# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.  The
# ASF licenses this file to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance with the
# License.  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
# License for the specific language governing permissions and limitations
# under the License.

module Deltacloud::Collections
  class Firewalls < Base

    check_capability :for => lambda { |m| driver.respond_to? m }
    check_features :for => lambda { |c, f| driver.class.has_feature?(c, f) }

    get route_for('/firewalls/:id/new_rule') do
      @firewall_name = params[:id]
      respond_to do |format|
        format.html {haml :"firewalls/new_rule" }
      end
    end

    new_route_for :firewalls

    collection :firewalls do
      description "Allow user to define firewall rules for an instance (ec2 security groups) eg expose ssh access [port 22, tcp]."

      collection :rules, :with_id => :rule_id, :no_member => true do

        operation :destroy, :with_capability => :delete_firewall_rule do
          control do
            opts = {}
            opts[:firewall] = params[:id]
            opts[:rule_id] = params[:rule_id]
            driver.delete_firewall_rule(credentials, opts)
            status 204
            respond_to do |format|
              format.xml
              format.json
              format.html {redirect firewall_url(params[:id])}
            end
          end
        end

      end

      standard_show_operation
      standard_index_operation

      operation :create, :with_capability => :create_firewall do
        param :name,          :string,    :required
        param :description,   :string,    :required
        control do
          @firewall = driver.create_firewall(credentials, params )
          status 201  # Created
          response['Location'] = firewall_url(@firewall.id)
          respond_to do |format|
            format.xml  { haml :"firewalls/show" }
            format.html { haml :"firewalls/show" }
            format.json { convert_to_json(:firewall, @firewall) }
          end
        end
      end

      operation :destroy, :with_capability => :delete_firewall do
        control do
          driver.delete_firewall(credentials, params)
          status 204
          respond_to do |format|
            format.xml
            format.json
            format.html {  redirect(firewalls_url) }
          end
        end
      end

      action :rules, :with_capability => :create_firewall_rule do
        param :protocol,  :required, :string, ['tcp','udp','icmp'], "Transport layer protocol for the rule"
        param :port_from, :required, :string, [], "Start of port range for the rule"
        param :port_to,   :required, :string, [], "End of port range for the rule"
        control do
          #source IPs from params
          addresses =  params.inject([]){|result,current| result << current.last unless current.grep(/^ip[-_]address/i).empty?; result}
          #source groups from params
          groups = {}
          max_groups  = params.select{|k,v| k=~/^group/}.size/2
          for i in (1..max_groups) do
            groups.merge!({params["group#{i}"]=>params["group#{i}owner"]})
          end
          params['addresses'] = addresses
          params['groups'] = groups
          if addresses.empty? && groups.empty?
            raise Deltacloud::ExceptionHandler::ValidationFailure.new(
              StandardError.new("No sources. Specify at least one source ip_address or group")
            )
          end
          driver.create_firewall_rule(credentials, params)
          @firewall = driver.firewall(credentials, {:id => params[:id]})
          status 201
          respond_to do |format|
            format.xml  { haml :"firewalls/show" }
            format.html { haml :"firewalls/show" }
            format.json { convert_to_json(:firewall, @firewall) }
          end
        end
      end

    end
  end
end