package org.apache.provisionr.cloudstack.core;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import java.util.Iterator;
import java.util.NoSuchElementException;
import java.util.Set;
import org.apache.provisionr.api.network.Network;
import org.apache.provisionr.api.network.Protocol;
import org.apache.provisionr.api.network.Rule;
import org.jclouds.cloudstack.CloudStackClient;
import org.jclouds.cloudstack.domain.IngressRule;
import org.jclouds.cloudstack.domain.SecurityGroup;
import org.jclouds.cloudstack.features.SecurityGroupClient;
import org.jclouds.cloudstack.options.AccountInDomainOptions;
import org.jclouds.cloudstack.options.ListSecurityGroupsOptions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/provisionr/cloudstack/core/SecurityGroups.class */
public class SecurityGroups {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityGroup.class);
    public static final int DEFAULT_ICMP_CODE = 0;
    public static final int DEFAULT_ICMP_TYPE = 8;

    private SecurityGroups() {
    }

    public static String formatNameFromBusinessKey(String str) {
        return String.format("network-%s", str);
    }

    public static SecurityGroup getByName(CloudStackClient cloudStackClient, String str) {
        return (SecurityGroup) Iterables.getOnlyElement(cloudStackClient.getSecurityGroupClient().listSecurityGroups(new ListSecurityGroupsOptions[]{ListSecurityGroupsOptions.Builder.named(str)}));
    }

    public static Set<SecurityGroup> getAll(CloudStackClient cloudStackClient) {
        return cloudStackClient.getSecurityGroupClient().listSecurityGroups(new ListSecurityGroupsOptions[0]);
    }

    public static void deleteByName(CloudStackClient cloudStackClient, String str) {
        try {
            SecurityGroup byName = getByName(cloudStackClient, str);
            LOG.info("Deleting SecurityGroup {}", byName.getName());
            cloudStackClient.getSecurityGroupClient().deleteSecurityGroup(byName.getId());
        } catch (NoSuchElementException e) {
            LOG.warn("Exception retrieving SecurityGroup (most likely it does not yet exist){}: {}", str, e);
        }
    }

    public static SecurityGroup createSecurityGroup(CloudStackClient cloudStackClient, String str) {
        return cloudStackClient.getSecurityGroupClient().createSecurityGroup(str);
    }

    public static void deleteNetworkRules(CloudStackClient cloudStackClient, SecurityGroup securityGroup) {
        Iterator it = securityGroup.getIngressRules().iterator();
        while (it.hasNext()) {
            cloudStackClient.getSecurityGroupClient().revokeIngressRule(((IngressRule) it.next()).getId(), new AccountInDomainOptions[0]);
        }
    }

    public static void applyNetworkRules(CloudStackClient cloudStackClient, SecurityGroup securityGroup, Network network) {
        SecurityGroupClient securityGroupClient = cloudStackClient.getSecurityGroupClient();
        for (Rule rule : network.getIngress()) {
            if (rule.getProtocol() == Protocol.ICMP) {
                securityGroupClient.authorizeIngressICMPToCIDRs(securityGroup.getId(), 0, 8, ImmutableList.of(rule.getCidr()), new AccountInDomainOptions[0]);
            } else {
                securityGroupClient.authorizeIngressPortsToCIDRs(securityGroup.getId(), rule.getProtocol().name(), ((Integer) rule.getPorts().lowerEndpoint()).intValue(), ((Integer) rule.getPorts().upperEndpoint()).intValue(), Lists.newArrayList(new String[]{rule.getCidr()}), new AccountInDomainOptions[0]);
            }
        }
    }
}
