From 55e431de540507328e57696beb64f1d4ecbb1504 Mon Sep 17 00:00:00 2001
From: ftntcorecse <43451990+ftntcorecse@users.noreply.github.com>
Date: Tue, 5 Mar 2019 01:19:57 -0800
Subject: [PATCH] Auto Commit for: fmgr_secprof_av (#53022)
---
.../network/fortimanager/fmgr_secprof_av.py | 1391 +++++++++++++++++
.../fixtures/test_fmgr_secprof_av.json | 237 +--
.../fortimanager/test_fmgr_secprof_av.py | 72 +
3 files changed, 1522 insertions(+), 178 deletions(-)
create mode 100644 lib/ansible/modules/network/fortimanager/fmgr_secprof_av.py
create mode 100644 test/units/modules/network/fortimanager/test_fmgr_secprof_av.py
diff --git a/lib/ansible/modules/network/fortimanager/fmgr_secprof_av.py b/lib/ansible/modules/network/fortimanager/fmgr_secprof_av.py
new file mode 100644
index 00000000000..3c7e70ceb1a
--- /dev/null
+++ b/lib/ansible/modules/network/fortimanager/fmgr_secprof_av.py
@@ -0,0 +1,1391 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = '''
+---
+module: fmgr_secprof_av
+version_added: "2.8"
+notes:
+ - Full Documentation at U(https://ftnt-ansible-docs.readthedocs.io/en/latest/).
+author:
+ - Luke Weighall (@lweighall)
+ - Andrew Welsh (@Ghilli3)
+ - Jim Huber (@p4r4n0y1ng)
+short_description: Manage security profile
+description:
+ - Manage security profile groups for FortiManager objects
+
+options:
+ adom:
+ description:
+ - The ADOM the configuration should belong to.
+ required: false
+ default: root
+
+ mode:
+ description:
+ - Sets one of three modes for managing the object.
+ - Allows use of soft-adds instead of overwriting existing values
+ choices: ['add', 'set', 'delete', 'update']
+ required: false
+ default: add
+
+ scan_mode:
+ description:
+ - Choose between full scan mode and quick scan mode.
+ required: false
+ choices:
+ - quick
+ - full
+
+ replacemsg_group:
+ description:
+ - Replacement message group customized for this profile.
+ required: false
+
+ name:
+ description:
+ - Profile name.
+ required: false
+
+ mobile_malware_db:
+ description:
+ - Enable/disable using the mobile malware signature database.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ inspection_mode:
+ description:
+ - Inspection mode.
+ required: false
+ choices:
+ - proxy
+ - flow-based
+
+ ftgd_analytics:
+ description:
+ - Settings to control which files are uploaded to FortiSandbox.
+ required: false
+ choices:
+ - disable
+ - suspicious
+ - everything
+
+ extended_log:
+ description:
+ - Enable/disable extended logging for antivirus.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ comment:
+ description:
+ - Comment.
+ required: false
+
+ av_virus_log:
+ description:
+ - Enable/disable AntiVirus logging.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ av_block_log:
+ description:
+ - Enable/disable logging for AntiVirus file blocking.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ analytics_wl_filetype:
+ description:
+ - Do not submit files matching this DLP file-pattern to FortiSandbox.
+ required: false
+
+ analytics_max_upload:
+ description:
+ - Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10).
+ required: false
+
+ analytics_db:
+ description:
+ - Enable/disable using the FortiSandbox signature database to supplement the AV signature databases.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ analytics_bl_filetype:
+ description:
+ - Only submit files matching this DLP file-pattern to FortiSandbox.
+ required: false
+
+ content_disarm:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ content_disarm_cover_page:
+ description:
+ - Enable/disable inserting a cover page into the disarmed document.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_detect_only:
+ description:
+ - Enable/disable only detect disarmable files, do not alter content.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_office_embed:
+ description:
+ - Enable/disable stripping of embedded objects in Microsoft Office documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_office_hylink:
+ description:
+ - Enable/disable stripping of hyperlinks in Microsoft Office documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_office_linked:
+ description:
+ - Enable/disable stripping of linked objects in Microsoft Office documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_office_macro:
+ description:
+ - Enable/disable stripping of macros in Microsoft Office documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_original_file_destination:
+ description:
+ - Destination to send original file if active content is removed.
+ required: false
+ choices:
+ - fortisandbox
+ - quarantine
+ - discard
+
+ content_disarm_pdf_act_form:
+ description:
+ - Enable/disable stripping of actions that submit data to other targets in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_act_gotor:
+ description:
+ - Enable/disable stripping of links to other PDFs in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_act_java:
+ description:
+ - Enable/disable stripping of actions that execute JavaScript code in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_act_launch:
+ description:
+ - Enable/disable stripping of links to external applications in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_act_movie:
+ description:
+ - Enable/disable stripping of embedded movies in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_act_sound:
+ description:
+ - Enable/disable stripping of embedded sound files in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_embedfile:
+ description:
+ - Enable/disable stripping of embedded files in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_hyperlink:
+ description:
+ - Enable/disable stripping of hyperlinks from PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ content_disarm_pdf_javacode:
+ description:
+ - Enable/disable stripping of JavaScript code in PDF documents.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ ftp:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ ftp_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ ftp_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ ftp_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ ftp_options:
+ description:
+ - Enable/disable FTP AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ ftp_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ http:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ http_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ http_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ http_content_disarm:
+ description:
+ - Enable Content Disarm and Reconstruction for this protocol.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ http_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ http_options:
+ description:
+ - Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ http_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ imap:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ imap_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ imap_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ imap_content_disarm:
+ description:
+ - Enable Content Disarm and Reconstruction for this protocol.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ imap_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ imap_executables:
+ description:
+ - Treat Windows executable files as viruses for the purpose of blocking or monitoring.
+ required: false
+ choices:
+ - default
+ - virus
+
+ imap_options:
+ description:
+ - Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ imap_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ mapi:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ mapi_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ mapi_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ mapi_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ mapi_executables:
+ description:
+ - Treat Windows executable files as viruses for the purpose of blocking or monitoring.
+ required: false
+ choices:
+ - default
+ - virus
+
+ mapi_options:
+ description:
+ - Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ mapi_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ nac_quar:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ nac_quar_expiry:
+ description:
+ - Duration of quarantine.
+ required: false
+
+ nac_quar_infected:
+ description:
+ - Enable/Disable quarantining infected hosts to the banned user list.
+ required: false
+ choices:
+ - none
+ - quar-src-ip
+
+ nac_quar_log:
+ description:
+ - Enable/disable AntiVirus quarantine logging.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ nntp:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ nntp_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ nntp_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ nntp_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ nntp_options:
+ description:
+ - Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ nntp_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ pop3:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ pop3_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ pop3_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ pop3_content_disarm:
+ description:
+ - Enable Content Disarm and Reconstruction for this protocol.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ pop3_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ pop3_executables:
+ description:
+ - Treat Windows executable files as viruses for the purpose of blocking or monitoring.
+ required: false
+ choices:
+ - default
+ - virus
+
+ pop3_options:
+ description:
+ - Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ pop3_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ smb:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ smb_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ smb_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ smb_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ smb_options:
+ description:
+ - Enable/disable SMB AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ smb_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+
+ smtp:
+ description:
+ - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
+ - List of multiple child objects to be added. Expects a list of dictionaries.
+ - Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
+ - If submitted, all other prefixed sub-parameters ARE IGNORED.
+ - This object is MUTUALLY EXCLUSIVE with its options.
+ - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
+ - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
+ required: false
+
+ smtp_archive_block:
+ description:
+ - Select the archive types to block.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ smtp_archive_log:
+ description:
+ - Select the archive types to log.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - encrypted
+ - corrupted
+ - multipart
+ - nested
+ - mailbomb
+ - unhandled
+ - partiallycorrupted
+ - fileslimit
+ - timeout
+
+ smtp_content_disarm:
+ description:
+ - Enable Content Disarm and Reconstruction for this protocol.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ smtp_emulator:
+ description:
+ - Enable/disable the virus emulator.
+ required: false
+ choices:
+ - disable
+ - enable
+
+ smtp_executables:
+ description:
+ - Treat Windows executable files as viruses for the purpose of blocking or monitoring.
+ required: false
+ choices:
+ - default
+ - virus
+
+ smtp_options:
+ description:
+ - Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine.
+ - FLAG Based Options. Specify multiple in list form.
+ required: false
+ choices:
+ - scan
+ - quarantine
+ - avmonitor
+
+ smtp_outbreak_prevention:
+ description:
+ - Enable FortiGuard Virus Outbreak Prevention service.
+ required: false
+ choices:
+ - disabled
+ - files
+ - full-archive
+'''
+
+EXAMPLES = '''
+ - name: DELETE Profile
+ fmgr_secprof_av:
+ name: "Ansible_AV_Profile"
+ mode: "delete"
+
+ - name: CREATE Profile
+ fmgr_secprof_av:
+ name: "Ansible_AV_Profile"
+ comment: "Created by Ansible Module TEST"
+ mode: "set"
+ inspection_mode: "proxy"
+ ftgd_analytics: "everything"
+ av_block_log: "enable"
+ av_virus_log: "enable"
+ scan_mode: "full"
+ mobile_malware_db: "enable"
+ ftp_archive_block: "encrypted"
+ ftp_outbreak_prevention: "files"
+ ftp_archive_log: "timeout"
+ ftp_emulator: "disable"
+ ftp_options: "scan"
+'''
+
+RETURN = """
+api_result:
+ description: full API response, includes status code and message
+ returned: always
+ type: str
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler
+from ansible.module_utils.network.fortimanager.common import FMGBaseException
+from ansible.module_utils.network.fortimanager.common import FMGRCommon
+from ansible.module_utils.network.fortimanager.common import DEFAULT_RESULT_OBJ
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
+from ansible.module_utils.network.fortimanager.common import prepare_dict
+from ansible.module_utils.network.fortimanager.common import scrub_dict
+
+###############
+# START METHODS
+###############
+
+
+def fmgr_antivirus_profile_modify(fmgr, paramgram):
+ """
+ :param fmgr: The fmgr object instance from fortimanager.py
+ :type fmgr: class object
+ :param paramgram: The formatted dictionary of options to process
+ :type paramgram: dict
+ :return: The response from the FortiManager
+ :rtype: dict
+ """
+
+ mode = paramgram["mode"]
+ adom = paramgram["adom"]
+
+ response = DEFAULT_RESULT_OBJ
+ # EVAL THE MODE PARAMETER FOR SET OR ADD
+ if mode in ['set', 'add', 'update']:
+ url = '/pm/config/adom/{adom}/obj/antivirus/profile'.format(adom=adom)
+ datagram = scrub_dict(prepare_dict(paramgram))
+
+ # EVAL THE MODE PARAMETER FOR DELETE
+ else:
+ # SET THE CORRECT URL FOR DELETE
+ url = '/pm/config/adom/{adom}/obj/antivirus/profile/{name}'.format(adom=adom, name=paramgram["name"])
+ datagram = {}
+
+ response = fmgr.process_request(url, datagram, paramgram["mode"])
+ return response
+
+#############
+# END METHODS
+#############
+
+
+def main():
+ argument_spec = dict(
+ adom=dict(required=False, type="str", default="root"),
+ mode=dict(choices=["add", "set", "delete", "update"], type="str", default="add"),
+
+ scan_mode=dict(required=False, type="str", choices=["quick", "full"]),
+ replacemsg_group=dict(required=False, type="dict"),
+ name=dict(required=False, type="str"),
+ mobile_malware_db=dict(required=False, type="str", choices=["disable", "enable"]),
+ inspection_mode=dict(required=False, type="str", choices=["proxy", "flow-based"]),
+ ftgd_analytics=dict(required=False, type="str", choices=["disable", "suspicious", "everything"]),
+ extended_log=dict(required=False, type="str", choices=["disable", "enable"]),
+ comment=dict(required=False, type="str"),
+ av_virus_log=dict(required=False, type="str", choices=["disable", "enable"]),
+ av_block_log=dict(required=False, type="str", choices=["disable", "enable"]),
+ analytics_wl_filetype=dict(required=False, type="dict"),
+ analytics_max_upload=dict(required=False, type="int"),
+ analytics_db=dict(required=False, type="str", choices=["disable", "enable"]),
+ analytics_bl_filetype=dict(required=False, type="dict"),
+ content_disarm=dict(required=False, type="list"),
+ content_disarm_cover_page=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_detect_only=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_office_embed=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_office_hylink=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_office_linked=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_office_macro=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_original_file_destination=dict(required=False, type="str", choices=["fortisandbox",
+ "quarantine",
+ "discard"]),
+ content_disarm_pdf_act_form=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_act_gotor=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_act_java=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_act_launch=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_act_movie=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_act_sound=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_embedfile=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_hyperlink=dict(required=False, type="str", choices=["disable", "enable"]),
+ content_disarm_pdf_javacode=dict(required=False, type="str", choices=["disable", "enable"]),
+ ftp=dict(required=False, type="list"),
+ ftp_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ ftp_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ ftp_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ ftp_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ ftp_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ http=dict(required=False, type="list"),
+ http_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ http_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ http_content_disarm=dict(required=False, type="str", choices=["disable", "enable"]),
+ http_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ http_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ http_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ imap=dict(required=False, type="list"),
+ imap_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ imap_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ imap_content_disarm=dict(required=False, type="str", choices=["disable", "enable"]),
+ imap_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ imap_executables=dict(required=False, type="str", choices=["default", "virus"]),
+ imap_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ imap_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ mapi=dict(required=False, type="list"),
+ mapi_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ mapi_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ mapi_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ mapi_executables=dict(required=False, type="str", choices=["default", "virus"]),
+ mapi_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ mapi_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ nac_quar=dict(required=False, type="list"),
+ nac_quar_expiry=dict(required=False, type="str"),
+ nac_quar_infected=dict(required=False, type="str", choices=["none", "quar-src-ip"]),
+ nac_quar_log=dict(required=False, type="str", choices=["disable", "enable"]),
+ nntp=dict(required=False, type="list"),
+ nntp_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ nntp_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ nntp_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ nntp_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ nntp_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ pop3=dict(required=False, type="list"),
+ pop3_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ pop3_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ pop3_content_disarm=dict(required=False, type="str", choices=["disable", "enable"]),
+ pop3_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ pop3_executables=dict(required=False, type="str", choices=["default", "virus"]),
+ pop3_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ pop3_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ smb=dict(required=False, type="list"),
+ smb_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ smb_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ smb_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ smb_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ smb_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+ smtp=dict(required=False, type="list"),
+ smtp_archive_block=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ smtp_archive_log=dict(required=False, type="str", choices=["encrypted",
+ "corrupted",
+ "multipart",
+ "nested",
+ "mailbomb",
+ "unhandled",
+ "partiallycorrupted",
+ "fileslimit",
+ "timeout"]),
+ smtp_content_disarm=dict(required=False, type="str", choices=["disable", "enable"]),
+ smtp_emulator=dict(required=False, type="str", choices=["disable", "enable"]),
+ smtp_executables=dict(required=False, type="str", choices=["default", "virus"]),
+ smtp_options=dict(required=False, type="str", choices=["scan", "quarantine", "avmonitor"]),
+ smtp_outbreak_prevention=dict(required=False, type="str", choices=["disabled", "files", "full-archive"]),
+
+ )
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False, )
+ # MODULE PARAMGRAM
+ paramgram = {
+ "mode": module.params["mode"],
+ "adom": module.params["adom"],
+ "scan-mode": module.params["scan_mode"],
+ "replacemsg-group": module.params["replacemsg_group"],
+ "name": module.params["name"],
+ "mobile-malware-db": module.params["mobile_malware_db"],
+ "inspection-mode": module.params["inspection_mode"],
+ "ftgd-analytics": module.params["ftgd_analytics"],
+ "extended-log": module.params["extended_log"],
+ "comment": module.params["comment"],
+ "av-virus-log": module.params["av_virus_log"],
+ "av-block-log": module.params["av_block_log"],
+ "analytics-wl-filetype": module.params["analytics_wl_filetype"],
+ "analytics-max-upload": module.params["analytics_max_upload"],
+ "analytics-db": module.params["analytics_db"],
+ "analytics-bl-filetype": module.params["analytics_bl_filetype"],
+ "content-disarm": {
+ "cover-page": module.params["content_disarm_cover_page"],
+ "detect-only": module.params["content_disarm_detect_only"],
+ "office-embed": module.params["content_disarm_office_embed"],
+ "office-hylink": module.params["content_disarm_office_hylink"],
+ "office-linked": module.params["content_disarm_office_linked"],
+ "office-macro": module.params["content_disarm_office_macro"],
+ "original-file-destination": module.params["content_disarm_original_file_destination"],
+ "pdf-act-form": module.params["content_disarm_pdf_act_form"],
+ "pdf-act-gotor": module.params["content_disarm_pdf_act_gotor"],
+ "pdf-act-java": module.params["content_disarm_pdf_act_java"],
+ "pdf-act-launch": module.params["content_disarm_pdf_act_launch"],
+ "pdf-act-movie": module.params["content_disarm_pdf_act_movie"],
+ "pdf-act-sound": module.params["content_disarm_pdf_act_sound"],
+ "pdf-embedfile": module.params["content_disarm_pdf_embedfile"],
+ "pdf-hyperlink": module.params["content_disarm_pdf_hyperlink"],
+ "pdf-javacode": module.params["content_disarm_pdf_javacode"],
+ },
+ "ftp": {
+ "archive-block": module.params["ftp_archive_block"],
+ "archive-log": module.params["ftp_archive_log"],
+ "emulator": module.params["ftp_emulator"],
+ "options": module.params["ftp_options"],
+ "outbreak-prevention": module.params["ftp_outbreak_prevention"],
+ },
+ "http": {
+ "archive-block": module.params["http_archive_block"],
+ "archive-log": module.params["http_archive_log"],
+ "content-disarm": module.params["http_content_disarm"],
+ "emulator": module.params["http_emulator"],
+ "options": module.params["http_options"],
+ "outbreak-prevention": module.params["http_outbreak_prevention"],
+ },
+ "imap": {
+ "archive-block": module.params["imap_archive_block"],
+ "archive-log": module.params["imap_archive_log"],
+ "content-disarm": module.params["imap_content_disarm"],
+ "emulator": module.params["imap_emulator"],
+ "executables": module.params["imap_executables"],
+ "options": module.params["imap_options"],
+ "outbreak-prevention": module.params["imap_outbreak_prevention"],
+ },
+ "mapi": {
+ "archive-block": module.params["mapi_archive_block"],
+ "archive-log": module.params["mapi_archive_log"],
+ "emulator": module.params["mapi_emulator"],
+ "executables": module.params["mapi_executables"],
+ "options": module.params["mapi_options"],
+ "outbreak-prevention": module.params["mapi_outbreak_prevention"],
+ },
+ "nac-quar": {
+ "expiry": module.params["nac_quar_expiry"],
+ "infected": module.params["nac_quar_infected"],
+ "log": module.params["nac_quar_log"],
+ },
+ "nntp": {
+ "archive-block": module.params["nntp_archive_block"],
+ "archive-log": module.params["nntp_archive_log"],
+ "emulator": module.params["nntp_emulator"],
+ "options": module.params["nntp_options"],
+ "outbreak-prevention": module.params["nntp_outbreak_prevention"],
+ },
+ "pop3": {
+ "archive-block": module.params["pop3_archive_block"],
+ "archive-log": module.params["pop3_archive_log"],
+ "content-disarm": module.params["pop3_content_disarm"],
+ "emulator": module.params["pop3_emulator"],
+ "executables": module.params["pop3_executables"],
+ "options": module.params["pop3_options"],
+ "outbreak-prevention": module.params["pop3_outbreak_prevention"],
+ },
+ "smb": {
+ "archive-block": module.params["smb_archive_block"],
+ "archive-log": module.params["smb_archive_log"],
+ "emulator": module.params["smb_emulator"],
+ "options": module.params["smb_options"],
+ "outbreak-prevention": module.params["smb_outbreak_prevention"],
+ },
+ "smtp": {
+ "archive-block": module.params["smtp_archive_block"],
+ "archive-log": module.params["smtp_archive_log"],
+ "content-disarm": module.params["smtp_content_disarm"],
+ "emulator": module.params["smtp_emulator"],
+ "executables": module.params["smtp_executables"],
+ "options": module.params["smtp_options"],
+ "outbreak-prevention": module.params["smtp_outbreak_prevention"],
+ }
+ }
+
+ module.paramgram = paramgram
+ fmgr = None
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fmgr = FortiManagerHandler(connection, module)
+ fmgr.tools = FMGRCommon()
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+
+ list_overrides = ["content-disarm", "ftp", "http", "imap", "mapi", "nac-quar", "nntp", "pop3", "smb", "smtp"]
+ paramgram = fmgr.tools.paramgram_child_list_override(list_overrides=list_overrides,
+ paramgram=paramgram, module=module)
+ module.paramgram = paramgram
+
+ results = DEFAULT_RESULT_OBJ
+
+ try:
+ results = fmgr_antivirus_profile_modify(fmgr, paramgram)
+ fmgr.govern_response(module=module, results=results,
+ ansible_facts=fmgr.construct_ansible_facts(results, module.params, paramgram))
+ except Exception as err:
+ raise FMGBaseException(err)
+
+ return module.exit_json(**results[1])
+
+
+if __name__ == "__main__":
+ main()
diff --git a/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_av.json b/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_av.json
index a8f637e44c0..9f80833b5ea 100644
--- a/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_av.json
+++ b/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_av.json
@@ -1,26 +1,27 @@
{
- "fmgr_antivirus_profile_addSetDelete": [
+ "fmgr_antivirus_profile_modify": [
{
- "raw_response": {
- "status": {
- "message": "Object does not exist",
- "code": -3
- },
- "url": "/pm/config/adom/root/obj/antivirus/profile/Ansible_AV_Profile"
- },
"paramgram_used": {
"comment": null,
- "av-block-log": null,
+ "smtp": {
+ "executables": null,
+ "archive-log": null,
+ "outbreak-prevention": null,
+ "emulator": null,
+ "archive-block": null,
+ "content-disarm": null,
+ "options": null
+ },
"extended-log": null,
"analytics-db": null,
"analytics-wl-filetype": null,
"av-virus-log": null,
"content-disarm": {
- "pdf-act-movie": null,
+ "office-hylink": null,
"pdf-act-gotor": null,
"pdf-act-java": null,
"original-file-destination": null,
- "office-hylink": null,
+ "cover-page": null,
"pdf-act-sound": null,
"detect-only": null,
"office-embed": null,
@@ -31,14 +32,14 @@
"office-macro": null,
"pdf-act-form": null,
"pdf-act-launch": null,
- "cover-page": null
+ "pdf-act-movie": null
},
"ftp": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
+ "archive-block": null,
"emulator": null,
- "archive-block": null
+ "archive-log": null,
+ "outbreak-prevention": null,
+ "options": null
},
"mapi": {
"executables": null,
@@ -50,31 +51,21 @@
},
"analytics-max-upload": null,
"nntp": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
+ "archive-block": null,
"emulator": null,
- "archive-block": null
+ "archive-log": null,
+ "outbreak-prevention": null,
+ "options": null
},
"smb": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
+ "archive-block": null,
"emulator": null,
- "archive-block": null
- },
- "analytics-bl-filetype": null,
- "http": {
"archive-log": null,
"outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "content-disarm": null,
"options": null
},
- "adom": "root",
- "smtp": {
- "executables": null,
+ "analytics-bl-filetype": null,
+ "http": {
"archive-log": null,
"outbreak-prevention": null,
"emulator": null,
@@ -82,6 +73,8 @@
"content-disarm": null,
"options": null
},
+ "adom": "ansible",
+ "av-block-log": null,
"pop3": {
"executables": null,
"archive-log": null,
@@ -102,8 +95,8 @@
"content-disarm": null,
"options": null
},
- "name": "Ansible_AV_Profile",
"replacemsg-group": null,
+ "name": "Ansible_AV_Profile",
"scan-mode": null,
"nac-quar": {
"infected": null,
@@ -113,29 +106,15 @@
"mode": "delete",
"mobile-malware-db": null
},
- "post_method": "delete"
- },
- {
- "paramgram_used": {
- "comment": "Created by Ansible Module TEST",
- "name": "Ansible_AV_Profile",
- "scan-mode": "full",
- "av-block-log": "enable",
- "inspection-mode": "proxy",
- "av-virus-log": "enable",
- "ftgd-analytics": "everything",
- "mobile-malware-db": "enable",
- "mode": "delete",
- "adom": "root"
- },
+ "datagram_sent": {},
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
- "url": "/pm/config/adom/root/obj/antivirus/profile"
+ "url": "/pm/config/adom/ansible/obj/antivirus/profile/Ansible_AV_Profile"
},
- "post_method": "set"
+ "post_method": "delete"
},
{
"raw_response": {
@@ -143,130 +122,32 @@
"message": "OK",
"code": 0
},
- "url": "/pm/config/adom/root/obj/antivirus/profile/Ansible_AV_Profile"
+ "url": "/pm/config/adom/ansible/obj/antivirus/profile"
},
- "paramgram_used": {
- "comment": null,
- "av-block-log": null,
- "extended-log": null,
- "analytics-db": null,
- "analytics-wl-filetype": null,
- "av-virus-log": null,
- "content-disarm": {
- "pdf-act-movie": null,
- "pdf-act-gotor": null,
- "office-macro": null,
- "pdf-act-java": null,
- "original-file-destination": null,
- "office-hylink": null,
- "pdf-act-sound": null,
- "detect-only": null,
- "office-embed": null,
- "office-linked": null,
- "pdf-javacode": null,
- "pdf-hyperlink": null,
- "cover-page": null,
- "pdf-embedfile": null,
- "pdf-act-form": null,
- "pdf-act-launch": null
- },
+ "datagram_sent": {
+ "comment": "Created by Ansible Module TEST",
"ftp": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
- "emulator": null,
- "archive-block": null
- },
- "mapi": {
- "executables": null,
- "archive-log": null,
- "outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "options": null
- },
- "analytics-max-upload": null,
- "nntp": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
- "emulator": null,
- "archive-block": null
- },
- "smb": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
- "emulator": null,
- "archive-block": null
- },
- "analytics-bl-filetype": null,
- "http": {
- "archive-log": null,
- "outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "content-disarm": null,
- "options": null
- },
- "adom": "root",
- "smtp": {
- "executables": null,
- "archive-log": null,
- "outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "content-disarm": null,
- "options": null
- },
- "pop3": {
- "executables": null,
- "archive-log": null,
- "outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "content-disarm": null,
- "options": null
- },
- "inspection-mode": null,
- "ftgd-analytics": null,
- "imap": {
- "executables": null,
- "archive-log": null,
- "outbreak-prevention": null,
- "emulator": null,
- "archive-block": null,
- "content-disarm": null,
- "options": null
+ "outbreak-prevention": "files",
+ "options": "scan",
+ "archive-log": "timeout",
+ "emulator": "disable",
+ "archive-block": "encrypted"
},
"name": "Ansible_AV_Profile",
- "replacemsg-group": null,
- "scan-mode": null,
- "nac-quar": {
- "infected": null,
- "log": null,
- "expiry": null
- },
- "mode": "delete",
- "mobile-malware-db": null
- },
- "post_method": "delete"
- },
- {
- "raw_response": {
- "status": {
- "message": "used",
- "code": -10015
- },
- "url": "/pm/config/adom/root/obj/antivirus/profile/Ansible_AV_Profile"
+ "scan-mode": "full",
+ "av-block-log": "enable",
+ "inspection-mode": "proxy",
+ "av-virus-log": "enable",
+ "ftgd-analytics": "everything",
+ "mobile-malware-db": "enable"
},
"paramgram_used": {
- "comment": null,
- "av-block-log": null,
+ "comment": "Created by Ansible Module TEST",
+ "av-block-log": "enable",
"extended-log": null,
"analytics-db": null,
"analytics-wl-filetype": null,
- "av-virus-log": null,
+ "av-virus-log": "enable",
"content-disarm": {
"pdf-act-movie": null,
"pdf-act-gotor": null,
@@ -286,11 +167,11 @@
"pdf-act-launch": null
},
"ftp": {
- "outbreak-prevention": null,
- "options": null,
- "archive-log": null,
- "emulator": null,
- "archive-block": null
+ "outbreak-prevention": "files",
+ "options": "scan",
+ "archive-log": "timeout",
+ "emulator": "disable",
+ "archive-block": "encrypted"
},
"smtp": {
"executables": null,
@@ -333,8 +214,8 @@
"content-disarm": null,
"options": null
},
- "adom": "root",
- "scan-mode": null,
+ "adom": "ansible",
+ "scan-mode": "full",
"pop3": {
"executables": null,
"archive-log": null,
@@ -344,8 +225,8 @@
"content-disarm": null,
"options": null
},
- "inspection-mode": null,
- "ftgd-analytics": null,
+ "inspection-mode": "proxy",
+ "ftgd-analytics": "everything",
"imap": {
"executables": null,
"archive-log": null,
@@ -362,10 +243,10 @@
"log": null,
"expiry": null
},
- "mode": "delete",
- "mobile-malware-db": null
+ "mode": "set",
+ "mobile-malware-db": "enable"
},
- "post_method": "delete"
+ "post_method": "set"
}
]
}
diff --git a/test/units/modules/network/fortimanager/test_fmgr_secprof_av.py b/test/units/modules/network/fortimanager/test_fmgr_secprof_av.py
new file mode 100644
index 00000000000..b6ab7302cc0
--- /dev/null
+++ b/test/units/modules/network/fortimanager/test_fmgr_secprof_av.py
@@ -0,0 +1,72 @@
+# Copyright 2018 Fortinet, Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+
+# Make coding more python3-ish
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import os
+import json
+from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler
+import pytest
+
+try:
+ from ansible.modules.network.fortimanager import fmgr_secprof_av
+except ImportError:
+ pytest.skip("Could not load required modules for testing", allow_module_level=True)
+
+
+def load_fixtures():
+ fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures') + "/{filename}.json".format(
+ filename=os.path.splitext(os.path.basename(__file__))[0])
+ try:
+ with open(fixture_path, "r") as fixture_file:
+ fixture_data = json.load(fixture_file)
+ except IOError:
+ return []
+ return [fixture_data]
+
+
+@pytest.fixture(autouse=True)
+def module_mock(mocker):
+ connection_class_mock = mocker.patch('ansible.module_utils.basic.AnsibleModule')
+ return connection_class_mock
+
+
+@pytest.fixture(autouse=True)
+def connection_mock(mocker):
+ connection_class_mock = mocker.patch('ansible.modules.network.fortimanager.fmgr_secprof_av.Connection')
+ return connection_class_mock
+
+
+@pytest.fixture(scope="function", params=load_fixtures())
+def fixture_data(request):
+ func_name = request.function.__name__.replace("test_", "")
+ return request.param.get(func_name, None)
+
+
+fmg_instance = FortiManagerHandler(connection_mock, module_mock)
+
+
+def test_fmgr_antivirus_profile_modify(fixture_data, mocker):
+ mocker.patch("ansible.module_utils.network.fortimanager.fortimanager.FortiManagerHandler.process_request",
+ side_effect=fixture_data)
+
+ # Test using fixture 1 #
+ output = fmgr_secprof_av.fmgr_antivirus_profile_modify(fmg_instance, fixture_data[0]['paramgram_used'])
+ assert output['raw_response']['status']['code'] == 0
+ # Test using fixture 2 #
+ output = fmgr_secprof_av.fmgr_antivirus_profile_modify(fmg_instance, fixture_data[1]['paramgram_used'])
+ assert output['raw_response']['status']['code'] == 0