package io.cloudsoft.amp.networking;

import com.google.common.base.Function;
import com.google.common.base.Predicate;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import java.util.Collection;
import java.util.Set;
import javax.annotation.Nullable;
import org.apache.brooklyn.util.net.Cidr;
import org.jclouds.compute.domain.SecurityGroup;
import org.jclouds.domain.Location;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.net.domain.IpProtocol;
import org.jclouds.providers.ProviderMetadata;
import org.jclouds.providers.Providers;

/* loaded from: input_file:io/cloudsoft/amp/networking/SecurityGroupRules.class */
public class SecurityGroupRules {
    private Location location;

    public static SecurityGroupRules newInstance(Location location) {
        return new SecurityGroupRules(location);
    }

    protected SecurityGroupRules(Location location) {
        this.location = location;
    }

    public Collection<IpPermission> everything() {
        return ImmutableList.builder().add(everything(IpProtocol.TCP)).add(everything(IpProtocol.UDP)).addAll(optionalIcmp(everything(IpProtocol.ICMP))).build();
    }

    public IpPermission everything(IpProtocol ipProtocol) {
        return allFromBuilder(ipProtocol).cidrBlock(Cidr.UNIVERSAL.toString()).build();
    }

    public IpPermission allFrom(SecurityGroup securityGroup, IpProtocol ipProtocol) {
        return allFromBuilder(ipProtocol).groupId(getProviderId(securityGroup)).build();
    }

    public Collection<IpPermission> allFrom(SecurityGroup securityGroup) {
        return ImmutableList.builder().add(allFrom(securityGroup, IpProtocol.TCP)).add(allFrom(securityGroup, IpProtocol.UDP)).addAll(allFromIfSupported(securityGroup, IpProtocol.ICMP)).build();
    }

    public Collection<IpPermission> allFromOnPort(SecurityGroup securityGroup, int i) {
        return ImmutableList.builder().add(allFromOnPortRange(securityGroup, IpProtocol.TCP, i, i)).add(allFromOnPortRange(securityGroup, IpProtocol.UDP, i, i)).addAll(allFromIfSupported(securityGroup, IpProtocol.ICMP)).build();
    }

    public IpPermission allFromOnPort(SecurityGroup securityGroup, IpProtocol ipProtocol, int i) {
        return allFromOnPortRange(securityGroup, ipProtocol, i, i);
    }

    public IpPermission allFromOnPortRange(SecurityGroup securityGroup, IpProtocol ipProtocol, int i, int i2) {
        return IpPermission.builder().groupId(getProviderId(securityGroup)).fromPort(i).toPort(i2).ipProtocol(ipProtocol).build();
    }

    public Collection<IpPermission> allFromIfSupported(SecurityGroup securityGroup, IpProtocol ipProtocol) {
        return optionalIcmp(allFrom(securityGroup, ipProtocol));
    }

    public IpPermission allFrom(Cidr cidr, IpProtocol ipProtocol) {
        return allFromBuilder(ipProtocol).cidrBlock(cidr.toString()).build();
    }

    public Collection<IpPermission> allFromIfSupported(Cidr cidr, IpProtocol ipProtocol) {
        return optionalIcmp(allFrom(cidr, ipProtocol));
    }

    public Collection<IpPermission> allFrom(Cidr cidr) {
        return ImmutableList.builder().add(allFrom(cidr, IpProtocol.TCP)).add(allFrom(cidr, IpProtocol.UDP)).addAll(allFromIfSupported(cidr, IpProtocol.ICMP)).build();
    }

    private Collection<IpPermission> optionalIcmp(IpPermission ipPermission) {
        return (ipPermission.getIpProtocol() == IpProtocol.ICMP && isAzure(this.location)) ? ImmutableList.of() : ImmutableList.of(ipPermission);
    }

    private IpPermission.Builder allFromBuilder(IpProtocol ipProtocol) {
        return allFromBuilderOnPort(ipProtocol, ipProtocol == IpProtocol.ICMP ? -1 : getStartPort(), ipProtocol == IpProtocol.ICMP ? -1 : 65535);
    }

    private IpPermission.Builder allFromBuilderOnPort(IpProtocol ipProtocol, int i, int i2) {
        return IpPermission.builder().fromPort(i).toPort(i2).ipProtocol(ipProtocol);
    }

    private String getProviderId(SecurityGroup securityGroup) {
        return isOpenstackNova(this.location) ? securityGroup.getId() : securityGroup.getProviderId();
    }

    private int getStartPort() {
        return isOpenstackNova(this.location) ? 1 : 0;
    }

    static boolean isOpenstackNova(Location location) {
        return location.getParent() != null && Iterables.contains(getJcloudsLocationIds((Collection<? extends String>) ImmutableList.of("openstack-nova", "openstack-mitaka-nova", "openstack-devtest-compute")), location.getParent().getId());
    }

    static boolean isAzure(Location location) {
        return location.getParent() != null && Iterables.contains(getJcloudsLocationIds("azurecompute"), location.getParent().getId());
    }

    private static Set<String> getJcloudsLocationIds(String str) {
        return getJcloudsLocationIds((Collection<? extends String>) ImmutableList.of(str));
    }

    private static Set<String> getJcloudsLocationIds(final Collection<? extends String> collection) {
        return new ImmutableSet.Builder().addAll(FluentIterable.from(Providers.all()).filter(new Predicate<ProviderMetadata>() { // from class: io.cloudsoft.amp.networking.SecurityGroupRules.2
            public boolean apply(ProviderMetadata providerMetadata) {
                return collection.contains(providerMetadata.getApiMetadata().getId());
            }
        }).transform(new Function<ProviderMetadata, String>() { // from class: io.cloudsoft.amp.networking.SecurityGroupRules.1
            @Nullable
            public String apply(ProviderMetadata providerMetadata) {
                return providerMetadata.getId();
            }
        }).toSet()).addAll(collection).build();
    }
}
