ufw: fix default (again) (#55004)

2019-04-11 00:06:53 +02:00 · 2019-04-11 00:06:53 +02:00 · 7d2e4dd2fd
commit 7d2e4dd2fd
parent 44a07cfe71
3 changed files with 17 additions and 24 deletions
--- a/lib/ansible/modules/system/ufw.py
+++ b/lib/ansible/modules/system/ufw.py
@ -471,14 +471,9 @@ def main():
                    current_default_values["incoming"] = extract.group(1)
                    current_default_values["outgoing"] = extract.group(2)
                    current_default_values["routed"] = extract.group(3)
-                    if params['direction'] is None:
-                        for v in current_default_values.values():
-                            if v not in (value, 'disabled'):
-                                changed = True
-                    else:
-                        v = current_default_values[params['direction']]
-                        if v not in (value, 'disabled'):
-                            changed = True
+                    v = current_default_values[params['direction'] or 'incoming']
+                    if v not in (value, 'disabled'):
+                        changed = True
                else:
                    changed = True
            else:
--- a/test/integration/targets/ufw/aliases
+++ b/test/integration/targets/ufw/aliases
@ -6,4 +6,3 @@ skip/docker
 needs/root
 destructive
 needs/target/setup_epel
-unstable  # the test fails when run in the group, but not by itself
--- a/test/integration/targets/ufw/tasks/tests/global-state.yml
+++ b/test/integration/targets/ufw/tasks/tests/global-state.yml
@ -108,30 +108,30 @@
    default: deny
    direction: incoming
  register: default_change_2
- name: Default (change all, check mode)
+- name: Default (change incoming implicitly, check mode)
  ufw:
    default: allow
  check_mode: yes
-  register: default_change_all_check
- name: Default (change all)
+  register: default_change_implicit_check
+- name: Default (change incoming implicitly)
  ufw:
    default: allow
-  register: default_change_all
+  register: default_change_implicit
 - name: Get defaults
  shell: |
    ufw status verbose | grep "^Default:"
-  register: ufw_defaults_change_all
+  register: ufw_defaults_change_implicit
  environment:
    LC_ALL: C
- name: Default (change all, idempotent, check mode)
+- name: Default (change incoming implicitly, idempotent, check mode)
  ufw:
    default: allow
  check_mode: yes
-  register: default_change_all_idem_check
- name: Default (change all, idempotent)
+  register: default_change_implicit_idem_check
+- name: Default (change incoming implicitly, idempotent)
  ufw:
    default: allow
-  register: default_change_all_idem
+  register: default_change_implicit_idem
 - assert:
    that:
    - default_check is changed
@ -143,9 +143,8 @@
    - default_change is changed
    - "'allow (incoming)' in ufw_defaults_change.stdout"
    - default_change_2 is changed
-    - default_change_all_check is changed
-    - default_change_all is changed
-    - default_change_all_idem_check is not changed
-    - default_change_all_idem is not changed
-    - "'allow (incoming)' in ufw_defaults_change_all.stdout"
-    - "'allow (outgoing)' in ufw_defaults_change_all.stdout"
+    - default_change_implicit_check is changed
+    - default_change_implicit is changed
+    - default_change_implicit_idem_check is not changed
+    - default_change_implicit_idem is not changed
+    - "'allow (incoming)' in ufw_defaults_change_implicit.stdout"