def test__escalate_auth(mocked_network_driver):
channel_input_1 = "\n"
channel_output_1 = "\n3560CX>"
channel_input_2 = "enable"
channel_output_2 = "Password:"******"password"
channel_output_3 = "\n3560CX#"
channel_ops = [
(channel_input_1, channel_output_1),
(channel_input_2, channel_output_2),
(channel_input_3, channel_output_3),
]
conn = mocked_network_driver(channel_ops)
mock_privs = {
"exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>$",
"exec",
None,
None,
"privilege_exec",
"enable",
True,
"Password:"******"privilege_exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#$",
"privilege_exec",
"exec",
"disable",
"configuration",
"configure terminal",
False,
False,
True,
1,
)
),
}
conn.privs = mock_privs
conn._escalate()
def test__escalate_unknown_priv(mocked_network_driver):
channel_input_1 = "\n"
channel_output_1 = "\n3560CX#"
channel_input_2 = "configure terminal"
channel_output_2 = """Enter configuration commands, one per line. End with CNTL/Z.
3560CX(config)#"""
channel_ops = [(channel_input_1, channel_output_1), (channel_input_2, channel_output_2)]
conn = mocked_network_driver(channel_ops)
mock_privs = {
"privilege_exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#$",
"privilege_exec",
"exec",
"disable",
"configuration",
"configure terminal",
False,
False,
True,
1,
)
),
}
conn.privs = mock_privs
with pytest.raises(UnknownPrivLevel):
conn._escalate()
def register_configuration_session(self, session_name: str) -> None:
if session_name in self.privilege_levels.keys():
msg = (
f"session name `{session_name}` already registered as a privilege level, chose a "
"unique session name")
raise ValueError(msg)
pattern = r"^[a-z0-9.\-@/:]{1,32}\(config\-s[a-z0-9.\-@/:]{0,32}\)#\s?$"
name = session_name
config_session = PrivilegeLevel(
pattern=pattern,
name=name,
previous_priv="privilege_exec",
deescalate="end",
escalate=f"configure session {session_name}",
escalate_auth=False,
escalate_prompt="",
)
self.privilege_levels[name] = config_session
self.update_privilege_levels(update_channel=True)
Raises:
N/A
"""
# write exit directly to the transport as channel would fail to find the prompt after sending
# the exit command!
conn.acquire_priv(desired_priv=conn.default_desired_privilege_level)
conn.transport.write(channel_input="exit")
conn.transport.write(channel_input=conn.channel.comms_return_char)
PRIVS = {
"exec": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>\s?$",
"exec",
"",
"",
"",
False,
"",
)),
"privilege_exec": (PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#\s?$",
"privilege_exec",
"exec",
"disable",
"enable",
True,
"Password:"******"configuration": (PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}\(config(?!\-s)[a-z0-9.\-@/:]{0,32}\)#\s?$",
"""
# write exit directly to the transport as channel would fail to find the prompt after sending
# the exit command!
conn.acquire_priv(conn.default_desired_priv)
conn.transport.write("exit")
conn.transport.write(conn.channel.comms_prompt_pattern)
PRIVS = {
"exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>\s?$",
"exec",
"",
"",
"privilege_exec",
"enable",
True,
"Password:"******"privilege_exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#\s?$",
"privilege_exec",
"exec",
"disable",
"configuration",
"configure terminal",
False,
def test_could_not_acquire_priv(mocked_network_driver):
channel_input_1 = "\n"
channel_output_1 = "\n3560CX#"
channel_input_2 = "configure terminal"
channel_output_2 = "\n3560CX#"
channel_input_3 = "\n"
channel_output_3 = "\n3560CX#"
channel_input_4 = "configure terminal"
channel_output_4 = "\n3560CX#"
channel_input_5 = "configure terminal"
channel_output_5 = "\n3560CX#"
channel_input_6 = "\n"
channel_output_6 = "3560CX#"
channel_input_7 = "configure terminal"
channel_output_7 = "\n3560CX#"
channel_input_8 = "\n"
channel_output_8 = "3560CX#"
channel_input_9 = "configure terminal"
channel_output_9 = "\n3560CX#"
channel_input_10 = "\n"
channel_output_10 = "3560CX#"
channel_ops = [
(channel_input_1, channel_output_1),
(channel_input_2, channel_output_2),
(channel_input_3, channel_output_3),
(channel_input_4, channel_output_4),
(channel_input_5, channel_output_5),
(channel_input_6, channel_output_6),
(channel_input_7, channel_output_7),
(channel_input_8, channel_output_8),
(channel_input_9, channel_output_9),
(channel_input_10, channel_output_10),
]
conn = mocked_network_driver(channel_ops)
mock_privs = {
"privilege_exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#$",
"privilege_exec",
"exec",
"disable",
"enable",
True,
"Password:"******"configuration": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}\(config[a-z0-9.\-@/:]{0,32}\)#$",
"configuration",
"privilege_exec",
"end",
"configure terminal",
False,
"",
)
),
}
conn.privilege_levels = mock_privs
with pytest.raises(CouldNotAcquirePrivLevel) as exc:
conn.acquire_priv("configuration")
assert str(exc.value) == "Failed to acquire requested privilege level configuration"
Raises:
N/A
"""
# write exit directly to the transport as channel would fail to find the prompt after sending
# the exit command!
conn.transport.write(channel_input="exit")
conn.transport.write(channel_input=conn.channel.comms_return_char)
PRIVS = {
"exec": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>\s?$",
"exec",
"",
"",
"",
False,
"",
)),
"configuration": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}#\s?$",
"configuration",
"exec",
"exit configuration-mode",
"configure",
False,
"",
)),
"configuration_exclusive": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}#\s?$",
def test_acquire_priv_could_not_acquire_priv(mocked_network_driver):
channel_input_1 = "\n"
channel_output_1 = "\n3560CX>"
channel_input_2 = "\n"
channel_output_2 = "3560CX>"
channel_input_3 = "enable"
channel_output_3 = "Password: "******"password"
channel_output_4 = "\n3560CX#"
channel_input_5 = "\n"
channel_output_5 = "\n3560CX>"
channel_input_6 = "\n"
channel_output_6 = "3560CX>"
channel_input_7 = "enable"
channel_output_7 = "Password: "******"password"
channel_output_8 = "\n3560CX#"
channel_input_9 = "\n"
channel_output_9 = "\n3560CX>"
channel_input_10 = "\n"
channel_output_10 = "3560CX>"
channel_input_11 = "enable"
channel_output_11 = "Password: "******"password"
channel_output_12 = "\n3560CX#"
channel_input_13 = "\n"
channel_output_13 = "\n3560CX>"
channel_ops = [
(channel_input_1, channel_output_1),
(channel_input_2, channel_output_2),
(channel_input_3, channel_output_3),
(channel_input_4, channel_output_4),
(channel_input_5, channel_output_5),
(channel_input_6, channel_output_6),
(channel_input_7, channel_output_7),
(channel_input_8, channel_output_8),
(channel_input_9, channel_output_9),
(channel_input_10, channel_output_10),
(channel_input_11, channel_output_11),
(channel_input_12, channel_output_12),
(channel_input_13, channel_output_13),
]
conn = mocked_network_driver(channel_ops)
mock_privs = {
"exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>$",
"exec",
None,
None,
"privilege_exec",
"enable",
True,
"Password:"******"privilege_exec": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}#$",
"privilege_exec",
"exec",
"disable",
"configuration",
"configure terminal",
False,
False,
True,
1,
)
),
}
conn.privs = mock_privs
def _mock_escalate(self):
self.__class__._escalate(self)
self.channel.comms_prompt_pattern = mock_privs["exec"].pattern
def _mock_get_prompt():
return "3560CX>"
conn._escalate = types.MethodType(_mock_escalate, conn)
conn.get_prompt = _mock_get_prompt
with pytest.raises(CouldNotAcquirePrivLevel) as exc:
conn.acquire_priv("privilege_exec")
assert str(exc.value) == "Could not get to 'privilege_exec' privilege level."
Returns:
N/A # noqa: DAR202
Raises:
N/A
"""
# write exit directly to the transport as channel would fail to find the prompt after sending
# the exit command!
conn.acquire_priv(desired_priv=conn.default_desired_privilege_level)
conn.transport.write(channel_input="exit")
conn.transport.write(channel_input=conn.channel.comms_return_char)
PRIVS = {
"privilege_exec": (
PrivilegeLevel(r"^[a-z0-9.\-@/:]{1,32}#\s?$", "privilege_exec", "", "", "", False, "",)
),
"configuration": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}\(config[a-z0-9.\-@/:]{0,32}\)#\s?$",
"configuration",
"privilege_exec",
"end",
"configure terminal",
False,
"",
)
),
"configuration_exclusive": (
PrivilegeLevel(
r"^[a-z0-9.\-@/:]{1,32}\(config[a-z0-9.\-@/:]{0,32}\)#\s?$",
Raises:
N/A
"""
# write exit directly to the transport as channel would fail to find the prompt after sending
# the exit command!
conn.transport.write("exit")
conn.transport.write(conn.channel.comms_prompt_pattern)
PRIVS = {
"exec": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}>\s?$",
"exec",
"",
"",
"configuration",
"configure",
False,
"",
True,
0,
)),
"configuration": (PrivilegeLevel(
r"^[a-z0-9.\-@()/:]{1,32}#\s?$",
"configuration",
"exec",
"exit configuration-mode",
"",
"",
False,
"",
True,
