diff --git a/changelogs/fragments/57890-update-acl-to-fix-bugs.yml b/changelogs/fragments/57890-update-acl-to-fix-bugs.yml
new file mode 100644
index 00000000000..47e64193864
--- /dev/null
+++ b/changelogs/fragments/57890-update-acl-to-fix-bugs.yml
@@ -0,0 +1,5 @@
+bugfixes:
+ - update acl to fix bugs.(https://github.com/ansible/ansible/pull/57268)
+ - ce_acl - tag named data of a xpath is unnecessay for old sotfware version to find a element from xml tree, but element can not be found with 'data' tag for new version, so remove.
+ - ce_acl_advance - remove 'data' tag, and fix a bug that the 'changed' of result is not correct.
+ - ce_acl_interface - do not used 'get_config' to show specific configuration, and use display command directly.
\ No newline at end of file
diff --git a/lib/ansible/modules/network/cloudengine/ce_acl.py b/lib/ansible/modules/network/cloudengine/ce_acl.py
index 3ab45960e67..0968f414801 100644
--- a/lib/ansible/modules/network/cloudengine/ce_acl.py
+++ b/lib/ansible/modules/network/cloudengine/ce_acl.py
@@ -427,7 +427,7 @@ class BaseAcl(object):
if self.acl_type:
conf_str += ""
- if self.acl_num:
+ if self.acl_num or self.acl_name.isdigit():
conf_str += ""
if self.acl_step:
conf_str += ""
@@ -444,12 +444,11 @@ class BaseAcl(object):
xml_str = recv_xml.replace('\r', '').replace('\n', '').\
replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\
replace('xmlns="http://www.huawei.com/netconf/vrp"', "")
-
root = ElementTree.fromstring(xml_str)
# parse acl
acl_info = root.findall(
- "data/acl/aclGroups/aclGroup")
+ "acl/aclGroups/aclGroup")
if acl_info:
for tmp in acl_info:
tmp_dict = dict()
@@ -460,22 +459,43 @@ class BaseAcl(object):
self.cur_acl_cfg["acl_info"].append(tmp_dict)
if self.cur_acl_cfg["acl_info"]:
+ find_list = list()
for tmp in self.cur_acl_cfg["acl_info"]:
- find_flag = True
-
- if self.acl_name and tmp.get("aclNumOrName") != self.acl_name:
- find_flag = False
- if self.acl_type and tmp.get("aclType") != self.acl_type:
- find_flag = False
- if self.acl_num and tmp.get("aclNumber") != self.acl_num:
- find_flag = False
- if self.acl_step and tmp.get("aclStep") != self.acl_step:
- find_flag = False
- if self.acl_description and tmp.get("aclDescription") != self.acl_description:
+ cur_cfg_dict = dict()
+ exist_cfg_dict = dict()
+ if self.acl_name:
+ if self.acl_name.isdigit() and tmp.get("aclNumber"):
+ cur_cfg_dict["aclNumber"] = self.acl_name
+ exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
+ else:
+ cur_cfg_dict["aclNumOrName"] = self.acl_name
+ exist_cfg_dict["aclNumOrName"] = tmp.get("aclNumOrName")
+ if self.acl_type:
+ cur_cfg_dict["aclType"] = self.acl_type
+ exist_cfg_dict["aclType"] = tmp.get("aclType")
+ if self.acl_num:
+ cur_cfg_dict["aclNumber"] = self.acl_num
+ exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
+ if self.acl_step:
+ cur_cfg_dict["aclStep"] = self.acl_step
+ exist_cfg_dict["aclStep"] = tmp.get("aclStep")
+ if self.acl_description:
+ cur_cfg_dict["aclDescription"] = self.acl_description
+ exist_cfg_dict["aclDescription"] = tmp.get("aclDescription")
+
+ if cur_cfg_dict == exist_cfg_dict:
+ find_bool = True
+ else:
+ find_bool = False
+ find_list.append(find_bool)
+
+ for mem in find_list:
+ if mem:
+ find_flag = True
+ break
+ else:
find_flag = False
- if find_flag:
- break
else:
find_flag = False
@@ -593,7 +613,7 @@ class BaseAcl(object):
# parse base rule
base_rule_info = root.findall(
- "data/acl/aclGroups/aclGroup/aclRuleBas4s/aclRuleBas4")
+ "acl/aclGroups/aclGroup/aclRuleBas4s/aclRuleBas4")
if base_rule_info:
for tmp in base_rule_info:
tmp_dict = dict()
diff --git a/lib/ansible/modules/network/cloudengine/ce_acl_advance.py b/lib/ansible/modules/network/cloudengine/ce_acl_advance.py
index 32a4d284ee3..e03e5cba1d6 100644
--- a/lib/ansible/modules/network/cloudengine/ce_acl_advance.py
+++ b/lib/ansible/modules/network/cloudengine/ce_acl_advance.py
@@ -602,7 +602,7 @@ class AdvanceAcl(object):
if self.acl_type:
conf_str += ""
- if self.acl_num:
+ if self.acl_num or self.acl_name.isdigit():
conf_str += ""
if self.acl_step:
conf_str += ""
@@ -624,7 +624,7 @@ class AdvanceAcl(object):
# parse acl
acl_info = root.findall(
- "data/acl/aclGroups/aclGroup")
+ "acl/aclGroups/aclGroup")
if acl_info:
for tmp in acl_info:
tmp_dict = dict()
@@ -635,22 +635,42 @@ class AdvanceAcl(object):
self.cur_acl_cfg["acl_info"].append(tmp_dict)
if self.cur_acl_cfg["acl_info"]:
+ find_list = list()
for tmp in self.cur_acl_cfg["acl_info"]:
- find_flag = True
-
- if self.acl_name and tmp.get("aclNumOrName") != self.acl_name:
- find_flag = False
- if self.acl_type and tmp.get("aclType") != self.acl_type:
- find_flag = False
- if self.acl_num and tmp.get("aclNumber") != self.acl_num:
- find_flag = False
- if self.acl_step and tmp.get("aclStep") != self.acl_step:
- find_flag = False
- if self.acl_description and tmp.get("aclDescription") != self.acl_description:
- find_flag = False
-
- if find_flag:
+ cur_cfg_dict = dict()
+ exist_cfg_dict = dict()
+
+ if self.acl_name:
+ if self.acl_name.isdigit() and tmp.get("aclNumber"):
+ cur_cfg_dict["aclNumber"] = self.acl_name
+ exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
+ else:
+ cur_cfg_dict["aclNumOrName"] = self.acl_name
+ exist_cfg_dict["aclNumOrName"] = tmp.get("aclNumOrName")
+ if self.acl_type:
+ cur_cfg_dict["aclType"] = self.acl_type
+ exist_cfg_dict["aclType"] = tmp.get("aclType")
+ if self.acl_num:
+ cur_cfg_dict["aclNumber"] = self.acl_num
+ exist_cfg_dict["aclNumber"] = tmp.get("aclNumber")
+ if self.acl_step:
+ cur_cfg_dict["aclStep"] = self.acl_step
+ exist_cfg_dict["aclStep"] = tmp.get("aclStep")
+ if self.acl_description:
+ cur_cfg_dict["aclDescription"] = self.acl_description
+ exist_cfg_dict["aclDescription"] = tmp.get("aclDescription")
+
+ if cur_cfg_dict == exist_cfg_dict:
+ find_bool = True
+ else:
+ find_bool = False
+ find_list.append(find_bool)
+ for mem in find_list:
+ if mem:
+ find_flag = True
break
+ else:
+ find_flag = False
else:
find_flag = False
@@ -1001,7 +1021,7 @@ class AdvanceAcl(object):
# parse advance rule
adv_rule_info = root.findall(
- "data/acl/aclGroups/aclGroup/aclRuleAdv4s/aclRuleAdv4")
+ "acl/aclGroups/aclGroup/aclRuleAdv4s/aclRuleAdv4")
if adv_rule_info:
for tmp in adv_rule_info:
tmp_dict = dict()
diff --git a/lib/ansible/modules/network/cloudengine/ce_acl_interface.py b/lib/ansible/modules/network/cloudengine/ce_acl_interface.py
index c9036339605..837f85d4e39 100644
--- a/lib/ansible/modules/network/cloudengine/ce_acl_interface.py
+++ b/lib/ansible/modules/network/cloudengine/ce_acl_interface.py
@@ -122,7 +122,7 @@ updates:
from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils.network.cloudengine.ce import get_config, load_config
+from ansible.module_utils.network.cloudengine.ce import get_config, load_config, exec_command
from ansible.module_utils.network.cloudengine.ce import ce_argument_spec
@@ -169,11 +169,18 @@ class AclInterface(object):
msg='Error: The len of acl_name is out of [1 - 32].')
if self.interface:
- regular = "| ignore-case section include ^interface %s$" % self.interface
- result = self.cli_get_config(regular)
- if not result:
- self.module.fail_json(
- msg='Error: The interface %s is not in the device.' % self.interface)
+ cmd = "display current-configuration | ignore-case section include ^interface %s$" % self.interface
+ rc, out, err = exec_command(self.module, cmd)
+ if rc != 0:
+ self.module.fail_json(msg=err)
+ result = str(out).strip()
+ if result:
+ tmp = result.split('\n')
+ if "display" in tmp[0]:
+ tmp.pop(0)
+ if not tmp:
+ self.module.fail_json(
+ msg='Error: The interface %s is not in the device.' % self.interface)
def get_proposed(self):
""" Get proposed config """
@@ -192,28 +199,36 @@ class AclInterface(object):
def get_existing(self):
""" Get existing config """
- regular = "| ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
- result = self.cli_get_config(regular)
-
+ cmd = "display current-configuration | ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
+ rc, out, err = exec_command(self.module, cmd)
+ if rc != 0:
+ self.module.fail_json(msg=err)
+ result = str(out).strip()
end = []
if result:
tmp = result.split('\n')
+ if "display" in tmp[0]:
+ tmp.pop(0)
for item in tmp:
- end.append(item)
+ end.append(item.strip())
self.cur_cfg["acl interface"] = end
self.existing["acl interface"] = end
def get_end_state(self):
""" Get config end state """
- regular = "| ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
- result = self.cli_get_config(regular)
+ cmd = "display current-configuration | ignore-case section include ^interface %s$ | include traffic-filter" % self.interface
+ rc, out, err = exec_command(self.module, cmd)
+ if rc != 0:
+ self.module.fail_json(msg=err)
+ result = str(out).strip()
end = []
if result:
tmp = result.split('\n')
+ if "display" in tmp[0]:
+ tmp.pop(0)
for item in tmp:
- item = item[1:-1]
- end.append(item)
+ end.append(item.strip())
self.end_state["acl interface"] = end
def cli_load_config(self, commands):
@@ -222,15 +237,6 @@ class AclInterface(object):
if not self.module.check_mode:
load_config(self.module, commands)
- def cli_get_config(self, regular):
- """ Cli method to get config """
-
- flags = list()
- flags.append(regular)
- tmp_cfg = get_config(self.module, flags)
-
- return tmp_cfg
-
def work(self):
""" Work function """