func createEgressFirewallRule()

in cloudstack/resource_cloudstack_egress_firewall.go [169:258]

• 68 lines of code
• 17 McCabe index (conditional complexity)

func createEgressFirewallRule(d *schema.ResourceData, meta interface{}, rule map[string]interface{}) error {
	cs := meta.(*cloudstack.CloudStackClient)
	uuids := rule["uuids"].(map[string]interface{})

	// Make sure all required rule parameters are there
	if err := verifyEgressFirewallRuleParams(d, rule); err != nil {
		return err
	}

	// Create a new parameter struct
	p := cs.Firewall.NewCreateEgressFirewallRuleParams(d.Id(), rule["protocol"].(string))

	// Set the CIDR list
	var cidrList []string
	if rs := rule["cidr_list"].(*schema.Set); rs.Len() > 0 {
		for _, cidr := range rule["cidr_list"].(*schema.Set).List() {
			cidrList = append(cidrList, cidr.(string))
		}
		p.SetCidrlist(cidrList)
	}

	// If the protocol is ICMP set the needed ICMP parameters
	if rule["protocol"].(string) == "icmp" {
		p.SetIcmptype(rule["icmp_type"].(int))
		p.SetIcmpcode(rule["icmp_code"].(int))

		r, err := cs.Firewall.CreateEgressFirewallRule(p)
		if err != nil {
			return err
		}
		uuids["icmp"] = r.Id
		rule["uuids"] = uuids
	}

	// If protocol is not ICMP and not ALL, loop through all ports
	if rule["protocol"].(string) != "icmp" && strings.ToLower(rule["protocol"].(string)) != "all" {
		if ps := rule["ports"].(*schema.Set); ps.Len() > 0 {

			// Create an empty schema.Set to hold all processed ports
			ports := &schema.Set{F: schema.HashString}

			for _, port := range ps.List() {
				if _, ok := uuids[port.(string)]; ok {
					ports.Add(port)
					rule["ports"] = ports
					continue
				}

				m := splitPorts.FindStringSubmatch(port.(string))

				startPort, err := strconv.Atoi(m[1])
				if err != nil {
					return err
				}

				endPort := startPort
				if m[2] != "" {
					endPort, err = strconv.Atoi(m[2])
					if err != nil {
						return err
					}
				}

				p.SetStartport(startPort)
				p.SetEndport(endPort)

				r, err := cs.Firewall.CreateEgressFirewallRule(p)
				if err != nil {
					return err
				}

				ports.Add(port)
				rule["ports"] = ports

				uuids[port.(string)] = r.Id
				rule["uuids"] = uuids
			}
		}
	}

	if strings.ToLower(rule["protocol"].(string)) == "all" {
		r, err := cs.Firewall.CreateEgressFirewallRule(p)
		if err != nil {
			return err
		}
		uuids["all"] = r.Id
		rule["uuids"] = uuids
	}
	return nil
}