def test_vpn_ipsec_phase2_interface_filter_foreign_attributes(mocker):
schema_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema')
set_method_result = {
'status': 'success',
'http_method': 'POST',
'http_status': 200
}
set_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.set',
return_value=set_method_result)
input_data = {
'username': '******',
'state': 'present',
'vpn_ipsec_phase2_interface': {
'random_attribute_not_valid': 'tag',
'add_route': 'phase1',
'auto_discovery_forwarder': 'phase1',
'auto_discovery_sender': 'phase1',
'auto_negotiate': 'enable',
'comments': 'test_value_7',
'dhcp_ipsec': 'enable',
'dhgrp': '1',
'dst_addr_type': 'subnet',
'dst_end_ip': 'test_value_11',
'dst_end_ip6': 'test_value_12',
'dst_name': 'test_value_13',
'dst_name6': 'test_value_14',
'dst_port': '15',
'dst_start_ip': 'test_value_16',
'dst_start_ip6': 'test_value_17',
'dst_subnet': 'test_value_18',
'dst_subnet6': 'test_value_19',
'encapsulation': 'tunnel-mode',
'keepalive': 'enable',
'keylife_type': 'seconds',
'keylifekbs': '23',
'keylifeseconds': '24',
'l2tp': 'enable',
'name': 'default_name_26',
'pfs': 'enable',
'phase1name': 'test_value_28',
'proposal': 'null-md5',
'protocol': '30',
'replay': 'enable',
'route_overlap': 'use-old',
'single_source': 'enable',
'src_addr_type': 'subnet',
'src_end_ip': 'test_value_35',
'src_end_ip6': 'test_value_36',
'src_name': 'test_value_37',
'src_name6': 'test_value_38',
'src_port': '39',
'src_start_ip': 'test_value_40',
'src_start_ip6': 'test_value_41',
'src_subnet': 'test_value_42',
'src_subnet6': 'test_value_43'
},
'vdom': 'root'
}
is_error, changed, response = fortios_vpn_ipsec_phase2_interface.fortios_vpn_ipsec(
input_data, fos_instance)
expected_data = {
'add-route': 'phase1',
'auto-discovery-forwarder': 'phase1',
'auto-discovery-sender': 'phase1',
'auto-negotiate': 'enable',
'comments': 'test_value_7',
'dhcp-ipsec': 'enable',
'dhgrp': '1',
'dst-addr-type': 'subnet',
'dst-end-ip': 'test_value_11',
'dst-end-ip6': 'test_value_12',
'dst-name': 'test_value_13',
'dst-name6': 'test_value_14',
'dst-port': '15',
'dst-start-ip': 'test_value_16',
'dst-start-ip6': 'test_value_17',
'dst-subnet': 'test_value_18',
'dst-subnet6': 'test_value_19',
'encapsulation': 'tunnel-mode',
'keepalive': 'enable',
'keylife-type': 'seconds',
'keylifekbs': '23',
'keylifeseconds': '24',
'l2tp': 'enable',
'name': 'default_name_26',
'pfs': 'enable',
'phase1name': 'test_value_28',
'proposal': 'null-md5',
'protocol': '30',
'replay': 'enable',
'route-overlap': 'use-old',
'single-source': 'enable',
'src-addr-type': 'subnet',
'src-end-ip': 'test_value_35',
'src-end-ip6': 'test_value_36',
'src-name': 'test_value_37',
'src-name6': 'test_value_38',
'src-port': '39',
'src-start-ip': 'test_value_40',
'src-start-ip6': 'test_value_41',
'src-subnet': 'test_value_42',
'src-subnet6': 'test_value_43'
}
set_method_mock.assert_called_with('vpn.ipsec',
'phase2-interface',
data=expected_data,
vdom='root')
schema_method_mock.assert_not_called()
assert not is_error
assert changed
assert response['status'] == 'success'
assert response['http_status'] == 200
def test_vpn_ipsec_phase2_interface_deletion_fails(mocker):
schema_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema')
delete_method_result = {
'status': 'error',
'http_method': 'POST',
'http_status': 500
}
delete_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.delete',
return_value=delete_method_result)
input_data = {
'username': '******',
'state': 'absent',
'vpn_ipsec_phase2_interface': {
'add_route': 'phase1',
'auto_discovery_forwarder': 'phase1',
'auto_discovery_sender': 'phase1',
'auto_negotiate': 'enable',
'comments': 'test_value_7',
'dhcp_ipsec': 'enable',
'dhgrp': '1',
'dst_addr_type': 'subnet',
'dst_end_ip': 'test_value_11',
'dst_end_ip6': 'test_value_12',
'dst_name': 'test_value_13',
'dst_name6': 'test_value_14',
'dst_port': '15',
'dst_start_ip': 'test_value_16',
'dst_start_ip6': 'test_value_17',
'dst_subnet': 'test_value_18',
'dst_subnet6': 'test_value_19',
'encapsulation': 'tunnel-mode',
'keepalive': 'enable',
'keylife_type': 'seconds',
'keylifekbs': '23',
'keylifeseconds': '24',
'l2tp': 'enable',
'name': 'default_name_26',
'pfs': 'enable',
'phase1name': 'test_value_28',
'proposal': 'null-md5',
'protocol': '30',
'replay': 'enable',
'route_overlap': 'use-old',
'single_source': 'enable',
'src_addr_type': 'subnet',
'src_end_ip': 'test_value_35',
'src_end_ip6': 'test_value_36',
'src_name': 'test_value_37',
'src_name6': 'test_value_38',
'src_port': '39',
'src_start_ip': 'test_value_40',
'src_start_ip6': 'test_value_41',
'src_subnet': 'test_value_42',
'src_subnet6': 'test_value_43'
},
'vdom': 'root'
}
is_error, changed, response = fortios_vpn_ipsec_phase2_interface.fortios_vpn_ipsec(
input_data, fos_instance)
delete_method_mock.assert_called_with('vpn.ipsec',
'phase2-interface',
mkey=ANY,
vdom='root')
schema_method_mock.assert_not_called()
assert is_error
assert not changed
assert response['status'] == 'error'
assert response['http_status'] == 500
