internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-07 05:43:26 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #851 from rjeffman/dnszone_fix_bool_behavior

Browse Source 
Fix handling of boolean values for FreeIPA 4.9.10+
This commit is contained in:
Thomas Woerner
2022-07-06 20:44:13 +02:00
committed by GitHub
parent e500c133c0 a5306b2db5
commit 9dcff9a308
8 changed files with 83 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
plugins/module_utils/ansible_freeipa_module.py
View File

@@ -88,9 +88,15 @@ else:
"""
Split a version string A.B.C, into a tuple.
This will not work for `rc`, `dev` or similar version string.
This will not work for `rc`, `dev` or similar.
"""
return tuple(re.split("[-_.]", version_str)) # noqa: W605
try:
_version = tuple(
(int(x) for x in re.split("[-_.]", version_str))
)
except ValueError:
_version = tuple(re.split("[-_.]", version_str))
return _version
from ipalib import api
from ipalib import errors as ipalib_errors # noqa
@@ -866,7 +872,10 @@ else:
# Check if param_name is actually a param
if param_name in self.ansible_module.params:
value = self.ansible_module.params_get(param_name)
if isinstance(value, bool):
if (
self.ansible_module.ipa_check_version("<", "4.9.10")
and isinstance(value, bool)
):
value = "TRUE" if value else "FALSE"
# Since param wasn't a param check if it's a method name

6
plugins/modules/ipaconfig.py
View File

@@ -441,7 +441,11 @@ def main():
elif (
isinstance(value, (tuple, list)) and arg_type == "bool"
):
exit_args[k] = (value[0] == "TRUE")
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
exit_args[k] = (str(value[0]).upper() == "TRUE")
else:
if arg_type not in type_map:
raise ValueError(

8
plugins/modules/ipadnsforwardzone.py
View File

@@ -344,7 +344,13 @@ def main():
if state in ['enabled', 'disabled']:
if existing_resource is not None:
is_enabled = existing_resource["idnszoneactive"][0]
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
is_enabled = (
str(existing_resource["idnszoneactive"][0]).upper()
)
else:
ansible_module.fail_json(
msg="dnsforwardzone '%s' not found." % (name))

6
plugins/modules/ipadnszone.py
View File

@@ -418,7 +418,11 @@ class DNSZoneModule(IPAAnsibleModule):
is_zone_active = False
else:
zone = response["result"]
is_zone_active = "TRUE" in zone.get("idnszoneactive")
# FreeIPA 4.9.10+ and 4.10 use proper mapping for boolean vaalues.
# See: https://github.com/freeipa/freeipa/pull/6294
is_zone_active = (
str(zone.get("idnszoneactive")[0]).upper() == "TRUE"
)
return zone, is_zone_active

18
plugins/modules/ipahbacrule.py
View File

@@ -472,18 +472,26 @@ def main():
# hbacrule_enable is not failing on an enabled hbacrule
# Therefore it is needed to have a look at the ipaenabledflag
# in res_find.
if "ipaenabledflag" not in res_find or \
res_find["ipaenabledflag"][0] != "TRUE":
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
enabled_flag = str(res_find.get("ipaenabledflag", [False])[0])
if enabled_flag.upper() != "TRUE":
commands.append([name, "hbacrule_enable", {}])
elif state == "disabled":
if res_find is None:
ansible_module.fail_json(msg="No hbacrule '%s'" % name)
# hbacrule_disable is not failing on an disabled hbacrule
# hbacrule_disable is not failing on an enabled hbacrule
# Therefore it is needed to have a look at the ipaenabledflag
# in res_find.
if "ipaenabledflag" not in res_find or \
res_find["ipaenabledflag"][0] != "FALSE":
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
enabled_flag = str(res_find.get("ipaenabledflag", [False])[0])
if enabled_flag.upper() != "FALSE":
commands.append([name, "hbacrule_disable", {}])
else:

16
plugins/modules/ipasudorule.py
View File

@@ -656,8 +656,12 @@ def main():
# sudorule_enable is not failing on an enabled sudorule
# Therefore it is needed to have a look at the ipaenabledflag
# in res_find.
if "ipaenabledflag" not in res_find or \
res_find["ipaenabledflag"][0] != "TRUE":
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
enabled_flag = str(res_find.get("ipaenabledflag", [False])[0])
if enabled_flag.upper() != "TRUE":
commands.append([name, "sudorule_enable", {}])
elif state == "disabled":
@@ -666,8 +670,12 @@ def main():
# sudorule_disable is not failing on an disabled sudorule
# Therefore it is needed to have a look at the ipaenabledflag
# in res_find.
if "ipaenabledflag" not in res_find or \
res_find["ipaenabledflag"][0] != "FALSE":
# FreeIPA 4.9.10+ and 4.10 use proper mapping for
# boolean values, so we need to convert it to str
# for comparison.
# See: https://github.com/freeipa/freeipa/pull/6294
enabled_flag = str(res_find.get("ipaenabledflag", [False])[0])
if enabled_flag.upper() != "FALSE":
commands.append([name, "sudorule_disable", {}])
else:

16
tests/pytests/dnszone/test_dnszone.py
View File

@@ -64,18 +64,26 @@ class TestDNSZone(AnsibleFreeIPATestCase):
def test_dnszone_disable(self):
"""TC-30: Disable DNS Zone."""
zone26 = "26testzone.test"
self.check_details(["Active zone: TRUE"], "dnszone-find", [zone26])
self.check_details(
["Active zone: (TRUE|True)"], "dnszone-find", [zone26]
)
# Disable dns zone
self.run_playbook(BASE_PATH + "dnszone_disable.yaml")
self.check_details(["Active zone: FALSE"], "dnszone-find", [zone26])
self.check_details(
["Active zone: (FALSE|False)"], "dnszone-find", [zone26]
)
def test_dnszone_enable(self):
"""TC-31: Enable DNS Zone."""
zone26 = "26testzone.test"
self.check_details(["Active zone: FALSE"], "dnszone-find", [zone26])
self.check_details(
["Active zone: (FALSE|False)"], "dnszone-find", [zone26]
)
# Enable dns zone
self.run_playbook(BASE_PATH + "dnszone_enable.yaml")
self.check_details(["Active zone: TRUE"], "dnszone-find", [zone26])
self.check_details(
["Active zone: (TRUE|True)"], "dnszone-find", [zone26]
)
def test_dnszone_name_from_ip(self):
"""TC-35: Add dns zone with reverse zone IP. Bug#1845056."""

20
tests/utils.py
View File

@@ -21,6 +21,7 @@
import os
import pytest
import re
import subprocess
import tempfile
import testinfra
@@ -314,6 +315,10 @@ class AnsibleFreeIPATestCase(TestCase):
expected_msg in result.stderr.decode("utf8")
)
@staticmethod
def __is_text_on_data(text, data):
return re.search(text, data) is not None
def check_details(self, expected_output, cmd, extra_cmds=None):
cmd = "ipa " + cmd
if extra_cmds:
@@ -322,10 +327,16 @@ class AnsibleFreeIPATestCase(TestCase):
res = self.master.run(cmd)
if res.rc != 0:
for output in expected_output:
assert output in res.stderr
assert self.__is_text_on_data(output, res.stderr), (
f"\n{'='*40}\nExpected: {output}\n{'='*40}\n"
+ f"Output:\n{res.stderr}{'='*40}\n"
)
else:
for output in expected_output:
assert output in res.stdout
assert self.__is_text_on_data(output, res.stdout), (
f"\n{'='*40}\nExpected: {output}\n{'='*40}\n"
+ f"Output:\n{res.stdout}{'='*40}\n"
)
kdestroy(self.master)
def check_notexists(self, members, cmd, extra_cmds=None):
@@ -335,7 +346,10 @@ class AnsibleFreeIPATestCase(TestCase):
kinit_admin(self.master)
res = self.master.run(cmd)
for member in members:
assert member not in res.stdout
assert not self.__is_text_on_data(member, res.stdout), (
f"\n{'='*40}\nExpected: {member}\n{'='*40}\n"
+ f"Output:\n{res.stdout}{'='*40}\n"
)
kdestroy(self.master)
def mark_xfail_using_ansible_freeipa_version(self, version, reason):