Add vyos_user implementation module (#25677)

* Add vyos_user implementation module

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Integration test for vyos_user

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Make state absent work

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Unit test for vyos_user

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Standardize user names

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Modify integration test with idempotent case

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

* Add role as alias to level

Signed-off-by: Trishna Guha <trishnaguha17@gmail.com>

test/integration/targets/vyos_user/defaults/main.yaml

@@ -0,0 +1,3 @@
+---
+testcase: "*"
+test_items: []

test/integration/targets/vyos_user/tasks/cli.yaml

@@ -0,0 +1,15 @@
+---
+- name: collect all cli test cases
+  find:
+    paths: "{{ role_path }}/tests/cli"
+    patterns: "{{ testcase }}.yaml"
+  register: test_cases
+
+- name: set test_items
+  set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
+
+- name: run test case
+  include: "{{ test_case_to_run }}"
+  with_items: "{{ test_items }}"
+  loop_control:
+    loop_var: test_case_to_run

test/integration/targets/vyos_user/tasks/main.yaml

@@ -0,0 +1,2 @@
+---
+- { include: cli.yaml, tags: ['cli'] }

test/integration/targets/vyos_user/tests/cli/basic.yaml

@@ -0,0 +1,71 @@
+---
+- name: Create user (SetUp)
+  vyos_user:
+    name: ansibletest1
+    password: test
+    state: present
+    provider: "{{ cli }}"
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - '"set system login user ansibletest1 authentication plaintext-password" in result.commands'
+
+- name: Collection of users (SetUp)
+  vyos_user:
+    users:
+      - name: ansibletest2
+      - name: ansibletest3
+    level: operator
+    state: present
+    provider: "{{ cli }}"
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - 'result.commands == ["set system login user ansibletest2 level operator", "set system login user ansibletest3 level operator"]'
+
+- name: Add user again (Idempotent)
+  vyos_user:
+    name: ansibletest1
+    password: test
+    state: present
+    provider: "{{ cli }}"
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == false'
+      - 'result.commands | length == 0'
+
+- name: Add collection of users (Idempotent)
+  vyos_user:
+    users:
+      - name: ansibletest2
+      - name: ansibletest3
+    level: operator
+    state: present
+    provider: "{{ cli }}"
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == false'
+      - 'result.commands | length == 0'
+
+- name: tearDown
+  vyos_user:
+    users:
+      - name: ansibletest1
+      - name: ansibletest2
+      - name: ansibletest3
+    state: absent
+    provider: "{{ cli }}"
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - 'result.commands == ["delete system login user ansibletest1", "delete system login user ansibletest2", "delete system login user ansibletest3"]'

test/integration/vyos.yaml

@@ -10,3 +10,4 @@
   roles:
     - { role: vyos_command, when: "limit_to in ['*', 'vyos_command']" }
     - { role: vyos_config, when: "limit_to in ['*', 'vyos_config']" }
+    - { role: vyos_user, when: "limit_to in ['*', vyos_user']" }

test/units/modules/network/vyos/fixtures/vyos_user_config.cfg

@@ -0,0 +1,2 @@
+set system login user admin level operator authentication encrypted-password '$6$V5oWW3JM9NFAwOG$P2L4raFvIrZjjs3g0qmH4Ns5ti7flRpSs6aEqy4TrGZYXGeBiYzwi2A6jy'
+set system login user ansible level operator authentication encrypted-password '$6$ZfvSv6A50W6yNPYX$4HP5eg2sywcXYxTqhApQ7zvUvx0HsQHrI9xuJoFLy2gM/'

test/units/modules/network/vyos/test_vyos_user.py

@@ -0,0 +1,86 @@
+# (c) 2016 Red Hat Inc.
+#
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+# Make coding more python3-ish
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import json
+
+from ansible.compat.tests.mock import patch
+from ansible.modules.network.vyos import vyos_user
+from .vyos_module import TestVyosModule, load_fixture, set_module_args
+
+
+class TestVyosUserModule(TestVyosModule):
+
+    module = vyos_user
+
+    def setUp(self):
+        self.mock_get_config = patch('ansible.modules.network.vyos.vyos_user.get_config')
+        self.get_config = self.mock_get_config.start()
+
+        self.mock_load_config = patch('ansible.modules.network.vyos.vyos_user.load_config')
+        self.load_config = self.mock_load_config.start()
+
+    def tearDown(self):
+        self.mock_get_config.stop()
+        self.mock_load_config.stop()
+
+    def load_fixtures(self, commands=None, transport='cli'):
+        self.get_config.return_value = load_fixture('vyos_user_config.cfg')
+        self.load_config.return_value = dict(diff=None, session='session')
+
+    def test_vyos_user_password(self):
+        set_module_args(dict(name='ansible', password='test'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['set system login user ansible authentication encrypted-password test'])
+
+    def test_vyos_user_delete(self):
+        set_module_args(dict(name='ansible', state='absent'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['delete system login user ansible'])
+
+    def test_vyos_user_level(self):
+        set_module_args(dict(name='ansible', level='operator'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['set system login user ansible level operator'])
+
+    def test_vyos_user_level_invalid(self):
+        set_module_args(dict(name='ansible', level='sysadmin'))
+        self.execute_module(failed=True)
+
+    def test_vyos_user_purge(self):
+        set_module_args(dict(purge=True))
+        result = self.execute_module(changed=True)
+        self.assertEqual(sorted(result['commands']), sorted(['delete system login user ansible',
+                                                             'delete system login user admin']))
+
+    def test_vyos_user_update_password_changed(self):
+        set_module_args(dict(name='test', password='test', update_password='on_create'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['set system login user test authentication encrypted-password test'])
+
+    def test_vyos_user_update_password_on_create_ok(self):
+        set_module_args(dict(name='ansible', password='test', update_password='on_create'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['set system login user ansible authentication encrypted-password test'])
+
+    def test_vyos_user_update_password_always(self):
+        set_module_args(dict(name='ansible', password='test', update_password='always'))
+        result = self.execute_module(changed=True)
+        self.assertEqual(result['commands'], ['set system login user ansible authentication encrypted-password test'])