func()

in pkg/api/v1/egressrules_webhook.go [74:120]

• 43 lines of code
• 21 McCabe index (conditional complexity)

func (r *AzureFirewallRules) validateFields() error {
	var priorityMap = make(map[int32]string)
	var ruleCollectionNameMap = make(map[string]Pair)
	for _, egressrule := range r.Spec.EgressRules {
		for _, rule := range egressrule.Rules {
			//Rule collection priority must of unique
			if _, ok := priorityMap[rule.Priority]; ok {
				if priorityMap[rule.Priority] != rule.RuleCollectionName {
					return errors.New("Invalid Rule Collection Group . Priority " + strconv.FormatInt(int64(rule.Priority), 10) + " used for more than one rule collection.")
				}
			}
			priorityMap[rule.Priority] = rule.RuleCollectionName

			//Rule Collection names must be unique
			if _, ok := ruleCollectionNameMap[rule.RuleCollectionName]; ok {
				pair := ruleCollectionNameMap[rule.RuleCollectionName]
				if pair.Action != rule.Action || pair.Priority != rule.Priority || pair.RuleCollectionType != rule.RuleType {
					return errors.New("Invalid Rule Collection Group . Name " + rule.RuleCollectionName + " used for more than one rule collection.")
				}
			}
			ruleCollectionNameMap[rule.RuleCollectionName] = Pair{
				Action:             rule.Action,
				Priority:           rule.Priority,
				RuleCollectionType: rule.RuleType,
			}

			if rule.RuleType == "Application" {
				if rule.TargetFqdns == nil {
					return errors.New("Invalid Rule " + rule.RuleName + " Target Fqdns field is mandatory field for Application rule")
				} else if rule.DestinationAddresses != nil || rule.DestinationFqdns != nil || rule.DestinationPorts != nil {
					return errors.New("Invalid Rule " + rule.RuleName + " Fields DestinationAddresses/DestinationFqdns/DestinationPorts are not supported by Application Rule")
				}
			} else {
				if rule.TargetFqdns != nil || rule.TargetUrls != nil {
					return errors.New("Invalid Rule " + rule.RuleName + " Fields TargetFqdns/TargetUrls are not supported by Network Rule")
				} else if rule.DestinationAddresses != nil && rule.DestinationFqdns != nil {
					return errors.New("Invalid Rule " + rule.RuleName + " Multiple destination types cannot provided")
				} else if rule.DestinationAddresses == nil && rule.DestinationFqdns == nil {
					return errors.New("Invalid Rule " + rule.RuleName + " One destination type should be provided")
				} else if rule.DestinationPorts == nil {
					return errors.New("Invalid Rule " + rule.RuleName + " Destination port missing")
				}
			}
		}
	}
	return nil
}