From 2f96eee421df9580b112bd1485624e7c9fbceca9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 26 Jun 2020 22:42:28 +0200 Subject: ifconfig: T2653: add common vyos.configverify helpers While moving towards a general interface abstraction based on get_config_dict() and the use of vyos.ifconfig.Interfaces().update() it also makes sense, to split out common verification code to a common util file - instead of duplicating the code, which is infact one of the main forces drivind this transition. vyos.configverify will hold common functions called via verify() from our src/conf_mode scripts so we do not need to copy/paste general verifications methods. --- python/vyos/configverify.py | 67 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 python/vyos/configverify.py (limited to 'python/vyos/configverify.py') diff --git a/python/vyos/configverify.py b/python/vyos/configverify.py new file mode 100644 index 000000000..64eb80728 --- /dev/null +++ b/python/vyos/configverify.py @@ -0,0 +1,67 @@ +# Copyright 2020 VyOS maintainers and contributors +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library. If not, see . + +# The sole purpose of this module is to hold common functions used in +# all kinds of implementations to verify the CLI configuration. +# It is started by migrating the interfaces to the new get_config_dict() +# approach which will lead to a lot of code that can be reused. + +# NOTE: imports should be as local as possible to the function which +# makes use of it! + +def verify_bridge_vrf(config): + """ + Common helper function used by interface implementations to + perform recurring validation of VRF configuration + """ + from netifaces import interfaces + from vyos import ConfigError + + if 'vrf' in config.keys(): + if config['vrf'] not in interfaces(): + raise ConfigError('VRF "{vrf}" does not exist'.format(**config)) + + if 'is_bridge_member' in config.keys(): + raise ConfigError( + 'Interface "{ifname}" cannot be both a member of VRF "{vrf}" ' + 'and bridge "{is_bridge_member}"!'.format(**config)) + + +def verify_bridge_address(config): + """ + Common helper function used by interface implementations to + perform recurring validation of IP address assignmenr + when interface also is part of a bridge. + """ + from vyos import ConfigError + + if {'is_bridge_member', 'address'} <= set(config): + raise ConfigError( + f'Cannot assign address to interface "{ifname}" as it is a ' + f'member of bridge "{is_bridge_member}"!'.format(**config)) + + +def verify_bridge_delete(config): + """ + Common helper function used by interface implementations to + perform recurring validation of IP address assignmenr + when interface also is part of a bridge. + """ + from vyos import ConfigError + + if 'is_bridge_member' in config.keys(): + raise ConfigError( + 'Interface "{ifname}" cannot be deleted as it is a ' + 'member of bridge "{is_bridge_member}"!'.format(**config)) -- cgit v1.2.3