6 files changed, 138 insertions, 0 deletions

diff --git a/tests/integration/targets/vyos_user/aliases b/tests/integration/targets/vyos_user/aliases
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/tests/integration/targets/vyos_user/aliases
diff --git a/tests/integration/targets/vyos_user/defaults/main.yaml b/tests/integration/targets/vyos_user/defaults/main.yaml
new file mode 100644
index 00000000..9ef5ba51
--- /dev/null
+++ b/tests/integration/targets/vyos_user/defaults/main.yaml
@@ -0,0 +1,3 @@
+---
+testcase: "*"
+test_items: []
diff --git a/tests/integration/targets/vyos_user/tasks/cli.yaml b/tests/integration/targets/vyos_user/tasks/cli.yaml
new file mode 100644
index 00000000..890d3acf
--- /dev/null
+++ b/tests/integration/targets/vyos_user/tasks/cli.yaml
@@ -0,0 +1,22 @@
+---
+- name: collect all cli test cases
+  find:
+    paths: "{{ role_path }}/tests/cli"
+    patterns: "{{ testcase }}.yaml"
+  register: test_cases
+  delegate_to: localhost
+
+- name: set test_items
+  set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
+
+- name: run test case (connection=network_cli)
+  include: "{{ test_case_to_run }} ansible_connection=network_cli"
+  with_items: "{{ test_items }}"
+  loop_control:
+    loop_var: test_case_to_run
+
+- name: run test case (connection=local)
+  include: "{{ test_case_to_run }} ansible_connection=local"
+  with_first_found: "{{ test_items }}"
+  loop_control:
+    loop_var: test_case_to_run
diff --git a/tests/integration/targets/vyos_user/tasks/main.yaml b/tests/integration/targets/vyos_user/tasks/main.yaml
new file mode 100644
index 00000000..415c99d8
--- /dev/null
+++ b/tests/integration/targets/vyos_user/tasks/main.yaml
@@ -0,0 +1,2 @@
+---
+- { include: cli.yaml, tags: ['cli'] }
diff --git a/tests/integration/targets/vyos_user/tests/cli/auth.yaml b/tests/integration/targets/vyos_user/tests/cli/auth.yaml
new file mode 100644
index 00000000..566191ee
--- /dev/null
+++ b/tests/integration/targets/vyos_user/tests/cli/auth.yaml
@@ -0,0 +1,34 @@
+---
+- block:
+  - name: Create user with password
+    vyos.vyos.vyos_user:
+      name: auth_user
+      role: admin
+      state: present
+      configured_password: pass123
+
+  - name: test login via ssh with new user
+    expect:
+      command: "ssh auth_user@{{ ansible_ssh_host }} -p {{ ansible_port | default(22) }} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper show version'"
+      responses:
+        (?i)password: "pass123"
+
+  - name: test login via ssh with invalid password (should fail)
+    expect:
+      command: "ssh auth_user@{{ ansible_ssh_host }} -p {{ ansible_port | default(22) }} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper show version'"
+      responses:
+        (?i)password: "badpass"
+    ignore_errors: yes
+    register: results
+
+  - name: check that attempt failed
+    assert:
+      that:
+        - results.failed
+
+  always:
+  - name: delete user
+    vyos.vyos.vyos_user:
+      name: auth_user
+      state: absent
+    register: result
diff --git a/tests/integration/targets/vyos_user/tests/cli/basic.yaml b/tests/integration/targets/vyos_user/tests/cli/basic.yaml
new file mode 100644
index 00000000..a71f9c6f
--- /dev/null
+++ b/tests/integration/targets/vyos_user/tests/cli/basic.yaml
@@ -0,0 +1,77 @@
+---
+- debug: msg="START cli/basic.yaml on connection={{ ansible_connection }}"
+
+- name: Setup
+  vyos.vyos.vyos_config:
+    lines:
+      - delete system login user ansibletest1
+      - delete system login user ansibletest2
+      - delete system login user ansibletest3
+
+- name: Create user
+  vyos.vyos.vyos_user:
+    name: ansibletest1
+    configured_password: test
+    state: present
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - '"set system login user" in result.commands[0]'
+      - '"authentication plaintext-password" in result.commands[0]'
+
+- name: Collection of users (SetUp)
+  vyos.vyos.vyos_user:
+    aggregate:
+      - name: ansibletest2
+      - name: ansibletest3
+    level: operator
+    state: present
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - 'result.commands == ["set system login user ansibletest2 level operator", "set system login user ansibletest3 level operator"]'
+
+- name: Add user again (Idempotent)
+  vyos.vyos.vyos_user:
+    name: ansibletest1
+    configured_password: test
+    state: present
+    update_password: on_create
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == false'
+      - 'result.commands | length == 0'
+
+- name: Add collection of users (Idempotent)
+  vyos.vyos.vyos_user:
+    aggregate:
+      - name: ansibletest2
+      - name: ansibletest3
+    level: operator
+    state: present
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == false'
+      - 'result.commands | length == 0'
+
+- name: tearDown
+  vyos.vyos.vyos_user:
+    users:
+      - name: ansibletest1
+      - name: ansibletest2
+      - name: ansibletest3
+    state: absent
+  register: result
+
+- assert:
+    that:
+      - 'result.changed == true'
+      - 'result.commands == ["delete system login user ansibletest1", "delete system login user ansibletest2", "delete system login user ansibletest3"]'