func readSecurityGroupRule()

in cloudstack/resource_cloudstack_security_group_rule.go [392:465]

• 51 lines of code
• 14 McCabe index (conditional complexity)

func readSecurityGroupRule(sg *cloudstack.SecurityGroup, ruleIndex map[string]int, rule map[string]interface{}, uuid string) {
	uuids := rule["uuids"].(map[string]interface{})
	sgRules := append(sg.Ingressrule, sg.Egressrule...)

	if rule["protocol"].(string) == "icmp" {
		id, ok := uuids[uuid+"icmp"]
		if !ok {
			return
		}

		// Get the rule
		idx, ok := ruleIndex[id.(string)]
		if !ok {
			delete(uuids, uuid+"icmp")
			return
		}

		r := sgRules[idx]

		// Update the values
		if r.Cidr != "" {
			rule["cidr_list"].(*schema.Set).Add(r.Cidr)
		}

		if r.Securitygroupname != "" {
			rule["user_security_group_list"].(*schema.Set).Add(r.Securitygroupname)
		}

		rule["protocol"] = r.Protocol
		rule["icmp_type"] = r.Icmptype
		rule["icmp_code"] = r.Icmpcode
	}

	// If protocol is tcp or udp, loop through all ports
	if rule["protocol"].(string) == "tcp" || rule["protocol"].(string) == "udp" {
		if ps := rule["ports"].(*schema.Set); ps.Len() > 0 {

			// Create an empty schema.Set to hold all ports
			ports := &schema.Set{F: schema.HashString}

			// Loop through all ports and retrieve their info
			for _, port := range ps.List() {
				id, ok := uuids[uuid+port.(string)]
				if !ok {
					continue
				}

				// Get the rule
				idx, ok := ruleIndex[id.(string)]
				if !ok {
					delete(uuids, uuid+port.(string))
					continue
				}

				r := sgRules[idx]

				// Create a set with all CIDR's
				cidrs := &schema.Set{F: schema.HashString}
				for _, cidr := range strings.Split(r.Cidr, ",") {
					cidrs.Add(cidr)
				}

				// Update the values
				rule["protocol"] = r.Protocol
				ports.Add(port)
			}

			// If there is at least one port found, add this rule to the rules set
			if ports.Len() > 0 {
				rule["ports"] = ports
			}
		}
	}
}