cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fix ios_user not able to handle certain scenario (#47656)

Browse source 
* added support for users with password(not secret) configs

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>

* Added example

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>

* Fix typo

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>

* Fix pep8

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>

* Add integration tests

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
This commit is contained in:
Nilashish Chakraborty 2018-10-31 16:51:46 +05:30 committed by GitHub
parent c53e3ca8e9
commit baae7fa9ba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 57 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
lib/ansible/modules/network/ios/ios_user.py
View file

@ -66,6 +66,13 @@ options:
the username is created. the username is created.
default: always default: always
choices: ['on_create', 'always'] choices: ['on_create', 'always']
password_type:
description:
- This argument determines whether a 'password' or 'secret' will be
configured.
default: secret
choices: ['secret', 'password']
version_added: "2.8"
privilege: privilege:
description: description:
- The C(privilege) argument configures the privilege level of the - The C(privilege) argument configures the privilege level of the
@ -157,6 +164,12 @@ EXAMPLES = """
- name: ansibletest3 - name: ansibletest3
view: network-admin view: network-admin
- name: Add a user specifying password type
ios_user:
name: ansibletest4
configured_password: "{{ new_password }}"
password_type: password
- name: Delete users with aggregate - name: Delete users with aggregate
ios_user: ios_user:
aggregate: aggregate:
@ -224,6 +237,7 @@ def map_obj_to_commands(updates, module):
commands = list() commands = list()
state = module.params['state'] state = module.params['state']
update_password = module.params['update_password'] update_password = module.params['update_password']
password_type = module.params['password_type']
def needs_update(want, have, x): def needs_update(want, have, x):
return want.get(x) and (want.get(x) != have.get(x)) return want.get(x) and (want.get(x) != have.get(x))
@ -261,7 +275,10 @@ def map_obj_to_commands(updates, module):
if needs_update(want, have, 'configured_password'): if needs_update(want, have, 'configured_password'):
if update_password == 'always' or not have: if update_password == 'always' or not have:
add(commands, want, 'secret %s' % want['configured_password']) if have and password_type != have['password_type']:
module.fail_json(msg='Can not have both a user password and a user secret.' +
' Please choose one or the other.')
add(commands, want, '%s %s' % (password_type, want['configured_password']))
if needs_update(want, have, 'nopassword'): if needs_update(want, have, 'nopassword'):
if want['nopassword']: if want['nopassword']:
@ -290,6 +307,13 @@ def parse_privilege(data):
return int(match.group(1)) return int(match.group(1))
def parse_password_type(data):
type = None
if data and data.split()[-3] in ['password', 'secret']:
type = data.split()[-3]
return type
def map_config_to_obj(module): def map_config_to_obj(module):
data = get_config(module, flags=['| section username']) data = get_config(module, flags=['| section username'])
@ -311,6 +335,7 @@ def map_config_to_obj(module):
'state': 'present', 'state': 'present',
'nopassword': 'nopassword' in cfg, 'nopassword': 'nopassword' in cfg,
'configured_password': None, 'configured_password': None,
'password_type': parse_password_type(cfg),
'sshkey': parse_sshkey(sshcfg), 'sshkey': parse_sshkey(sshcfg),
'privilege': parse_privilege(cfg), 'privilege': parse_privilege(cfg),
'view': parse_view(cfg) 'view': parse_view(cfg)
@ -396,6 +421,7 @@ def main():
configured_password=dict(no_log=True), configured_password=dict(no_log=True),
nopassword=dict(type='bool'), nopassword=dict(type='bool'),
update_password=dict(default='always', choices=['on_create', 'always']), update_password=dict(default='always', choices=['on_create', 'always']),
password_type=dict(default='secret', choices=['secret', 'password']),
privilege=dict(type='int'), privilege=dict(type='int'),
view=dict(aliases=['role']), view=dict(aliases=['role']),

30
test/integration/targets/ios_user/tests/cli/basic.yaml
View file

@ -5,6 +5,8 @@
- name: ansibletest1 - name: ansibletest1
- name: ansibletest2 - name: ansibletest2
- name: ansibletest3 - name: ansibletest3
- name: ansibletest4
- name: ansibletest5
state: absent state: absent
provider: "{{ cli }}" provider: "{{ cli }}"
@ -66,12 +68,40 @@
- 'result.changed == false' - 'result.changed == false'
- 'result.commands | length == 0' - 'result.commands | length == 0'
- name: Create user with password_type (password)
ios_user:
name: ansibleuser4
password_type: password
configured_password: testpass
state: present
register: result
- assert:
that:
- 'result.changed == true'
- "'username ansibleuser4 password' in result.commands[0]"
- name: Create user with password_type (secret)
ios_user:
name: ansibleuser5
password_type: secret
configured_password: testpass
state: present
register: result
- assert:
that:
- 'result.changed == true'
- "'username ansibleuser5 secret' in result.commands[0]"
- name: tearDown - name: tearDown
ios_user: ios_user:
aggregate: aggregate:
- name: ansibletest1 - name: ansibletest1
- name: ansibletest2 - name: ansibletest2
- name: ansibletest3 - name: ansibletest3
- name: ansibletest4
- name: ansibletest5
state: absent state: absent
provider: "{{ cli }}" provider: "{{ cli }}"
register: result register: result