update to "state is present but all of the following are missing: password" bug

2019-07-21 08:30:02 +08:00 · 2019-07-21 08:30:02 +08:00 · 661b009f36
commit 661b009f36
parent 35dcd231be
1 changed files with 82 additions and 147 deletions
--- a/lib/ansible/modules/network/cloudengine/ce_ntp_auth.py
+++ b/lib/ansible/modules/network/cloudengine/ce_ntp_auth.py
@ -195,84 +195,8 @@ import copy
 import re

 from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils.network.cloudengine.ce import ce_argument_spec, load_config, get_nc_config, set_nc_config
-
-CE_NC_GET_NTP_AUTH_CONFIG = """
-<filter type="subtree">
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpAuthKeyCfgs>
-      <ntpAuthKeyCfg>
-        <keyId>%s</keyId>
-        <mode></mode>
-        <keyVal></keyVal>
-        <isReliable></isReliable>
-      </ntpAuthKeyCfg>
-    </ntpAuthKeyCfgs>
-  </ntp>
-</filter>
-"""
-
-CE_NC_GET_ALL_NTP_AUTH_CONFIG = """
-<filter type="subtree">
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpAuthKeyCfgs>
-      <ntpAuthKeyCfg>
-        <keyId></keyId>
-        <mode></mode>
-        <keyVal></keyVal>
-        <isReliable></isReliable>
-      </ntpAuthKeyCfg>
-    </ntpAuthKeyCfgs>
-  </ntp>
-</filter>
-"""
-
-CE_NC_GET_NTP_AUTH_ENABLE = """
-<filter type="subtree">
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpSystemCfg>
-      <isAuthEnable></isAuthEnable>
-    </ntpSystemCfg>
-  </ntp>
-</filter>
-"""
-
-CE_NC_MERGE_NTP_AUTH_CONFIG = """
-<config>
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpAuthKeyCfgs>
-      <ntpAuthKeyCfg operation="merge">
-        <keyId>%s</keyId>
-        <mode>%s</mode>
-        <keyVal>%s</keyVal>
-        <isReliable>%s</isReliable>
-      </ntpAuthKeyCfg>
-    </ntpAuthKeyCfgs>
-  </ntp>
-</config>
-"""
-
-CE_NC_MERGE_NTP_AUTH_ENABLE = """
-<config>
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpSystemCfg operation="merge">
-      <isAuthEnable>%s</isAuthEnable>
-    </ntpSystemCfg>
-  </ntp>
-</config>
-"""
-
-CE_NC_DELETE_NTP_AUTH_CONFIG = """
-<config>
-  <ntp xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
-    <ntpAuthKeyCfgs>
-      <ntpAuthKeyCfg operation="delete">
-        <keyId>%s</keyId>
-      </ntpAuthKeyCfg>
-    </ntpAuthKeyCfgs>
-  </ntp>
-</config>
-"""
+from ansible.module_utils.network.cloudengine.ce import ce_argument_spec, load_config
+from ansible.module_utils.connection import exec_command


 class NtpAuth(object):
@ -317,8 +241,10 @@ class NtpAuth(object):
        if (int(self.key_id) < 1) or (int(self.key_id) > 4294967295):
            self.module.fail_json(
                msg='Error: The length of key_id is between 1 and 4294967295.')
-
-        if self.state == "present":
+        if self.state == "present" and not self.password:
+            self.module.fail_json(
+                msg='Error: The password cannot be empty.')
+        if self.state == "present" and self.password:
            if (self.auth_type == 'encrypt') and\
                    ((len(self.password) < 20) or (len(self.password) > 392)):
                self.module.fail_json(
@ -331,67 +257,72 @@ class NtpAuth(object):
    def init_module(self):
        """Init module object"""

-        required_if = [("state", "present", ("password", "auth_mode"))]
+        required_if = [("state", "present", ("auth_pwd", "auth_mode"))]
        self.module = AnsibleModule(
            argument_spec=self.spec,
            required_if=required_if,
            supports_check_mode=True
        )

-    def check_response(self, xml_str, xml_name):
-        """Check if response message is already succeed."""
+    def get_config(self, flags=None):
+        """Retrieves the current config from the device or cache
+        """
+        flags = [] if flags is None else flags

-        if "<ok/>" not in xml_str:
-            self.module.fail_json(msg='Error: %s failed.' % xml_name)
+        cmd = 'display current-configuration '
+        cmd += ' '.join(flags)
+        cmd = cmd.strip()
+
+        rc, out, err = exec_command(self.module, cmd)
+        if rc != 0:
+            self.module.fail_json(msg=err)
+        cfg = str(out).strip()
+
+        return cfg

    def get_ntp_auth_enable(self):
        """Get ntp authentication enable state"""

-        xml_str = CE_NC_GET_NTP_AUTH_ENABLE
-        con_obj = get_nc_config(self.module, xml_str)
-        if "<data/>" in con_obj:
-            return
-
-        # get ntp authentication enable
+        flags = list()
+        exp = "| exclude undo | include ntp authentication"
+        flags.append(exp)
+        config = self.get_config(flags)
        auth_en = re.findall(
-            r'.*<isAuthEnable>(.*)</isAuthEnable>.*', con_obj)
+            r'.*ntp\s*authentication\s*enable.*', config)
        if auth_en:
-            if auth_en[0] == 'true':
-                self.ntp_auth_conf['authentication'] = 'enable'
-            else:
-                self.ntp_auth_conf['authentication'] = 'disable'
+            self.ntp_auth_conf['authentication'] = 'enable'
+        else:
+            self.ntp_auth_conf['authentication'] = 'disable'

    def get_ntp_all_auth_keyid(self):
        """Get all authentication keyid info"""

        ntp_auth_conf = list()

-        xml_str = CE_NC_GET_ALL_NTP_AUTH_CONFIG
-        con_obj = get_nc_config(self.module, xml_str)
-        if "<data/>" in con_obj:
+        flags = list()
+        exp = "| include authentication-keyid %s" % self.key_id
+        flags.append(exp)
+        config = self.get_config(flags)
+        ntp_config_list = config.split('\n')
+        if not ntp_config_list:
            self.ntp_auth_conf["authentication-keyid"] = "None"
            return ntp_auth_conf

-        # get ntp authentication config
-        ntp_auth = re.findall(
-            r'.*<keyId>(.*)</keyId>.*\s*<mode>(.*)</mode>.*\s*'
-            r'<keyVal>(.*)</keyVal>.*\s*<isReliable>(.*)</isReliable>.*', con_obj)
-
-        for ntp_auth_num in ntp_auth:
-            if ntp_auth_num[0] == self.key_id:
-                self.key_id_exist = True
-                if ntp_auth_num[3] == 'true':
-                    self.cur_trusted_key = 'enable'
-                else:
-                    self.cur_trusted_key = 'disable'
-
-            if ntp_auth_num[3] == 'true':
-                trusted_key = 'enable'
-            else:
-                trusted_key = 'disable'
-            ntp_auth_conf.append(dict(key_id=ntp_auth_num[0],
-                                      auth_mode=ntp_auth_num[1].lower(),
-                                      trusted_key=trusted_key))
+        self.key_id_exist = True
+        cur_auth_mode = ""
+        cur_auth_pwd = ""
+        for ntp_config in ntp_config_list:
+            ntp_auth_mode = re.findall(r'.*authentication-mode(\s\S*)\s\S*\s(\S*)', ntp_config)
+            ntp_auth_trust = re.findall(r'.*trusted.*', ntp_config)
+            if ntp_auth_trust:
+                self.cur_trusted_key = 'enable'
+            if ntp_auth_mode:
+                cur_auth_mode = ntp_auth_mode[0][0].strip()
+                cur_auth_pwd = ntp_auth_mode[0][1].strip()
+        ntp_auth_conf.append(dict(key_id=self.key_id,
+                                  auth_mode=cur_auth_mode,
+                                  auth_pwd=cur_auth_pwd,
+                                  trusted_key=self.cur_trusted_key))
        self.ntp_auth_conf["authentication-keyid"] = ntp_auth_conf

        return ntp_auth_conf
@ -405,33 +336,47 @@ class NtpAuth(object):
    def config_ntp_auth_keyid(self):
        """Config ntp authentication keyid"""

-        if self.trusted_key == 'enable':
-            trusted_key = 'true'
+        commands = list()
+        if self.auth_type == 'encrypt':
+            config_cli = "ntp authentication-keyid %s authentication-mode %s cipher %s" % (
+                self.key_id, self.auth_mode, self.password)
        else:
-            trusted_key = 'false'
-        xml_str = CE_NC_MERGE_NTP_AUTH_CONFIG % (
-            self.key_id, self.auth_mode.upper(), self.password, trusted_key)
-        ret_xml = set_nc_config(self.module, xml_str)
-        self.check_response(ret_xml, "NTP_AUTH_KEYID_CONFIG")
+            config_cli = "ntp authentication-keyid %s authentication-mode %s %s" % (
+                self.key_id, self.auth_mode, self.password)
+
+        commands.append(config_cli)
+
+        if self.trusted_key != self.cur_trusted_key:
+            if self.trusted_key == 'enable':
+                config_cli_trust = "ntp trusted authentication-keyid %s" % (self.key_id)
+                commands.append(config_cli_trust)
+            else:
+                config_cli_trust = "undo ntp trusted authentication-keyid %s" % (self.key_id)
+                commands.append(config_cli_trust)
+
+        self.cli_load_config(commands)

    def config_ntp_auth_enable(self):
        """Config ntp authentication enable"""

+        commands = list()
        if self.ntp_auth_conf['authentication'] != self.authentication:
            if self.authentication == 'enable':
-                state = 'true'
+                config_cli = "ntp authentication enable"
            else:
-                state = 'false'
-            xml_str = CE_NC_MERGE_NTP_AUTH_ENABLE % state
-            ret_xml = set_nc_config(self.module, xml_str)
-            self.check_response(ret_xml, "NTP_AUTH_ENABLE")
+                config_cli = "undo ntp authentication enable"
+            commands.append(config_cli)
+
+            self.cli_load_config(commands)

    def undo_config_ntp_auth_keyid(self):
        """Undo ntp authentication key-id"""

-        xml_str = CE_NC_DELETE_NTP_AUTH_CONFIG % self.key_id
-        ret_xml = set_nc_config(self.module, xml_str)
-        self.check_response(ret_xml, "UNDO_NTP_AUTH_KEYID_CONFIG")
+        commands = list()
+        config_cli = "undo ntp authentication-keyid %s" % self.key_id
+        commands.append(config_cli)
+
+        self.cli_load_config(commands)

    def cli_load_config(self, commands):
        """Load config by cli"""
@ -439,23 +384,11 @@ class NtpAuth(object):
        if not self.module.check_mode:
            load_config(self.module, commands)

-    def config_ntp_auth_keyid_by_cli(self):
-        """Config ntp authentication keyid bye the way of CLI"""
-
-        commands = list()
-        config_cli = "ntp authentication-keyid %s authentication-mode %s %s" % (
-            self.key_id, self.auth_mode, self.password)
-        commands.append(config_cli)
-        self.cli_load_config(commands)
-
    def config_ntp_auth(self):
        """Config ntp authentication"""

        if self.state == "present":
-            if self.auth_type == 'encrypt':
-                self.config_ntp_auth_keyid()
-            else:
-                self.config_ntp_auth_keyid_by_cli()
+            self.config_ntp_auth_keyid()
        else:
            if not self.key_id_exist:
                self.module.fail_json(
@ -532,6 +465,8 @@ class NtpAuth(object):
        self.ntp_auth_conf = dict()
        self.get_ntp_auth_exist_config()
        self.end_state = copy.deepcopy(self.ntp_auth_conf)
+        if self.end_state == self.existing:
+            self.changed = False

    def show_result(self):
        """Show result"""