# Copyright 2019-2020 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library.  If not, see <http://www.gnu.org/licenses/>.

from netifaces import interfaces
from vyos import ConfigError

def apply_all_vlans(intf, intfconfig):
    """
    Function applies all VLANs to the passed interface.

    intf: object of Interface class
    intfconfig: dict with interface configuration
    """
    # remove no longer required service VLAN interfaces (vif-s)
    for vif_s in intfconfig['vif_s_remove']:
        intf.del_vlan(vif_s)

    # create service VLAN interfaces (vif-s)
    for vif_s_id, vif_s in intfconfig['vif_s'].items():
        s_vlan = intf.add_vlan(vif_s_id, ethertype=vif_s['ethertype'])
        apply_vlan_config(s_vlan, vif_s)

        # remove no longer required client VLAN interfaces (vif-c)
        # on lower service VLAN interface
        for vif_c in vif_s['vif_c_remove']:
            s_vlan.del_vlan(vif_c)

        # create client VLAN interfaces (vif-c)
        # on lower service VLAN interface
        for vif_c_id, vif_c in vif_s['vif_c'].items():
            c_vlan = s_vlan.add_vlan(vif_c_id)
            apply_vlan_config(c_vlan, vif_c)

    # remove no longer required VLAN interfaces (vif)
    for vif in intfconfig['vif_remove']:
        intf.del_vlan(vif)

    # create VLAN interfaces (vif)
    for vif_id, vif in intfconfig['vif'].items():
        # QoS priority mapping can only be set during interface creation
        # so we delete the interface first if required.
        if vif['egress_qos_changed'] or vif['ingress_qos_changed']:
            try:
                # on system bootup the above condition is true but the interface
                # does not exists, which throws an exception, but that's legal
                intf.del_vlan(vif_id)
            except:
                pass

        vlan = intf.add_vlan(vif_id, ingress_qos=vif['ingress_qos'], egress_qos=vif['egress_qos'])
        apply_vlan_config(vlan, vif)


def apply_vlan_config(vlan, config):
    """
    Generic function to apply a VLAN configuration from a dictionary
    to a VLAN interface
    """

    if not vlan.definition['vlan']:
        raise TypeError()

    if config['dhcp_client_id']:
        vlan.dhcp.v4.options['client_id'] = config['dhcp_client_id']

    if config['dhcp_hostname']:
        vlan.dhcp.v4.options['hostname'] = config['dhcp_hostname']

    if config['dhcp_vendor_class_id']:
        vlan.dhcp.v4.options['vendor_class_id'] = config['dhcp_vendor_class_id']

    if config['dhcpv6_prm_only']:
        vlan.dhcp.v6.options['dhcpv6_prm_only'] = True

    if config['dhcpv6_temporary']:
        vlan.dhcp.v6.options['dhcpv6_temporary'] = True

    if config['dhcpv6_pd_length']:
        vlan.dhcp.v6.options['dhcpv6_pd_length'] = config['dhcpv6_pd_length']

    if config['dhcpv6_pd_interfaces']:
        vlan.dhcp.v6.options['dhcpv6_pd_interfaces'] = config['dhcpv6_pd_interfaces']

    # update interface description used e.g. within SNMP
    vlan.set_alias(config['description'])
    # ignore link state changes
    vlan.set_link_detect(config['disable_link_detect'])
    # configure ARP filter configuration
    vlan.set_arp_filter(config['ip_disable_arp_filter'])
    # configure ARP accept
    vlan.set_arp_accept(config['ip_enable_arp_accept'])
    # configure ARP announce
    vlan.set_arp_announce(config['ip_enable_arp_announce'])
    # configure ARP ignore
    vlan.set_arp_ignore(config['ip_enable_arp_ignore'])
    # configure Proxy ARP
    vlan.set_proxy_arp(config['ip_proxy_arp'])
    # IPv6 accept RA
    vlan.set_ipv6_accept_ra(config['ipv6_accept_ra'])
    # IPv6 address autoconfiguration
    vlan.set_ipv6_autoconf(config['ipv6_autoconf'])
    # IPv6 forwarding
    vlan.set_ipv6_forwarding(config['ipv6_forwarding'])
    # IPv6 Duplicate Address Detection (DAD) tries
    vlan.set_ipv6_dad_messages(config['ipv6_dup_addr_detect'])
    # Maximum Transmission Unit (MTU)
    vlan.set_mtu(config['mtu'])

    # assign/remove VRF (ONLY when not a member of a bridge,
    # otherwise 'nomaster' removes it from it)
    if not config['is_bridge_member']:
        vlan.set_vrf(config['vrf'])

    # Delete old IPv6 EUI64 addresses before changing MAC
    for addr in config['ipv6_eui64_prefix_remove']:
        vlan.del_ipv6_eui64_address(addr)

    # Change VLAN interface MAC address
    if config['mac']:
        vlan.set_mac(config['mac'])

    # Add IPv6 EUI-based addresses
    for addr in config['ipv6_eui64_prefix']:
        vlan.add_ipv6_eui64_address(addr)

    # enable/disable VLAN interface
    if config['disable']:
        vlan.set_admin_state('down')
    else:
        vlan.set_admin_state('up')

    # Configure interface address(es)
    # - not longer required addresses get removed first
    # - newly addresses will be added second
    for addr in config['address_remove']:
        vlan.del_addr(addr)
    for addr in config['address']:
        vlan.add_addr(addr)

    # re-add ourselves to any bridge we might have fallen out of
    if config['is_bridge_member']:
        vlan.add_to_bridge(config['is_bridge_member'])

def verify_vlan_config(config):
    """
    Generic function to verify VLAN config consistency. Instead of re-
    implementing this function in multiple places use single source \o/
    """

    # config['vif'] is a dict with ids as keys and config dicts as values
    for vif in config['vif'].values():
        # DHCPv6 parameters-only and temporary address are mutually exclusive
        if vif['dhcpv6_prm_only'] and vif['dhcpv6_temporary']:
            raise ConfigError('DHCPv6 temporary and parameters-only options are mutually exclusive!')

        if ( vif['is_bridge_member']
                and ( vif['address']
                    or vif['ipv6_eui64_prefix']
                    or vif['ipv6_autoconf'] ) ):
            raise ConfigError((
                    f'Cannot assign address to vif interface {vif["intf"]} '
                    f'which is a member of bridge {vif["is_bridge_member"]}'))

        if vif['vrf']:
            if vif['vrf'] not in interfaces():
                raise ConfigError(f'VRF "{vif["vrf"]}" does not exist')

            if vif['is_bridge_member']:
                raise ConfigError((
                    f'vif {vif["intf"]} cannot be member of VRF {vif["vrf"]} '
                    f'and bridge {vif["is_bridge_member"]} at the same time!'))

    # e.g. wireless interface has no vif_s support
    # thus we bail out eraly.
    if 'vif_s' not in config.keys():
        return

    # config['vif_s'] is a dict with ids as keys and config dicts as values
    for vif_s_id, vif_s in config['vif_s'].items():
        for vif_id, vif in config['vif'].items():
            if vif_id == vif_s_id:
                raise ConfigError((
                    f'Cannot use identical ID on vif "{vif["intf"]}" '
                    f'and vif-s "{vif_s["intf"]}"'))

        # DHCPv6 parameters-only and temporary address are mutually exclusive
        if vif_s['dhcpv6_prm_only'] and vif_s['dhcpv6_temporary']:
            raise ConfigError((
                'DHCPv6 temporary and parameters-only options are mutually '
                'exclusive!'))

        if ( vif_s['is_bridge_member']
                and ( vif_s['address']
                    or vif_s['ipv6_eui64_prefix']
                    or vif_s['ipv6_autoconf'] ) ):
            raise ConfigError((
                    f'Cannot assign address to vif-s interface {vif_s["intf"]} '
                    f'which is a member of bridge {vif_s["is_bridge_member"]}'))

        if vif_s['vrf']:
            if vif_s['vrf'] not in interfaces():
                raise ConfigError(f'VRF "{vif_s["vrf"]}" does not exist')

            if vif_s['is_bridge_member']:
                raise ConfigError((
                    f'vif-s {vif_s["intf"]} cannot be member of VRF {vif_s["vrf"]} '
                    f'and bridge {vif_s["is_bridge_member"]} at the same time!'))

        # vif_c is a dict with ids as keys and config dicts as values
        for vif_c in vif_s['vif_c'].values():
            # DHCPv6 parameters-only and temporary address are mutually exclusive
            if vif_c['dhcpv6_prm_only'] and vif_c['dhcpv6_temporary']:
                raise ConfigError((
                    'DHCPv6 temporary and parameters-only options are '
                    'mutually exclusive!'))

            if ( vif_c['is_bridge_member']
                    and ( vif_c['address']
                        or vif_c['ipv6_eui64_prefix']
                        or vif_c['ipv6_autoconf'] ) ):
                raise ConfigError((
                    f'Cannot assign address to vif-c interface {vif_c["intf"]} '
                    f'which is a member of bridge {vif_c["is_bridge_member"]}'))

            if vif_c['vrf']:
                if vif_c['vrf'] not in interfaces():
                    raise ConfigError(f'VRF "{vif_c["vrf"]}" does not exist')

                if vif_c['is_bridge_member']:
                    raise ConfigError((
                    f'vif-c {vif_c["intf"]} cannot be member of VRF {vif_c["vrf"]} '
                    f'and bridge {vif_c["is_bridge_member"]} at the same time!'))