# -*- coding:utf-8 -*-
# Copyright 2019 Huawei Technologies Co.,Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not use
# this file except in compliance with the License.  You may obtain a copy of the
# License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software distributed
# under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
# CONDITIONS OF ANY KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations under the License.
import json

from openstack import connection

from config.log import writeInfo
from config.config import cf

conn = connection.Connection(
    auth_url=cf.get('huaweicloud', 'auth_url'),
    user_domain_id=cf.get('huaweicloud', 'userDomainId'),
    project_id=cf.get('huaweicloud', 'projectId'),
    username=cf.get('huaweicloud', 'username'),
    password=cf.get('huaweicloud', 'password')
)

if __name__ == '__main__':
    security_group_id = cf.get('huaweicloud', 'security_group_id')
    remote_ip_prefix=cf.get('huaweicloud', 'remote_ip_prefix')
    writeInfo("放通IP：%s" % remote_ip_prefix)
    rules = conn.vpcv1.security_group_rules(security_group_id=security_group_id)
    for rule in rules:
        if rule.description!='允许安全组内的弹性云服务器彼此通信':
            conn.vpcv1.delete_security_group_rule(rule.id)
            conn.vpcv1.create_security_group_rule(security_group_id=rule.security_group_id, direction=rule.direction,
                                                  description=rule.description, remote_ip_prefix=remote_ip_prefix,
                                                  port_range_max=rule.port_range_max, port_range_min=rule.port_range_min,protocol=rule.protocol)
            writeInfo(rule)
    writeInfo("成功刷新白名单")