package org.jclouds.cloudstack.features;

import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.net.HostAndPort;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Iterator;
import java.util.NoSuchElementException;
import org.jclouds.cloudstack.domain.IngressRule;
import org.jclouds.cloudstack.domain.SecurityGroup;
import org.jclouds.cloudstack.domain.VirtualMachine;
import org.jclouds.cloudstack.domain.Zone;
import org.jclouds.cloudstack.internal.BaseCloudStackApiLiveTest;
import org.jclouds.cloudstack.options.AccountInDomainOptions;
import org.jclouds.cloudstack.options.DeployVirtualMachineOptions;
import org.jclouds.cloudstack.options.ListSecurityGroupsOptions;
import org.jclouds.cloudstack.options.ListZonesOptions;
import org.jclouds.util.Strings2;
import org.testng.Assert;
import org.testng.SkipException;
import org.testng.annotations.AfterGroups;
import org.testng.annotations.Test;

@Test(groups = {"live"}, singleThreaded = true, testName = "SecurityGroupApiLiveTest")
/* loaded from: input_file:org/jclouds/cloudstack/features/SecurityGroupApiLiveTest.class */
public class SecurityGroupApiLiveTest extends BaseCloudStackApiLiveTest {
    private SecurityGroup group;
    private boolean securityGroupsSupported;
    private VirtualMachine vm;
    private Zone zone;
    static final /* synthetic */ boolean $assertionsDisabled;

    public SecurityGroupApiLiveTest() {
        this.prefix += "2";
    }

    @Test
    public void testCreateDestroySecurityGroup() {
        try {
            this.zone = (Zone) Iterables.find(this.client.getZoneApi().listZones(new ListZonesOptions[0]), new Predicate<Zone>() { // from class: org.jclouds.cloudstack.features.SecurityGroupApiLiveTest.1
                public boolean apply(Zone zone) {
                    return zone.isSecurityGroupsEnabled();
                }
            });
            this.securityGroupsSupported = true;
            for (SecurityGroup securityGroup : this.client.getSecurityGroupApi().listSecurityGroups(new ListSecurityGroupsOptions[]{ListSecurityGroupsOptions.Builder.named(this.prefix)})) {
                for (IngressRule ingressRule : securityGroup.getIngressRules()) {
                    Assert.assertTrue(this.jobComplete.apply(this.client.getSecurityGroupApi().revokeIngressRule(ingressRule.getId(), new AccountInDomainOptions[0])), ingressRule.toString());
                }
                this.client.getSecurityGroupApi().deleteSecurityGroup(securityGroup.getId());
            }
            this.group = this.client.getSecurityGroupApi().createSecurityGroup(this.prefix);
            Assert.assertEquals(this.group.getName(), this.prefix);
            checkGroup(this.group);
            try {
                this.client.getSecurityGroupApi().createSecurityGroup(this.prefix);
                Assert.fail("Expected IllegalStateException");
            } catch (IllegalStateException e) {
            }
        } catch (NoSuchElementException e2) {
            e2.printStackTrace();
        }
    }

    public static String getCurrentCIDR() throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("http://checkip.amazonaws.com/").openConnection();
        httpURLConnection.connect();
        return Strings2.toStringAndClose(httpURLConnection.getInputStream()).trim() + "/32";
    }

    protected void skipIfSecurityGroupsNotSupported() {
        if (!this.securityGroupsSupported) {
            throw new SkipException("Test cannot run without security groups supported in a zone");
        }
    }

    @Test(dependsOnMethods = {"testCreateDestroySecurityGroup"})
    public void testCreateIngress() throws Exception {
        skipIfSecurityGroupsNotSupported();
        String currentCIDR = getCurrentCIDR();
        ImmutableSet of = ImmutableSet.of(currentCIDR);
        Assert.assertTrue(this.jobComplete.apply(this.client.getSecurityGroupApi().authorizeIngressICMPToCIDRs(this.group.getId(), 0, 8, of, new AccountInDomainOptions[0])), this.group.toString());
        Assert.assertTrue(this.jobComplete.apply(this.client.getSecurityGroupApi().authorizeIngressPortsToCIDRs(this.group.getId(), "TCP", 22, 22, of, new AccountInDomainOptions[0])), this.group.toString());
        AccountInDomainOptions.Builder.accountInDomain(this.group.getAccount(), this.group.getDomainId());
        this.group = (SecurityGroup) Iterables.find(this.client.getSecurityGroupApi().listSecurityGroups(new ListSecurityGroupsOptions[0]), new Predicate<SecurityGroup>() { // from class: org.jclouds.cloudstack.features.SecurityGroupApiLiveTest.2
            public boolean apply(SecurityGroup securityGroup) {
                return securityGroup.getId() == SecurityGroupApiLiveTest.this.group.getId();
            }
        });
        IngressRule ingressRule = (IngressRule) Iterables.find(this.group.getIngressRules(), new Predicate<IngressRule>() { // from class: org.jclouds.cloudstack.features.SecurityGroupApiLiveTest.3
            public boolean apply(IngressRule ingressRule2) {
                return "icmp".equals(ingressRule2.getProtocol());
            }
        });
        if (!$assertionsDisabled && ingressRule.getId() == null) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && !"icmp".equals(ingressRule.getProtocol())) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getStartPort() != -1) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getEndPort() != -1) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getICMPCode() != 0) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getICMPType() != 8) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getAccount() != null) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && ingressRule.getSecurityGroupName() != null) {
            throw new AssertionError(ingressRule);
        }
        if (!$assertionsDisabled && !currentCIDR.equals(ingressRule.getCIDR())) {
            throw new AssertionError(ingressRule);
        }
        IngressRule ingressRule2 = (IngressRule) Iterables.find(this.group.getIngressRules(), new Predicate<IngressRule>() { // from class: org.jclouds.cloudstack.features.SecurityGroupApiLiveTest.4
            public boolean apply(IngressRule ingressRule3) {
                return "tcp".equals(ingressRule3.getProtocol());
            }
        });
        if (!$assertionsDisabled && ingressRule2.getId() == null) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && !"tcp".equals(ingressRule2.getProtocol())) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getStartPort() != 22) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getEndPort() != 22) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getICMPCode() != -1) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getICMPType() != -1) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getAccount() != null) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && ingressRule2.getSecurityGroupName() != null) {
            throw new AssertionError(ingressRule2);
        }
        if (!$assertionsDisabled && !currentCIDR.equals(ingressRule2.getCIDR())) {
            throw new AssertionError(ingressRule2);
        }
    }

    public void testListSecurityGroup() throws Exception {
        skipIfSecurityGroupsNotSupported();
        Iterator it = this.client.getSecurityGroupApi().listSecurityGroups(new ListSecurityGroupsOptions[0]).iterator();
        while (it.hasNext()) {
            checkGroup((SecurityGroup) it.next());
        }
    }

    @Test(dependsOnMethods = {"testCreateIngress"})
    public void testCreateVMInSecurityGroup() throws Exception {
        skipIfSecurityGroupsNotSupported();
        this.vm = VirtualMachineApiLiveTest.createVirtualMachineWithSecurityGroupInZone(this.zone.getId(), defaultTemplateOrPreferredInZone(this.template != null ? this.template.getImageId() : null, this.client, this.zone.getId()), this.group.getId(), this.client, this.jobComplete, this.virtualMachineRunning);
        if (this.vm.getPassword() != null && this.loginCredentials.getOptionalPassword() == null) {
            this.loginCredentials = this.loginCredentials.toBuilder().password(this.vm.getPassword()).build();
        }
        checkSSH(HostAndPort.fromParts(this.vm.getIPAddress(), 22));
    }

    protected void checkGroup(SecurityGroup securityGroup) {
        if (securityGroup.getIngressRules().size() <= 1) {
            Assert.assertEquals(securityGroup, this.client.getSecurityGroupApi().getSecurityGroup(securityGroup.getId()));
            Assert.assertEquals(securityGroup, this.client.getSecurityGroupApi().getSecurityGroupByName(securityGroup.getName()));
        }
        if (!$assertionsDisabled && securityGroup.getId() == null) {
            throw new AssertionError(securityGroup);
        }
        if (!$assertionsDisabled && securityGroup.getName() == null) {
            throw new AssertionError(securityGroup);
        }
        if (!$assertionsDisabled && securityGroup.getAccount() == null) {
            throw new AssertionError(securityGroup);
        }
        if (!$assertionsDisabled && securityGroup.getDomain() == null) {
            throw new AssertionError(securityGroup);
        }
        if (!$assertionsDisabled && securityGroup.getDomainId() == null) {
            throw new AssertionError(securityGroup);
        }
        if (!$assertionsDisabled && securityGroup.getIngressRules() == null) {
            throw new AssertionError(securityGroup);
        }
    }

    @Test
    public void testCreateVMWithoutSecurityGroupAssignsDefault() throws Exception {
        skipIfSecurityGroupsNotSupported();
        VirtualMachine createVirtualMachineWithOptionsInZone = VirtualMachineApiLiveTest.createVirtualMachineWithOptionsInZone(DeployVirtualMachineOptions.NONE, this.zone.getId(), defaultTemplateOrPreferredInZone(this.template != null ? this.template.getImageId() : null, this.client, this.zone.getId()), this.client, this.jobComplete, this.virtualMachineRunning);
        try {
            VirtualMachine virtualMachine = this.client.getVirtualMachineApi().getVirtualMachine(createVirtualMachineWithOptionsInZone.getId());
            Assert.assertEquals(1, virtualMachine.getSecurityGroups().size());
            Assert.assertEquals(((SecurityGroup) Iterables.getOnlyElement(virtualMachine.getSecurityGroups())).getName(), "default");
            Assert.assertTrue(this.jobComplete.apply(this.client.getVirtualMachineApi().destroyVirtualMachine(createVirtualMachineWithOptionsInZone.getId())));
        } catch (Throwable th) {
            Assert.assertTrue(this.jobComplete.apply(this.client.getVirtualMachineApi().destroyVirtualMachine(createVirtualMachineWithOptionsInZone.getId())));
            throw th;
        }
    }

    @AfterGroups(groups = {"live"})
    protected void tearDownContext() {
        if (this.vm != null) {
            Assert.assertTrue(this.jobComplete.apply(this.client.getVirtualMachineApi().destroyVirtualMachine(this.vm.getId())));
        }
        if (this.group != null) {
            for (IngressRule ingressRule : this.group.getIngressRules()) {
                Assert.assertTrue(this.jobComplete.apply(this.client.getSecurityGroupApi().revokeIngressRule(ingressRule.getId(), new AccountInDomainOptions[0])), ingressRule.toString());
            }
            this.client.getSecurityGroupApi().deleteSecurityGroup(this.group.getId());
            Assert.assertEquals(this.client.getSecurityGroupApi().getSecurityGroup(this.group.getId()), (Object) null);
        }
        super.tearDownContext();
    }

    static {
        $assertionsDisabled = !SecurityGroupApiLiveTest.class.desiredAssertionStatus();
    }
}
