From 3a0c6454a96ff175d8b62dc49e91a3fc1972f64e Mon Sep 17 00:00:00 2001
From: chkp-orso <47325598+chkp-orso@users.noreply.github.com>
Date: Tue, 5 Nov 2019 13:14:34 +0100
Subject: [PATCH] Enable logging to any domain in the check point machine
 (#63976)

* enable using any domain in the check point machine

* Update checkpoint.py

* trying to checge `test_chrckpoint` according to `test_ftd` in order to pass the tests

* Update test_checkpoint.py
---
 lib/ansible/plugins/httpapi/checkpoint.py     | 13 ++++++++++-
 test/units/plugins/httpapi/test_checkpoint.py | 22 +++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/lib/ansible/plugins/httpapi/checkpoint.py b/lib/ansible/plugins/httpapi/checkpoint.py
index 1e0a6164be8..401de7d31c2 100644
--- a/lib/ansible/plugins/httpapi/checkpoint.py
+++ b/lib/ansible/plugins/httpapi/checkpoint.py
@@ -14,6 +14,13 @@ description:
   - This HttpApi plugin provides methods to connect to Checkpoint
     devices over a HTTP(S)-based api.
 version_added: "2.8"
+options:
+  domain:
+    type: str
+    description:
+      - Specifies the domain of the Check Point device
+    vars:
+      - name: ansible_checkpoint_domain
 """
 
 import json
@@ -32,7 +39,11 @@ BASE_HEADERS = {
 class HttpApi(HttpApiBase):
     def login(self, username, password):
         if username and password:
-            payload = {'user': username, 'password': password}
+            cp_domain = self.get_option('domain')
+            if cp_domain:
+                payload = {'user': username, 'password': password, 'domain': cp_domain}
+            else:
+                payload = {'user': username, 'password': password}
             url = '/web_api/login'
             response, response_data = self.send_request(url, payload)
         else:
diff --git a/test/units/plugins/httpapi/test_checkpoint.py b/test/units/plugins/httpapi/test_checkpoint.py
index 93480b5f8ad..62a5070c2d1 100644
--- a/test/units/plugins/httpapi/test_checkpoint.py
+++ b/test/units/plugins/httpapi/test_checkpoint.py
@@ -20,6 +20,15 @@ EXPECTED_BASE_HEADERS = {
 class FakeCheckpointHttpApiPlugin(HttpApi):
     def __init__(self, conn):
         super(FakeCheckpointHttpApiPlugin, self).__init__(conn)
+        self.hostvars = {
+            'domain': None
+        }
+
+    def get_option(self, var):
+        return self.hostvars[var]
+
+    def set_option(self, var, val):
+        self.hostvars[var] = val
 
 
 class TestCheckpointHttpApi(unittest.TestCase):
@@ -52,6 +61,19 @@ class TestCheckpointHttpApi(unittest.TestCase):
 
         assert resp == (500, {'errorMessage': 'ERROR'})
 
+    def test_login_to_global_domain(self):
+        temp_domain = self.checkpoint_plugin.hostvars['domain']
+        self.checkpoint_plugin.hostvars['domain'] = 'test_domain'
+        self.connection_mock.send.return_value = self._connection_response(
+            {'sid': 'SID', 'uid': 'UID'}
+        )
+
+        self.checkpoint_plugin.login('USERNAME', 'PASSWORD')
+
+        self.connection_mock.send.assert_called_once_with('/web_api/login', mock.ANY, headers=mock.ANY,
+                                                          method=mock.ANY)
+        self.checkpoint_plugin.hostvars['domain'] = temp_domain
+
     @staticmethod
     def _connection_response(response, status=200):
         response_mock = mock.Mock()