NeutronSecurityRule neutronSecurityRule) {
        apiConnector = Activator.apiConnector;
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        if (!neutronSecurityRule.getSecurityRuleGroupID().contains("-")) {
            securityRuleGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleGroupID());
        }
        String uuid = UUID.fromString(securityRuleGroupID).toString();
        String securityRuleUUID = neutronSecurityRule.getSecurityRuleUUID();
        if (!neutronSecurityRule.getSecurityRuleUUID().contains("-")) {
            securityRuleUUID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleUUID());
        }
        String uuid2 = UUID.fromString(securityRuleUUID).toString();
        try {
            SecurityGroup securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, uuid);
            if (securityGroup == null) {
                LOGGER.warn("SecurityGroup does not exists for the specified security group ID");
                return HttpStatus.SC_FORBIDDEN;
            }
            boolean z = false;
            if (securityGroup.getEntries() != null && !securityGroup.getEntries().getPolicyRule().isEmpty()) {
                ListIterator<PolicyEntriesType.PolicyRuleType> listIterator = securityGroup.getEntries().getPolicyRule().listIterator();
                while (listIterator.hasNext()) {
                    if (listIterator.next().getRuleUuid().equalsIgnoreCase(uuid2)) {
                        LOGGER.info("SecurityGroup rule can be deleted...");
                        z = true;
                    }
                }
            }
            if (z) {
                return HttpStatus.SC_NO_CONTENT;
            }
            LOGGER.warn("SecurityGroup rule does not exist for the specified UUID..");
            return HttpStatus.SC_NOT_FOUND;
        } catch (IOException e) {
            LOGGER.error("Exception :     " + e);
            return HttpStatus.SC_INTERNAL_SERVER_ERROR;
        }
    }

    public void neutronSecurityRuleDeleted(NeutronSecurityRule neutronSecurityRule) {
        apiConnector = Activator.apiConnector;
        SecurityGroup securityGroup = null;
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        if (!neutronSecurityRule.getSecurityRuleGroupID().contains("-")) {
            securityRuleGroupID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleGroupID());
        }
        try {
            securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, UUID.fromString(securityRuleGroupID).toString());
        } catch (IOException e) {
            LOGGER.error("Exception :     " + e);
        }
        String securityRuleUUID = neutronSecurityRule.getSecurityRuleUUID();
        if (!neutronSecurityRule.getSecurityRuleUUID().contains("-")) {
            securityRuleUUID = Utils.uuidFormater(neutronSecurityRule.getSecurityRuleUUID());
        }
        String uuid = UUID.fromString(securityRuleUUID).toString();
        if (securityGroup.getEntries() == null || securityGroup.getEntries().getPolicyRule().isEmpty()) {
            return;
        }
        ListIterator<PolicyEntriesType.PolicyRuleType> listIterator = securityGroup.getEntries().getPolicyRule().listIterator();
        while (listIterator.hasNext()) {
            PolicyEntriesType.PolicyRuleType next = listIterator.next();
            if (next.getRuleUuid().equalsIgnoreCase(uuid)) {
                next.clearDstAddresses();
                next.clearApplication();
                next.clearDstPorts();
                next.clearSrcAddresses();
                next.clearSrcPorts();
                listIterator.remove();
                try {
                    securityGroup.setEntries(securityGroup.getEntries());
                    if (apiConnector.update(securityGroup)) {
                        LOGGER.info("SecurityGroup rule deletion for the specified security group is verfied..");
                    } else {
                        LOGGER.warn("SecurityGroup rule deletion for the specified security group is not verfied..");
                    }
                } catch (IOException e2) {
                    LOGGER.warn("SecurityGroupUpdate deletion failed..");
                }
            }
        }
    }

    private PolicyEntriesType mapSecurityGroupRuleProperties(NeutronSecurityRule neutronSecurityRule, PolicyEntriesType policyEntriesType) {
        String securityRemoteGroupID = neutronSecurityRule.getSecurityRemoteGroupID();
        String securityRuleDirection = neutronSecurityRule.getSecurityRuleDirection();
        String securityRuleUUID = neutronSecurityRule.getSecurityRuleUUID();
        String securityRuleGroupID = neutronSecurityRule.getSecurityRuleGroupID();
        int intValue = neutronSecurityRule.getSecurityRulePortMax().intValue();
        int intValue2 = neutronSecurityRule.getSecurityRulePortMin().intValue();
        String securityRuleProtocol = neutronSecurityRule.getSecurityRuleProtocol();
        String securityRuleRemoteIpPrefix = neutronSecurityRule.getSecurityRuleRemoteIpPrefix();
        if (securityRemoteGroupID != null) {
            if (!securityRemoteGroupID.contains("-")) {
                securityRemoteGroupID = Utils.uuidFormater(securityRemoteGroupID);
            }
            securityRemoteGroupID = UUID.fromString(securityRemoteGroupID).toString();
        }
        if (securityRuleUUID != null) {
            if (!securityRuleUUID.contains("-")) {
                securityRuleUUID = Utils.uuidFormater(securityRuleUUID);
            }
            securityRuleUUID = UUID.fromString(securityRuleUUID).toString();
        }
        if (securityRuleGroupID != null) {
            if (!securityRuleGroupID.contains("-")) {
                securityRuleGroupID = Utils.uuidFormater(securityRuleGroupID);
            }
            UUID.fromString(securityRuleGroupID).toString();
        }
        SecurityGroup securityGroup = null;
        String str = null;
        PolicyEntriesType.PolicyRuleType policyRuleType = new PolicyEntriesType.PolicyRuleType();
        SubnetType subnetType = new SubnetType();
        PolicyEntriesType.PolicyRuleType.AddressType addressType = new PolicyEntriesType.PolicyRuleType.AddressType();
        PolicyEntriesType.PolicyRuleType.AddressType addressType2 = new PolicyEntriesType.PolicyRuleType.AddressType();
        PolicyEntriesType.PolicyRuleType.AddressType addressType3 = new PolicyEntriesType.PolicyRuleType.AddressType();
        PolicyEntriesType.PolicyRuleType.AddressType addressType4 = new PolicyEntriesType.PolicyRuleType.AddressType();
        policyRuleType.setProtocol(securityRuleProtocol);
        policyRuleType.setRuleUuid(securityRuleUUID);
        if (securityRuleRemoteIpPrefix != null) {
            if (!securityRuleRemoteIpPrefix.contains("/")) {
                throw new IllegalArgumentException("String " + securityRuleRemoteIpPrefix + " not in correct format..");
            }
            String[] split = securityRuleRemoteIpPrefix.split("/");
            if (split != null) {
                subnetType.setIpPrefix(split[0]);
                subnetType.setIpPrefixLen(Integer.valueOf(split[1]));
                addressType.setSubnet(subnetType);
                addressType2 = addressType;
            }
        } else if (securityRemoteGroupID != null && !securityRemoteGroupID.isEmpty()) {
            try {
                securityGroup = (SecurityGroup) apiConnector.findById(SecurityGroup.class, securityRemoteGroupID);
            } catch (IOException e) {
                LOGGER.error("Exception :     " + e);
            }
            Iterator<String> it = securityGroup.getQualifiedName().iterator();
            while (it.hasNext()) {
                str = str == null ? it.next() : str + ":" + it.next();
            }
            LOGGER.info("securityGroupQualifiedName  " + str);
            addressType.setSecurityGroup(str);
            addressType2 = addressType;
        }
        if (securityRuleDirection.equals("ingress")) {
            addressType3 = addressType2;
            addressType4.setSecurityGroup("local");
            policyRuleType.setDirection(">");
        } else if (securityRuleDirection.equals("egress")) {
            addressType4 = addressType2;
            addressType3.setSecurityGroup("local");
            policyRuleType.setDirection(">");
        }
        policyRuleType.addSrcAddresses(addressType3);
        policyRuleType.addSrcPorts(0, 65535);
        policyRuleType.addDstAddresses(addressType4);
        policyRuleType.addDstPorts(Integer.valueOf(intValue2), Integer.valueOf(intValue));
        policyRuleType.setActionList(null);
        policyRuleType.setRuleSequence(null);
        policyRuleType.addApplication(null);
        policyEntriesType.addPolicyRule(policyRuleType);
        return policyEntriesType;
    }
}
