package pl.codewise.commons.aws.cqrs.operations.ec2;

import com.amazonaws.services.ec2.AmazonEC2;
import com.amazonaws.services.ec2.model.AmazonEC2Exception;
import com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest;
import com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressResult;
import com.amazonaws.services.ec2.model.CreateSecurityGroupRequest;
import com.amazonaws.services.ec2.model.CreateSecurityGroupResult;
import com.amazonaws.services.ec2.model.DeleteSecurityGroupRequest;
import com.amazonaws.services.ec2.model.DeleteSecurityGroupResult;
import com.amazonaws.services.ec2.model.IpPermission;
import com.amazonaws.services.ec2.model.UserIdGroupPair;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.mockito.stubbing.OngoingStubbing;
import pl.codewise.commons.aws.cqrs.model.ec2.sg.AwsSecurityGroup;
import pl.codewise.commons.aws.cqrs.model.ec2.sg.GroupInboundRule;
import pl.codewise.commons.aws.cqrs.model.ec2.sg.InboundRule;
import pl.codewise.commons.aws.cqrs.model.ec2.sg.IpInboundRule;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:pl/codewise/commons/aws/cqrs/operations/ec2/SecurityGroupOperationsTest.class */
public class SecurityGroupOperationsTest {
    private SecurityGroupOperations securityGroupOperations;

    @Mock
    private AmazonEC2 amazonEC2;
    private String protocol = "tcp";
    private final String groupName = "test-sg";
    private final String groupId = "sg-9876543";
    private final String sourceGroupId = "sg-8765432";
    private final String sourceIpAddress = "123.123.123.123/32";
    private final int fromPort = 1234;
    private final int toPort = 4321;
    private final InboundRule inboundRuleForIpAddress = new IpInboundRule(this.protocol, "sg-9876543", 1234, 4321, "123.123.123.123/32");
    private final InboundRule inboundRuleForGroup = new GroupInboundRule(this.protocol, "sg-9876543", 1234, 4321, "sg-8765432");
    private final String vpc = "vpc-1234567";

    @Before
    public void setUp() {
        this.securityGroupOperations = new SecurityGroupOperations(this.amazonEC2);
    }

    @Test
    public void shouldNotCreateSecurityGroup() {
        givenUnableToCreateSecurityGroup(new AmazonEC2Exception("UnableToCreate"));
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.securityGroupOperations.createSecurityGroup("test-sg", "vpc-1234567");
        })).isExactlyInstanceOf(AmazonEC2Exception.class).hasMessageContaining("UnableToCreate");
    }

    @Test
    public void shouldCreateSecurityGroup() {
        givenCreatedGroupWithId("sg-9876543");
        Assertions.assertThat(this.securityGroupOperations.createSecurityGroup("test-sg", "vpc-1234567")).isEqualTo(new AwsSecurityGroup("sg-9876543"));
    }

    @Test
    public void shouldNotDeleteSecurityGroup() {
        whenDeleteSecurityGroupRequested("sg-9876543").thenThrow(new Throwable[]{new AmazonEC2Exception("UnableToDeleteSecurityGroup")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.securityGroupOperations.deleteSecurityGroup("sg-9876543");
        })).isExactlyInstanceOf(AmazonEC2Exception.class).hasMessageContaining("UnableToDeleteSecurityGroup");
    }

    @Test
    public void shouldDeleteSecurityGroup() {
        whenDeleteSecurityGroupRequested("sg-9876543").thenReturn(someDeleteSecurityGroupResult());
        this.securityGroupOperations.deleteSecurityGroup("sg-9876543");
        ((AmazonEC2) Mockito.verify(this.amazonEC2)).deleteSecurityGroup(new DeleteSecurityGroupRequest().withGroupId("sg-9876543"));
    }

    @Test
    public void shouldNotAddRuleForGroup() {
        whenAddIpPermissionForGroupRequested().thenThrow(new Throwable[]{new AmazonEC2Exception("UnableToAddRule")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.securityGroupOperations.addInboundRule(this.inboundRuleForGroup);
        })).isExactlyInstanceOf(AmazonEC2Exception.class).hasMessageContaining("UnableToAddRule");
    }

    @Test
    public void shouldAddRuleForGroup() {
        this.securityGroupOperations.addInboundRule(this.inboundRuleForGroup);
        ((AmazonEC2) Mockito.verify(this.amazonEC2)).authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest().withGroupId("sg-9876543").withIpPermissions(new IpPermission[]{ipPermissionsForGroup()}));
    }

    @Test
    public void shouldNotAddRuleForIpAddress() {
        whenAddIpPermissionForIpAddressRequested().thenThrow(new Throwable[]{new AmazonEC2Exception("UnableToAddRule")});
        Assertions.assertThat(Assertions.catchThrowable(() -> {
            this.securityGroupOperations.addInboundRule(this.inboundRuleForIpAddress);
        })).isExactlyInstanceOf(AmazonEC2Exception.class).hasMessageContaining("UnableToAddRule");
    }

    @Test
    public void shouldAddRuleForIpAddress() {
        this.securityGroupOperations.addInboundRule(this.inboundRuleForIpAddress);
        ((AmazonEC2) Mockito.verify(this.amazonEC2)).authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest().withGroupId("sg-9876543").withIpPermissions(new IpPermission[]{ipPermissionsForIpAddress()}));
    }

    private void givenUnableToCreateSecurityGroup(Exception exc) {
        Mockito.when(this.amazonEC2.createSecurityGroup((CreateSecurityGroupRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{exc});
    }

    private void givenCreatedGroupWithId(String str) {
        Mockito.when(this.amazonEC2.createSecurityGroup((CreateSecurityGroupRequest) ArgumentMatchers.any())).thenReturn(new CreateSecurityGroupResult().withGroupId(str));
    }

    private OngoingStubbing<DeleteSecurityGroupResult> whenDeleteSecurityGroupRequested(String str) {
        return Mockito.when(this.amazonEC2.deleteSecurityGroup(new DeleteSecurityGroupRequest().withGroupId(str)));
    }

    private DeleteSecurityGroupResult someDeleteSecurityGroupResult() {
        return new DeleteSecurityGroupResult();
    }

    private OngoingStubbing<AuthorizeSecurityGroupIngressResult> whenAddIpPermissionForGroupRequested() {
        return Mockito.when(this.amazonEC2.authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest().withGroupId("sg-9876543").withIpPermissions(new IpPermission[]{ipPermissionsForGroup()})));
    }

    private OngoingStubbing<AuthorizeSecurityGroupIngressResult> whenAddIpPermissionForIpAddressRequested() {
        return Mockito.when(this.amazonEC2.authorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest().withGroupId("sg-9876543").withIpPermissions(new IpPermission[]{ipPermissionsForIpAddress()})));
    }

    private IpPermission ipPermissionsForGroup() {
        return initialIpPermission().withUserIdGroupPairs(new UserIdGroupPair[]{new UserIdGroupPair().withGroupId("sg-8765432")});
    }

    private IpPermission ipPermissionsForIpAddress() {
        return initialIpPermission().withIpRanges(new String[]{"123.123.123.123/32"});
    }

    private IpPermission initialIpPermission() {
        return new IpPermission().withIpProtocol(this.protocol).withFromPort(1234).withToPort(4321);
    }
}
