def operation_helper(module, fos_ip_addr, fos_user_name, fos_password, https,
ssh_hostkeymust, throttle, vfid, op_name, in_name,
attributes, result, timeout):
if not is_full_human(attributes, result):
module.exit_json(**result)
if vfid is None:
vfid = 128
ret_code, auth, fos_version = login(fos_ip_addr, fos_user_name,
fos_password, https, throttle, result,
timeout)
if ret_code != 0:
module.exit_json(**result)
result["input"] = attributes
ret_code = to_fos_operation(op_name, in_name, attributes, result)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
if not module.check_mode:
ret_code = 0
ret_code, resp = operation_post(fos_user_name, fos_password,
fos_ip_addr, op_name, in_name,
fos_version, https, auth, vfid, result,
attributes, ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
result["changed"] = True
to_human_operation(op_name, in_name, resp["Response"])
result["operation_resp"] = resp["Response"]
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)
def list_helper(module, fos_ip_addr, fos_user_name, fos_password, https,
ssh_hostkeymust, throttle, vfid, module_name, list_name,
entries, all_entries, result, timeout):
if not is_full_human(entries, result):
module.exit_json(**result)
if all_entries == None:
result["all_entries_default"] = all_entries
all_entries = True
if vfid is None:
vfid = 128
if entries == None:
entries = []
ret_code, auth, fos_version = login(fos_ip_addr, fos_user_name,
fos_password, https, throttle, result,
timeout)
if ret_code != 0:
module.exit_json(**result)
ret_code, response = list_get(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
current_entries = response["Response"][str_to_yang(list_name)]
if not isinstance(current_entries, list):
if current_entries is None:
current_entries = []
else:
current_entries = [current_entries]
to_human_list(module_name, list_name, current_entries, result)
# for switch list object only, we only support one for now
# and allow users to not specifcy the WWN of the switch
# thus missing key of the entry. We'll get it from the switch
if module_name == "brocade_fibrechannel_switch" and list_name == "fibrechannel_switch":
if len(entries) != 1:
result["failed"] = True
result["msg"] = "Only one entry in an array is supported"
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
entries[0]["name"] = current_entries[0]["name"]
if module_name == "brocade_access_gateway" and list_name == "port_group":
for port_group in current_entries:
if "port_group_n_ports" in port_group and port_group[
"port_group_n_ports"] == None:
port_group["port_group_n_ports"] = {"n_port": None}
if "port_group_f_ports" in port_group and port_group[
"port_group_f_ports"] == None:
port_group["port_group_f_ports"] = {"f_port": None}
diff_entries = []
for entry in entries:
for current_entry in current_entries:
if list_entry_keys_matched(entry, current_entry, module_name,
list_name):
diff_attributes = generate_diff(result, current_entry, entry)
if len(diff_attributes) > 0:
for key in list_entry_keys(module_name, list_name):
diff_attributes[key] = entry[key]
diff_entries.append(diff_attributes)
if module_name == "brocade_security" and list_name == "user_config":
new_diff_entries = []
for diff_entry in diff_entries:
# password canot change using patch update
# any entries with password are popp'ed off.
if not "password" in diff_entry:
new_diff_entries.append(diff_entry)
diff_entries = new_diff_entries
ret_code = to_fos_list(module_name, list_name, diff_entries, result)
result["diff_retcode"] = ret_code
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
add_entries = []
for entry in entries:
# check to see if the new entry matches any of the old ones
found = False
for current_entry in current_entries:
if list_entry_keys_matched(entry, current_entry, module_name,
list_name):
found = True
break
if not found:
new_entry = {}
for k, v in entry.items():
new_entry[k] = v
add_entries.append(new_entry)
if module_name == "brocade_logging" and list_name == "syslog_server":
new_add_entries = []
for add_entry in add_entries:
secured = ("secured_mode" in add_entry
and add_entry["secured_mode"] == True)
if not secured:
new_add_entry = {}
new_add_entry["server"] = add_entry["server"]
new_add_entries.append(new_add_entry)
else:
new_add_entries.append(add_entry)
add_entries = new_add_entries
ret_code = to_fos_list(module_name, list_name, add_entries, result)
result["add_retcode"] = ret_code
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
delete_entries = []
for current_entry in current_entries:
found = False
for entry in entries:
if list_entry_keys_matched(entry, current_entry, module_name,
list_name):
found = True
break
if not found:
delete_entry = {}
for key in list_entry_keys(module_name, list_name):
delete_entry[key] = current_entry[key]
delete_entries.append(delete_entry)
ret_code = to_fos_list(module_name, list_name, delete_entries, result)
result["delete_retcode"] = ret_code
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
result["response"] = response
result["current_entries"] = current_entries
result["diff_entries"] = diff_entries
result["add_entries"] = add_entries
result["delete_entries"] = delete_entries
if len(diff_entries) > 0:
if not module.check_mode:
ret_code = 0
ret_code = list_patch(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, diff_entries,
ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
if len(add_entries) > 0:
if not module.check_mode:
ret_code = list_post(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, add_entries,
ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
if len(delete_entries) > 0 and all_entries:
if not module.check_mode:
ret_code = list_delete(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, delete_entries,
ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)
def singleton_helper(module, fos_ip_addr, fos_user_name, fos_password, https,
ssh_hostkeymust, throttle, vfid, module_name, obj_name,
attributes, result, timeout):
if not is_full_human(attributes, result):
module.exit_json(**result)
if vfid is None:
vfid = 128
ret_code, auth, fos_version = login(fos_ip_addr, fos_user_name,
fos_password, https, throttle, result,
timeout)
if ret_code != 0:
module.exit_json(**result)
result['ssh_hostkeymust'] = ssh_hostkeymust
ret_code, response = singleton_get(fos_user_name, fos_password,
fos_ip_addr, module_name, obj_name,
fos_version, https, auth, vfid, result,
ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
resp_attributes = response["Response"][str_to_yang(obj_name)]
to_human_singleton(module_name, obj_name, resp_attributes)
diff_attributes = generate_diff(result, resp_attributes, attributes)
# any object specific special processing
if module_name == "brocade_maps" and obj_name == "maps_config":
# relay_ip_address and domain_name needs to be specifid
# at the same time based on FOS REST requirements
if "relay_ip_address" in diff_attributes and "domain_name" not in diff_attributes:
diff_attributes["domain_name"] = resp_attributes["domain_name"]
result["kept the same"] = "domain_name"
elif "relay_ip_address" not in diff_attributes and "domain_name" in diff_attributes:
diff_attributes["relay_ip_address"] = resp_attributes[
"relay_ip_address"]
result["kept the same"] = "relay_ip_address"
if "relay_ip_address" in diff_attributes and diff_attributes[
"relay_ip_address"] == None:
result["failed"] = True
result['msg'] = "must specify relay_ip_address if configured empty"
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
elif "domain_name" in diff_attributes and diff_attributes[
"domain_name"] == None:
result["failed"] = True
result['msg'] = "must specify domain_name if configured empty"
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
result["diff_attributes"] = diff_attributes
result["current_attributes"] = resp_attributes
result["new_attributes"] = attributes
if len(diff_attributes) > 0:
ret_code = to_fos_singleton(module_name, obj_name, diff_attributes,
result)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
if not module.check_mode:
ret_code = 0
ret_code = singleton_patch(fos_user_name, fos_password,
fos_ip_addr, module_name, obj_name,
fos_version, https, auth, vfid, result,
diff_attributes, ssh_hostkeymust,
timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
else:
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)
def list_delete_helper(module, fos_ip_addr, fos_user_name, fos_password, https,
ssh_hostkeymust, throttle, vfid, module_name, list_name,
entries, all_entries, result, timeout):
if not is_full_human(entries, result):
module.exit_json(**result)
if all_entries == None:
result["all_entries_default"] = all_entries
all_entries = True
if vfid is None:
vfid = 128
ret_code, auth, fos_version = login(fos_ip_addr, fos_user_name,
fos_password, https, throttle, result,
timeout)
if ret_code != 0:
module.exit_json(**result)
ret_code, response = list_get(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
current_entries = response["Response"][str_to_yang(list_name)]
if not isinstance(current_entries, list):
if current_entries is None:
current_entries = []
else:
current_entries = [current_entries]
to_human_list(module_name, list_name, current_entries, result)
delete_entries = []
for entry in entries:
# check to see if the new entry matches any of the old ones
found = False
for current_entry in current_entries:
if list_entry_keys_matched(entry, current_entry, module_name,
list_name):
found = True
break
if found:
new_entry = {}
for k, v in entry.items():
new_entry[k] = v
delete_entries.append(new_entry)
ret_code = to_fos_list(module_name, list_name, delete_entries, result)
result["add_retcode"] = ret_code
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
result["response"] = response
result["current_entries"] = current_entries
result["delete_entries"] = delete_entries
if len(delete_entries) > 0:
if not module.check_mode:
ret_code = list_delete(fos_user_name, fos_password, fos_ip_addr,
module_name, list_name, fos_version, https,
auth, vfid, result, delete_entries,
ssh_hostkeymust, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)
def main():
"""
Main function
"""
argument_spec = dict(credential=dict(required=True,
type='dict',
no_log=True),
vfid=dict(required=False, type='int'),
throttle=dict(required=False, type='float'),
timeout=dict(required=False, type='float'),
ipfilter_policies=dict(required=False, type='list'),
active_policy=dict(required=False, type='str'),
delete_policies=dict(required=False, type='list'))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
input_params = module.params
# Set up state variables
fos_ip_addr = input_params['credential']['fos_ip_addr']
fos_user_name = input_params['credential']['fos_user_name']
fos_password = input_params['credential']['fos_password']
https = input_params['credential']['https']
throttle = input_params['throttle']
timeout = input_params['timeout']
vfid = input_params['vfid']
ipfilter_policies = input_params['ipfilter_policies']
active_policy = input_params['active_policy']
delete_policies = input_params['delete_policies']
result = {"changed": False}
# if delete policy is not None, then we make sure
# the policy is not present.
# policy creation or update does not happen at the same
# time
if delete_policies != None:
return list_delete_helper(module, fos_ip_addr, fos_user_name,
fos_password, https, True, throttle, vfid,
"brocade_security", "ipfilter_policy",
delete_policies, True, result, timeout)
# if I am dealing with active_policy set, it must be policy list update
if active_policy == None:
return list_helper(module, fos_ip_addr, fos_user_name, fos_password,
https, True, throttle, vfid, "brocade_security",
"ipfilter_policy", ipfilter_policies, False, result,
timeout)
if not is_full_human(ipfilter_policies, result):
module.exit_json(**result)
if vfid is None:
vfid = 128
ret_code, auth, fos_version = login(fos_ip_addr, fos_user_name,
fos_password, https, throttle, result,
timeout)
if ret_code != 0:
module.exit_json(**result)
ret_code, response = ipfilter_policy_get(fos_ip_addr, https, auth, vfid,
result, timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module, timeout)
resp_ir = response["Response"]["ipfilter-policy"]
if isinstance(resp_ir, list):
c_policies = resp_ir
else:
c_policies = [resp_ir]
# convert REST to human readable format first
for c_policy in c_policies:
to_human_ipfilter_policy(c_policy)
# if active policy is not None, then we make sure
# the policy is active or activate. and return
# policy creation or update does not happen at the same
# time
if active_policy != None:
found_disabled_policy = False
found_active_policy = False
activate_list = []
for c_policy in c_policies:
if c_policy["name"] == active_policy:
if c_policy["is_policy_active"] == False:
found_disabled_policy = True
activate_dict = {
"name": c_policy["name"],
"action": "activate"
}
activate_list.append(activate_dict)
else:
found_active_policy = True
activate_dict = {
"name": c_policy["name"],
}
activate_list.append(activate_dict)
if found_disabled_policy:
if not module.check_mode:
ret_code = ipfilter_policy_patch(fos_ip_addr, https, auth,
vfid, result, activate_list,
timeout)
if ret_code != 0:
exit_after_login(fos_ip_addr, https, auth, result, module,
timeout)
result["changed"] = True
elif found_active_policy:
result["same active policy"] = activate_list
else:
result["failed"] = True
result["msg"] = "could not find matching policy"
logout(fos_ip_addr, https, auth, result, timeout)
module.exit_json(**result)