def test_update_servicegroup_when_service_members_differ(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
servicegroup_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
servicegroup_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=servicegroup_proxy_mock)
sync_mock = Mock()
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=m,
servicegroup_exists=Mock(side_effect=[True, True]),
servicegroup_identical=Mock(side_effect=[True, True]),
monitor_bindings_identical=Mock(side_effect=[True, True]),
sync_monitor_bindings=Mock(),
servicemembers_identical=Mock(side_effect=[False, True]),
sync_service_members=sync_mock,
do_state_change=Mock(return_value=Mock(errorcode=0)),
):
self.module = netscaler_servicegroup
result = self.exited()
# poor man's assert_called_once since python3.5 does not implement that mock method
self.assertEqual(len(sync_mock.mock_calls),
1,
msg='sync monitor bindings not called once')
self.assertTrue(result['changed'], msg='Change not recorded')
def test_no_change_to_module_when_all_identical(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_cs_policy
cs_policy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
cs_policy_mock.configure_mock(**attrs)
m = MagicMock(return_value=cs_policy_mock)
policy_exists_mock = Mock(side_effect=[True, True])
policy_identical_mock = Mock(side_effect=[True, True])
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_cs_policy',
ConfigProxy=m,
policy_exists=policy_exists_mock,
policy_identical=policy_identical_mock,
ensure_feature_is_enabled=Mock(),
nitro_exception=self.MockException,
):
self.module = netscaler_cs_policy
result = self.exited()
self.assertFalse(result['changed'],
msg='Erroneous changed status update')
def test_servicegroup_monitor_bindings_sanity(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
servicegroup_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
servicegroup_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=servicegroup_proxy_mock)
sync_mock = Mock()
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=m,
servicegroup_exists=Mock(side_effect=[True, True]),
servicegroup_identical=Mock(side_effect=[True, True]),
monitor_bindings_identical=Mock(side_effect=[False, False]),
sync_monitor_bindings=Mock(),
servicemembers_identical=Mock(side_effect=[True, True]),
nitro_exception=self.MockException,
sync_service_members=sync_mock,
do_state_change=Mock(return_value=Mock(errorcode=0)),
):
self.module = netscaler_servicegroup
result = self.failed()
self.assertEqual(result['msg'],
'Monitor bindings are not identical')
def setUpClass(cls):
class MockException(Exception):
pass
cls.MockException = MockException
m = MagicMock()
cls.servicegroup_mock = MagicMock()
cls.servicegroup_mock.__class__ = MagicMock()
nssrc_modules_mock = {
'nssrc.com.citrix.netscaler.nitro.resource.config.basic':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup.servicegroup':
cls.servicegroup_mock,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup_servicegroupmember_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup_servicegroupmember_binding.servicegroup_servicegroupmember_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup_lbmonitor_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.servicegroup_lbmonitor_binding.servicegroup_lbmonitor_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbmonitor_servicegroup_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbmonitor_servicegroup_binding.lbmonitor_servicegroup_binding':
m
}
cls.nitro_specific_patcher = patch.dict(sys.modules,
nssrc_modules_mock)
cls.nitro_base_patcher = nitro_base_patcher
def test_no_change_to_module_when_all_identical(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
servicegroup_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
servicegroup_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=servicegroup_proxy_mock)
servicegroup_exists_mock = Mock(side_effect=[True, True])
servicegroup_identical_mock = Mock(side_effect=[True, True])
monitor_bindings_identical_mock = Mock(side_effect=[True, True])
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=m,
servicegroup_exists=servicegroup_exists_mock,
servicegroup_identical=servicegroup_identical_mock,
servicemembers_identical=Mock(side_effect=[True, True]),
monitor_bindings_identical=monitor_bindings_identical_mock,
do_state_change=Mock(return_value=Mock(errorcode=0)),
nitro_exception=self.MockException,
):
self.module = netscaler_servicegroup
result = self.exited()
self.assertFalse(result['changed'],
msg='Erroneous changed status update')
def test_simple_auth_with_start_tls(monkeypatch):
mock_ldap_option = MagicMock()
monkeypatch.setattr(FakeLdap, "set_option", mock_ldap_option)
mock_ldap = MagicMock()
monkeypatch.setattr("ldap.initialize", mock_ldap)
lookup_loader.get('laps_password').run([],
domain="dc01",
start_tls=True,
auth="simple",
username="******",
password="******")
assert mock_ldap_option.mock_calls[0][1] == (
FakeLdap.OPT_X_TLS_REQUIRE_CERT, FakeLdap.OPT_X_TLS_DEMAND)
assert mock_ldap.mock_calls[3][0] == "().start_tls_s"
assert mock_ldap.mock_calls[3][1] == ()
assert mock_ldap.mock_calls[4][0] == '().bind_s'
assert mock_ldap.mock_calls[4][1] == (u"user", u"pass")
assert mock_ldap.mock_calls[5][0] == "().read_rootdse_s"
assert mock_ldap.mock_calls[5][1] == ()
def setUpClass(cls):
class MockException(Exception):
pass
cls.MockException = MockException
m = MagicMock()
cls.server_mock = MagicMock()
cls.server_mock.__class__ = MagicMock(add=Mock())
nssrc_modules_mock = {
'nssrc.com.citrix.netscaler.nitro.resource.config.lb':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver.lbvserver':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver_service_binding.lbvserver_service_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver_servicegroup_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbvserver_servicegroup_binding.lbvserver_servicegroup_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.ssl':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.ssl.sslvserver_sslcertkey_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.ssl.sslvserver_sslcertkey_binding.sslvserver_sslcertkey_binding':
m,
}
cls.nitro_specific_patcher = patch.dict(sys.modules,
nssrc_modules_mock)
cls.nitro_base_patcher = nitro_base_patcher
def setUpClass(cls):
m = MagicMock()
cls.service_mock = MagicMock()
cls.service_mock.__class__ = MagicMock()
cls.service_lbmonitor_binding_mock = MagicMock()
cls.lbmonitor_service_binding_mock = MagicMock()
nssrc_modules_mock = {
'nssrc.com.citrix.netscaler.nitro.resource.config.basic':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.service':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.service.service':
cls.service_mock,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.service_lbmonitor_binding':
cls.service_lbmonitor_binding_mock,
'nssrc.com.citrix.netscaler.nitro.resource.config.basic.service_lbmonitor_binding.service_lbmonitor_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbmonitor_service_binding':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.lb.lbmonitor_service_binding.lbmonitor_service_binding':
cls.lbmonitor_service_binding_mock,
}
cls.nitro_specific_patcher = patch.dict(sys.modules,
nssrc_modules_mock)
cls.nitro_base_patcher = nitro_base_patcher
def laps_password():
"""Imports and the laps_password lookup with a mocks laps module for testing"""
# Build the fake ldap and ldapurl Python modules
fake_ldap_obj = FakeLdap()
fake_ldap_url_obj = MagicMock()
fake_ldap_url_obj.isLDAPUrl.side_effect = fake_is_ldap_url
fake_ldap_url_obj.LDAPUrl.side_effect = FakeLdapUrl
# Take a snapshot of sys.modules before we manipulate it
orig_modules = sys.modules.copy()
try:
sys.modules["ldap"] = fake_ldap_obj
sys.modules["ldapurl"] = fake_ldap_url_obj
from ansible_collections.ansible.misc.plugins.lookup import laps_password
# ensure the changes to these globals aren't persisted after each test
orig_has_ldap = laps_password.HAS_LDAP
orig_ldap_imp_err = laps_password.LDAP_IMP_ERR
yield laps_password
laps_password.HAS_LDAP = orig_has_ldap
laps_password.LDAP_IMP_ERR = orig_ldap_imp_err
finally:
# Restore sys.modules back to our pre-shenanigans
sys.modules = orig_modules
def test_get_password_no_results(laps_password):
mock_conn = MagicMock()
mock_conn.search_s.return_value = [
(None, [
"ldap://ForestDnsZones.domain.com/DC=ForestDnsZones,DC=domain,DC=com"
]),
(None, [
"ldap://DomainDnsZones.domain.com/DC=DomainDnsZones,DC=domain,DC=com"
]),
(None, ["ldap://domain.com/CN=Configuration,DC=domain,DC=com"]),
]
with pytest.raises(AnsibleLookupError) as err:
laps_password.get_laps_password(mock_conn, "server",
"DC=domain,DC=local")
assert str(
err.value
) == "Failed to find the server 'server' in the base 'DC=domain,DC=local'"
assert len(mock_conn.method_calls) == 1
assert mock_conn.method_calls[0][0] == "search_s"
assert mock_conn.method_calls[0][1] == (
"DC=domain,DC=local", FakeLdap.SCOPE_SUBTREE,
"(&(objectClass=computer)(CN=server))")
assert mock_conn.method_calls[0][2] == {
"attrlist": ["distinguishedName", "ms-Mcs-AdmPwd"]
}
def test_get_password_laps_not_configured(laps_password):
mock_conn = MagicMock()
mock_conn.search_s.return_value = [
("CN=server,DC=domain,DC=local", {
"distinguishedName": ["CN=server,DC=domain,DC=local"]
}),
(None, [
"ldap://ForestDnsZones.domain.com/DC=ForestDnsZones,DC=domain,DC=com"
]),
(None, [
"ldap://DomainDnsZones.domain.com/DC=DomainDnsZones,DC=domain,DC=com"
]),
(None, ["ldap://domain.com/CN=Configuration,DC=domain,DC=com"]),
]
with pytest.raises(AnsibleLookupError) as err:
laps_password.get_laps_password(mock_conn, "server2",
"DC=test,DC=local")
assert str(err.value) == \
"The server 'CN=server,DC=domain,DC=local' did not have the LAPS attribute 'ms-Mcs-AdmPwd'"
assert len(mock_conn.method_calls) == 1
assert mock_conn.method_calls[0][0] == "search_s"
assert mock_conn.method_calls[0][1] == (
"DC=test,DC=local", FakeLdap.SCOPE_SUBTREE,
"(&(objectClass=computer)(CN=server2))")
assert mock_conn.method_calls[0][2] == {
"attrlist": ["distinguishedName", "ms-Mcs-AdmPwd"]
}
def test_get_password_valid(laps_password):
mock_conn = MagicMock()
mock_conn.search_s.return_value = [
("CN=server,DC=domain,DC=local", {
"ms-Mcs-AdmPwd": ["pass"],
"distinguishedName": ["CN=server,DC=domain,DC=local"]
}),
# Replicates the 3 extra entries AD returns that aren't server objects
(None, [
"ldap://ForestDnsZones.domain.com/DC=ForestDnsZones,DC=domain,DC=com"
]),
(None, [
"ldap://DomainDnsZones.domain.com/DC=DomainDnsZones,DC=domain,DC=com"
]),
(None, ["ldap://domain.com/CN=Configuration,DC=domain,DC=com"]),
]
actual = laps_password.get_laps_password(mock_conn, "server",
"DC=domain,DC=local")
assert actual == "pass"
assert len(mock_conn.method_calls) == 1
assert mock_conn.method_calls[0][0] == "search_s"
assert mock_conn.method_calls[0][1] == (
"DC=domain,DC=local", FakeLdap.SCOPE_SUBTREE,
"(&(objectClass=computer)(CN=server))")
assert mock_conn.method_calls[0][2] == {
"attrlist": ["distinguishedName", "ms-Mcs-AdmPwd"]
}
def test_invalid_fetch_conjur_variable(self, mocker):
for code in [401, 403, 404]:
mock_response = MagicMock(spec_set=http_client.HTTPResponse)
try:
mock_response.getcode.return_value = code
except Exception:
# HTTPResponse is a Python 3 only feature. This uses a generic mock for python 2.6
mock_response = MagicMock()
mock_response.getcode.return_value = code
mocker.patch.object(conjur_variable,
'open_url',
return_value=mock_response)
with pytest.raises(AnsibleError):
response = conjur_variable._fetch_conjur_token(
'super-secret', 'token', 'http://conjur', 'account')
def mock_response(self):
mock_response = MagicMock()
mock_response.getcode.return_value = 200
mock_response.headers = mock_response.getheaders.return_value = {
'X-Auth-Token': 'token_id'
}
mock_response.read.return_value = json.dumps({"value": "data"})
return mock_response
def setUpClass(cls):
class MockException(Exception):
pass
cls.MockException = MockException
m = MagicMock()
cls.cs_action_mock = MagicMock()
cls.cs_action_mock.__class__ = MagicMock(add=Mock())
nssrc_modules_mock = {
'nssrc.com.citrix.netscaler.nitro.resource.config.cs': m,
'nssrc.com.citrix.netscaler.nitro.resource.config.cs.csaction': m,
'nssrc.com.citrix.netscaler.nitro.resource.config.cs.csaction.csaction': cls.cs_action_mock,
}
cls.nitro_specific_patcher = patch.dict(sys.modules, nssrc_modules_mock)
cls.nitro_base_patcher = nitro_base_patcher
def test_update_service_when_service_differs(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_service
service_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
service_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=service_proxy_mock)
service_exists_mock = Mock(side_effect=[True, True])
service_identical_mock = Mock(side_effect=[False, True])
monitor_bindings_identical_mock = Mock(side_effect=[True, True])
all_identical_mock = Mock(side_effect=[False])
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_service',
ConfigProxy=m,
service_exists=service_exists_mock,
service_identical=service_identical_mock,
monitor_bindings_identical=monitor_bindings_identical_mock,
all_identical=all_identical_mock,
do_state_change=Mock(return_value=Mock(errorcode=0)),
):
self.module = netscaler_service
result = self.exited()
service_proxy_mock.assert_has_calls([call.update()])
self.assertTrue(result['changed'], msg='Change not recorded')
def test_create_non_existing_servicegroup(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
servicegroup_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
servicegroup_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=servicegroup_proxy_mock)
servicegroup_exists_mock = Mock(side_effect=[False, True])
servicegroup_servicegroupmember_binding_mock = Mock(count=Mock(
return_value=0))
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=m,
servicegroup_exists=servicegroup_exists_mock,
servicemembers_identical=Mock(side_effect=[False, True]),
do_state_change=Mock(return_value=Mock(errorcode=0)),
servicegroup_servicegroupmember_binding=
servicegroup_servicegroupmember_binding_mock,
nitro_exception=self.MockException,
):
self.module = netscaler_servicegroup
result = self.exited()
servicegroup_proxy_mock.assert_has_calls([call.add()])
self.assertTrue(result['changed'], msg='Change not recorded')
def test_valid_fetch_conjur_variable(self, mocker):
mock_response = MagicMock(spec_set=http_client.HTTPResponse)
try:
mock_response.getcode.return_value = 200
except Exception:
# HTTPResponse is a Python 3 only feature. This uses a generic mock for python 2.6
mock_response = MagicMock()
mock_response.getcode.return_value = 200
mock_response.read.return_value = 'foo-bar'
mocker.patch.object(conjur_variable,
'open_url',
return_value=mock_response)
response = conjur_variable._fetch_conjur_token('super-secret', 'token',
'http://conjur',
'account')
assert response == 'foo-bar'
def test_uri_options(monkeypatch, kwargs, expected):
mock_ldap = MagicMock()
monkeypatch.setattr("ldap.initialize", mock_ldap)
lookup_loader.get('laps_password').run([], **kwargs)
assert mock_ldap.call_count == 1
assert mock_ldap.call_args[0] == (expected, )
assert mock_ldap.call_args[1] == {"bytes_mode": False}
def test_run_with_simple_auth_and_search_base(monkeypatch, laps_password):
def get_laps_password(conn, cn, search_base):
return "CN=%s,%s" % (cn, search_base)
mock_ldap = MagicMock()
monkeypatch.setattr("ldap.initialize", mock_ldap)
mock_get_laps_password = MagicMock(side_effect=get_laps_password)
monkeypatch.setattr(laps_password, "get_laps_password",
mock_get_laps_password)
actual = lookup_loader.get('laps_password').run(
["host1", "host2"],
domain="dc01",
auth="simple",
username="******",
password="******",
allow_plaintext=True,
search_base="OU=Workstations,DC=domain,DC=com")
assert actual == [
"CN=host1,OU=Workstations,DC=domain,DC=com",
"CN=host2,OU=Workstations,DC=domain,DC=com"
]
# Verify the call count to get_laps_password
assert mock_get_laps_password.call_count == 2
# Verify the initialize() method call
assert mock_ldap.call_count == 1
assert mock_ldap.call_args[0] == ("ldap://dc01:389", )
assert mock_ldap.call_args[1] == {"bytes_mode": False}
# Verify the number of calls made to the mocked LDAP object
assert mock_ldap.mock_calls[1][0] == "().set_option"
assert mock_ldap.mock_calls[1][1] == (FakeLdap.OPT_PROTOCOL_VERSION, 3)
assert mock_ldap.mock_calls[2][0] == "().set_option"
assert mock_ldap.mock_calls[2][1] == (FakeLdap.OPT_REFERRALS, 0)
assert mock_ldap.mock_calls[3][0] == '().bind_s'
assert mock_ldap.mock_calls[3][1] == (u"user", u"pass")
assert mock_ldap.mock_calls[4][0] == "().unbind_s"
assert mock_ldap.mock_calls[4][1] == ()
def test_certificate_validation(monkeypatch, validate, expected):
mock_ldap_option = MagicMock()
monkeypatch.setattr(FakeLdap, "set_option", mock_ldap_option)
mock_ldap = MagicMock()
monkeypatch.setattr("ldap.initialize", mock_ldap)
lookup_loader.get('laps_password').run([],
domain="dc01",
start_tls=True,
validate_certs=validate)
assert mock_ldap_option.mock_calls[0][1] == (
FakeLdap.OPT_X_TLS_REQUIRE_CERT, expected)
assert mock_ldap.mock_calls[3][0] == "().start_tls_s"
assert mock_ldap.mock_calls[3][1] == ()
assert mock_ldap.mock_calls[4][0] == "().sasl_gssapi_bind_s"
assert mock_ldap.mock_calls[4][1] == ()
def test_certificate_validate_with_custom_cacert(monkeypatch):
mock_ldap_option = MagicMock()
monkeypatch.setattr(FakeLdap, "set_option", mock_ldap_option)
mock_ldap = MagicMock()
monkeypatch.setattr("ldap.initialize", mock_ldap)
monkeypatch.setattr(os.path, 'exists', lambda x: True)
lookup_loader.get('laps_password').run([],
domain="dc01",
scheme="ldaps",
cacert_file="cacert.pem")
assert mock_ldap_option.mock_calls[0][1] == (
FakeLdap.OPT_X_TLS_REQUIRE_CERT, FakeLdap.OPT_X_TLS_DEMAND)
assert mock_ldap_option.mock_calls[1][1] == (FakeLdap.OPT_X_TLS_CACERTFILE,
u"cacert.pem")
assert mock_ldap.mock_calls[3][0] == "().sasl_gssapi_bind_s"
assert mock_ldap.mock_calls[3][1] == ()
def test_sasl_bind_ldap_no_mechs_error(monkeypatch):
mock_ldap = MagicMock()
mock_ldap.return_value.sasl_gssapi_bind_s.side_effect = FakeLDAPAuthUnknownError(
"no mechs")
monkeypatch.setattr("ldap.initialize", mock_ldap)
with pytest.raises(AnsibleLookupError) as err:
lookup_loader.get('laps_password').run([], domain="dc01")
assert str(err.value) == "Failed to do a sasl bind against LDAP host 'ldap://dc01:389', the GSSAPI mech is " \
"not installed: no mechs"
def test_normal_run(monkeypatch, laps_password):
def get_laps_password(conn, cn, search_base):
return "CN=%s,%s" % (cn, search_base)
mock_ldap = MagicMock()
mock_ldap.return_value.read_rootdse_s.return_value = {
"defaultNamingContext": ["DC=domain,DC=com"]
}
monkeypatch.setattr("ldap.initialize", mock_ldap)
mock_get_laps_password = MagicMock(side_effect=get_laps_password)
monkeypatch.setattr(laps_password, "get_laps_password",
mock_get_laps_password)
actual = lookup_loader.get('laps_password').run(["host1", "host2"],
domain="dc01")
assert actual == ["CN=host1,DC=domain,DC=com", "CN=host2,DC=domain,DC=com"]
# Verify the call count to get_laps_password
assert mock_get_laps_password.call_count == 2
# Verify the initialize() method call
assert mock_ldap.call_count == 1
assert mock_ldap.call_args[0] == ("ldap://dc01:389", )
assert mock_ldap.call_args[1] == {"bytes_mode": False}
# Verify the number of calls made to the mocked LDAP object
assert mock_ldap.mock_calls[1][0] == "().set_option"
assert mock_ldap.mock_calls[1][1] == (FakeLdap.OPT_PROTOCOL_VERSION, 3)
assert mock_ldap.mock_calls[2][0] == "().set_option"
assert mock_ldap.mock_calls[2][1] == (FakeLdap.OPT_REFERRALS, 0)
assert mock_ldap.mock_calls[3][0] == '().sasl_gssapi_bind_s'
assert mock_ldap.mock_calls[3][1] == ()
assert mock_ldap.mock_calls[4][0] == "().read_rootdse_s"
assert mock_ldap.mock_calls[4][1] == ()
assert mock_ldap.mock_calls[5][0] == "().unbind_s"
assert mock_ldap.mock_calls[5][1] == ()
def test_sasl_bind_ldap_error(monkeypatch):
mock_ldap = MagicMock()
mock_ldap.return_value.sasl_gssapi_bind_s.side_effect = FakeLDAPError(
"fake error")
monkeypatch.setattr("ldap.initialize", mock_ldap)
with pytest.raises(AnsibleLookupError) as err:
lookup_loader.get('laps_password').run([], domain="dc01")
assert str(
err.value
) == "Failed to do a sasl bind against LDAP host 'ldap://dc01:389': fake error"
def test_absent_operation_sanity(self):
self.set_module_state('absent')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=MagicMock(),
servicegroup_exists=Mock(side_effect=[True, True]),
nitro_exception=self.MockException,
):
self.module = netscaler_servicegroup
result = self.failed()
self.assertEqual(result['msg'], 'Service group is present')
def test_start_tls_ldap_error(monkeypatch):
mock_ldap = MagicMock()
mock_ldap.return_value.start_tls_s.side_effect = FakeLDAPError(
"fake error")
monkeypatch.setattr("ldap.initialize", mock_ldap)
with pytest.raises(AnsibleLookupError) as err:
lookup_loader.get('laps_password').run([],
domain="dc01",
start_tls=True)
assert str(
err.value
) == "Failed to send StartTLS to LDAP host 'ldap://dc01:389': fake error"
def test_immutables_changed(self):
self.set_module_state('present')
from ansible_collections.ansible.misc.plugins.modules import netscaler_servicegroup
servicegroup_proxy_mock = MagicMock()
attrs = {
'diff_object.return_value': {},
}
servicegroup_proxy_mock.configure_mock(**attrs)
m = MagicMock(return_value=servicegroup_proxy_mock)
with patch.multiple(
'ansible_collections.ansible.misc.plugins.modules.netscaler_servicegroup',
ConfigProxy=m,
servicegroup_exists=Mock(side_effect=[True, True]),
servicegroup_identical=Mock(side_effect=[False, True]),
get_immutables_intersection=Mock(return_value=['some']),
nitro_exception=self.MockException,
):
self.module = netscaler_servicegroup
result = self.failed()
self.assertTrue(
result['msg'].startswith('Cannot update immutable attributes'))
def test_simple_bind_ldap_error(monkeypatch):
mock_ldap = MagicMock()
mock_ldap.return_value.bind_s.side_effect = FakeLDAPError("fake error")
monkeypatch.setattr("ldap.initialize", mock_ldap)
with pytest.raises(AnsibleLookupError) as err:
lookup_loader.get('laps_password').run([],
domain="dc01",
auth="simple",
username="******",
password="******",
allow_plaintext=True)
assert str(
err.value
) == "Failed to simple bind against LDAP host 'ldap://dc01:389': fake error"
def setUpClass(cls):
class MockException(Exception):
pass
cls.MockException = MockException
m = MagicMock()
nssrc_modules_mock = {
'nssrc.com.citrix.netscaler.nitro.resource.config.gslb':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.gslb.gslbsite':
m,
'nssrc.com.citrix.netscaler.nitro.resource.config.gslb.gslbsite.gslbsite':
m,
}
cls.nitro_specific_patcher = patch.dict(sys.modules,
nssrc_modules_mock)
cls.nitro_base_patcher = nitro_base_patcher
