package com.huawei.bigdata.om.web.controller;

import com.huawei.bigdata.om.common.utils.StringHelper;
import com.huawei.bigdata.om.controller.api.common.data.State;
import com.huawei.bigdata.om.controller.api.common.maintenance.ParameterCheck;
import com.huawei.bigdata.om.northbound.snmp.config.SnmpAgentConfig;
import com.huawei.bigdata.om.northbound.snmp.config.SnmpAgentConfigManager;
import com.huawei.bigdata.om.northbound.snmp.config.TrapTarget;
import com.huawei.bigdata.om.northbound.snmp.constdefinition.AuthProtocolEnum;
import com.huawei.bigdata.om.northbound.snmp.constdefinition.ConstDefinition;
import com.huawei.bigdata.om.northbound.snmp.constdefinition.PrivProtocolEnum;
import com.huawei.bigdata.om.northbound.snmp.util.MibUtil;
import com.huawei.bigdata.om.northbound.snmp.util.SnmpUtil;
import com.huawei.bigdata.om.web.constant.IllegalParameterException;
import com.huawei.bigdata.om.web.constant.Resource;
import com.huawei.bigdata.om.web.model.proto.RESTResponse;
import com.huawei.bigdata.om.web.model.proto.Response;
import com.huawei.bigdata.om.web.util.WebProperty;
import com.huawei.bigdata.om.web.util.WebUtils;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.SessionAttributes;

@RequestMapping({"/snmp"})
@EnableAsync
@Controller
@SessionAttributes({"webClient"})
/* loaded from: input_file:com/huawei/bigdata/om/web/controller/SnmpController.class */
public class SnmpController extends BaseController {
    private static final Logger LOG = LoggerFactory.getLogger(SnmpController.class);
    private static final int NMS_SYMBOL_LENGTH_MAX = 255;
    private static final int VALID_PORT_MIN = 1024;
    private static final int VALID_PORT_MAX = 65535;

    @RequestMapping(value = {"/config.do"}, method = {RequestMethod.POST})
    @ResponseBody
    public Response saveSnmpAttribute(@RequestBody SnmpAgentConfig snmpAgentConfig, HttpServletRequest httpServletRequest) {
        LOG.debug("Enter save snmp attribute.");
        Response response = new Response();
        response.setState(State.FAILED);
        response.setErrorCode(1);
        String lanFromCookies = WebUtils.getLanFromCookies(httpServletRequest);
        if (!WebUtils.isLicValid(this.controllerClient)) {
            LOG.error("License is invalid.Please import a new license.");
            response.setState(State.FAILED);
            response.setErrorDescription(lanFromCookies, Resource.RES_INVALID_LIC);
            return response;
        }
        if (snmpAgentConfig == null) {
            LOG.error("The snmpAgentConfig of arguments is null.");
            response.setErrorDescription(lanFromCookies, Resource.SNMP_CONFIG_IS_NULL);
            return response;
        }
        SnmpAgentConfig snmpAgentConfig2 = SnmpAgentConfigManager.getInstance().getSnmpAgentConfig();
        if (snmpAgentConfig2 == null) {
            LOG.error("Get snmp agent config from memory is null.");
            response.setErrorDescription(lanFromCookies, Resource.SAVE_SNMP_CONFIG_FAIL);
            return response;
        }
        SnmpAgentConfig decryptConfig = SnmpAgentConfigManager.getInstance().decryptConfig(snmpAgentConfig2);
        if (decryptConfig == null) {
            LOG.error("Failed to decrypt snmp agent config from memory config.");
            response.setErrorDescription(lanFromCookies, Resource.SAVE_SNMP_CONFIG_FAIL);
            return response;
        }
        int status = snmpAgentConfig.getStatus();
        if (status == 0) {
            snmpAgentConfig = decryptConfig;
            snmpAgentConfig.setStatus(status);
        } else {
            int version = snmpAgentConfig.getVersion();
            if (version == 1) {
                snmpAgentConfig.setAuthPassphrase(decryptConfig.getAuthPassphrase());
                snmpAgentConfig.setAuthProtocol(decryptConfig.getAuthProtocol());
                snmpAgentConfig.setPrivPassphrase(decryptConfig.getPrivPassphrase());
                snmpAgentConfig.setPrivProtocol(decryptConfig.getPrivProtocol());
                snmpAgentConfig.setSupportAuthProtocols(decryptConfig.getSupportAuthProtocols());
                snmpAgentConfig.setSupportPrivProtocols(decryptConfig.getSupportPrivProtocols());
                snmpAgentConfig.setUser(decryptConfig.getUser());
            } else {
                if (version != 3) {
                    LOG.error("The snmpAgentConfig version={} is invalid.", Integer.valueOf(version));
                    response.setErrorDescription(lanFromCookies, Resource.INVALID_VERSION);
                    return response;
                }
                snmpAgentConfig.setReadCommunity(decryptConfig.getReadCommunity());
                snmpAgentConfig.setWriteCommunity(decryptConfig.getWriteCommunity());
            }
            try {
                checkValidSnmpAgentConfig(snmpAgentConfig);
            } catch (Exception e) {
                response.setState(State.FAILED);
                response.setErrorDescription(lanFromCookies, e.getMessage());
                return response;
            }
        }
        try {
            SnmpAgentConfigManager.getInstance().setSnmpAgentConfig(snmpAgentConfig);
            response.setErrorCode(0);
            response.setState(State.COMPLETE);
            LOG.debug("Leave save snmp attribute.");
            return response;
        } catch (Exception e2) {
            LOG.error("Failed to set snmp attribute.");
            response.setErrorDescription(lanFromCookies, Resource.SAVE_SNMP_CONFIG_FAIL);
            return response;
        }
    }

    private void checkValidSnmpAgentConfig(SnmpAgentConfig snmpAgentConfig) throws IllegalParameterException {
        int status = snmpAgentConfig.getStatus();
        if (status != 1 && status != 0) {
            LOG.error("The snmpAgentConfig status={} is invalid.", Integer.valueOf(status));
            throw new IllegalParameterException(Resource.INVALID_STATUS);
        }
        snmpAgentConfig.setSupportAuthProtocols(AuthProtocolEnum.getAllAuthProtocolNames());
        snmpAgentConfig.setSupportPrivProtocols(PrivProtocolEnum.getAllPrivProtocolNames());
        int version = snmpAgentConfig.getVersion();
        if (version == 1) {
            checkSnmpV2cConfig(snmpAgentConfig);
        } else {
            if (version != 3) {
                LOG.error("The snmpAgentConfig version={} is invalid.", Integer.valueOf(version));
                throw new IllegalParameterException(Resource.INVALID_VERSION);
            }
            checkSnmpV3Config(snmpAgentConfig);
        }
        String localIp = snmpAgentConfig.getLocalIp();
        int localPort = snmpAgentConfig.getLocalPort();
        int retryCount = snmpAgentConfig.getRetryCount();
        int timeout = snmpAgentConfig.getTimeout();
        int numDispatcherThreads = snmpAgentConfig.getNumDispatcherThreads();
        if (StringUtils.isEmpty(localIp) || !ParameterCheck.getInstance().isValidIPForClassABC(localIp)) {
            LOG.error("The snmpAgentConfig localIp={} is invalid.", StringHelper.replaceBlank(localIp));
            throw new IllegalParameterException(Resource.INVALID_LOCAL_IP);
        }
        String webFloatIp = WebProperty.getWebPropertyReader().getWebFloatIp();
        if (!(StringUtils.isEmpty(webFloatIp) ? ConstDefinition.LOCAL_IP : webFloatIp).equalsIgnoreCase(localIp)) {
            LOG.error("The snmpAgentConfig localIp={} is invalid.", StringHelper.replaceBlank(localIp));
            throw new IllegalParameterException(Resource.INVALID_LOCAL_IP);
        }
        if (localPort <= 1024 || localPort > 65535) {
            LOG.error("The snmpAgentConfig localPort={} is invalid.", Integer.valueOf(localPort));
            throw new IllegalParameterException(Resource.INVALID_PORT);
        }
        if (retryCount != 0) {
            LOG.error("The snmpAgentConfig retryCount={} is invalid.", Integer.valueOf(retryCount));
            throw new IllegalParameterException(Resource.INVALID_RETRY_COUNT);
        }
        if (timeout != 1000) {
            LOG.error("The snmpAgentConfig timeout={} is invalid.", Integer.valueOf(timeout));
            throw new IllegalParameterException(Resource.INVALID_TIMEOUT);
        }
        if (numDispatcherThreads != 5) {
            LOG.error("The snmpAgentConfig dispatcherThreads={} is invalid.", Integer.valueOf(numDispatcherThreads));
            throw new IllegalParameterException(Resource.INVALID_DISPATCHER_THREADS);
        }
    }

    private void checkSnmpV3Config(SnmpAgentConfig snmpAgentConfig) throws IllegalParameterException {
        List<String> supportAuthProtocols = snmpAgentConfig.getSupportAuthProtocols();
        String authProtocol = snmpAgentConfig.getAuthProtocol();
        if (!supportAuthProtocols.contains(authProtocol)) {
            LOG.error("The snmpAgentConfig authProtocol={} is invalid.", StringHelper.replaceBlank(authProtocol));
            throw new IllegalParameterException(Resource.INVALID_AUTH_PROTOCOL);
        }
        List<String> supportPrivProtocols = snmpAgentConfig.getSupportPrivProtocols();
        String privProtocol = snmpAgentConfig.getPrivProtocol();
        if (!supportPrivProtocols.contains(privProtocol)) {
            LOG.error("The snmpAgentConfig privProtocol={} is invalid.", StringHelper.replaceBlank(privProtocol));
            throw new IllegalParameterException(Resource.INVALID_PRIVATE_PROTOCOL);
        }
        String authPassphrase = snmpAgentConfig.getAuthPassphrase();
        if (!SnmpUtil.checkSnmpPrivacy(authPassphrase)) {
            LOG.error("The snmpAgentConfig authPassphrase is invalid.");
            throw new IllegalParameterException(Resource.INVALID_AUTH_PASSPHRASE);
        }
        String privPassphrase = snmpAgentConfig.getPrivPassphrase();
        if (!SnmpUtil.checkSnmpPrivacy(privPassphrase)) {
            LOG.error("The snmpAgentConfig privPassphrase is invalid.");
            throw new IllegalParameterException(Resource.INVALID_PRIVATE_PASSPHRASE);
        }
        if (authPassphrase.equals(privPassphrase)) {
            LOG.error("The values of Auth passphrase and Privacy passphrase cannot be the same.");
            throw new IllegalParameterException(Resource.INVALID_PASSPHRASE);
        }
        String user = snmpAgentConfig.getUser();
        if (!SnmpUtil.checkSnmpPrivacy(user)) {
            LOG.error("The snmpAgentConfig user is invalid.");
            throw new IllegalParameterException(Resource.INVALID_SECURITY_USER_NAME);
        }
        if (authPassphrase.equals(user) || authPassphrase.equals(StringUtils.reverse(user))) {
            LOG.error("The snmpAgentConfig authPassphrase is invalid,authPassphrase must be different from username.");
            throw new IllegalParameterException(Resource.INVALID_AUTH_PASSPHRASE);
        }
        if (privPassphrase.equals(user) || privPassphrase.equals(StringUtils.reverse(user))) {
            LOG.error("The snmpAgentConfig privPassphrase is invalid,privPassphrase must be different from username.");
            throw new IllegalParameterException(Resource.INVALID_PRIVATE_PASSPHRASE);
        }
        List<TrapTarget> trapTargets = snmpAgentConfig.getTrapTargets();
        if (trapTargets == null || trapTargets.isEmpty()) {
            return;
        }
        amendV3TrapTargets(trapTargets, user);
        isValidTrapTargets(trapTargets);
    }

    private void checkSnmpV2cConfig(SnmpAgentConfig snmpAgentConfig) throws IllegalParameterException {
        int version = snmpAgentConfig.getVersion();
        if (version != 1) {
            LOG.error("The snmpAgentConfig version={} is invalid.", Integer.valueOf(version));
            throw new IllegalParameterException(Resource.INVALID_VERSION);
        }
        if (!SnmpUtil.checkSnmpPrivacy(snmpAgentConfig.getReadCommunity())) {
            LOG.error("The snmpAgentConfig readCommunity is invalid.");
            throw new IllegalParameterException(Resource.INVALID_READ_COMMUNITY);
        }
        if (!SnmpUtil.checkSnmpPrivacy(snmpAgentConfig.getWriteCommunity())) {
            LOG.error("The snmpAgentConfig writeCommunity is invalid.");
            throw new IllegalParameterException(Resource.INVALID_WRITE_COMMUNITY);
        }
        List<TrapTarget> trapTargets = snmpAgentConfig.getTrapTargets();
        if (trapTargets == null || trapTargets.isEmpty()) {
            return;
        }
        isValidTrapTargets(trapTargets);
    }

    private void amendV3TrapTargets(List<TrapTarget> list, String str) {
        for (TrapTarget trapTarget : list) {
            if (StringUtils.isEmpty(trapTarget.getTrapCommunity())) {
                trapTarget.setTrapCommunity(str);
            }
        }
    }

    private void isValidTrapTargets(Collection<TrapTarget> collection) throws IllegalParameterException {
        if (collection == null || collection.isEmpty() || collection.size() > 10) {
            LOG.error("The snmpAgentConfig is invalid.");
            throw new IllegalParameterException(Resource.INVALID_TRAP_TARGET_NUM);
        }
        HashSet hashSet = new HashSet();
        for (TrapTarget trapTarget : collection) {
            String nmsSymbol = trapTarget.getNmsSymbol();
            if (hashSet.contains(nmsSymbol)) {
                LOG.error("The snmpAgentConfig nmsSymbol={} is invalid.", StringHelper.replaceBlank(nmsSymbol));
                throw new IllegalParameterException(Resource.INVALID_TARGET_SYMBOL);
            }
            if (StringUtils.isEmpty(nmsSymbol) || nmsSymbol.length() > NMS_SYMBOL_LENGTH_MAX) {
                LOG.error("The snmpAgentConfig nmsSymbol={} is invalid.", StringHelper.replaceBlank(nmsSymbol));
                throw new IllegalParameterException(Resource.INVALID_TARGET_SYMBOL);
            }
            String hostIp = trapTarget.getHostIp();
            if (StringUtils.isEmpty(hostIp) || !ParameterCheck.getInstance().isValidIPForClassABC(hostIp)) {
                LOG.error("The snmpAgentConfig targetIp={} is invalid.", StringHelper.replaceBlank(hostIp));
                throw new IllegalParameterException(Resource.INVALID_TARGET_IP);
            }
            int port = trapTarget.getPort();
            if (!MibUtil.checkInetPort(port)) {
                LOG.error("The snmpAgentConfig targetPort={} is invalid.", Integer.valueOf(port));
                throw new IllegalParameterException(Resource.INVALID_TARGET_PORT);
            }
            if (StringUtils.isEmpty(trapTarget.getTrapCommunity())) {
                LOG.error("The snmpAgentConfig trapCommunity is invalid.");
                throw new IllegalParameterException(Resource.INVALID_TRAP_COMMUNITY);
            }
            hashSet.add(trapTarget.getNmsSymbol());
        }
    }

    @RequestMapping(value = {"/config.do"}, method = {RequestMethod.GET})
    @ResponseBody
    public RESTResponse<SnmpAgentConfig> querySnmpAttribute(HttpServletRequest httpServletRequest) {
        LOG.debug("Enter query snmp attribute.");
        RESTResponse<SnmpAgentConfig> rESTResponse = new RESTResponse<>();
        String lanFromCookies = WebUtils.getLanFromCookies(httpServletRequest);
        SnmpAgentConfig snmpAgentConfig = SnmpAgentConfigManager.getInstance().getSnmpAgentConfig();
        if (null == snmpAgentConfig) {
            rESTResponse.setErrorDescription(lanFromCookies, Resource.SNMP_CONFIG_IS_NULL);
            rESTResponse.setState(State.FAILED);
        } else {
            LOG.info("the values of the datas back the web like passphrase is not null,set null");
            SnmpAgentConfig decryptConfig = SnmpAgentConfigManager.getInstance().decryptConfig(snmpAgentConfig);
            decryptConfig.setAuthPassphrase("");
            decryptConfig.setPrivPassphrase("");
            rESTResponse.setResObj(decryptConfig);
            rESTResponse.setState(State.COMPLETE);
        }
        LOG.debug("Leave query snmp attribute.");
        return rESTResponse;
    }
}
