package io.cloudsoft.networking.cloudstack.legacy;

import brooklyn.entity.Entity;
import brooklyn.entity.annotation.Effector;
import brooklyn.entity.basic.AbstractEntity;
import brooklyn.entity.basic.Attributes;
import brooklyn.entity.basic.EntityAndAttribute;
import brooklyn.entity.basic.EntityLocal;
import brooklyn.entity.basic.SoftwareProcess;
import brooklyn.entity.trait.StartableMethods;
import brooklyn.event.AttributeSensor;
import brooklyn.event.SensorEvent;
import brooklyn.event.SensorEventListener;
import brooklyn.location.Location;
import brooklyn.location.access.PortForwardManager;
import brooklyn.location.access.PortMapping;
import brooklyn.location.basic.AbstractLocation;
import brooklyn.location.basic.LocationConfigKeys;
import brooklyn.location.cloud.CloudMachineNamer;
import brooklyn.location.jclouds.JcloudsLocation;
import brooklyn.util.collections.MutableMap;
import brooklyn.util.config.ConfigBag;
import brooklyn.util.flags.TypeCoercions;
import brooklyn.util.net.Cidr;
import brooklyn.util.text.Strings;
import com.google.common.base.Function;
import com.google.common.base.Objects;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import io.cloudsoft.networking.Iterables2;
import io.cloudsoft.networking.cloudstack.CloudstackNew40FeaturesClient;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.Map;
import org.jclouds.cloudstack.domain.AsyncCreateResponse;
import org.jclouds.cloudstack.domain.FirewallRule;
import org.jclouds.cloudstack.domain.Network;
import org.jclouds.cloudstack.domain.PortForwardingRule;
import org.jclouds.cloudstack.domain.PublicIPAddress;
import org.jclouds.cloudstack.options.AssociateIPAddressOptions;
import org.jclouds.cloudstack.options.CreateFirewallRuleOptions;
import org.jclouds.cloudstack.options.CreateNetworkOptions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl.class */
public class LegacySubnetTierImpl extends AbstractEntity implements LegacySubnetTier {
    private static final Logger log = LoggerFactory.getLogger(LegacySubnetTierImpl.class);
    protected CloudstackNew40FeaturesClient cloudstackClient;

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$AclUpdater.class */
    protected class AclUpdater implements SensorEventListener<String> {
        protected AclUpdater() {
        }

        public void onEvent(SensorEvent<String> sensorEvent) {
            apply(sensorEvent.getSource(), (String) sensorEvent.getValue());
        }

        public void apply(Entity entity, String str) {
            Cidr cidr = null;
            synchronized (LegacySubnetTierImpl.this) {
                Map map = (Map) LegacySubnetTierImpl.this.getAttribute(LegacySubnetTier.SUBNET_ACL);
                if (map == null) {
                    map = new LinkedHashMap();
                }
                Cidr cidr2 = (Cidr) entity.getConfig(LegacySubnetTier.SUBNET_CIDR);
                if (cidr2 == null) {
                    LegacySubnetTierImpl.log.warn("No CIDR on subnet " + entity + " wanting access to " + LegacySubnetTierImpl.this + "; ignoring");
                    return;
                }
                Cidr cidr3 = (Cidr) map.remove(entity.getId());
                if (str != null) {
                    map.put(entity.getId(), cidr2);
                    if (LegacySubnetTierImpl.this.getAttribute(LegacySubnetTier.NETWORK_ID) != null) {
                        cidr = cidr2;
                    }
                }
                LegacySubnetTierImpl.this.setAttribute(LegacySubnetTier.SUBNET_ACL, map);
                if (cidr3 != null) {
                    LegacySubnetTierImpl.log.warn("Skipping removal of ACL rule for tier " + LegacySubnetTierImpl.this + " - not yet available");
                }
                if (cidr != null) {
                    LegacySubnetTierImpl.this.openCidrAccess(Arrays.asList(cidr));
                }
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$FirewallUpdater.class */
    protected class FirewallUpdater implements SensorEventListener<Object> {
        final Entity serviceToForward;
        final AttributeSensor<?> servicePortSensor;
        final Integer optionalPublicPort;
        final Cidr cidr;
        final Entity whereToAdvertisePublicServiceEndpoint;
        final AttributeSensor<String> sensorAdvertisingHostnameAndPort;

        public FirewallUpdater(Entity entity, AttributeSensor<?> attributeSensor, Integer num, Cidr cidr, Entity entity2, AttributeSensor<String> attributeSensor2) {
            this.serviceToForward = entity;
            this.servicePortSensor = attributeSensor;
            this.optionalPublicPort = num;
            this.cidr = cidr;
            this.whereToAdvertisePublicServiceEndpoint = entity2;
            this.sensorAdvertisingHostnameAndPort = attributeSensor2;
        }

        public void onEvent(SensorEvent<Object> sensorEvent) {
            apply(sensorEvent.getSource(), sensorEvent.getValue());
        }

        public void apply(Entity entity, Object obj) {
            Location location = (Location) Iterables2.tryGetOnlyElement(this.serviceToForward.getLocations());
            if (location == null) {
                LegacySubnetTierImpl.log.warn("Skipping port forward rule for " + this.serviceToForward + " because it does not have a location");
                return;
            }
            Integer num = (Integer) TypeCoercions.coerce(this.serviceToForward.getAttribute(this.servicePortSensor), Integer.class);
            if (num == null) {
                LegacySubnetTierImpl.log.warn("Skipping port forward rule for " + this.serviceToForward + " " + this.servicePortSensor.getName() + " because it does not advertise a port");
                return;
            }
            String str = null;
            PortMapping portMapping = null;
            if (LegacySubnetTierImpl.this.isSubnetEnabled()) {
                PortForwardManager portForwardManager = LegacySubnetTierImpl.this.getPortForwardManager();
                portMapping = portForwardManager.getPortMappingWithPrivateSide(location, num.intValue());
                if (portMapping != null) {
                    portForwardManager.forgetPortMapping(portMapping);
                    LegacySubnetTierImpl.log.warn("Skipping removal of port forwarding rule for tier " + LegacySubnetTierImpl.this + ", rule " + portMapping);
                }
                if (obj != null) {
                    Integer portForwarding = LegacySubnetTierImpl.this.getPortForwarding(portForwardManager, this.cidr, location, num.intValue(), this.optionalPublicPort);
                    if (portForwarding == null) {
                        return;
                    } else {
                        str = ((String) LegacySubnetTierImpl.this.getAttribute(LegacySubnetTier.PUBLIC_HOSTNAME)) + ":" + portForwarding;
                    }
                }
                LegacySubnetTierImpl.log.debug("Port forward details: " + this.serviceToForward.getId() + ":" + this.servicePortSensor.getName() + " = " + str);
            } else {
                str = ((String) this.serviceToForward.getAttribute(Attributes.HOSTNAME)) + ":" + num;
            }
            if (this.whereToAdvertisePublicServiceEndpoint != null) {
                if (str != null && !str.startsWith("null:")) {
                    LegacySubnetTierImpl.setAttributeIfChanged(this.whereToAdvertisePublicServiceEndpoint, this.sensorAdvertisingHostnameAndPort, str);
                } else if (portMapping != null) {
                    LegacySubnetTierImpl.setAttributeIfChanged(this.whereToAdvertisePublicServiceEndpoint, this.sensorAdvertisingHostnameAndPort, null);
                }
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$FirewallUpdater2.class */
    protected class FirewallUpdater2 implements SensorEventListener<Object> {
        protected final EntityAndAttribute<String> publicIp;
        protected final EntityAndAttribute<?> portSensor;
        protected final Integer optionalPublicPort;
        protected final FirewallRule.Protocol protocol;
        protected final Cidr cidr;
        protected final EntityAndAttribute<String> whereToAdvertiseEndpoint;

        public FirewallUpdater2(EntityAndAttribute<String> entityAndAttribute, EntityAndAttribute<?> entityAndAttribute2, Integer num, FirewallRule.Protocol protocol, Cidr cidr, EntityAndAttribute<String> entityAndAttribute3) {
            this.publicIp = entityAndAttribute;
            this.portSensor = entityAndAttribute2;
            this.optionalPublicPort = num;
            this.protocol = protocol;
            this.cidr = cidr;
            this.whereToAdvertiseEndpoint = entityAndAttribute3;
        }

        public void onEvent(SensorEvent<Object> sensorEvent) {
            apply(sensorEvent.getSource(), sensorEvent.getValue());
        }

        public void apply(Entity entity, Object obj) {
            String str;
            int intValue;
            Location location = (Location) Iterables2.tryGetOnlyElement(this.portSensor.getEntity().getLocations());
            if (location == null) {
                LegacySubnetTierImpl.log.warn("Skipping port forward rule for " + this.portSensor.getEntity() + " because it does not have a location");
                return;
            }
            PortMapping portMapping = null;
            if (LegacySubnetTierImpl.this.isSubnetEnabled()) {
                String str2 = (String) this.publicIp.getValue();
                if (str2 == null) {
                    LegacySubnetTierImpl.log.warn("Skipping firewall rule for " + this.publicIp + " because it does not have an IP");
                    return;
                }
                String retrievePublicIpId = LegacySubnetTierImpl.this.retrievePublicIpId(str2);
                if (retrievePublicIpId == null) {
                    LegacySubnetTierImpl.log.error("Skipping firewall rule for " + this.publicIp + " because reverse-lookup of ip-id failed");
                    return;
                }
                Integer num = (Integer) TypeCoercions.coerce(this.portSensor.getValue(), Integer.class);
                if (num == null) {
                    LegacySubnetTierImpl.log.warn("Skipping port forward rule for " + this.publicIp + " because it does not advertise a port on " + this.portSensor);
                    return;
                }
                PortForwardManager portForwardManager = LegacySubnetTierImpl.this.getPortForwardManager();
                portMapping = portForwardManager.getPortMappingWithPrivateSide(location, num.intValue());
                if (portMapping != null) {
                    portForwardManager.forgetPortMapping(portMapping);
                    LegacySubnetTierImpl.log.warn("Skipping removal of port forwarding rule for tier " + LegacySubnetTierImpl.this + ", rule " + portMapping);
                }
                if (this.optionalPublicPort == null) {
                    intValue = portMapping == null ? LegacySubnetTierImpl.this.getPortForwardManager().acquirePublicPort(retrievePublicIpId) : portMapping.getPublicPort();
                } else {
                    intValue = this.optionalPublicPort.intValue();
                    if (portMapping == null || portMapping.getPublicPort() != intValue) {
                        LegacySubnetTierImpl.this.getPortForwardManager().acquirePublicPortExplicit(retrievePublicIpId, intValue);
                    }
                }
                LegacySubnetTierImpl.this.systemCreatePortForwarding(retrievePublicIpId, this.cidr, intValue, location, num.intValue());
                str = str2 + ":" + intValue;
                LegacySubnetTierImpl.log.debug("Port forward details: " + this.portSensor.getEntity() + ":" + this.portSensor.getAttribute().getName() + " = " + str);
            } else {
                str = ((String) this.portSensor.getEntity().getAttribute(Attributes.HOSTNAME)) + ":" + this.portSensor.getAttribute();
            }
            if (str != null && !str.startsWith("null:")) {
                this.whereToAdvertiseEndpoint.setValue(str);
            } else if (portMapping != null) {
                this.whereToAdvertiseEndpoint.setValue((Object) null);
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$PublicIPUpdater.class */
    protected class PublicIPUpdater implements SensorEventListener<Object> {
        final EntityAndAttribute<String> whereToAdvertiseHostname;

        public PublicIPUpdater(EntityAndAttribute<String> entityAndAttribute) {
            this.whereToAdvertiseHostname = entityAndAttribute;
        }

        public void onEvent(SensorEvent<Object> sensorEvent) {
            apply(sensorEvent.getSource(), sensorEvent.getValue());
        }

        public void apply(Entity entity, Object obj) {
            if (((Location) Iterables2.tryGetOnlyElement(LegacySubnetTierImpl.this.getLocations())) == null) {
                LegacySubnetTierImpl.log.warn("Skipping adding public IP to " + this + " because it does not have a location");
            } else {
                LegacySubnetTierImpl.setAttributeIfChanged(this.whereToAdvertiseHostname, LegacySubnetTierImpl.this.systemCreatePublicIpHostname().getIPAddress());
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$SensorPropagaterWithReplacement.class */
    public static class SensorPropagaterWithReplacement implements SensorEventListener<String> {
        private Function<String, String> function;
        private Entity owner;
        private AttributeSensor<String> sensor;

        public SensorPropagaterWithReplacement(Entity entity, AttributeSensor<String> attributeSensor, Function<String, String> function) {
            this.owner = entity;
            this.sensor = attributeSensor;
            this.function = function;
        }

        public void onEvent(SensorEvent<String> sensorEvent) {
            LegacySubnetTierImpl.setAttributeIfChanged(this.owner, this.sensor, apply(Strings.toString(sensorEvent.getValue())));
        }

        public String apply(String str) {
            return (String) this.function.apply(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$SimpleFirewallUpdater.class */
    public class SimpleFirewallUpdater implements SensorEventListener<Object> {
        private final EntityAndAttribute<String> publicIp;
        final int lowerBoundPort;
        final int upperBoundPort;
        final FirewallRule.Protocol protocol;
        final Cidr cidr;

        public SimpleFirewallUpdater(EntityAndAttribute<String> entityAndAttribute, int i, int i2, FirewallRule.Protocol protocol, Cidr cidr) {
            this.publicIp = entityAndAttribute;
            this.lowerBoundPort = i;
            this.upperBoundPort = i2;
            this.protocol = protocol;
            this.cidr = cidr;
        }

        public void onEvent(SensorEvent<Object> sensorEvent) {
            apply(sensorEvent.getSource(), sensorEvent.getValue());
        }

        public void apply(Entity entity, Object obj) {
            if (LegacySubnetTierImpl.this.isSubnetEnabled()) {
                String str = (String) this.publicIp.getValue();
                if (str == null) {
                    LegacySubnetTierImpl.log.warn("Skipping firewall rule for " + this.publicIp.getEntity() + "->" + this.publicIp.getAttribute() + " (ports " + this.lowerBoundPort + "-" + this.upperBoundPort + ") because it does not have an IP");
                    return;
                }
                String retrievePublicIpId = LegacySubnetTierImpl.this.retrievePublicIpId(str);
                if (retrievePublicIpId == null) {
                    LegacySubnetTierImpl.log.error("Skipping firewall rule for " + str + " because reverse-lookup of ip-id failed");
                } else if (LegacySubnetTierImpl.this.systemOpenFirewall(retrievePublicIpId, this.cidr, this.lowerBoundPort, this.upperBoundPort, this.protocol)) {
                    LegacySubnetTierImpl.log.debug("Firewall opened: " + str + ":" + this.lowerBoundPort + "-" + this.upperBoundPort);
                }
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$StaticNatUpdater.class */
    protected class StaticNatUpdater implements SensorEventListener<Object> {
        final Entity serviceToOpen;
        final AttributeSensor<String> sensorAdvertisingHostname;

        public StaticNatUpdater(Entity entity, AttributeSensor<String> attributeSensor) {
            this.serviceToOpen = entity;
            this.sensorAdvertisingHostname = attributeSensor;
        }

        public void onEvent(SensorEvent<Object> sensorEvent) {
            apply(sensorEvent.getSource(), sensorEvent.getValue());
        }

        public void apply(Entity entity, Object obj) {
            Location location = (Location) Iterables2.tryGetOnlyElement(this.serviceToOpen.getLocations());
            if (location == null) {
                LegacySubnetTierImpl.log.warn("Skipping port forward rule for " + this.serviceToOpen + " because it does not have a location");
                return;
            }
            if (LegacySubnetTierImpl.this.isSubnetEnabled()) {
                PublicIPAddress systemCreatePublicIpHostname = LegacySubnetTierImpl.this.systemCreatePublicIpHostname();
                this.serviceToOpen.setAttribute(this.sensorAdvertisingHostname, systemCreatePublicIpHostname.getIPAddress());
                if (LegacySubnetTierImpl.this.systemEnableStaticNat(systemCreatePublicIpHostname.getId(), location)) {
                    LegacySubnetTierImpl.log.debug("Enabled static NAT via to {} via {} (VM {})", new Object[]{this.serviceToOpen, systemCreatePublicIpHostname, location});
                }
            }
        }
    }

    /* loaded from: input_file:io/cloudsoft/networking/cloudstack/legacy/LegacySubnetTierImpl$SubnetFirewallRule.class */
    protected abstract class SubnetFirewallRule {
        protected final Cidr accessingCidr;
        protected final Entity whereToAdvertisePublicServiceEndpoint;
        protected final AttributeSensor<String> sensorAdvertisingEndpointAttribute;

        protected SubnetFirewallRule(Cidr cidr, Entity entity, AttributeSensor<String> attributeSensor) {
            this.accessingCidr = cidr;
            this.whereToAdvertisePublicServiceEndpoint = entity;
            this.sensorAdvertisingEndpointAttribute = attributeSensor;
        }

        protected abstract void subscribe(Entity entity, SensorEventListener<Object> sensorEventListener);

        protected abstract boolean isReady(Entity entity);

        protected abstract void open(String str, Entity entity);
    }

    public boolean isSubnetEnabled() {
        return ((Boolean) getConfig(USE_SUBNET)).booleanValue() || isVpcEnabled();
    }

    public boolean isVpcEnabled() {
        return ((Boolean) getConfig(VirtualPrivateCloud.USE_VPC)).booleanValue();
    }

    public void start(Collection<? extends Location> collection) {
        String id;
        Map map;
        addLocations(collection);
        if (isSubnetEnabled()) {
            JcloudsLocation jcloudsLocation = (Location) Iterables.getOnlyElement(collection);
            if (jcloudsLocation instanceof JcloudsLocation) {
                JcloudsLocation jcloudsLocation2 = jcloudsLocation;
                String vpcId = getVpcId(jcloudsLocation2);
                if ("cloudstack".equals(jcloudsLocation2.getProvider())) {
                    log.info("Creating subnet tier " + this + (isVpcEnabled() ? "" : " in VPC " + vpcId));
                    if (isVpcEnabled()) {
                        Preconditions.checkNotNull(vpcId, "vpcId");
                    }
                    this.cloudstackClient = CloudstackNew40FeaturesClient.newInstance(jcloudsLocation2.getEndpoint(), jcloudsLocation2.getIdentity(), jcloudsLocation2.getCredential());
                    String zoneId = getZoneId(jcloudsLocation2);
                    Cidr cidr = (Cidr) getConfig(SUBNET_CIDR);
                    if (isVpcEnabled() && cidr == null) {
                        throw new IllegalStateException("Requires " + SUBNET_CIDR + " configured at " + this + " when using VPC");
                    }
                    boolean booleanValue = ((Boolean) getConfig(SUBNET_IS_LOAD_BALANCER)).booleanValue();
                    if (vpcId != null) {
                        id = this.cloudstackClient.createVpcTier("brooklyn-" + getId(), "brooklyn-" + getId() + " tier in VPC " + vpcId, this.cloudstackClient.getNetworkOfferingWithName(booleanValue ? "DefaultIsolatedNetworkOfferingForVpcNetworks" : "DefaultIsolatedNetworkOfferingForVpcNetworksNoLB"), zoneId, vpcId, cidr.addressAtOffset(1).getHostAddress(), cidr.netmask().getHostAddress());
                        this.cloudstackClient.createNetworkAclAllEgress(id, new Cidr(new int[0]).toString());
                    } else {
                        String networkOfferingWithName = this.cloudstackClient.getNetworkOfferingWithName("DefaultIsolatedNetworkOfferingWithSourceNatService");
                        CreateNetworkOptions createNetworkOptions = new CreateNetworkOptions();
                        if (cidr != null && cidr.getLength() > 0) {
                            while (cidr.getLength() < 22) {
                                log.info("Increasing subnet for " + this + "(" + cidr + ") to have length >=22");
                                cidr = cidr.subnet(new int[]{10});
                            }
                            createNetworkOptions.gateway(cidr.addressAtOffset(1).getHostAddress()).netmask(cidr.netmask().getHostAddress());
                        }
                        String generateNewGroupId = new CloudMachineNamer(new ConfigBag().configure(LocationConfigKeys.CALLER_CONTEXT, this)).generateNewGroupId();
                        Network createNetworkInZone = this.cloudstackClient.getNetworkClient().createNetworkInZone(zoneId, networkOfferingWithName, generateNewGroupId, generateNewGroupId + " subnet", new CreateNetworkOptions[]{createNetworkOptions});
                        id = createNetworkInZone.getId();
                        if (cidr == null) {
                            cidr = new Cidr(createNetworkInZone.getGateway() + "/24");
                            log.info("Autodetected CIDR for " + createNetworkInZone + " as " + cidr + " (assuming length 24)");
                        }
                        this.cloudstackClient.disableEgressFirewall(createNetworkInZone.getId());
                    }
                    synchronized (this) {
                        map = (Map) getAttribute(SUBNET_ACL);
                        setAttribute(NETWORK_ID, id);
                    }
                    if (map != null) {
                        openCidrAccess(map.values());
                    }
                    Cidr cidr2 = (Cidr) getConfig(LegacyJcloudsCloudstackSubnetLocation.MANAGEMENT_ACCESS_CIDR);
                    ensurePublicIpHostnameIdentifierForForwarding();
                    String str = (String) getAttribute(PUBLIC_HOSTNAME_IP_ADDRESS_ID);
                    PortForwardManager portForwardManager = getPortForwardManager();
                    portForwardManager.recordPublicIpHostname(str, (String) getAttribute(PUBLIC_HOSTNAME));
                    if (booleanValue) {
                        log.warn("Not creating load-balancer");
                    }
                    log.info("Created subnet " + id + " for " + this + ", public IP is " + ((String) getAttribute(PUBLIC_HOSTNAME)));
                    Location location = (JcloudsLocation) getManagementContext().getLocationManager().createLocation(ConfigBag.newInstanceCopying(jcloudsLocation.getRawLocalConfigBag()).configure(AbstractLocation.PARENT_LOCATION, jcloudsLocation).configure(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_ZONE_ID, zoneId).configure(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_SUBNET_NETWORK_ID, id).configure(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_SERVICE_NETWORK_ID, getConfig(SERVICE_NETWORK_ID)).configure(SUBNET_CIDR, cidr).configure(LegacyJcloudsCloudstackSubnetLocation.PORT_FORWARDING_MANAGER, portForwardManager).configure(LegacyJcloudsCloudstackSubnetLocation.MANAGEMENT_ACCESS_CIDR, cidr2).configure(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_TIER_PUBLIC_IP_ID, str).getAllConfig(), LegacyJcloudsCloudstackSubnetLocation.class);
                    collection = Arrays.asList(location);
                    log.debug("Config of new location: {}", new Object[]{location.getRawLocalConfigBag().getAllConfig()});
                }
            }
        }
        StartableMethods.start(this, collection);
    }

    protected String getZoneId(Location location) {
        String str = (String) location.getConfig(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_ZONE_ID);
        if (str == null && (location instanceof JcloudsLocation)) {
            str = ((JcloudsLocation) location).getRegion();
        }
        return (String) Preconditions.checkNotNull(str, "zoneId");
    }

    protected String getVpcId(Location location) {
        if (isVpcEnabled()) {
            return (String) Preconditions.checkNotNull(location.getConfig(LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_VPC_ID), "must set " + LegacyJcloudsCloudstackSubnetLocation.CLOUDSTACK_VPC_ID + " on location " + location + " to use VPC");
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized PortForwardManager getPortForwardManager() {
        PortForwardManager portForwardManager = (PortForwardManager) getAttribute(SUBNET_SERVICE_PORT_FORWARDS);
        if (portForwardManager == null) {
            portForwardManager = (PortForwardManager) getConfig(PORT_FORWARDING_MANAGER);
            if (portForwardManager == null) {
                portForwardManager = new PortForwardManager();
                setConfigEvenIfOwned(PORT_FORWARDING_MANAGER, portForwardManager);
            }
            setAttribute(SUBNET_SERVICE_PORT_FORWARDS, portForwardManager);
        }
        return portForwardManager;
    }

    @Effector(description = "Stop the process/service represented by an entity")
    public void stop() {
        setAttribute(NETWORK_ID, null);
        StartableMethods.stop(this);
    }

    @Effector(description = "Restart the process/service represented by an entity")
    public void restart() {
        stop();
        start(getLocations());
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void makeVisibleTo(LegacySubnetTier legacySubnetTier) {
        if (isSubnetEnabled()) {
            AclUpdater aclUpdater = new AclUpdater();
            subscribe(legacySubnetTier, NETWORK_ID, aclUpdater);
            aclUpdater.apply(legacySubnetTier, (String) legacySubnetTier.getAttribute(NETWORK_ID));
        }
    }

    protected void openCidrAccess(Collection<Cidr> collection) {
        JcloudsLocation jcloudsLocation = (JcloudsLocation) Iterables2.tryGetOnlyElement(getLocations());
        if (jcloudsLocation == null) {
            log.info("Deferring new ACL rule for tier " + this + " from " + collection + " until " + this + " has a location");
            return;
        }
        String str = (String) getAttribute(NETWORK_ID);
        if (str == null) {
            log.info("Deferring new ACL rule for tier " + this + " from " + collection + " until " + this + " has a tier");
            return;
        }
        this.cloudstackClient = CloudstackNew40FeaturesClient.newInstance(jcloudsLocation.getEndpoint(), jcloudsLocation.getIdentity(), jcloudsLocation.getCredential());
        if (!isVpcEnabled()) {
            log.warn("CIDR access to tiers not supported for non-VPC mode, from " + collection + " to " + this);
            return;
        }
        for (Cidr cidr : collection) {
            this.cloudstackClient.createVpcNetworkAcl(str, "TCP", cidr.toString(), 1, 65535, null, null, "Ingress");
            this.cloudstackClient.createVpcNetworkAcl(str, "UDP", cidr.toString(), 1, 65535, null, null, "Ingress");
        }
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void propagateSensorStringReplacingWithSubnetAddress(final Entity entity, final AttributeSensor<String> attributeSensor) {
        SensorPropagaterWithReplacement sensorPropagaterWithReplacement = new SensorPropagaterWithReplacement(this, attributeSensor, new Function<String, String>() { // from class: io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTierImpl.1
            public String apply(String str) {
                if (str == null) {
                    return null;
                }
                String str2 = (String) entity.getAttribute(LegacySubnetTier.SUBNET_HOSTNAME_SENSOR);
                LegacySubnetTierImpl.log.debug("sensor mapper replacing address in " + this + "->" + attributeSensor + ", with " + str2 + ", where old address in " + entity);
                return LegacySubnetTierImpl.replaceIfNotNull(LegacySubnetTierImpl.replaceIfNotNull(str, (String) entity.getAttribute(SoftwareProcess.HOSTNAME), str2), (String) entity.getAttribute(SoftwareProcess.ADDRESS), str2);
            }
        });
        subscribe(entity, attributeSensor, sensorPropagaterWithReplacement);
        sensorPropagaterWithReplacement.apply((String) entity.getAttribute(attributeSensor));
    }

    public static String replaceIfNotNull(String str, String str2, String str3) {
        return (str == null || str2 == null || str3 == null) ? str : Strings.replaceAll(str, str2, str3);
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void transformSensorStringReplacingWithPublicAddressAndPort(final Entity entity, final AttributeSensor<String> attributeSensor, final Entity entity2, final AttributeSensor<Integer> attributeSensor2, final Entity entity3, final AttributeSensor<String> attributeSensor3) {
        SensorPropagaterWithReplacement sensorPropagaterWithReplacement = new SensorPropagaterWithReplacement(entity, attributeSensor, new Function<String, String>() { // from class: io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTierImpl.2
            public String apply(String str) {
                if (str == null) {
                    return null;
                }
                String str2 = (String) entity.getAttribute(attributeSensor);
                String str3 = (String) entity3.getAttribute(attributeSensor3);
                LegacySubnetTierImpl.log.debug("sensor mapper transforming address in " + entity + "->" + attributeSensor + ", with " + str3 + " (old value is " + str2 + ")");
                String str4 = "";
                if (entity2 != null || attributeSensor2 != null) {
                    Integer num = null;
                    if (entity2 != null && attributeSensor2 != null) {
                        num = (Integer) entity2.getAttribute(attributeSensor2);
                    }
                    if (num == null) {
                        LegacySubnetTierImpl.log.warn("no map-from port available for sensor mapper replacing addresses in " + entity3 + " (listening on " + attributeSensor2 + ")");
                        return str2;
                    }
                    str4 = ":" + num;
                }
                String str5 = (String) entity.getAttribute(SoftwareProcess.HOSTNAME);
                String str6 = (String) entity.getAttribute(LegacySubnetTier.SUBNET_HOSTNAME_SENSOR);
                String str7 = (String) entity.getAttribute(SoftwareProcess.ADDRESS);
                String str8 = (String) entity.getAttribute(LegacySubnetTier.PRIVATE_HOSTNAME);
                String replaceIfNotNull = LegacySubnetTierImpl.replaceIfNotNull(LegacySubnetTierImpl.replaceIfNotNull(LegacySubnetTierImpl.replaceIfNotNull(LegacySubnetTierImpl.replaceIfNotNull(str2, str5 + str4, str3), str6 + str4, str3), str7 + str4, str3), str8 + str4, str3);
                LegacySubnetTierImpl.log.debug("sensor mapper transforming address in " + entity + "->" + attributeSensor + ": input=" + str2 + "; output=" + replaceIfNotNull + "; replacementSource=" + entity3 + "->" + attributeSensor3 + "; replacementText=" + str3 + "; suffix=" + str4 + "; localHostname=" + str5 + "; localSubnetHostname=" + str6 + "; localAddress=" + str7 + "; privateHostname=" + str8);
                return replaceIfNotNull;
            }
        });
        subscribe(entity, SoftwareProcess.HOSTNAME, sensorPropagaterWithReplacement);
        subscribe(entity, attributeSensor, sensorPropagaterWithReplacement);
        String apply = sensorPropagaterWithReplacement.apply((String) entity.getAttribute(attributeSensor));
        if (apply != null) {
            setAttributeIfChanged(entity, attributeSensor, apply);
        }
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openPublicIp(EntityAndAttribute<String> entityAndAttribute) {
        subscribe(this, NETWORK_ID, new PublicIPUpdater(entityAndAttribute));
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openStaticNat(Entity entity, AttributeSensor<String> attributeSensor) {
        subscribe(entity, Attributes.HOSTNAME, new StaticNatUpdater(entity, attributeSensor));
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openFirewallPort(EntityAndAttribute<String> entityAndAttribute, int i, FirewallRule.Protocol protocol, Cidr cidr) {
        openFirewallPortRange(entityAndAttribute, i, i, protocol, cidr);
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openFirewallPortRange(EntityAndAttribute<String> entityAndAttribute, int i, int i2, FirewallRule.Protocol protocol, Cidr cidr) {
        SimpleFirewallUpdater simpleFirewallUpdater = new SimpleFirewallUpdater(entityAndAttribute, i, i2, protocol, cidr);
        subscribe(entityAndAttribute.getEntity(), entityAndAttribute.getAttribute(), simpleFirewallUpdater);
        simpleFirewallUpdater.apply(entityAndAttribute.getEntity(), entityAndAttribute.getValue());
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openFirewallPortAndAdvertise(EntityAndAttribute<String> entityAndAttribute, EntityAndAttribute<?> entityAndAttribute2, Integer num, FirewallRule.Protocol protocol, Cidr cidr, EntityAndAttribute<String> entityAndAttribute3) {
        FirewallUpdater2 firewallUpdater2 = new FirewallUpdater2(entityAndAttribute, entityAndAttribute2, num, protocol, cidr, entityAndAttribute3);
        subscribe(entityAndAttribute.getEntity(), entityAndAttribute.getAttribute(), firewallUpdater2);
        subscribe(entityAndAttribute2.getEntity(), entityAndAttribute2.getAttribute(), firewallUpdater2);
        firewallUpdater2.apply(entityAndAttribute.getEntity(), entityAndAttribute.getValue());
    }

    @Override // io.cloudsoft.networking.cloudstack.legacy.LegacySubnetTier
    public void openFirewallPortAndAssign(Entity entity, AttributeSensor<?> attributeSensor, Integer num, Cidr cidr, Entity entity2, AttributeSensor<String> attributeSensor2) {
        FirewallUpdater firewallUpdater = new FirewallUpdater(entity, attributeSensor, num, cidr, entity2, attributeSensor2);
        subscribe(entity, attributeSensor, firewallUpdater);
        subscribe(entity, Attributes.HOSTNAME, firewallUpdater);
        subscribe(entity, PUBLIC_HOSTNAME, firewallUpdater);
    }

    protected Integer getPortForwarding(PortForwardManager portForwardManager, Cidr cidr, Location location, int i, Integer num) {
        int intValue;
        try {
            PortMapping portMappingWithPrivateSide = portForwardManager.getPortMappingWithPrivateSide(location, i);
            String ensurePublicIpHostnameIdentifierForForwarding = ensurePublicIpHostnameIdentifierForForwarding();
            if (num != null) {
                intValue = num.intValue();
                if (portMappingWithPrivateSide != null && portMappingWithPrivateSide.getPublicPort() == intValue) {
                    return Integer.valueOf(portMappingWithPrivateSide.getPublicPort());
                }
                getPortForwardManager().acquirePublicPortExplicit(ensurePublicIpHostnameIdentifierForForwarding, intValue);
            } else {
                if (portMappingWithPrivateSide != null) {
                    return Integer.valueOf(portMappingWithPrivateSide.getPublicPort());
                }
                intValue = getPortForwardManager().acquirePublicPort(ensurePublicIpHostnameIdentifierForForwarding);
            }
            getPortForwardManager().associate(ensurePublicIpHostnameIdentifierForForwarding, intValue, location, i);
            systemCreatePortForwarding(ensurePublicIpHostnameIdentifierForForwarding, cidr, intValue, location, i);
            return Integer.valueOf(intValue);
        } catch (Exception e) {
            log.warn("Unable to get port forwarding for " + cidr + " to " + location + ":" + i + " (in " + this + ")", e);
            return null;
        }
    }

    protected synchronized String ensurePublicIpHostnameIdentifierForForwarding() {
        String str = (String) getAttribute(PUBLIC_HOSTNAME_IP_ADDRESS_ID);
        if (str != null) {
            return str;
        }
        try {
            systemCreatePublicIpHostnameForForwarding();
        } catch (Exception e) {
            log.error("Unable to get public IP for " + this + ": " + e);
        }
        String str2 = (String) getAttribute(PUBLIC_HOSTNAME_IP_ADDRESS_ID);
        if (str2 == null) {
            log.warn("No public IP ID available for " + this);
        }
        return str2;
    }

    protected void systemCreatePublicIpHostnameForForwarding() {
        PublicIPAddress systemCreatePublicIpHostname = systemCreatePublicIpHostname();
        setAttribute(PUBLIC_HOSTNAME, systemCreatePublicIpHostname.getIPAddress());
        setAttribute(PUBLIC_HOSTNAME_IP_ADDRESS_ID, systemCreatePublicIpHostname.getId());
    }

    protected PublicIPAddress systemCreatePublicIpHostname() {
        PublicIPAddress createIpAddressForVpc;
        Location location = (Location) Iterables.getOnlyElement(getLocations());
        String vpcId = getVpcId(location);
        if (vpcId == null) {
            AsyncCreateResponse associateIPAddressInZone = this.cloudstackClient.getCloudstackGlobalClient().getAddressApi().associateIPAddressInZone(getZoneId(location), new AssociateIPAddressOptions[]{AssociateIPAddressOptions.Builder.networkId((String) getAttribute(NETWORK_ID))});
            this.cloudstackClient.waitForJobSuccess(associateIPAddressInZone.getJobId());
            createIpAddressForVpc = this.cloudstackClient.getCloudstackGlobalClient().getAddressApi().getPublicIPAddress(associateIPAddressInZone.getId());
        } else {
            createIpAddressForVpc = this.cloudstackClient.createIpAddressForVpc(vpcId);
        }
        synchronized (this) {
            ImmutableMap immutableMap = (Map) getAttribute(PUBLIC_HOSTNAME_IP_IDS);
            if (immutableMap == null) {
                immutableMap = ImmutableMap.of();
            }
            setAttribute(PUBLIC_HOSTNAME_IP_IDS, MutableMap.builder().putAll(immutableMap).put(createIpAddressForVpc.getIPAddress(), createIpAddressForVpc.getId()).build());
        }
        return createIpAddressForVpc;
    }

    protected boolean systemCreatePortForwarding(String str, Cidr cidr, int i, Location location, int i2) {
        boolean waitForJobsSuccess;
        String str2 = (String) location.getConfig(LegacyJcloudsCloudstackSubnetLocation.VM_IDENTIFIER);
        if (str2 == null) {
            log.warn("Skipping creation of port forward rule for " + location + " port " + i2 + " because location does not have an identifier set");
            return false;
        }
        try {
            String str3 = (String) getAttribute(NETWORK_ID);
            if (isVpcEnabled()) {
                waitForJobsSuccess = true & this.cloudstackClient.waitForJobsSuccess(Arrays.asList(this.cloudstackClient.createPortForwardRuleForVpc(str3, str, PortForwardingRule.Protocol.TCP, i, str2, i2)));
                this.cloudstackClient.createVpcNetworkAcl(str3, "TCP", cidr.toString(), Integer.valueOf(i), Integer.valueOf(i), null, null, "INGRESS");
            } else {
                waitForJobsSuccess = true & this.cloudstackClient.waitForJobsSuccess(Arrays.asList(this.cloudstackClient.createPortForwardRuleForVm(str, PortForwardingRule.Protocol.TCP, i, str2, i2))) & systemOpenFirewall(str, cidr, i, i, FirewallRule.Protocol.TCP);
            }
            if (waitForJobsSuccess) {
                return true;
            }
            log.error("Failed creating port forwarding rule on " + this + " to " + str2);
            return false;
        } catch (Exception e) {
            log.error("Failed creating port forwarding rule on " + this + " to " + str2 + ": " + e);
            return false;
        }
    }

    protected boolean systemOpenFirewall(String str, Cidr cidr, int i, int i2, FirewallRule.Protocol protocol) {
        try {
            if (true && this.cloudstackClient.waitForJobsSuccess(Arrays.asList(this.cloudstackClient.getCloudstackGlobalClient().getFirewallApi().createFirewallRuleForIpAndProtocol(str, protocol, new CreateFirewallRuleOptions[]{CreateFirewallRuleOptions.Builder.startPort(i).endPort(i2).CIDRs(ImmutableSet.of(cidr.toString()))}).getJobId()))) {
                return true;
            }
            log.error("Failed creating firewall rule on " + this + " to " + str + ":" + i + "-" + i2);
            return false;
        } catch (Exception e) {
            log.error("Failed creating firewall rule on " + this + " to " + str + ":" + i + "-" + i2);
            return false;
        }
    }

    protected boolean systemEnableStaticNat(String str, Location location) {
        String str2 = (String) location.getConfig(LegacyJcloudsCloudstackSubnetLocation.VM_IDENTIFIER);
        if (str2 == null) {
            log.warn("Skipping enabling of static nat for " + location + " because location does not have an identifier set");
            return false;
        }
        try {
            this.cloudstackClient.getNATClient().enableStaticNATForVirtualMachine(str2, str);
            return true;
        } catch (Exception e) {
            log.error("Failed creating firewall rule on " + this + " to " + str2 + ": " + e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String retrievePublicIpId(String str) {
        Map map = (Map) getAttribute(PUBLIC_HOSTNAME_IP_IDS);
        if (map == null) {
            return null;
        }
        return (String) map.get(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static <T> void setAttributeIfChanged(EntityAndAttribute<T> entityAndAttribute, T t) {
        setAttributeIfChanged(entityAndAttribute.getEntity(), entityAndAttribute.getAttribute(), t);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static <T> void setAttributeIfChanged(Entity entity, AttributeSensor<T> attributeSensor, T t) {
        if (Objects.equal(entity.getAttribute(attributeSensor), t)) {
            return;
        }
        ((EntityLocal) entity).setAttribute(attributeSensor, t);
    }
}
