internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-06 13:22:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

FortiManager Plugin Module Conversion: fmgr_secprof_ssl_ssh (#52787)

Browse Source 
* Auto Commit for: fmgr_secprof_ssl_ssh

* Auto Commit for: fmgr_secprof_ssl_ssh

* Auto Commit for: fmgr_secprof_ssl_ssh
This commit is contained in:
ftntcorecse
2019-02-27 01:31:03 -05:00
committed by Nilashish Chakraborty
parent 1aae196cfa
commit bf162e258b
3 changed files with 279 additions and 469 deletions
Download Patch File Download Diff File Expand all files Collapse all files

412
test/units/modules/network/fortimanager/fixtures/test_fmgr_secprof_ssl_ssh.json
View File

@@ -1,202 +1,214 @@
{
"fmgr_firewall_ssl_ssh_profile_addsetdelete": [
{
"paramgram_used": {
"comment": null,
"untrusted-caname": null,
"mapi-over-https": null,
"whitelist": null,
"caname": null,
"ftps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"ssl-exemptions-log": null,
"https": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"imaps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"server-cert-mode": null,
"adom": "root",
"ssl-exempt": {
"regex": null,
"wildcard-fqdn": null,
"fortiguard-category": null,
"address6": null,
"address": null,
"type": null
},
"ssl": {
"inspect-all": null,
"allow-invalid-server-cert": null,
"client-cert-request": null,
"untrusted-cert": null,
"unsupported-ssl": null
},
"ssh": {
"status": null,
"inspect-all": null,
"ssh-tun-policy-check": null,
"ssh-policy-check": null,
"ssh-algorithm": null,
"unsupported-version": null,
"ports": null
},
"use-ssl-server": null,
"server-cert": null,
"name": "Ansible_SSL_SSH_Profile",
"ssl-anomalies-log": null,
"ssl-server": {
"pop3s-client-cert-request": null,
"imaps-client-cert-request": null,
"smtps-client-cert-request": null,
"ip": null,
"ssl-other-client-cert-request": null,
"https-client-cert-request": null,
"ftps-client-cert-request": null
},
"smtps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"rpc-over-https": null,
"mode": "delete",
"pop3s": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
}
},
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/firewall/ssl-ssh-profile/Ansible_SSL_SSH_Profile"
},
"post_method": "delete"
},
{
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/firewall/ssl-ssh-profile"
},
"paramgram_used": {
"comment": "Created by Ansible Module TEST",
"untrusted-caname": null,
"mapi-over-https": "enable",
"whitelist": "enable",
"caname": null,
"ftps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"ssl-exemptions-log": "enable",
"https": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"pop3s": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"server-cert-mode": "replace",
"adom": "root",
"ssl-exempt": {
"regex": null,
"wildcard-fqdn": null,
"fortiguard-category": null,
"address6": null,
"address": null,
"type": null
},
"ssl": {
"unsupported-ssl": null,
"inspect-all": null,
"allow-invalid-server-cert": null,
"untrusted-cert": null,
"client-cert-request": null
},
"ssh": {
"status": null,
"inspect-all": null,
"ssh-tun-policy-check": null,
"ssh-policy-check": null,
"ssh-algorithm": null,
"unsupported-version": null,
"ports": null
},
"server-cert": null,
"name": "Ansible_SSL_SSH_Profile",
"ssl-anomalies-log": "enable",
"ssl-server": {
"pop3s-client-cert-request": null,
"imaps-client-cert-request": null,
"smtps-client-cert-request": null,
"ip": null,
"ssl-other-client-cert-request": null,
"https-client-cert-request": null,
"ftps-client-cert-request": null
},
"smtps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"imaps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"rpc-over-https": "enable",
"mode": "set",
"use-ssl-server": "enable"
},
"post_method": "set"
}
]
"fmgr_firewall_ssl_ssh_profile_modify": [
{
"paramgram_used": {
"comment": null,
"untrusted-caname": null,
"mapi-over-https": null,
"whitelist": null,
"caname": null,
"ftps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"ssl-exemptions-log": null,
"https": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"imaps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"server-cert-mode": null,
"adom": "root",
"ssl-exempt": {
"regex": null,
"wildcard-fqdn": null,
"fortiguard-category": null,
"address6": null,
"address": null,
"type": null
},
"ssl": {
"inspect-all": null,
"allow-invalid-server-cert": null,
"client-cert-request": null,
"untrusted-cert": null,
"unsupported-ssl": null
},
"ssh": {
"status": null,
"inspect-all": null,
"ssh-tun-policy-check": null,
"ssh-policy-check": null,
"ssh-algorithm": null,
"unsupported-version": null,
"ports": null
},
"use-ssl-server": null,
"server-cert": null,
"name": "Ansible_SSL_SSH_Profile",
"ssl-anomalies-log": null,
"ssl-server": {
"pop3s-client-cert-request": null,
"imaps-client-cert-request": null,
"smtps-client-cert-request": null,
"ip": null,
"ssl-other-client-cert-request": null,
"https-client-cert-request": null,
"ftps-client-cert-request": null
},
"smtps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
},
"rpc-over-https": null,
"mode": "delete",
"pop3s": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"client-cert-request": null,
"ports": null,
"untrusted-cert": null
}
},
"datagram_sent": {},
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/firewall/ssl-ssh-profile/Ansible_SSL_SSH_Profile"
},
"post_method": "delete"
},
{
"raw_response": {
"status": {
"message": "OK",
"code": 0
},
"url": "/pm/config/adom/root/obj/firewall/ssl-ssh-profile"
},
"datagram_sent": {
"comment": "Created by Ansible Module TEST",
"server-cert-mode": "replace",
"name": "Ansible_SSL_SSH_Profile",
"ssl-anomalies-log": "enable",
"mapi-over-https": "enable",
"whitelist": "enable",
"ssl-exemptions-log": "enable",
"rpc-over-https": "enable",
"use-ssl-server": "enable"
},
"paramgram_used": {
"comment": "Created by Ansible Module TEST",
"untrusted-caname": null,
"mapi-over-https": "enable",
"whitelist": "enable",
"caname": null,
"ftps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"ssl-exemptions-log": "enable",
"https": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"pop3s": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"server-cert-mode": "replace",
"adom": "root",
"ssl-exempt": {
"regex": null,
"wildcard-fqdn": null,
"fortiguard-category": null,
"address6": null,
"address": null,
"type": null
},
"ssl": {
"unsupported-ssl": null,
"inspect-all": null,
"allow-invalid-server-cert": null,
"untrusted-cert": null,
"client-cert-request": null
},
"ssh": {
"status": null,
"inspect-all": null,
"ssh-tun-policy-check": null,
"ssh-policy-check": null,
"ssh-algorithm": null,
"unsupported-version": null,
"ports": null
},
"server-cert": null,
"name": "Ansible_SSL_SSH_Profile",
"ssl-anomalies-log": "enable",
"ssl-server": {
"pop3s-client-cert-request": null,
"imaps-client-cert-request": null,
"smtps-client-cert-request": null,
"ip": null,
"ssl-other-client-cert-request": null,
"https-client-cert-request": null,
"ftps-client-cert-request": null
},
"smtps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"imaps": {
"status": null,
"allow-invalid-server-cert": null,
"unsupported-ssl": null,
"untrusted-cert": null,
"client-cert-request": null,
"ports": null
},
"rpc-over-https": "enable",
"mode": "set",
"use-ssl-server": "enable"
},
"post_method": "set"
}
]
}

108
test/units/modules/network/fortimanager/test_fmgr_secprof_ssl_ssh.py
View File

@@ -19,7 +19,7 @@ __metaclass__ = type
import os
import json
from pyFMG.fortimgr import FortiManager
from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler
import pytest
try:
@@ -27,15 +27,10 @@ try:
except ImportError:
pytest.skip("Could not load required modules for testing", allow_module_level=True)
fmg_instance = FortiManager("1.1.1.1", "admin", "")
def load_fixtures():
fixture_path = os.path.join(
os.path.dirname(__file__),
'fixtures') + "/{filename}.json".format(
filename=os.path.splitext(
os.path.basename(__file__))[0])
fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures') + "/{filename}.json".format(
filename=os.path.splitext(os.path.basename(__file__))[0])
try:
with open(fixture_path, "r") as fixture_file:
fixture_data = json.load(fixture_file)
@@ -44,92 +39,31 @@ def load_fixtures():
return [fixture_data]
@pytest.fixture(autouse=True)
def module_mock(mocker):
connection_class_mock = mocker.patch('ansible.module_utils.basic.AnsibleModule')
return connection_class_mock
@pytest.fixture(autouse=True)
def connection_mock(mocker):
connection_class_mock = mocker.patch('ansible.modules.network.fortimanager.fmgr_secprof_ssl_ssh.Connection')
return connection_class_mock
@pytest.fixture(scope="function", params=load_fixtures())
def fixture_data(request):
func_name = request.function.__name__.replace("test_", "")
return request.param.get(func_name, None)
def test_fmgr_firewall_ssl_ssh_profile_addsetdelete(fixture_data, mocker):
mocker.patch("pyFMG.fortimgr.FortiManager._post_request", side_effect=fixture_data)
# Fixture sets used:###########################
fmg_instance = FortiManagerHandler(connection_mock, module_mock)
##################################################
# comment: None
# untrusted-caname: None
# mapi-over-https: None
# whitelist: None
# caname: None
# ftps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'client-cert-request': None,
# 'ports': None, 'untrusted-cert': None}
# ssl-exemptions-log: None
# https: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'client-cert-request': None,
# 'ports': None, 'untrusted-cert': None}
# imaps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'client-cert-request': None,
# 'ports': None, 'untrusted-cert': None}
# server-cert-mode: None
# adom: root
# ssl-exempt: {'regex': None, 'wildcard-fqdn': None, 'fortiguard-category': None, 'address6': None,
# 'address': None, 'type': None}
# ssl: {'inspect-all': None, 'allow-invalid-server-cert': None, 'client-cert-request': None,
# 'untrusted-cert': None, 'unsupported-ssl': None}
# ssh: {'status': None, 'inspect-all': None, 'ssh-tun-policy-check': None, 'ssh-policy-check': None,
# 'ssh-algorithm': None, 'unsupported-version': None, 'ports': None}
# use-ssl-server: None
# server-cert: None
# name: Ansible_SSL_SSH_Profile
# ssl-anomalies-log: None
# ssl-server: {'pop3s-client-cert-request': None, 'imaps-client-cert-request': None,
# 'smtps-client-cert-request': None, 'ip': None, 'ssl-other-client-cert-request': None,
# 'https-client-cert-request': None, 'ftps-client-cert-request': None}
# smtps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'client-cert-request': None,
# 'ports': None, 'untrusted-cert': None}
# rpc-over-https: None
# mode: delete
# pop3s: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'client-cert-request': None,
# 'ports': None, 'untrusted-cert': None}
##################################################
##################################################
# comment: Created by Ansible Module TEST
# untrusted-caname: None
# mapi-over-https: enable
# whitelist: enable
# caname: None
# ftps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'untrusted-cert': None,
# 'client-cert-request': None, 'ports': None}
# ssl-exemptions-log: enable
# https: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'untrusted-cert': None,
# 'client-cert-request': None, 'ports': None}
# pop3s: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'untrusted-cert': None,
# 'client-cert-request': None, 'ports': None}
# server-cert-mode: replace
# adom: root
# ssl-exempt: {'regex': None, 'wildcard-fqdn': None, 'fortiguard-category': None, 'address6': None,
# 'address': None, 'type': None}
# ssl: {'unsupported-ssl': None, 'inspect-all': None, 'allow-invalid-server-cert': None, 'untrusted-cert': None,
# 'client-cert-request': None}
# ssh: {'status': None, 'inspect-all': None, 'ssh-tun-policy-check': None, 'ssh-policy-check': None,
# 'ssh-algorithm': None, 'unsupported-version': None, 'ports': None}
# server-cert: None
# name: Ansible_SSL_SSH_Profile
# ssl-anomalies-log: enable
# ssl-server: {'pop3s-client-cert-request': None, 'imaps-client-cert-request': None,
# 'smtps-client-cert-request': None, 'ip': None, 'ssl-other-client-cert-request': None,
# 'https-client-cert-request': None, 'ftps-client-cert-request': None}
# smtps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'untrusted-cert': None,
# 'client-cert-request': None, 'ports': None}
# imaps: {'status': None, 'allow-invalid-server-cert': None, 'unsupported-ssl': None, 'untrusted-cert': None,
# 'client-cert-request': None, 'ports': None}
# rpc-over-https: enable
# mode: set
# use-ssl-server: enable
##################################################
# Test using fixture 1 #
output = fmgr_secprof_ssl_ssh.fmgr_firewall_ssl_ssh_profile_addsetdelete(
fmg_instance, fixture_data[0]['paramgram_used'])
def test_fmgr_firewall_ssl_ssh_profile_modify(fixture_data, mocker):
mocker.patch("ansible.module_utils.network.fortimanager.fortimanager.FortiManagerHandler.process_request",
side_effect=fixture_data)
output = fmgr_secprof_ssl_ssh.fmgr_firewall_ssl_ssh_profile_modify(fmg_instance, fixture_data[0]['paramgram_used'])
assert output['raw_response']['status']['code'] == 0
# Test using fixture 2 #
output = fmgr_secprof_ssl_ssh.fmgr_firewall_ssl_ssh_profile_addsetdelete(
fmg_instance, fixture_data[1]['paramgram_used'])
output = fmgr_secprof_ssl_ssh.fmgr_firewall_ssl_ssh_profile_modify(fmg_instance, fixture_data[1]['paramgram_used'])
assert output['raw_response']['status']['code'] == 0