* update acl (#57268)
(cherry picked from commit e009936f87
)
* add a changelog fragment for PR 57890.
* add a changelog fragment for PR 27890.
This commit is contained in:
parent
da9f3021be
commit
ad0cc5dc1e
4 changed files with 105 additions and 54 deletions
5
changelogs/fragments/57890-update-acl-to-fix-bugs.yml
Normal file
5
changelogs/fragments/57890-update-acl-to-fix-bugs.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
bugfixes:
|
||||
- update acl to fix bugs.(https://github.com/ansible/ansible/pull/57268)
|
||||
- ce_acl - tag named data of a xpath is unnecessay for old sotfware version to find a element from xml tree, but element can not be found with 'data' tag for new version, so remove.
|
||||
- ce_acl_advance - remove 'data' tag, and fix a bug that the 'changed' of result is not correct.
|
||||
- ce_acl_interface - do not used 'get_config' to show specific configuration, and use display command directly.
|
|
@ -427,7 +427,7 @@ class BaseAcl(object):
|
|||
|
||||
if self.acl_type:
|
||||
conf_str += "<aclType></aclType>"
|
||||
if self.acl_num:
|
||||
if self.acl_num or self.acl_name.isdigit():
|
||||
conf_str += "<aclNumber></aclNumber>"
|
||||
if self.acl_step:
|
||||
conf_str += "<aclStep></aclStep>"
|
||||
|
@ -444,12 +444,11 @@ class BaseAcl(object):
|
|||
xml_str = recv_xml.replace('\r', '').replace('\n', '').\
|
||||
replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\
|
||||
replace('xmlns="http://www.huawei.com/netconf/vrp"', "")
|
||||
|
||||
root = ElementTree.fromstring(xml_str)
|
||||
|
||||
# parse acl
|
||||
acl_info = root.findall(
|
||||
"data/acl/aclGroups/aclGroup")
|
||||
"acl/aclGroups/aclGroup")
|
||||
if acl_info:
|
||||
for tmp in acl_info:
|
||||
tmp_dict = dict()
|
||||
|
@ -460,22 +459,43 @@ class BaseAcl(object):
|
|||
self.cur_acl_cfg["acl_info"].append(tmp_dict)
|
||||
|
||||
if self.cur_acl_cfg["acl_info"]:
|
||||
find_list = list()
|
||||
for tmp in self.cur_acl_cfg["acl_info"]:
|
||||
find_flag = True
|
||||
cur_cfg_dict = dict()
|
||||
exist_cfg_dict = dict()
|
||||
if self.acl_name:
|
||||
if self.acl_name.isdigit() and tmp.get("aclNumber"):
|
||||
cur_cfg_dict["aclNumber"] = self.acl_name
|
||||
exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
|
||||
else:
|
||||
cur_cfg_dict["aclNumOrName"] = self.acl_name
|
||||
exist_cfg_dict["aclNumOrName"] = tmp.get("aclNumOrName")
|
||||
if self.acl_type:
|
||||
cur_cfg_dict["aclType"] = self.acl_type
|
||||
exist_cfg_dict["aclType"] = tmp.get("aclType")
|
||||
if self.acl_num:
|
||||
cur_cfg_dict["aclNumber"] = self.acl_num
|
||||
exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
|
||||
if self.acl_step:
|
||||
cur_cfg_dict["aclStep"] = self.acl_step
|
||||
exist_cfg_dict["aclStep"] = tmp.get("aclStep")
|
||||
if self.acl_description:
|
||||
cur_cfg_dict["aclDescription"] = self.acl_description
|
||||
exist_cfg_dict["aclDescription"] = tmp.get("aclDescription")
|
||||
|
||||
if self.acl_name and tmp.get("aclNumOrName") != self.acl_name:
|
||||
find_flag = False
|
||||
if self.acl_type and tmp.get("aclType") != self.acl_type:
|
||||
find_flag = False
|
||||
if self.acl_num and tmp.get("aclNumber") != self.acl_num:
|
||||
find_flag = False
|
||||
if self.acl_step and tmp.get("aclStep") != self.acl_step:
|
||||
find_flag = False
|
||||
if self.acl_description and tmp.get("aclDescription") != self.acl_description:
|
||||
find_flag = False
|
||||
if cur_cfg_dict == exist_cfg_dict:
|
||||
find_bool = True
|
||||
else:
|
||||
find_bool = False
|
||||
find_list.append(find_bool)
|
||||
|
||||
if find_flag:
|
||||
for mem in find_list:
|
||||
if mem:
|
||||
find_flag = True
|
||||
break
|
||||
else:
|
||||
find_flag = False
|
||||
|
||||
else:
|
||||
find_flag = False
|
||||
|
||||
|
@ -593,7 +613,7 @@ class BaseAcl(object):
|
|||
|
||||
# parse base rule
|
||||
base_rule_info = root.findall(
|
||||
"data/acl/aclGroups/aclGroup/aclRuleBas4s/aclRuleBas4")
|
||||
"acl/aclGroups/aclGroup/aclRuleBas4s/aclRuleBas4")
|
||||
if base_rule_info:
|
||||
for tmp in base_rule_info:
|
||||
tmp_dict = dict()
|
||||
|
|
|
@ -602,7 +602,7 @@ class AdvanceAcl(object):
|
|||
|
||||
if self.acl_type:
|
||||
conf_str += "<aclType></aclType>"
|
||||
if self.acl_num:
|
||||
if self.acl_num or self.acl_name.isdigit():
|
||||
conf_str += "<aclNumber></aclNumber>"
|
||||
if self.acl_step:
|
||||
conf_str += "<aclStep></aclStep>"
|
||||
|
@ -624,7 +624,7 @@ class AdvanceAcl(object):
|
|||
|
||||
# parse acl
|
||||
acl_info = root.findall(
|
||||
"data/acl/aclGroups/aclGroup")
|
||||
"acl/aclGroups/aclGroup")
|
||||
if acl_info:
|
||||
for tmp in acl_info:
|
||||
tmp_dict = dict()
|
||||
|
@ -635,22 +635,42 @@ class AdvanceAcl(object):
|
|||
self.cur_acl_cfg["acl_info"].append(tmp_dict)
|
||||
|
||||
if self.cur_acl_cfg["acl_info"]:
|
||||
find_list = list()
|
||||
for tmp in self.cur_acl_cfg["acl_info"]:
|
||||
find_flag = True
|
||||
cur_cfg_dict = dict()
|
||||
exist_cfg_dict = dict()
|
||||
|
||||
if self.acl_name and tmp.get("aclNumOrName") != self.acl_name:
|
||||
find_flag = False
|
||||
if self.acl_type and tmp.get("aclType") != self.acl_type:
|
||||
find_flag = False
|
||||
if self.acl_num and tmp.get("aclNumber") != self.acl_num:
|
||||
find_flag = False
|
||||
if self.acl_step and tmp.get("aclStep") != self.acl_step:
|
||||
find_flag = False
|
||||
if self.acl_description and tmp.get("aclDescription") != self.acl_description:
|
||||
find_flag = False
|
||||
if self.acl_name:
|
||||
if self.acl_name.isdigit() and tmp.get("aclNumber"):
|
||||
cur_cfg_dict["aclNumber"] = self.acl_name
|
||||
exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
|
||||
else:
|
||||
cur_cfg_dict["aclNumOrName"] = self.acl_name
|
||||
exist_cfg_dict["aclNumOrName"] = tmp.get("aclNumOrName")
|
||||
if self.acl_type:
|
||||
cur_cfg_dict["aclType"] = self.acl_type
|
||||
exist_cfg_dict["aclType"] = tmp.get("aclType")
|
||||
if self.acl_num:
|
||||
cur_cfg_dict["aclNumber"] = self.acl_num
|
||||
exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
|
||||
if self.acl_step:
|
||||
cur_cfg_dict["aclStep"] = self.acl_step
|
||||
exist_cfg_dict["aclStep"] = tmp.get("aclStep")
|
||||
if self.acl_description:
|
||||
cur_cfg_dict["aclDescription"] = self.acl_description
|
||||
exist_cfg_dict["aclDescription"] = tmp.get("aclDescription")
|
||||
|
||||
if find_flag:
|
||||
if cur_cfg_dict == exist_cfg_dict:
|
||||
find_bool = True
|
||||
else:
|
||||
find_bool = False
|
||||
find_list.append(find_bool)
|
||||
for mem in find_list:
|
||||
if mem:
|
||||
find_flag = True
|
||||
break
|
||||
else:
|
||||
find_flag = False
|
||||
else:
|
||||
find_flag = False
|
||||
|
||||
|
@ -1001,7 +1021,7 @@ class AdvanceAcl(object):
|
|||
|
||||
# parse advance rule
|
||||
adv_rule_info = root.findall(
|
||||
"data/acl/aclGroups/aclGroup/aclRuleAdv4s/aclRuleAdv4")
|
||||
"acl/aclGroups/aclGroup/aclRuleAdv4s/aclRuleAdv4")
|
||||
if adv_rule_info:
|
||||
for tmp in adv_rule_info:
|
||||
tmp_dict = dict()
|
||||
|
|
|
@ -122,7 +122,7 @@ updates:
|
|||
|
||||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
from ansible.module_utils.network.cloudengine.ce import get_config, load_config
|
||||
from ansible.module_utils.network.cloudengine.ce import get_config, load_config, exec_command
|
||||
from ansible.module_utils.network.cloudengine.ce import ce_argument_spec
|
||||
|
||||
|
||||
|
@ -169,11 +169,18 @@ class AclInterface(object):
|
|||
msg='Error: The len of acl_name is out of [1 - 32].')
|
||||
|
||||
if self.interface:
|
||||
regular = "| ignore-case section include ^interface %s$" % self.interface
|
||||
result = self.cli_get_config(regular)
|
||||
if not result:
|
||||
self.module.fail_json(
|
||||
msg='Error: The interface %s is not in the device.' % self.interface)
|
||||
cmd = "display current-configuration | ignore-case section include ^interface %s$" % self.interface
|
||||
rc, out, err = exec_command(self.module, cmd)
|
||||
if rc != 0:
|
||||
self.module.fail_json(msg=err)
|
||||
result = str(out).strip()
|
||||
if result:
|
||||
tmp = result.split('\n')
|
||||
if "display" in tmp[0]:
|
||||
tmp.pop(0)
|
||||
if not tmp:
|
||||
self.module.fail_json(
|
||||
msg='Error: The interface %s is not in the device.' % self.interface)
|
||||
|
||||
def get_proposed(self):
|
||||
""" Get proposed config """
|
||||
|
@ -192,28 +199,36 @@ class AclInterface(object):
|
|||
def get_existing(self):
|
||||
""" Get existing config """
|
||||
|
||||
regular = "| ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
|
||||
result = self.cli_get_config(regular)
|
||||
|
||||
cmd = "display current-configuration | ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
|
||||
rc, out, err = exec_command(self.module, cmd)
|
||||
if rc != 0:
|
||||
self.module.fail_json(msg=err)
|
||||
result = str(out).strip()
|
||||
end = []
|
||||
if result:
|
||||
tmp = result.split('\n')
|
||||
if "display" in tmp[0]:
|
||||
tmp.pop(0)
|
||||
for item in tmp:
|
||||
end.append(item)
|
||||
end.append(item.strip())
|
||||
self.cur_cfg["acl interface"] = end
|
||||
self.existing["acl interface"] = end
|
||||
|
||||
def get_end_state(self):
|
||||
""" Get config end state """
|
||||
|
||||
regular = "| ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
|
||||
result = self.cli_get_config(regular)
|
||||
cmd = "display current-configuration | ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
|
||||
rc, out, err = exec_command(self.module, cmd)
|
||||
if rc != 0:
|
||||
self.module.fail_json(msg=err)
|
||||
result = str(out).strip()
|
||||
end = []
|
||||
if result:
|
||||
tmp = result.split('\n')
|
||||
if "display" in tmp[0]:
|
||||
tmp.pop(0)
|
||||
for item in tmp:
|
||||
item = item[1:-1]
|
||||
end.append(item)
|
||||
end.append(item.strip())
|
||||
self.end_state["acl interface"] = end
|
||||
|
||||
def cli_load_config(self, commands):
|
||||
|
@ -222,15 +237,6 @@ class AclInterface(object):
|
|||
if not self.module.check_mode:
|
||||
load_config(self.module, commands)
|
||||
|
||||
def cli_get_config(self, regular):
|
||||
""" Cli method to get config """
|
||||
|
||||
flags = list()
|
||||
flags.append(regular)
|
||||
tmp_cfg = get_config(self.module, flags)
|
||||
|
||||
return tmp_cfg
|
||||
|
||||
def work(self):
|
||||
""" Work function """
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue