From 7ee7c3cf2ccee5eca1f237ca38f7a099fcf436b9 Mon Sep 17 00:00:00 2001 From: ftntcorecse <43451990+ftntcorecse@users.noreply.github.com> Date: Tue, 5 Mar 2019 01:23:30 -0800 Subject: [PATCH] FortiManager Plugin Module Conversion: fmgr_secprof_waf (#52789) * Auto Commit for: fmgr_secprof_waf * Auto Commit for: fmgr_secprof_waf * Auto Commit for: fmgr_secprof_waf --- .../network/fortimanager/fmgr_secprof_waf.py | 242 ++---- .../fixtures/test_fmgr_secprof_waf.json | 721 +++++++++--------- .../fortimanager/test_fmgr_secprof_waf.py | 104 +-- 3 files changed, 431 insertions(+), 636 deletions(-) diff --git a/lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py b/lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py index f31e27b2330..11d1c43ed02 100644 --- a/lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py +++ b/lib/ansible/modules/network/fortimanager/fmgr_secprof_waf.py @@ -28,6 +28,8 @@ DOCUMENTATION = ''' --- module: fmgr_secprof_waf version_added: "2.8" +notes: + - Full Documentation at U(https://ftnt-ansible-docs.readthedocs.io/en/latest/). author: - Luke Weighall (@lweighall) - Andrew Welsh (@Ghilli3) @@ -43,21 +45,6 @@ options: required: false default: root - host: - description: - - The FortiManager's Address. - required: true - - username: - description: - - The username associated with the account. - required: true - - password: - description: - - The password associated with the username account. - required: true - mode: description: - Sets one of three modes for managing the object. @@ -1045,18 +1032,12 @@ options: EXAMPLES = ''' - name: DELETE Profile fmgr_secprof_waf: - host: "{{inventory_hostname}}" - username: "{{ username }}" - password: "{{ password }}" name: "Ansible_WAF_Profile" comment: "Created by Ansible Module TEST" mode: "delete" - name: CREATE Profile fmgr_secprof_waf: - host: "{{inventory_hostname}}" - username: "{{ username }}" - password: "{{ password }}" name: "Ansible_WAF_Profile" comment: "Created by Ansible Module TEST" mode: "set" @@ -1070,15 +1051,15 @@ api_result: """ from ansible.module_utils.basic import AnsibleModule, env_fallback -from ansible.module_utils.network.fortimanager.fortimanager import AnsibleFortiManager - -# check for pyFMG lib -try: - from pyFMG.fortimgr import FortiManager - - HAS_PYFMGR = True -except ImportError: - HAS_PYFMGR = False +from ansible.module_utils.connection import Connection +from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler +from ansible.module_utils.network.fortimanager.common import FMGBaseException +from ansible.module_utils.network.fortimanager.common import FMGRCommon +from ansible.module_utils.network.fortimanager.common import FMGRMethods +from ansible.module_utils.network.fortimanager.common import DEFAULT_RESULT_OBJ +from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG +from ansible.module_utils.network.fortimanager.common import prepare_dict +from ansible.module_utils.network.fortimanager.common import scrub_dict ############### @@ -1086,19 +1067,26 @@ except ImportError: ############### -def fmgr_waf_profile_addsetdelete(fmg, paramgram): - +def fmgr_waf_profile_modify(fmgr, paramgram): + """ + :param fmgr: The fmgr object instance from fortimanager.py + :type fmgr: class object + :param paramgram: The formatted dictionary of options to process + :type paramgram: dict + :return: The response from the FortiManager + :rtype: dict + """ mode = paramgram["mode"] adom = paramgram["adom"] # INIT A BASIC OBJECTS - response = (-100000, {"msg": "Illegal or malformed paramgram discovered. System Exception"}) + response = DEFAULT_RESULT_OBJ url = "" datagram = {} # EVAL THE MODE PARAMETER FOR SET OR ADD if mode in ['set', 'add', 'update']: url = '/pm/config/adom/{adom}/obj/waf/profile'.format(adom=adom) - datagram = fmgr_del_none(fmgr_prepare_dict(paramgram)) + datagram = scrub_dict(prepare_dict(paramgram)) # EVAL THE MODE PARAMETER FOR DELETE elif mode == "delete": @@ -1106,129 +1094,11 @@ def fmgr_waf_profile_addsetdelete(fmg, paramgram): url = '/pm/config/adom/{adom}/obj/waf/profile/{name}'.format(adom=adom, name=paramgram["name"]) datagram = {} - # IF MODE = SET -- USE THE 'SET' API CALL MODE - if mode == "set": - response = fmg.set(url, datagram) - # IF MODE = UPDATE -- USER THE 'UPDATE' API CALL MODE - elif mode == "update": - response = fmg.update(url, datagram) - # IF MODE = ADD -- USE THE 'ADD' API CALL MODE - elif mode == "add": - response = fmg.add(url, datagram) - # IF MODE = DELETE -- USE THE DELETE URL AND API CALL MODE - elif mode == "delete": - response = fmg.delete(url, datagram) + response = fmgr.process_request(url, datagram, paramgram["mode"]) return response -# ADDITIONAL COMMON FUNCTIONS -# FUNCTION/METHOD FOR LOGGING OUT AND ANALYZING ERROR CODES -def fmgr_logout(fmg, module, msg="NULL", results=(), good_codes=(0,), logout_on_fail=True, logout_on_success=False): - """ - THIS METHOD CONTROLS THE LOGOUT AND ERROR REPORTING AFTER AN METHOD OR FUNCTION RUNS - """ - # pydevd.settrace('10.0.0.122', port=54654, stdoutToServer=True, stderrToServer=True) - # VALIDATION ERROR (NO RESULTS, JUST AN EXIT) - if msg != "NULL" and len(results) == 0: - try: - fmg.logout() - except BaseException: - pass - module.fail_json(msg=msg) - - # SUBMISSION ERROR - if len(results) > 0: - if msg == "NULL": - try: - msg = results[1]['status']['message'] - except BaseException: - msg = "No status message returned from pyFMG. Possible that this was a GET with a tuple result." - - if results[0] not in good_codes: - if logout_on_fail: - fmg.logout() - module.fail_json(msg=msg, **results[1]) - else: - return msg - else: - if logout_on_success: - fmg.logout() - module.exit_json(msg="API Called worked, but logout handler has been asked to logout on success", - **results[1]) - else: - return msg - - -# FUNCTION/METHOD FOR CONVERTING CIDR TO A NETMASK -# DID NOT USE IP ADDRESS MODULE TO KEEP INCLUDES TO A MINIMUM -def fmgr_cidr_to_netmask(cidr): - cidr = int(cidr) - mask = (0xffffffff >> (32 - cidr)) << (32 - cidr) - return (str((0xff000000 & mask) >> 24) + '.' + - str((0x00ff0000 & mask) >> 16) + '.' + - str((0x0000ff00 & mask) >> 8) + '.' + - str((0x000000ff & mask))) - - -# utility function: removing keys wih value of None, nothing in playbook for that key -def fmgr_del_none(obj): - if isinstance(obj, dict): - return type(obj)((fmgr_del_none(k), fmgr_del_none(v)) - for k, v in obj.items() if k is not None and (v is not None and not fmgr_is_empty_dict(v))) - else: - return obj - - -# utility function: remove keys that are need for the logic but the FMG API won't accept them -def fmgr_prepare_dict(obj): - list_of_elems = ["mode", "adom", "host", "username", "password"] - if isinstance(obj, dict): - obj = dict((key, fmgr_prepare_dict(value)) for (key, value) in obj.items() if key not in list_of_elems) - return obj - - -def fmgr_is_empty_dict(obj): - return_val = False - if isinstance(obj, dict): - if len(obj) > 0: - for k, v in obj.items(): - if isinstance(v, dict): - if len(v) == 0: - return_val = True - elif len(v) > 0: - for k1, v1 in v.items(): - if v1 is None: - return_val = True - elif v1 is not None: - return_val = False - return return_val - elif v is None: - return_val = True - elif v is not None: - return_val = False - return return_val - elif len(obj) == 0: - return_val = True - - return return_val - - -def fmgr_split_comma_strings_into_lists(obj): - if isinstance(obj, dict): - if len(obj) > 0: - for k, v in obj.items(): - if isinstance(v, str): - new_list = list() - if "," in v: - new_items = v.split(",") - for item in new_items: - new_list.append(item.strip()) - obj[k] = new_list - - return obj - - ############# # END METHODS ############# @@ -1237,9 +1107,6 @@ def fmgr_split_comma_strings_into_lists(obj): def main(): argument_spec = dict( adom=dict(type="str", default="root"), - host=dict(required=True, type="str"), - password=dict(fallback=(env_fallback, ["ANSIBLE_NET_PASSWORD"]), no_log=True, required=True), - username=dict(fallback=(env_fallback, ["ANSIBLE_NET_USERNAME"]), no_log=True, required=True), mode=dict(choices=["add", "set", "delete", "update"], type="str", default="add"), name=dict(required=False, type="str"), @@ -1414,8 +1281,7 @@ def main(): ) - module = AnsibleModule(argument_spec, supports_check_mode=False) - + module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False, ) # MODULE PARAMGRAM paramgram = { "mode": module.params["mode"], @@ -1586,44 +1452,30 @@ def main(): } } - list_overrides = ['address-list', 'constraint', 'method', 'signature', 'url-access'] - for list_variable in list_overrides: - override_data = list() - try: - override_data = module.params[list_variable] - except BaseException: - pass - try: - if override_data: - del paramgram[list_variable] - paramgram[list_variable] = override_data - except BaseException: - pass - - # CHECK IF THE HOST/USERNAME/PW EXISTS, AND IF IT DOES, LOGIN. - host = module.params["host"] - password = module.params["password"] - username = module.params["username"] - if host is None or username is None or password is None: - module.fail_json(msg="Host and username and password are required") - - # CHECK IF LOGIN FAILED - fmg = AnsibleFortiManager(module, module.params["host"], module.params["username"], module.params["password"]) - - response = fmg.login() - if response[1]['status']['code'] != 0: - module.fail_json(msg="Connection to FortiManager Failed") - - results = fmgr_waf_profile_addsetdelete(fmg, paramgram) - if results[0] != 0: - fmgr_logout(fmg, module, results=results, good_codes=[0]) - - fmg.logout() - - if results is not None: - return module.exit_json(**results[1]) + module.paramgram = paramgram + fmgr = None + if module._socket_path: + connection = Connection(module._socket_path) + fmgr = FortiManagerHandler(connection, module) + fmgr.tools = FMGRCommon() else: - return module.exit_json(msg="No results were returned from the API call.") + module.fail_json(**FAIL_SOCKET_MSG) + + list_overrides = ['address-list', 'constraint', 'method', 'signature', 'url-access'] + paramgram = fmgr.tools.paramgram_child_list_override(list_overrides=list_overrides, + paramgram=paramgram, module=module) + + results = DEFAULT_RESULT_OBJ + + try: + results = fmgr_waf_profile_modify(fmgr, paramgram) + fmgr.govern_response(module=module, results=results, + ansible_facts=fmgr.construct_ansible_facts(results, module.params, paramgram)) + + except Exception as err: + raise FMGBaseException(err) + + return module.exit_json(**results[1]) if __name__ == "__main__": diff --git a/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_waf.json b/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_waf.json index 1fa90d75a52..93579f12f7f 100644 --- a/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_waf.json +++ b/test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_waf.json @@ -1,360 +1,365 @@ { - "fmgr_waf_profile_addsetdelete": [ - { - "paramgram_used": { - "comment": "Created by Ansible Module TEST", - "name": "Ansible_WAF_Profile", - "adom": "root", - "address-list": { - "blocked-address": null, - "status": null, - "severity": null, - "blocked-log": null, - "trusted-address": null - }, - "constraint": { - "header-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "content-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "max-cookie": { - "action": null, - "status": null, - "max-cookie": null, - "log": null, - "severity": null - }, - "url-param-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "hostname": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "line-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "exception": { - "regex": null, - "header-length": null, - "content-length": null, - "max-cookie": null, - "pattern": null, - "hostname": null, - "line-length": null, - "max-range-segment": null, - "url-param-length": null, - "version": null, - "param-length": null, - "malformed": null, - "address": null, - "max-url-param": null, - "max-header-line": null, - "method": null - }, - "max-range-segment": { - "action": null, - "status": null, - "max-range-segment": null, - "severity": null, - "log": null - }, - "version": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "param-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "malformed": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "max-url-param": { - "action": null, - "status": null, - "max-url-param": null, - "log": null, - "severity": null - }, - "max-header-line": { - "action": null, - "status": null, - "max-header-line": null, - "log": null, - "severity": null - }, - "method": { - "action": null, - "status": null, - "log": null, - "severity": null - } - }, - "extended-log": null, - "url-access": { - "action": null, - "address": null, - "severity": null, - "access-pattern": { - "negate": null, - "pattern": null, - "srcaddr": null, - "regex": null - }, - "log": null - }, - "external": null, - "signature": { - "custom-signature": { - "status": null, - "direction": null, - "target": null, - "severity": null, - "case-sensitivity": null, - "name": null, - "pattern": null, - "action": null, - "log": null - }, - "credit-card-detection-threshold": null, - "main-class": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "disabled-signature": null, - "disabled-sub-class": null - }, - "method": { - "status": null, - "severity": null, - "default-allowed-methods": null, - "log": null, - "method-policy": { - "regex": null, - "pattern": null, - "allowed-methods": null, - "address": null - } - }, - "mode": "delete" - }, - "raw_response": { - "status": { - "message": "OK", - "code": 0 - }, - "url": "/pm/config/adom/root/obj/waf/profile/Ansible_WAF_Profile" - }, - "post_method": "delete" - }, - { - "raw_response": { - "status": { - "message": "OK", - "code": 0 - }, - "url": "/pm/config/adom/root/obj/waf/profile" - }, - "paramgram_used": { - "comment": "Created by Ansible Module TEST", - "adom": "root", - "address-list": { - "blocked-address": null, - "status": null, - "severity": null, - "blocked-log": null, - "trusted-address": null - }, - "extended-log": null, - "url-access": { - "action": null, - "severity": null, - "log": null, - "access-pattern": { - "negate": null, - "pattern": null, - "srcaddr": null, - "regex": null - }, - "address": null - }, - "external": null, - "name": "Ansible_WAF_Profile", - "constraint": { - "content-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "max-cookie": { - "action": null, - "status": null, - "max-cookie": null, - "log": null, - "severity": null - }, - "line-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "max-range-segment": { - "action": null, - "severity": null, - "status": null, - "log": null, - "max-range-segment": null - }, - "param-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "malformed": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "max-url-param": { - "action": null, - "status": null, - "max-url-param": null, - "log": null, - "severity": null - }, - "header-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "exception": { - "regex": null, - "header-length": null, - "content-length": null, - "max-cookie": null, - "pattern": null, - "hostname": null, - "line-length": null, - "max-range-segment": null, - "url-param-length": null, - "version": null, - "param-length": null, - "malformed": null, - "address": null, - "max-url-param": null, - "max-header-line": null, - "method": null - }, - "hostname": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "url-param-length": { - "action": null, - "status": null, - "length": null, - "log": null, - "severity": null - }, - "version": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "max-header-line": { - "action": null, - "status": null, - "max-header-line": null, - "log": null, - "severity": null - }, - "method": { - "action": null, - "status": null, - "log": null, - "severity": null - } - }, - "mode": "set", - "signature": { - "custom-signature": { - "status": null, - "direction": null, - "log": null, - "severity": null, - "target": null, - "action": null, - "pattern": null, - "case-sensitivity": null, - "name": null - }, - "credit-card-detection-threshold": null, - "main-class": { - "action": null, - "status": null, - "log": null, - "severity": null - }, - "disabled-signature": null, - "disabled-sub-class": null - }, - "method": { - "status": null, - "default-allowed-methods": null, - "method-policy": { - "regex": null, - "pattern": null, - "allowed-methods": null, - "address": null - }, - "log": null, - "severity": null - } - }, - "post_method": "set" - } - ] + "fmgr_waf_profile_modify": [ + { + "paramgram_used": { + "comment": "Created by Ansible Module TEST", + "name": "Ansible_WAF_Profile", + "adom": "root", + "address-list": { + "blocked-address": null, + "status": null, + "severity": null, + "blocked-log": null, + "trusted-address": null + }, + "constraint": { + "header-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "content-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "max-cookie": { + "action": null, + "status": null, + "max-cookie": null, + "log": null, + "severity": null + }, + "url-param-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "hostname": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "line-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "exception": { + "regex": null, + "header-length": null, + "content-length": null, + "max-cookie": null, + "pattern": null, + "hostname": null, + "line-length": null, + "max-range-segment": null, + "url-param-length": null, + "version": null, + "param-length": null, + "malformed": null, + "address": null, + "max-url-param": null, + "max-header-line": null, + "method": null + }, + "max-range-segment": { + "action": null, + "status": null, + "max-range-segment": null, + "severity": null, + "log": null + }, + "version": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "param-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "malformed": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "max-url-param": { + "action": null, + "status": null, + "max-url-param": null, + "log": null, + "severity": null + }, + "max-header-line": { + "action": null, + "status": null, + "max-header-line": null, + "log": null, + "severity": null + }, + "method": { + "action": null, + "status": null, + "log": null, + "severity": null + } + }, + "extended-log": null, + "url-access": { + "action": null, + "address": null, + "severity": null, + "access-pattern": { + "negate": null, + "pattern": null, + "srcaddr": null, + "regex": null + }, + "log": null + }, + "external": null, + "signature": { + "custom-signature": { + "status": null, + "direction": null, + "target": null, + "severity": null, + "case-sensitivity": null, + "name": null, + "pattern": null, + "action": null, + "log": null + }, + "credit-card-detection-threshold": null, + "main-class": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "disabled-signature": null, + "disabled-sub-class": null + }, + "method": { + "status": null, + "severity": null, + "default-allowed-methods": null, + "log": null, + "method-policy": { + "regex": null, + "pattern": null, + "allowed-methods": null, + "address": null + } + }, + "mode": "delete" + }, + "datagram_sent": {}, + "raw_response": { + "status": { + "message": "OK", + "code": 0 + }, + "url": "/pm/config/adom/root/obj/waf/profile/Ansible_WAF_Profile" + }, + "post_method": "delete" + }, + { + "raw_response": { + "status": { + "message": "OK", + "code": 0 + }, + "url": "/pm/config/adom/root/obj/waf/profile" + }, + "datagram_sent": { + "comment": "Created by Ansible Module TEST", + "name": "Ansible_WAF_Profile" + }, + "paramgram_used": { + "comment": "Created by Ansible Module TEST", + "adom": "root", + "address-list": { + "blocked-address": null, + "status": null, + "severity": null, + "blocked-log": null, + "trusted-address": null + }, + "extended-log": null, + "url-access": { + "action": null, + "severity": null, + "log": null, + "access-pattern": { + "negate": null, + "pattern": null, + "srcaddr": null, + "regex": null + }, + "address": null + }, + "external": null, + "name": "Ansible_WAF_Profile", + "constraint": { + "content-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "max-cookie": { + "action": null, + "status": null, + "max-cookie": null, + "log": null, + "severity": null + }, + "line-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "max-range-segment": { + "action": null, + "severity": null, + "status": null, + "log": null, + "max-range-segment": null + }, + "param-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "malformed": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "max-url-param": { + "action": null, + "status": null, + "max-url-param": null, + "log": null, + "severity": null + }, + "header-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "exception": { + "regex": null, + "header-length": null, + "content-length": null, + "max-cookie": null, + "pattern": null, + "hostname": null, + "line-length": null, + "max-range-segment": null, + "url-param-length": null, + "version": null, + "param-length": null, + "malformed": null, + "address": null, + "max-url-param": null, + "max-header-line": null, + "method": null + }, + "hostname": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "url-param-length": { + "action": null, + "status": null, + "length": null, + "log": null, + "severity": null + }, + "version": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "max-header-line": { + "action": null, + "status": null, + "max-header-line": null, + "log": null, + "severity": null + }, + "method": { + "action": null, + "status": null, + "log": null, + "severity": null + } + }, + "mode": "set", + "signature": { + "custom-signature": { + "status": null, + "direction": null, + "log": null, + "severity": null, + "target": null, + "action": null, + "pattern": null, + "case-sensitivity": null, + "name": null + }, + "credit-card-detection-threshold": null, + "main-class": { + "action": null, + "status": null, + "log": null, + "severity": null + }, + "disabled-signature": null, + "disabled-sub-class": null + }, + "method": { + "status": null, + "default-allowed-methods": null, + "method-policy": { + "regex": null, + "pattern": null, + "allowed-methods": null, + "address": null + }, + "log": null, + "severity": null + } + }, + "post_method": "set" + } + ] } diff --git a/test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py b/test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py index e1f0b35625c..933689f7db7 100644 --- a/test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py +++ b/test/units/modules/network/fortimanager/test_fmgr_secprof_waf.py @@ -19,7 +19,7 @@ __metaclass__ = type import os import json -from pyFMG.fortimgr import FortiManager +from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler import pytest try: @@ -27,15 +27,10 @@ try: except ImportError: pytest.skip("Could not load required modules for testing", allow_module_level=True) -fmg_instance = FortiManager("1.1.1.1", "admin", "") - def load_fixtures(): - fixture_path = os.path.join( - os.path.dirname(__file__), - 'fixtures') + "/{filename}.json".format( - filename=os.path.splitext( - os.path.basename(__file__))[0]) + fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures') + "/{filename}.json".format( + filename=os.path.splitext(os.path.basename(__file__))[0]) try: with open(fixture_path, "r") as fixture_file: fixture_data = json.load(fixture_file) @@ -44,88 +39,31 @@ def load_fixtures(): return [fixture_data] +@pytest.fixture(autouse=True) +def module_mock(mocker): + connection_class_mock = mocker.patch('ansible.module_utils.basic.AnsibleModule') + return connection_class_mock + + +@pytest.fixture(autouse=True) +def connection_mock(mocker): + connection_class_mock = mocker.patch('ansible.modules.network.fortimanager.fmgr_secprof_waf.Connection') + return connection_class_mock + + @pytest.fixture(scope="function", params=load_fixtures()) def fixture_data(request): func_name = request.function.__name__.replace("test_", "") return request.param.get(func_name, None) -def test_fmgr_waf_profile_addsetdelete(fixture_data, mocker): - mocker.patch("pyFMG.fortimgr.FortiManager._post_request", side_effect=fixture_data) - # Fixture sets used:########################### +fmg_instance = FortiManagerHandler(connection_mock, module_mock) - ################################################## - # comment: Created by Ansible Module TEST - # name: Ansible_WAF_Profile - # adom: root - # address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None, - # 'trusted-address': None} - # constraint: {'header-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None}, - # 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None}, - # 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'exception': {'regex': None, 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None, - # 'hostname': None, 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None, - # 'param-length': None, 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None, - # 'method': None}, 'max-range-segment': {'action': None, 'status': None, 'max-range-segment': None, - # 'severity': None, 'log': None}, 'version': {'action': None, 'status': None, 'log': None, 'severity': None}, - # 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None, - # 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None, - # 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None, - # 'status': None, 'log': None, 'severity': None}} - # extended-log: None - # url-access: {'action': None, 'address': None, 'severity': None, 'access-pattern': {'negate': None, - # 'pattern': None, 'srcaddr': None, 'regex': None}, 'log': None} - # external: None - # signature: {'custom-signature': {'status': None, 'direction': None, 'target': None, 'severity': None, - # 'case-sensitivity': None, 'name': None, 'pattern': None, 'action': None, 'log': None}, - # 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None, - # 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None} - # method: {'status': None, 'severity': None, 'default-allowed-methods': None, 'log': None, - # 'method-policy': {'regex': None, 'pattern': None, 'allowed-methods': None, 'address': None}} - # mode: delete - ################################################## - ################################################## - # comment: Created by Ansible Module TEST - # adom: root - # address-list: {'blocked-address': None, 'status': None, 'severity': None, 'blocked-log': None, - # 'trusted-address': None} - # extended-log: None - # url-access: {'action': None, 'severity': None, 'log': None, 'access-pattern': {'negate': None, 'pattern': None, - # 'srcaddr': None, 'regex': None}, 'address': None} - # external: None - # name: Ansible_WAF_Profile - # constraint: {'content-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'max-cookie': {'action': None, 'status': None, 'max-cookie': None, 'log': None, 'severity': None}, - # 'line-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'max-range-segment': {'action': None, 'severity': None, 'status': None, 'log': None, 'max-range-segment': None}, - # 'param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'malformed': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-url-param': {'action': None, - # 'status': None, 'max-url-param': None, 'log': None, 'severity': None}, 'header-length': {'action': None, - # 'status': None, 'length': None, 'log': None, 'severity': None}, 'exception': {'regex': None, - # 'header-length': None, 'content-length': None, 'max-cookie': None, 'pattern': None, 'hostname': None, - # 'line-length': None, 'max-range-segment': None, 'url-param-length': None, 'version': None, 'param-length': None, - # 'malformed': None, 'address': None, 'max-url-param': None, 'max-header-line': None, 'method': None}, - # 'hostname': {'action': None, 'status': None, 'log': None, 'severity': None}, - # 'url-param-length': {'action': None, 'status': None, 'length': None, 'log': None, 'severity': None}, - # 'version': {'action': None, 'status': None, 'log': None, 'severity': None}, 'max-header-line': {'action': None, - # 'status': None, 'max-header-line': None, 'log': None, 'severity': None}, 'method': {'action': None, - # 'status': None, 'log': None, 'severity': None}} - # mode: set - # signature: {'custom-signature': {'status': None, 'direction': None, 'log': None, 'severity': None, 'target': None, - # 'action': None, 'pattern': None, 'case-sensitivity': None, 'name': None}, - # 'credit-card-detection-threshold': None, 'main-class': {'action': None, 'status': None, 'log': None, - # 'severity': None}, 'disabled-signature': None, 'disabled-sub-class': None} - # method: {'status': None, 'default-allowed-methods': None, 'method-policy': {'regex': None, 'pattern': None, - # 'allowed-methods': None, 'address': None}, 'log': None, 'severity': None} - ################################################## - # Test using fixture 1 # - output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[0]['paramgram_used']) +def test_fmgr_waf_profile_modify(fixture_data, mocker): + mocker.patch("ansible.module_utils.network.fortimanager.fortimanager.FortiManagerHandler.process_request", + side_effect=fixture_data) + output = fmgr_secprof_waf.fmgr_waf_profile_modify(fmg_instance, fixture_data[0]['paramgram_used']) assert output['raw_response']['status']['code'] == 0 - # Test using fixture 2 # - output = fmgr_secprof_waf.fmgr_waf_profile_addsetdelete(fmg_instance, fixture_data[1]['paramgram_used']) + output = fmgr_secprof_waf.fmgr_waf_profile_modify(fmg_instance, fixture_data[1]['paramgram_used']) assert output['raw_response']['status']['code'] == 0