def test_aggregate_separators(self): """ test creation of a some separators """ args = dict(purge_rule_separators=False, aggregated_rule_separators=[ dict(name='one_separator', interface='lan'), dict(name='another_separator', interface='lan_100'), dict(name='another_test_separator', interface='lan', state='absent'), dict(name='test_separator', interface='lan', before='bottom', color='warning'), ]) set_module_args(args) result = self.execute_module(changed=True) result_separators = [] result_separators.append( "create rule_separator 'one_separator' on 'lan', color='info'") result_separators.append( "create rule_separator 'another_separator' on 'lan_100', color='info'" ) result_separators.append( "delete rule_separator 'another_test_separator' on 'lan'") result_separators.append( "update rule_separator 'test_separator' on 'lan' set color='warning', before='bottom'" ) self.assertEqual(result['result_rule_separators'], result_separators) self.assert_find_rule_separator('one_separator', 'lan') self.assert_find_rule_separator('another_separator', 'lan_100') self.assert_not_find_rule_separator('another_test_separator', 'lan') self.assert_find_rule_separator('test_separator', 'lan')
def test_aggregate_rules_purge(self): """ test creation of a some rules with purge """ args = dict(purge_rules=True, aggregated_rules=[ dict(name='one_rule', source='any', destination='any', interface='lan'), dict(name='any2any_ssh', source='any', destination='any:2222', interface='lan', protocol='tcp'), dict(name='any2any_http', source='any', destination='any:8080', interface='vpn', protocol='tcp'), dict(name='any2any_ssh', state='absent', interface='vpn'), ]) set_module_args(args) self.execute_module(changed=True) self.assert_find_rule('one_rule', 'lan') self.assert_find_rule('any2any_ssh', 'lan') self.assert_not_find_rule('any2any_http', 'lan') self.assert_not_find_rule('any2any_https', 'lan') self.assert_not_find_rule('any2any_ssh', 'opt1') self.assert_find_rule('any2any_http', 'opt1') self.assert_not_find_rule('any2any_https', 'opt1')
def test_aggregate_aliases_checkmode(self): """ test creation of a some aliases with check_mode """ args = dict( purge_aliases=False, aggregated_aliases=[ dict(name='one_host', type='host', address='10.9.8.7'), dict(name='another_host', type='host', address='10.9.8.6'), dict(name='one_server', type='host', address='192.168.1.165', descr='', detail=''), dict(name='port_ssh', type='port', address='2222'), dict(name='port_http', state='absent'), ], _ansible_check_mode=True, ) set_module_args(args) result = self.execute_module(changed=True) result_aliases = [] result_aliases.append( "create alias 'one_host', type='host', address='10.9.8.7'") result_aliases.append( "create alias 'another_host', type='host', address='10.9.8.6'") result_aliases.append( "update alias 'port_ssh' set address='2222', descr=none, detail=none" ) result_aliases.append("delete alias 'port_http'") self.assertEqual(result['result_aliases'], result_aliases) self.assertFalse(self.load_xml_result())
def test_get_single(self): open_url = OpenUrlProxy([ OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), expect_value([ lxmletree.QName('https://ns1.hosttech.eu/public/api', 'getZone').text, 'sZoneName' ], 'example.com', ('http://www.w3.org/2001/XMLSchema', 'string')), ])).result_str(DEFAULT_ZONE_RESULT), ]) with patch( 'ansible_collections.felixfontein.hosttech_dns.plugins.module_utils.wsdl.open_url', open_url): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'hosttech_username': '******', 'hosttech_password': '******', 'zone': 'example.com', 'record': 'example.com', 'type': 'A', '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) hosttech_dns_record_info.main() print(e.value.args[0]) assert e.value.args[0]['changed'] is False assert 'set' in e.value.args[0] assert e.value.args[0]['set']['record'] == 'example.com' assert e.value.args[0]['set']['ttl'] == 3600 assert e.value.args[0]['set']['type'] == 'A' assert e.value.args[0]['set']['value'] == ['1.2.3.4'] assert 'sets' not in e.value.args[0]
def test_fail(self): with pytest.raises(AnsibleFailJson) as e: set_module_args({ 'call_sequence': [], 'fail_me': True, }) fetch_url_test_module.main() assert e.value.args[0]['call_results'] == []
def test_delete_inexistent_alias(self): """ test deletion of an inexistent alias """ alias = dict(name='ad_poc12', address='192.168.1.3', descr='', type='host', detail='') set_module_args(self.args_from_var(alias, 'absent')) result = self.execute_module(changed=False) diff = dict(before='', after='') self.assertEqual(result['diff'], diff) self.assertEqual(result['commands'], [])
def do_alias_deletion_test(self, alias, command=None): """ test deletion of an alias """ set_module_args(self.args_from_var(alias, 'absent')) result = self.execute_module(changed=True) diff = dict(before=alias, after='') self.assertEqual(result['diff'], diff) self.assert_has_xml_tag('aliases', dict(name=alias['name'], type=alias['type']), absent=True) self.assertEqual(result['commands'], [command])
def do_alias_update_noop_test(self, alias): """ test not updating an alias """ set_module_args(self.args_from_var(alias)) result = self.execute_module(changed=False) diff = dict(before=alias, after=alias) self.assertEqual(result['diff'], diff) self.assertFalse(self.load_xml_result()) self.assertEqual(result['commands'], [])
def test_check_mode(self): """ test check mode """ obj = dict(name='one_rule', source='any', destination='any', interface='lan') set_module_args(self.args_from_var(obj, _ansible_check_mode=True)) self.execute_module(changed=True) self.assertFalse(self.load_xml_result())
def test_basic_changed(self): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'call_sequence': [], 'set_changed': True, }) fetch_url_test_module.main() assert e.value.args[0]['changed'] assert e.value.args[0]['call_results'] == []
def test_basic(self): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'call_sequence': [], '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) fetch_url_test_module.main() assert not e.value.args[0]['changed'] assert e.value.args[0]['call_results'] == []
def test_ipsec_aggregate_proposals_purge(self, pfsense_version): """ test creation of a some proposals with purge """ self.get_version.return_value = pfsense_version args = dict(purge_ipsec_proposals=True, aggregated_ipsec_proposals=[ dict(descr='test_tunnel', encryption='aes', key_length=128, hash='md5', dhgroup=14), dict(descr='test_tunnel2', encryption='cast128', hash='sha512', dhgroup=14), ]) set_module_args(args) self.execute_module(changed=True) result = self.execute_module(changed=True) result_ipsec_proposals = [] result_ipsec_proposals.append( "create ipsec_proposal 'test_tunnel', encryption='aes', key_length=128, hash='md5', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "create ipsec_proposal 'test_tunnel2', encryption='cast128', hash='sha512', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel', encryption='aes', key_length=128, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel', encryption='aes', key_length=256, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel', encryption='aes128gcm', key_length=128, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel', encryption='blowfish', key_length=256, hash='aesxcbc', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel2', encryption='aes', key_length=128, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel2', encryption='aes', key_length=256, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel2', encryption='aes128gcm', key_length=128, hash='sha256', dhgroup='14', prf='sha256'" ) result_ipsec_proposals.append( "delete ipsec_proposal 'test_tunnel2', encryption='blowfish', key_length=256, hash='aesxcbc', dhgroup='14', prf='sha256'" ) result_ipsec_proposals = self.strip_commands(result_ipsec_proposals) self.assertEqual(result['result_ipsec_proposals'], result_ipsec_proposals)
def test_check_mode(self): """ test updating an host alias without generating result """ alias = dict(name='ad_poc1', address='192.168.1.3', descr='', type='host', detail='') set_module_args(self.args_from_var(alias, address='192.168.1.4', _ansible_check_mode=True)) result = self.execute_module(changed=True) diff = dict(before=alias, after=copy(alias)) diff['after']['address'] = '192.168.1.4' self.assertEqual(result['diff'], diff) self.assertFalse(self.load_xml_result()) self.assertEqual(result['commands'], ["update alias 'ad_poc1' set address='192.168.1.4'"])
def do_alias_creation_test(self, alias, failed=False, msg='', command=None): """ test creation of a new alias """ set_module_args(self.args_from_var(alias)) result = self.execute_module(changed=True, failed=failed, msg=msg) if not failed: diff = dict(before='', after=alias) self.assertEqual(result['diff'], diff) self.assert_xml_elt_dict('aliases', dict(name=alias['name'], type=alias['type']), diff['after']) self.assertEqual(result['commands'], [command]) else: self.assertFalse(self.load_xml_result())
def test_ipsec_aggregate_p2s(self): """ test creation of a some p2s """ args = dict(purge_ipsec_p2s=False, aggregated_ipsec_p2s=[ dict(descr='p2_1', p1_descr='test_tunnel', mode='tunnel', local='1.2.3.4/24', remote='10.20.30.40/24', aes=True, aes_len='auto', sha256=True), dict(descr='p2_2', p1_descr='test_tunnel', mode='tunnel', local='1.2.3.4/24', remote='10.20.30.50/24', aes=True, aes_len='auto', sha256=True), dict(descr='one_p2', p1_descr='test_tunnel', mode='tunnel', local='lan', remote='10.20.30.60/24', aes='True', aes_len='128', aes128gcm=True, aes128gcm_len='128', sha256='True'), dict(descr='another_p2', p1_descr='test_tunnel', state='absent') ]) set_module_args(args) result = self.execute_module(changed=True) result_ipsec_p2s = [] result_ipsec_p2s.append( "create ipsec_p2 'p2_1' on 'test_tunnel', disabled=False, mode='tunnel', local='1.2.3.4/24', remote='10.20.30.40/24', " "aes=True, aes_len='auto', sha256=True, pfsgroup='14', lifetime=3600" ) result_ipsec_p2s.append( "create ipsec_p2 'p2_2' on 'test_tunnel', disabled=False, mode='tunnel', local='1.2.3.4/24', remote='10.20.30.50/24', " "aes=True, aes_len='auto', sha256=True, pfsgroup='14', lifetime=3600" ) result_ipsec_p2s.append( "update ipsec_p2 'one_p2' on 'test_tunnel' set remote='10.20.30.60/24'" ) result_ipsec_p2s.append( "delete ipsec_p2 'another_p2' on 'test_tunnel'") self.assertEqual(result['result_ipsec_p2s'], result_ipsec_p2s)
def do_alias_update_field(self, alias, set_after=None, command=None, **kwargs): """ test updating field of an host alias """ target = copy(alias) target.update(kwargs) set_module_args(self.args_from_var(target)) result = self.execute_module(changed=True) diff = dict(before=alias, after=copy(target)) if set_after is not None: diff['after'].update(set_after) self.assertEqual(result['diff'], diff) self.assert_xml_elt_value('aliases', dict(name=alias['name'], type=alias['type']), 'address', diff['after']['address']) self.assertEqual(result['commands'], [command])
def test_ipsec_aggregate_ipsecs(self, pfsense_version): """ test creation of a some tunnels """ self.get_version.return_value = pfsense_version args = dict(purge_ipsecs=False, aggregated_ipsecs=[ dict(descr='t1', interface='wan', remote_gateway='1.3.3.1', iketype='ikev2', authentication_method='pre_shared_key', preshared_key='azerty123'), dict(descr='t2', interface='wan', remote_gateway='1.3.3.2', iketype='ikev2', authentication_method='pre_shared_key', preshared_key='qwerty123'), dict(descr='test_tunnel2', state='absent'), dict(descr='test_tunnel', interface='lan_100', remote_gateway='1.2.4.8', iketype='ikev2', authentication_method='pre_shared_key', preshared_key='0123456789'), ]) set_module_args(args) result = self.execute_module(changed=True) result_ipsecs = [] result_ipsecs.append( "create ipsec 't1', iketype='ikev2', protocol='inet', interface='wan', remote_gateway='1.3.3.1', authentication_method='pre_shared_key', " "preshared_key='azerty123', myid_type='myaddress', peerid_type='peeraddress', lifetime='28800', " "rekey_time='', reauth_time='', rand_time='', disable_rekey=False, margintime='', " "mobike='off', responderonly=False, nat_traversal='on', enable_dpd=True, dpd_delay='10', dpd_maxfail='5'" ) result_ipsecs.append( "create ipsec 't2', iketype='ikev2', protocol='inet', interface='wan', remote_gateway='1.3.3.2', authentication_method='pre_shared_key', " "preshared_key='qwerty123', myid_type='myaddress', peerid_type='peeraddress', lifetime='28800', " "rekey_time='', reauth_time='', rand_time='', disable_rekey=False, margintime='', " "mobike='off', responderonly=False, nat_traversal='on', enable_dpd=True, dpd_delay='10', dpd_maxfail='5'" ) result_ipsecs.append("delete ipsec 'test_tunnel2'") result_ipsecs.append( "update ipsec 'test_tunnel' set preshared_key='0123456789'") result_ipsecs = self.strip_commands(result_ipsecs) self.assertEqual(result['result_ipsecs'], result_ipsecs) self.assert_find_ipsec('t1') self.assert_find_ipsec('t2') self.assert_not_find_ipsec('test_tunnel2') self.assert_find_ipsec('test_tunnel')
def test_change_modify_list_fail(self): open_url = OpenUrlProxy([ OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), expect_value([ lxmletree.QName('https://ns1.hosttech.eu/public/api', 'getZone').text, 'sZoneName' ], 'example.com', ('http://www.w3.org/2001/XMLSchema', 'string')), ])).result_str(DEFAULT_ZONE_RESULT), ]) with patch( 'ansible_collections.felixfontein.hosttech_dns.plugins.module_utils.wsdl.open_url', open_url): with pytest.raises(AnsibleFailJson) as e: set_module_args({ 'hosttech_username': '******', 'hosttech_password': '******', 'state': 'present', 'zone': 'example.com', 'record': 'example.com', 'type': 'NS', 'ttl': 10800, 'value': [ 'ns1.hostserv.eu', 'ns4.hostserv.eu', ], '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) hosttech_dns_record.main() print(e.value.args[0]) assert e.value.args[0]['failed'] is True assert e.value.args[0][ 'msg'] == "Record already exists with different value. Set 'overwrite' to replace it"
def run_module(self, mocker, module, arguments, fetch_url): def exit_json(module, **kwargs): module._return_formatted(kwargs) raise ModuleExitException(kwargs) def fail_json(module, **kwargs): module._return_formatted(kwargs) raise ModuleFailException(kwargs) mocker.patch(self.MOCK_ANSIBLE_MODULEUTILS_URLS_FETCH_URL, fetch_url) mocker.patch( self.MOCK_ANSIBLE_MODULEUTILS_BASIC_ANSIBLEMODULE + '.exit_json', exit_json) mocker.patch( self.MOCK_ANSIBLE_MODULEUTILS_BASIC_ANSIBLEMODULE + '.fail_json', fail_json) set_module_args(arguments) module.main()
def do_module_test(self, obj, command=None, changed=True, failed=False, msg=None, delete=False, state='present', **kwargs): """ run test """ if command is not None: command = self.strip_commands(command) obj = self.strip_params(obj) if delete: set_module_args(self.args_from_var(obj, state='absent')) else: set_module_args(self.args_from_var(obj, state=state)) result = self.execute_module(changed=changed, failed=failed, msg=msg) if not isinstance(command, list): command = [command] if failed: self.assertFalse(self.load_xml_result()) elif not changed: self.assertFalse(self.load_xml_result()) self.assertEqual(result['commands'], []) elif delete: self.assertTrue(self.load_xml_result()) target_elt = self.get_target_elt(obj, absent=True) self.assertIsNone(target_elt) self.assertEqual(result['commands'], command) else: self.assertTrue(self.load_xml_result()) target_elt = self.get_target_elt(obj) self.assertIsNotNone(target_elt) self.check_target_elt(obj, target_elt, **kwargs) self.assertEqual(result['commands'], command)
def test_change_add_one(self): new_entry = (131, 42, 'CAA', '', 'test', 3600, None, None) open_url = OpenUrlProxy([ OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), expect_value([ lxmletree.QName('https://ns1.hosttech.eu/public/api', 'getZone').text, 'sZoneName' ], 'example.com', ('http://www.w3.org/2001/XMLSchema', 'string')), ])).result_str(DEFAULT_ZONE_RESULT), OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), validate_add_request('example.com', new_entry), ])).result_str(create_add_result(new_entry)), ]) with patch( 'ansible_collections.felixfontein.hosttech_dns.plugins.module_utils.wsdl.open_url', open_url): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'hosttech_username': '******', 'hosttech_password': '******', 'state': 'present', 'zone': 'example.com', 'record': 'example.com', 'type': 'CAA', 'ttl': 3600, 'value': [ 'test', ], '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) hosttech_dns_record.main() print(e.value.args[0]) assert e.value.args[0]['changed'] is True
def test_aggregate_vlans_with_purge(self): """ test creation of some vlans with purge""" args = dict(purge_vlans=True, aggregated_vlans=[ dict(vlan_id=1100, interface='vmx1'), dict(vlan_id=1200, interface='vmx1', state='absent'), dict(vlan_id=101, interface='vmx1', descr='printers'), dict(vlan_id=102, interface='vmx2', descr='users'), ]) set_module_args(args) result = self.execute_module(changed=True) result_aliases = [] result_aliases.append("delete vlan 'vmx1.1200'") result_aliases.append( "create vlan 'vmx1.101', descr='printers', priority=''") result_aliases.append( "create vlan 'vmx2.102', descr='users', priority=''") result_aliases.append("delete vlan 'vmx0.100'") self.assertEqual(result['result_vlans'], result_aliases) self.assert_not_find_vlan('vmx1', '1200') self.assert_find_vlan('vmx1', '101') self.assert_find_vlan('vmx2', '102') self.assert_not_find_vlan('vmx0', '100')
def test_get_all(self): open_url = OpenUrlProxy([ OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), expect_value([ lxmletree.QName('https://ns1.hosttech.eu/public/api', 'getZone').text, 'sZoneName' ], 'example.com', ('http://www.w3.org/2001/XMLSchema', 'string')), ])).result_str(DEFAULT_ZONE_RESULT), ]) with patch( 'ansible_collections.felixfontein.hosttech_dns.plugins.module_utils.wsdl.open_url', open_url): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'hosttech_username': '******', 'hosttech_password': '******', 'what': 'all_records', 'zone': 'example.com.', '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) hosttech_dns_record_info.main() print(e.value.args[0]) assert e.value.args[0]['changed'] is False assert 'set' not in e.value.args[0] assert 'sets' in e.value.args[0] sets = e.value.args[0]['sets'] assert len(sets) == 6 assert sets[0] == { 'record': '*.example.com', 'ttl': 3600, 'type': 'A', 'value': ['1.2.3.5'], } assert sets[1] == { 'record': '*.example.com', 'ttl': 3600, 'type': 'AAAA', 'value': ['2001:1:2::4'], } assert sets[2] == { 'record': 'example.com', 'ttl': 3600, 'type': 'A', 'value': ['1.2.3.4'], } assert sets[3] == { 'record': 'example.com', 'ttl': 3600, 'type': 'AAAA', 'value': ['2001:1:2::3'], } assert sets[4] == { 'record': 'example.com', 'ttl': 3600, 'type': 'MX', 'value': ['example.com'], } assert sets[5] == { 'record': 'example.com', 'ttl': 10800, 'type': 'NS', 'value': ['ns3.hostserv.eu', 'ns2.hostserv.eu', 'ns1.hostserv.eu'], }
def test_urltable_ports_required_if(self): """ test creation of a new urltable_ports alias without giving updatefreq (should fail) """ alias = dict(name='acme_table', address='http://www.acme.com', descr='', type='urltable_ports', detail='') set_module_args(self.args_from_var(alias)) self.execute_module(failed=True, msg='type is urltable_ports but all of the following are missing: updatefreq')
def test_change_modify_list(self): del_entry = (130, 42, 'NS', '', 'ns3.hostserv.eu', 10800, None, None) update_entry = (131, 42, 'NS', '', 'ns4.hostserv.eu', 10800, None, None) open_url = OpenUrlProxy([ OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), expect_value([ lxmletree.QName('https://ns1.hosttech.eu/public/api', 'getZone').text, 'sZoneName' ], 'example.com', ('http://www.w3.org/2001/XMLSchema', 'string')), ])).result_str(DEFAULT_ZONE_RESULT), OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), validate_del_request(del_entry), ])).result_str(create_del_result(True)), OpenUrlCall('POST', 200).expect_content_predicate( validate_wsdl_call([ expect_authentication('foo', 'bar'), validate_update_request(update_entry), ])).result_str(create_update_result(update_entry)), ]) with patch( 'ansible_collections.felixfontein.hosttech_dns.plugins.module_utils.wsdl.open_url', open_url): with pytest.raises(AnsibleExitJson) as e: set_module_args({ 'hosttech_username': '******', 'hosttech_password': '******', 'state': 'present', 'zone': 'example.com', 'record': 'example.com', 'type': 'NS', 'ttl': 10800, 'value': [ 'ns1.hostserv.eu', 'ns4.hostserv.eu', ], 'overwrite': True, '_ansible_diff': True, '_ansible_remote_tmp': '/tmp/tmp', '_ansible_keep_remote_files': True, }) hosttech_dns_record.main() print(e.value.args[0]) assert e.value.args[0]['changed'] is True assert 'diff' in e.value.args[0] assert 'before' in e.value.args[0]['diff'] assert 'after' in e.value.args[0]['diff'] assert e.value.args[0]['diff']['before'] == { 'record': 'example.com', 'type': 'NS', 'ttl': 10800, 'value': ['ns1.hostserv.eu', 'ns2.hostserv.eu', 'ns3.hostserv.eu'], } assert e.value.args[0]['diff']['after'] == { 'record': 'example.com', 'type': 'NS', 'ttl': 10800, 'value': ['ns1.hostserv.eu', 'ns4.hostserv.eu'], }