diff --git a/lib/ansible/modules/network/f5/bigip_firewall_port_list.py b/lib/ansible/modules/network/f5/bigip_firewall_port_list.py index 12073ed880e..576705725e6 100644 --- a/lib/ansible/modules/network/f5/bigip_firewall_port_list.py +++ b/lib/ansible/modules/network/f5/bigip_firewall_port_list.py @@ -58,6 +58,7 @@ options: extends_documentation_fragment: f5 author: - Tim Rupp (@caphrim007) + - Wojciech Wypior (@wojtek0806) ''' EXAMPLES = r''' @@ -162,46 +163,44 @@ from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import env_fallback try: - from library.module_utils.network.f5.bigip import HAS_F5SDK - from library.module_utils.network.f5.bigip import F5Client + from library.module_utils.network.f5.bigip import F5RestClient from library.module_utils.network.f5.common import F5ModuleError from library.module_utils.network.f5.common import AnsibleF5Parameters from library.module_utils.network.f5.common import cleanup_tokens from library.module_utils.network.f5.common import fq_name from library.module_utils.network.f5.common import f5_argument_spec - try: - from library.module_utils.network.f5.common import iControlUnexpectedHTTPError - except ImportError: - HAS_F5SDK = False + from library.module_utils.network.f5.common import transform_name + from library.module_utils.network.f5.common import exit_json + from library.module_utils.network.f5.common import fail_json + from library.module_utils.network.f5.icontrol import module_provisioned except ImportError: - from ansible.module_utils.network.f5.bigip import HAS_F5SDK - from ansible.module_utils.network.f5.bigip import F5Client + from ansible.module_utils.network.f5.bigip import F5RestClient from ansible.module_utils.network.f5.common import F5ModuleError from ansible.module_utils.network.f5.common import AnsibleF5Parameters from ansible.module_utils.network.f5.common import cleanup_tokens from ansible.module_utils.network.f5.common import fq_name from ansible.module_utils.network.f5.common import f5_argument_spec - try: - from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError - except ImportError: - HAS_F5SDK = False + from ansible.module_utils.network.f5.common import transform_name + from ansible.module_utils.network.f5.common import exit_json + from ansible.module_utils.network.f5.common import fail_json + from ansible.module_utils.network.f5.icontrol import module_provisioned class Parameters(AnsibleF5Parameters): api_map = { - 'portLists': 'port_lists' + 'portLists': 'port_lists', } api_attributes = [ - 'portLists', 'ports', 'description' + 'portLists', 'ports', 'description', ] returnables = [ - 'ports', 'port_ranges', 'port_lists', 'description' + 'ports', 'port_ranges', 'port_lists', 'description', ] updatables = [ - 'description', 'ports', 'port_ranges', 'port_lists' + 'description', 'ports', 'port_ranges', 'port_lists', ] @@ -446,17 +445,18 @@ class ModuleManager(object): return False def exec_module(self): + if not module_provisioned(self.client, 'afm'): + raise F5ModuleError( + "AFM must be provisioned to use this module." + ) changed = False result = dict() state = self.want.state - try: - if state == "present": - changed = self.present() - elif state == "absent": - changed = self.absent() - except iControlUnexpectedHTTPError as e: - raise F5ModuleError(str(e)) + if state == "present": + changed = self.present() + elif state == "absent": + changed = self.absent() reportable = ReportableChanges(params=self.changes.to_return()) changes = reportable.to_return() @@ -479,12 +479,10 @@ class ModuleManager(object): else: return self.create() - def exists(self): - result = self.client.api.tm.security.firewall.port_lists.port_list.exists( - name=self.want.name, - partition=self.want.partition - ) - return result + def absent(self): + if self.exists(): + return self.remove() + return False def update(self): self.have = self.read_current_from_device() @@ -510,42 +508,91 @@ class ModuleManager(object): self.create_on_device() return True - def create_on_device(self): - params = self.changes.api_params() - self.client.api.tm.security.firewall.port_lists.port_list.create( - name=self.want.name, - partition=self.want.partition, - **params + def exists(self): + uri = "https://{0}:{1}/mgmt/tm/security/firewall/port-list/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) + resp = self.client.api.get(uri) + try: + response = resp.json() + except ValueError: + return False + if resp.status == 404 or 'code' in response and response['code'] == 404: + return False + return True def update_on_device(self): params = self.changes.api_params() - resource = self.client.api.tm.security.firewall.port_lists.port_list.load( - name=self.want.name, - partition=self.want.partition + uri = "https://{0}:{1}/mgmt/tm/security/firewall/port-list/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - resource.modify(**params) + resp = self.client.api.patch(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) - def absent(self): - if self.exists(): - return self.remove() - return False + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) - def remove_from_device(self): - resource = self.client.api.tm.security.firewall.port_lists.port_list.load( - name=self.want.name, - partition=self.want.partition + def read_current_from_device(self): + uri = "https://{0}:{1}/mgmt/tm/security/firewall/port-list/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - if resource: - resource.delete() + resp = self.client.api.get(uri) - def read_current_from_device(self): - resource = self.client.api.tm.security.firewall.port_lists.port_list.load( - name=self.want.name, - partition=self.want.partition + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] == 400: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) + return ApiParameters(params=response) + + def create_on_device(self): + params = self.changes.api_params() + params['name'] = self.want.name + params['partition'] = self.want.partition + uri = "https://{0}:{1}/mgmt/tm/security/firewall/port-list/".format( + self.client.provider['server'], + self.client.provider['server_port'], + ) + resp = self.client.api.post(uri, json=params) + try: + response = resp.json() + except ValueError as ex: + raise F5ModuleError(str(ex)) + + if 'code' in response and response['code'] in [400, 403]: + if 'message' in response: + raise F5ModuleError(response['message']) + else: + raise F5ModuleError(resp.content) + return response['selfLink'] + + def remove_from_device(self): + uri = "https://{0}:{1}/mgmt/tm/security/firewall/port-list/{2}".format( + self.client.provider['server'], + self.client.provider['server_port'], + transform_name(self.want.partition, self.want.name) ) - result = resource.attrs - return ApiParameters(params=result) + response = self.client.api.delete(uri) + if response.status == 200: + return True + raise F5ModuleError(response.content) class ArgumentSpec(object): @@ -578,18 +625,17 @@ def main(): argument_spec=spec.argument_spec, supports_check_mode=spec.supports_check_mode ) - if not HAS_F5SDK: - module.fail_json(msg="The python f5-sdk module is required") + + client = F5RestClient(**module.params) try: - client = F5Client(**module.params) mm = ModuleManager(module=module, client=client) results = mm.exec_module() cleanup_tokens(client) - module.exit_json(**results) + exit_json(module, results, client) except F5ModuleError as ex: cleanup_tokens(client) - module.fail_json(msg=str(ex)) + fail_json(module, ex, client) if __name__ == '__main__': diff --git a/test/units/modules/network/f5/test_bigip_firewall_port_list.py b/test/units/modules/network/f5/test_bigip_firewall_port_list.py index 9b92fcd177e..1c1bb651994 100644 --- a/test/units/modules/network/f5/test_bigip_firewall_port_list.py +++ b/test/units/modules/network/f5/test_bigip_firewall_port_list.py @@ -8,16 +8,12 @@ __metaclass__ = type import os import json -import pytest import sys from nose.plugins.skip import SkipTest if sys.version_info < (2, 7): raise SkipTest("F5 Ansible modules require Python >= 2.7") -from units.compat import unittest -from units.compat.mock import Mock -from units.compat.mock import patch from ansible.module_utils.basic import AnsibleModule try: @@ -25,17 +21,25 @@ try: from library.modules.bigip_firewall_port_list import ModuleParameters from library.modules.bigip_firewall_port_list import ModuleManager from library.modules.bigip_firewall_port_list import ArgumentSpec - from library.module_utils.network.f5.common import F5ModuleError - from library.module_utils.network.f5.common import iControlUnexpectedHTTPError - from test.unit.modules.utils import set_module_args + + # In Ansible 2.8, Ansible changed import paths. + from test.units.compat import unittest + from test.units.compat.mock import Mock + from test.units.compat.mock import patch + + from test.units.modules.utils import set_module_args except ImportError: try: from ansible.modules.network.f5.bigip_firewall_port_list import ApiParameters from ansible.modules.network.f5.bigip_firewall_port_list import ModuleParameters from ansible.modules.network.f5.bigip_firewall_port_list import ModuleManager from ansible.modules.network.f5.bigip_firewall_port_list import ArgumentSpec - from ansible.module_utils.network.f5.common import F5ModuleError - from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError + + # Ansible 2.8 imports + from units.compat import unittest + from units.compat.mock import Mock + from units.compat.mock import patch + from units.modules.utils import set_module_args except ImportError: raise SkipTest("F5 Ansible modules require the f5-sdk Python library") @@ -96,6 +100,18 @@ class TestManager(unittest.TestCase): def setUp(self): self.spec = ArgumentSpec() + try: + self.p1 = patch('library.modules.bigip_firewall_port_list.module_provisioned') + self.m1 = self.p1.start() + self.m1.return_value = True + except Exception: + self.p1 = patch('ansible.modules.network.f5.bigip_firewall_port_list.module_provisioned') + self.m1 = self.p1.start() + self.m1.return_value = True + + def tearDown(self): + self.p1.stop() + def test_create(self, *args): set_module_args(dict( name='foo', @@ -117,6 +133,7 @@ class TestManager(unittest.TestCase): # Override methods to force specific logic in the module to happen mm.exists = Mock(side_effect=[False, True]) mm.create_on_device = Mock(return_value=True) + mm.module_provisioned = Mock(return_value=True) results = mm.exec_module()