From 9e159990f949652ec1b22f9a9a6e72828bdd1e80 Mon Sep 17 00:00:00 2001 From: Gaige B Paulsen Date: Thu, 2 Jan 2025 14:06:58 -0500 Subject: T6988: fix: remove role/level, fix tests (#371) * T6988: fix: remove role/level, fix tests * feature: add support for SSH keys * tests: add integration tests for public_keys * feat: add encrypted password support * tests: add unit for encrypted * tests: fix wrapping in YAML * tests: fix smoke tests --- .../network/vyos/fixtures/vyos_user_config.cfg | 6 +- tests/unit/modules/network/vyos/test_vyos_user.py | 132 +++++++++++++++++++-- 2 files changed, 124 insertions(+), 14 deletions(-) (limited to 'tests/unit') diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_user_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_user_config.cfg index 81cd1a48..9b73106e 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_user_config.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_user_config.cfg @@ -1,2 +1,4 @@ -set system login user admin level operator authentication encrypted-password '$6$V5oWW3JM9NFAwOG$P2L4raFvIrZjjs3g0qmH4Ns5ti7flRpSs6aEqy4TrGZYXGeBiYzwi2A6jy' -set system login user ansible level operator authentication encrypted-password '$6$ZfvSv6A50W6yNPYX$4HP5eg2sywcXYxTqhApQ7zvUvx0HsQHrI9xuJoFLy2gM/' +set system login user admin authentication encrypted-password '$6$V5oWW3JM9NFAwOG$P2L4raFvIrZjjs3g0qmH4Ns5ti7flRpSs6aEqy4TrGZYXGeBiYzwi2A6jy' +set system login user ansible authentication encrypted-password '$6$ZfvSv6A50W6yNPYX$4HP5eg2sywcXYxTqhApQ7zvUvx0HsQHrI9xuJoFLy2gM/' +set system login user ssh authentication public-keys user@host key 'AAAAB3NzaC1yc2EAAAADAQABAAABAQD' +set system login user ssh authentication public-keys user@host type 'ssh-rsa' diff --git a/tests/unit/modules/network/vyos/test_vyos_user.py b/tests/unit/modules/network/vyos/test_vyos_user.py index 70297207..e8c50783 100644 --- a/tests/unit/modules/network/vyos/test_vyos_user.py +++ b/tests/unit/modules/network/vyos/test_vyos_user.py @@ -67,18 +67,6 @@ class TestVyosUserModule(TestVyosModule): result = self.execute_module(changed=True) self.assertEqual(result["commands"], ["delete system login user ansible"]) - def test_vyos_user_level(self): - set_module_args(dict(name="ansible", level="operator")) - result = self.execute_module(changed=True) - self.assertEqual( - result["commands"], - ["set system login user ansible level operator"], - ) - - def test_vyos_user_level_invalid(self): - set_module_args(dict(name="ansible", level="sysadmin")) - self.execute_module(failed=True) - def test_vyos_user_purge(self): set_module_args(dict(purge=True)) result = self.execute_module(changed=True) @@ -88,6 +76,7 @@ class TestVyosUserModule(TestVyosModule): [ "delete system login user ansible", "delete system login user admin", + "delete system login user ssh", ], ), ) @@ -129,3 +118,122 @@ class TestVyosUserModule(TestVyosModule): result["commands"], ["set system login user ansible authentication plaintext-password test"], ) + + def test_vyos_user_set_ssh_key(self): + set_module_args( + dict( + name="ansible", + public_keys=[ + dict( + name="user@host", + key="AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu", + type="ssh-ed25519", + ), + ], + ), + ) + result = self.execute_module(changed=True) + self.assertEqual( + result["commands"], + [ + "set system login user ansible authentication public-keys user@host key 'AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu'", + "set system login user ansible authentication public-keys user@host type 'ssh-ed25519'", + ], + ) + + def test_vyos_user_set_ssh_key_idempotent(self): + set_module_args( + dict( + name="ssh", + public_keys=[ + dict( + name="user@host", + key="AAAAB3NzaC1yc2EAAAADAQABAAABAQD", + type="ssh-rsa", + ), + ], + ), + ) + self.load_fixtures() + result = self.execute_module(changed=False) + self.assertEqual(result["commands"], []) + + def test_vyos_user_set_ssh_key_change(self): + set_module_args( + dict( + name="ssh", + public_keys=[ + dict( + name="user@host", + key="AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu", + type="ssh-ed25519", + ), + ], + ), + ) + self.load_fixtures() + result = self.execute_module( + changed=True, + commands=[ + "set system login user ssh authentication public-keys user@host key 'AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu'", + "set system login user ssh authentication public-keys user@host type 'ssh-ed25519'", + ], + ) + + def test_vyos_user_set_ssh_key_add_and_remove(self): + set_module_args( + dict( + name="ssh", + public_keys=[ + dict( + name="noone@nowhere", + key="AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu", + type="ssh-ed25519", + ), + ], + ), + ) + self.load_fixtures() + result = self.execute_module( + changed=True, + commands=[ + "delete system login user ssh authentication public-keys user@host", + "set system login user ssh authentication public-keys noone@nowhere key 'AAAAC3NzaC1lZDI1NTE5AAAAIFIR0jrMvBdmvTJNY5EDhOD+eixvbOinhY1eBU2uyuhu'", + "set system login user ssh authentication public-keys noone@nowhere type 'ssh-ed25519'", + ], + ) + + def test_vyos_user_set_ssh_key_empty(self): + # empty public_keys has no effect (for setting passwords, user names, etc.) + set_module_args( + dict( + name="ssh", + public_keys=[], + ), + ) + self.load_fixtures() + result = self.execute_module(changed=False) + + def test_vyos_user_set_encrypted_password(self): + set_module_args( + dict( + name="ansible", + encrypted_password="$6$rounds=656000$SALT$HASH", + ), + ) + result = self.execute_module(changed=True) + self.assertEqual( + result["commands"], + [ + "set system login user ansible authentication encrypted-password '$6$rounds=656000$SALT$HASH'", + ], + ) + + def test_vyos_user_set_encrypted_password_idem(self): + set_module_args( + dict( + name="ansible", + encrypted_password="$6$ZfvSv6A50W6yNPYX$4HP5eg2sywcXYxTqhApQ7zvUvx0HsQHrI9xuJoFLy2gM/", + ), + ) + result = self.execute_module(changed=False) -- cgit v1.2.3