def ipfilter_rule_patch(fos_ip_addr, is_https, auth, vfid, result, rules): """ update existing ip filter configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ full_url = (HTTPS if is_https else HTTP) +\ fos_ip_addr + REST_IPFILTER_RULE xml_str = ipfilter_rule_xml_str(result, rules) result["patch_ipfilter_str"] = xml_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, xml_str)
def cfg_enable(fos_ip_addr, is_https, auth, vfid, result, checksum, active_cfg): """ enable a particular cfg :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param checksum: current checksum of the database :type checksum: str :param active_cfg: cfg to be enabled :type active_cfg: str :return: code to indicate failure or success :rtype: int """ full_effective_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_EFFECTIVE) save_str = "<effective-configuration><checksum>" + checksum +\ "</checksum><cfg-name>" + active_cfg +\ "</cfg-name></effective-configuration>" return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_effective_url, save_str)
def cfg_disable(fos_ip_addr, is_https, auth, vfid, result, checksum, timeout): """ disable zoning transaction :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param vfid: vfid of the switch to be executed :type vfid: int :param result: dict to keep track of execution msgs :type result: dict :param checksum: current checksum of the database :type checksum: str :return: code to indicate failure or success :rtype: int """ full_effective_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_EFFECTIVE) disable_str = "<effective-configuration><cfg-action>"\ "2</cfg-action><checksum>" + checksum +\ "</checksum></effective-configuration>" return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_effective_url, disable_str, timeout)
def singleton_patch(login, password, fos_ip_addr, module_name, obj_name, fos_version, is_https, auth, vfid, result, new_attributes, ssh_hostkeymust): """ update existing user config configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ full_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_PREFIX + module_name + "/" + obj_name) xml_str = singleton_xml_str(result, obj_name, new_attributes) result["patch_obj_str"] = xml_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, xml_str)
def ipfilter_policy_patch(fos_ip_addr, is_https, auth, vfid, result, policies, timeout): """ update existing ip filter configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ full_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_IPFILTER_POLICY) xml_str = ipfilter_policy_xml_str(result, policies) result["patch_ipfilter_policy_str"] = xml_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, xml_str, timeout)
def alias_set(fos_ip_addr, is_https, auth, vfid, result, aliases, method): """ set aliases in Zone Database :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param aliases: list of aliases to set :type aliases: list :param method: "POST", "PATCH", or "DELETE" :type method: str :return: code to indicate failure or success :rtype: int """ full_defined_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_DEFINED) alias_str = "<defined-configuration>" for alias in aliases: alias_str = alias_str + "<alias><alias-name>" +\ alias["name"] + "</alias-name>" if "members" in alias: alias_str = alias_str + "<member-entry>" for member in alias["members"]: alias_str = alias_str + "<alias-entry-name>" +\ member + "</alias-entry-name>" alias_str = alias_str + "</member-entry>" alias_str = alias_str + "</alias>" alias_str = alias_str + "</defined-configuration>" result["alias_str"] = alias_str result["method"] = method if method == "POST": return url_post(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, alias_str) elif method == "PATCH": return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, alias_str) elif method == "DELETE": return url_delete(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, alias_str) else: result["invalid method"] = method result["failed"] = True result["msg"] = "url_get_to_dict failed" return -1
def cfg_set(fos_ip_addr, is_https, auth, vfid, result, cfgs, method): """ set cfgs in Zone Database :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param cfgs: list of cfgs to set :type cfgs: list :param method: "POST", "PATCH", or "DELETE" :type method: str :return: code to indicate failure or success :rtype: int """ full_defined_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_DEFINED) cfg_str = "<defined-configuration>" for cfg in cfgs: cfg_str = cfg_str + "<cfg><cfg-name>" + cfg["name"] + "</cfg-name>" if "members" in cfg: cfg_str = cfg_str + "<member-zone>" for member in cfg["members"]: cfg_str = cfg_str + "<zone-name>" + member + "</zone-name>" cfg_str = cfg_str + "</member-zone>" cfg_str = cfg_str + "</cfg>" cfg_str = cfg_str + "</defined-configuration>" # result["cfg_str"] = cfg_str if method == "POST": return url_post(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, cfg_str) elif method == "PATCH": return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, cfg_str) elif method == "DELETE": return url_delete(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, cfg_str) else: result["invalid method"] = method result["failed"] = True result["msg"] = "url_get_to_dict failed" return -1
def fc_port_patch(fos_ip_addr, is_https, auth, vfid, result, ports, timeout): """ update existing port configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param ports: list of ports and associated attributes for update :type ports: list :return: code to indicate failure or success :rtype: int :return: list of dict of port configurations :rtype: list """ full_fc_port_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_FC) fc_port_str = "" for port in ports: fc_port_str = fc_port_str + "<fibrechannel>" fc_port_str = fc_port_str + "<name>" + port["name"] + "</name>" for k, v in port.items(): if k != "name": k = k.replace("_", "-") fc_port_str = fc_port_str + "<" + k + ">" +\ str(v) + "</" + k + ">" fc_port_str = fc_port_str + "</fibrechannel>" result["fc_port_str"] = fc_port_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_fc_port_url, fc_port_str, timeout)
def syslog_server_patch(fos_ip_addr, is_https, auth, vfid, result, servers): """ update existing syslog-server configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ full_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_LOGGING_SYSLOG_SERVER) syslog_str = "" for server in servers: syslog_str = syslog_str + "<syslog-server>" syslog_str = syslog_str + "<server>" + server["server"] + "</server>" for k, v in server.items(): if k != "server": k = k.replace("_", "-") syslog_str = syslog_str + "<" + k + ">" +\ str(v) + "</" + k + ">" syslog_str = syslog_str + "</syslog-server>" result["patch_syslog_str"] = syslog_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, syslog_str)
def cfg_abort(fos_ip_addr, is_https, auth, vfid, result): """ abort zoning transacdtion :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :return: code to indicate failure or success :rtype: int """ full_effective_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_EFFECTIVE) abort_str = "<effective-configuration><cfg-action>"\ "4</cfg-action></effective-configuration>" return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_effective_url, abort_str)
def cfg_save(fos_ip_addr, is_https, auth, vfid, result, checksum): """ save current transaction buffer :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param checksum: current checksum of the database :type checksum: str :return: code to indicate failure or success :rtype: int """ full_effective_url = (HTTPS if is_https else HTTP) +\ fos_ip_addr + REST_EFFECTIVE save_str = "<effective-configuration><checksum>" + checksum +\ "</checksum><cfg-action>1</cfg-action></effective-configuration>" return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_effective_url, save_str)
def zone_set(fos_ip_addr, is_https, auth, vfid, result, zones, method): """ set zones in Zone Database :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type auth: dict :param result: dict to keep track of execution msgs :type result: dict :param zones: list of zones to set :type zones: list :param method: "POST", "PATCH", or "DELETE" :type method: str :return: code to indicate failure or success :rtype: int """ full_defined_url, validate_certs = full_url_get(is_https, fos_ip_addr, REST_DEFINED) zone_str = "<defined-configuration>" for zone in zones: zone_str = zone_str + "<zone><zone-name>" +\ zone["name"] + "</zone-name>" # if zone_type is passed, we are talking about an existing # zone. keep type type. Otherwise, add the zone type of # 1 as peer if pmembers are present if "zone_type" in zone: zone_str = zone_str + "<zone-type>" + zone["zone_type"] + "</zone-type>" else: if "principal_members" in zone and len(zone["principal_members"]) > 0: zone_str = zone_str + "<zone-type>1</zone-type>" if "principal_members" in zone or "members" in zone: zone_str = zone_str + "<member-entry>" if "principal_members" in zone: for member in zone["principal_members"]: zone_str = zone_str + "<principal-entry-name>" +\ member + "</principal-entry-name>" if "members" in zone: for member in zone["members"]: zone_str = zone_str + "<entry-name>" + member + "</entry-name>" if "principal_members" in zone or "members" in zone: zone_str = zone_str + "</member-entry>" zone_str = zone_str + "</zone>" zone_str = zone_str + "</defined-configuration>" # result["zone_str"] = zone_str if method == "POST": return url_post(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, zone_str) elif method == "PATCH": return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, zone_str) elif method == "DELETE": return url_delete(fos_ip_addr, is_https, auth, vfid, result, full_defined_url, zone_str) else: result["invalid method"] = method result["failed"] = True result["msg"] = "url_get_to_dict failed" return -1
def list_patch(login, password, fos_ip_addr, module_name, list_name, fos_version, is_https, auth, vfid, result, entries, ssh_hostkeymust, timeout): """ update existing user config configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ if module_name == "brocade_fibrechannel_switch" and list_name == "fibrechannel_switch": return fc_switch_patch(login, password, fos_ip_addr, fos_version, is_https, auth, vfid, result, entries[0], ssh_hostkeymust, timeout) if module_name == "brocade_interface" and list_name == "fibrechannel": return fc_port_patch(fos_ip_addr, is_https, auth, vfid, result, entries, timeout) if module_name == "brocade_security" and list_name == "user_config": return user_config_patch(login, password, fos_ip_addr, fos_version, is_https, auth, vfid, result, entries, ssh_hostkeymust, timeout) if module_name == "brocade_snmp" and list_name == "v1_trap": new_entries = v1_trap_patch(login, password, fos_ip_addr, fos_version, is_https, auth, vfid, result, entries, ssh_hostkeymust, timeout) if len(new_entries) == 0: return 0 entries = new_entries if module_name == "brocade_snmp" and list_name == "v3_trap": new_entries = v3_trap_patch(login, password, fos_ip_addr, fos_version, is_https, auth, vfid, result, entries, ssh_hostkeymust, timeout) if len(new_entries) == 0: return 0 entries = new_entries full_url, validate_certs = full_url_get( is_https, fos_ip_addr, REST_PREFIX + module_name + "/" + list_name) xml_str = list_xml_str(result, module_name, list_name, entries) result["patch_str"] = xml_str # AG always expect nport and fports to be removed from another # none default port group before being added. So, we go through # an port group that has nport or fport list being updated, # clean them out first, then do the normal patch to update to the # final list if module_name == "brocade_access_gateway" and list_name == "port_group": empty_port_groups = [] for port_group in entries: if "port-group-n-ports" in port_group and port_group[ "port-group-n-ports"] is not None and "n-port" in port_group[ "port-group-n-ports"] and port_group[ "port-group-n-ports"]["n-port"] is not None: empty_port_groups.append({ "port-group-id": port_group["port-group-id"], "port-group-n-ports": { "n-port": None } }) if "port-group-f-ports" in port_group and port_group[ "port-group-f-ports"] is not None and "f-port" in port_group[ "port-group-f-ports"] and port_group[ "port-group-f-ports"]["f-port"] is not None: empty_port_groups.append({ "port-group-id": port_group["port-group-id"], "port-group-f-ports": { "f-port": None } }) if len(empty_port_groups) > 0: empty_xml_str = list_xml_str(result, module_name, list_name, empty_port_groups) result["patch_str_empty_ag"] = empty_xml_str empty_patch_result = url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, empty_xml_str, timeout) result["patch_str_empty_ag_result"] = empty_patch_result # AG always expect fports to be removed from another nport before # being added. to another nport So, we go through # an nport map that has fport list being updated, # clean them out first, then do the normal patch to update to the # final list if module_name == "brocade_access_gateway" and list_name == "n_port_map": empty_n_port_maps = [] for n_port_map in entries: if "configured-f-port-list" in n_port_map and "f-port" in n_port_map[ "configured-f-port-list"] and n_port_map[ "configured-f-port-list"]["f-port"] is not None: empty_n_port_maps.append({ "n-port": n_port_map["n-port"], "configured-f-port-list": { "f-port": None } }) if len(empty_n_port_maps) > 0: empty_xml_str = list_xml_str(result, module_name, list_name, empty_n_port_maps) result["patch_str_empty_ag"] = empty_xml_str url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, empty_xml_str, timeout) return (url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, xml_str, timeout))
def user_config_patch(login, password, fos_ip_addr, fos_version, is_https, auth, vfid, result, users): """ update existing user config configurations :param fos_ip_addr: ip address of FOS switch :type fos_ip_addr: str :param is_https: indicate to use HTTP or HTTPS :type is_https: bool :param auth: authorization struct from login :type struct: dict :param result: dict to keep track of execution msgs :type result: dict :param diff_attributes: list of attributes for update :type ports: dict :return: code to indicate failure or success :rtype: int :return: list of dict of chassis configurations :rtype: list """ l_users = users[:] if fos_version < "v9.0": # walk through all the users and check for account-enabled # if pre 9.0 since the attribute patch is not supported pre for l_user in l_users: if "account-enabled" in l_user: if l_user["account-enabled"] == "true": rssh, sshstr = ssh_and_configure( login, password, fos_ip_addr, False, "userconfig --change " + l_user["name"] + " -e yes", "") if rssh != 0: result["failed"] = True result["msg"] = "Failed to enable account" else: result["changed"] = True result["messages"] = "account enabled" elif l_user["account-enabled"] == "false": rssh, sshstr = ssh_and_configure( login, password, fos_ip_addr, False, "userconfig --change " + l_user["name"] + " -e no", "") if rssh != 0: result["failed"] = True result["msg"] = "Failed to disable account" else: result["changed"] = True result["messages"] = "account disabled" else: result["failed"] = True result[ "msg"] = "unknown account-enabled value. Invalid input" l_user.pop("account-enabled") rest_users = [] for l_user in l_users: if len(l_user) > 1: rest_users.append(l_user) if len(rest_users) == 0: return 0 full_url = (HTTPS if is_https else HTTP) +\ fos_ip_addr + REST_USER_CONFIG xml_str = user_config_xml_str(result, rest_users) result["patch_user_config_str"] = xml_str return url_patch(fos_ip_addr, is_https, auth, vfid, result, full_url, xml_str)