1# Copyright 2019 Fortinet, Inc. 2# 3# This program is free software: you can redistribute it and/or modify 4# it under the terms of the GNU General Public License as published by 5# the Free Software Foundation, either version 3 of the License, or 6# (at your option) any later version. 7# 8# This program is distributed in the hope that it will be useful, 9# but WITHOUT ANY WARRANTY; without even the implied warranty of 10# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11# GNU General Public License for more details. 12# 13# You should have received a copy of the GNU General Public License 14# along with Ansible. If not, see <https://www.gnu.org/licenses/>. 15 16# Make coding more python3-ish 17from __future__ import (absolute_import, division, print_function) 18__metaclass__ = type 19 20import os 21import json 22import pytest 23from mock import ANY 24from ansible.module_utils.network.fortios.fortios import FortiOSHandler 25 26try: 27 from ansible.modules.network.fortios import fortios_wireless_controller_vap 28except ImportError: 29 pytest.skip("Could not load required modules for testing", allow_module_level=True) 30 31 32@pytest.fixture(autouse=True) 33def connection_mock(mocker): 34 connection_class_mock = mocker.patch('ansible.modules.network.fortios.fortios_wireless_controller_vap.Connection') 35 return connection_class_mock 36 37 38fos_instance = FortiOSHandler(connection_mock) 39 40 41def test_wireless_controller_vap_creation(mocker): 42 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 43 44 set_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200} 45 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 46 47 input_data = { 48 'username': 'admin', 49 'state': 'present', 50 'wireless_controller_vap': { 51 'acct_interim_interval': '3', 52 'alias': 'test_value_4', 53 'auth': 'psk', 54 'broadcast_ssid': 'enable', 55 'broadcast_suppression': 'dhcp-up', 56 'captive_portal_ac_name': 'test_value_8', 57 'captive_portal_macauth_radius_secret': 'test_value_9', 58 'captive_portal_macauth_radius_server': 'test_value_10', 59 'captive_portal_radius_secret': 'test_value_11', 60 'captive_portal_radius_server': 'test_value_12', 61 'captive_portal_session_timeout_interval': '13', 62 'dhcp_lease_time': '14', 63 'dhcp_option82_circuit_id_insertion': 'style-1', 64 'dhcp_option82_insertion': 'enable', 65 'dhcp_option82_remote_id_insertion': 'style-1', 66 'dynamic_vlan': 'enable', 67 'eap_reauth': 'enable', 68 'eap_reauth_intv': '20', 69 'eapol_key_retries': 'disable', 70 'encrypt': 'TKIP', 71 'external_fast_roaming': 'enable', 72 'external_logout': 'test_value_24', 73 'external_web': 'test_value_25', 74 'fast_bss_transition': 'disable', 75 'fast_roaming': 'enable', 76 'ft_mobility_domain': '28', 77 'ft_over_ds': 'disable', 78 'ft_r0_key_lifetime': '30', 79 'gtk_rekey': 'enable', 80 'gtk_rekey_intv': '32', 81 'hotspot20_profile': 'test_value_33', 82 'intra_vap_privacy': 'enable', 83 'ip': 'test_value_35', 84 'key': 'test_value_36', 85 'keyindex': '37', 86 'ldpc': 'disable', 87 'local_authentication': 'enable', 88 'local_bridging': 'enable', 89 'local_lan': 'allow', 90 'local_standalone': 'enable', 91 'local_standalone_nat': 'enable', 92 'mac_auth_bypass': 'enable', 93 'mac_filter': 'enable', 94 'mac_filter_policy_other': 'allow', 95 'max_clients': '47', 96 'max_clients_ap': '48', 97 'me_disable_thresh': '49', 98 'mesh_backhaul': 'enable', 99 'mpsk': 'enable', 100 'mpsk_concurrent_clients': '52', 101 'multicast_enhance': 'enable', 102 'multicast_rate': '0', 103 'name': 'default_name_55', 104 'okc': 'disable', 105 'passphrase': 'test_value_57', 106 'pmf': 'disable', 107 'pmf_assoc_comeback_timeout': '59', 108 'pmf_sa_query_retry_timeout': '60', 109 'portal_message_override_group': 'test_value_61', 110 'portal_type': 'auth', 111 'probe_resp_suppression': 'enable', 112 'probe_resp_threshold': 'test_value_64', 113 'ptk_rekey': 'enable', 114 'ptk_rekey_intv': '66', 115 'qos_profile': 'test_value_67', 116 'quarantine': 'enable', 117 'radio_2g_threshold': 'test_value_69', 118 'radio_5g_threshold': 'test_value_70', 119 'radio_sensitivity': 'enable', 120 'radius_mac_auth': 'enable', 121 'radius_mac_auth_server': 'test_value_73', 122 'radius_server': 'test_value_74', 123 'rates_11a': '1', 124 'rates_11ac_ss12': 'mcs0/1', 125 'rates_11ac_ss34': 'mcs0/3', 126 'rates_11bg': '1', 127 'rates_11n_ss12': 'mcs0/1', 128 'rates_11n_ss34': 'mcs16/3', 129 'schedule': 'test_value_81', 130 'security': 'open', 131 'security_exempt_list': 'test_value_83', 132 'security_obsolete_option': 'enable', 133 'security_redirect_url': 'test_value_85', 134 'split_tunneling': 'enable', 135 'ssid': 'test_value_87', 136 'tkip_counter_measure': 'enable', 137 'utm_profile': 'test_value_89', 138 'vdom': 'test_value_90', 139 'vlan_auto': 'enable', 140 'vlan_pooling': 'wtp-group', 141 'vlanid': '93', 142 'voice_enterprise': 'disable' 143 }, 144 'vdom': 'root'} 145 146 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 147 148 expected_data = { 149 'acct-interim-interval': '3', 150 'alias': 'test_value_4', 151 'auth': 'psk', 152 'broadcast-ssid': 'enable', 153 'broadcast-suppression': 'dhcp-up', 154 'captive-portal-ac-name': 'test_value_8', 155 'captive-portal-macauth-radius-secret': 'test_value_9', 156 'captive-portal-macauth-radius-server': 'test_value_10', 157 'captive-portal-radius-secret': 'test_value_11', 158 'captive-portal-radius-server': 'test_value_12', 159 'captive-portal-session-timeout-interval': '13', 160 'dhcp-lease-time': '14', 161 'dhcp-option82-circuit-id-insertion': 'style-1', 162 'dhcp-option82-insertion': 'enable', 163 'dhcp-option82-remote-id-insertion': 'style-1', 164 'dynamic-vlan': 'enable', 165 'eap-reauth': 'enable', 166 'eap-reauth-intv': '20', 167 'eapol-key-retries': 'disable', 168 'encrypt': 'TKIP', 169 'external-fast-roaming': 'enable', 170 'external-logout': 'test_value_24', 171 'external-web': 'test_value_25', 172 'fast-bss-transition': 'disable', 173 'fast-roaming': 'enable', 174 'ft-mobility-domain': '28', 175 'ft-over-ds': 'disable', 176 'ft-r0-key-lifetime': '30', 177 'gtk-rekey': 'enable', 178 'gtk-rekey-intv': '32', 179 'hotspot20-profile': 'test_value_33', 180 'intra-vap-privacy': 'enable', 181 'ip': 'test_value_35', 182 'key': 'test_value_36', 183 'keyindex': '37', 184 'ldpc': 'disable', 185 'local-authentication': 'enable', 186 'local-bridging': 'enable', 187 'local-lan': 'allow', 188 'local-standalone': 'enable', 189 'local-standalone-nat': 'enable', 190 'mac-auth-bypass': 'enable', 191 'mac-filter': 'enable', 192 'mac-filter-policy-other': 'allow', 193 'max-clients': '47', 194 'max-clients-ap': '48', 195 'me-disable-thresh': '49', 196 'mesh-backhaul': 'enable', 197 'mpsk': 'enable', 198 'mpsk-concurrent-clients': '52', 199 'multicast-enhance': 'enable', 200 'multicast-rate': '0', 201 'name': 'default_name_55', 202 'okc': 'disable', 203 'passphrase': 'test_value_57', 204 'pmf': 'disable', 205 'pmf-assoc-comeback-timeout': '59', 206 'pmf-sa-query-retry-timeout': '60', 207 'portal-message-override-group': 'test_value_61', 208 'portal-type': 'auth', 209 'probe-resp-suppression': 'enable', 210 'probe-resp-threshold': 'test_value_64', 211 'ptk-rekey': 'enable', 212 'ptk-rekey-intv': '66', 213 'qos-profile': 'test_value_67', 214 'quarantine': 'enable', 215 'radio-2g-threshold': 'test_value_69', 216 'radio-5g-threshold': 'test_value_70', 217 'radio-sensitivity': 'enable', 218 'radius-mac-auth': 'enable', 219 'radius-mac-auth-server': 'test_value_73', 220 'radius-server': 'test_value_74', 221 'rates-11a': '1', 222 'rates-11ac-ss12': 'mcs0/1', 223 'rates-11ac-ss34': 'mcs0/3', 224 'rates-11bg': '1', 225 'rates-11n-ss12': 'mcs0/1', 226 'rates-11n-ss34': 'mcs16/3', 227 'schedule': 'test_value_81', 228 'security': 'open', 229 'security-exempt-list': 'test_value_83', 230 'security-obsolete-option': 'enable', 231 'security-redirect-url': 'test_value_85', 232 'split-tunneling': 'enable', 233 'ssid': 'test_value_87', 234 'tkip-counter-measure': 'enable', 235 'utm-profile': 'test_value_89', 236 'vdom': 'test_value_90', 237 'vlan-auto': 'enable', 238 'vlan-pooling': 'wtp-group', 239 'vlanid': '93', 240 'voice-enterprise': 'disable' 241 } 242 243 set_method_mock.assert_called_with('wireless-controller', 'vap', data=expected_data, vdom='root') 244 schema_method_mock.assert_not_called() 245 assert not is_error 246 assert changed 247 assert response['status'] == 'success' 248 assert response['http_status'] == 200 249 250 251def test_wireless_controller_vap_creation_fails(mocker): 252 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 253 254 set_method_result = {'status': 'error', 'http_method': 'POST', 'http_status': 500} 255 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 256 257 input_data = { 258 'username': 'admin', 259 'state': 'present', 260 'wireless_controller_vap': { 261 'acct_interim_interval': '3', 262 'alias': 'test_value_4', 263 'auth': 'psk', 264 'broadcast_ssid': 'enable', 265 'broadcast_suppression': 'dhcp-up', 266 'captive_portal_ac_name': 'test_value_8', 267 'captive_portal_macauth_radius_secret': 'test_value_9', 268 'captive_portal_macauth_radius_server': 'test_value_10', 269 'captive_portal_radius_secret': 'test_value_11', 270 'captive_portal_radius_server': 'test_value_12', 271 'captive_portal_session_timeout_interval': '13', 272 'dhcp_lease_time': '14', 273 'dhcp_option82_circuit_id_insertion': 'style-1', 274 'dhcp_option82_insertion': 'enable', 275 'dhcp_option82_remote_id_insertion': 'style-1', 276 'dynamic_vlan': 'enable', 277 'eap_reauth': 'enable', 278 'eap_reauth_intv': '20', 279 'eapol_key_retries': 'disable', 280 'encrypt': 'TKIP', 281 'external_fast_roaming': 'enable', 282 'external_logout': 'test_value_24', 283 'external_web': 'test_value_25', 284 'fast_bss_transition': 'disable', 285 'fast_roaming': 'enable', 286 'ft_mobility_domain': '28', 287 'ft_over_ds': 'disable', 288 'ft_r0_key_lifetime': '30', 289 'gtk_rekey': 'enable', 290 'gtk_rekey_intv': '32', 291 'hotspot20_profile': 'test_value_33', 292 'intra_vap_privacy': 'enable', 293 'ip': 'test_value_35', 294 'key': 'test_value_36', 295 'keyindex': '37', 296 'ldpc': 'disable', 297 'local_authentication': 'enable', 298 'local_bridging': 'enable', 299 'local_lan': 'allow', 300 'local_standalone': 'enable', 301 'local_standalone_nat': 'enable', 302 'mac_auth_bypass': 'enable', 303 'mac_filter': 'enable', 304 'mac_filter_policy_other': 'allow', 305 'max_clients': '47', 306 'max_clients_ap': '48', 307 'me_disable_thresh': '49', 308 'mesh_backhaul': 'enable', 309 'mpsk': 'enable', 310 'mpsk_concurrent_clients': '52', 311 'multicast_enhance': 'enable', 312 'multicast_rate': '0', 313 'name': 'default_name_55', 314 'okc': 'disable', 315 'passphrase': 'test_value_57', 316 'pmf': 'disable', 317 'pmf_assoc_comeback_timeout': '59', 318 'pmf_sa_query_retry_timeout': '60', 319 'portal_message_override_group': 'test_value_61', 320 'portal_type': 'auth', 321 'probe_resp_suppression': 'enable', 322 'probe_resp_threshold': 'test_value_64', 323 'ptk_rekey': 'enable', 324 'ptk_rekey_intv': '66', 325 'qos_profile': 'test_value_67', 326 'quarantine': 'enable', 327 'radio_2g_threshold': 'test_value_69', 328 'radio_5g_threshold': 'test_value_70', 329 'radio_sensitivity': 'enable', 330 'radius_mac_auth': 'enable', 331 'radius_mac_auth_server': 'test_value_73', 332 'radius_server': 'test_value_74', 333 'rates_11a': '1', 334 'rates_11ac_ss12': 'mcs0/1', 335 'rates_11ac_ss34': 'mcs0/3', 336 'rates_11bg': '1', 337 'rates_11n_ss12': 'mcs0/1', 338 'rates_11n_ss34': 'mcs16/3', 339 'schedule': 'test_value_81', 340 'security': 'open', 341 'security_exempt_list': 'test_value_83', 342 'security_obsolete_option': 'enable', 343 'security_redirect_url': 'test_value_85', 344 'split_tunneling': 'enable', 345 'ssid': 'test_value_87', 346 'tkip_counter_measure': 'enable', 347 'utm_profile': 'test_value_89', 348 'vdom': 'test_value_90', 349 'vlan_auto': 'enable', 350 'vlan_pooling': 'wtp-group', 351 'vlanid': '93', 352 'voice_enterprise': 'disable' 353 }, 354 'vdom': 'root'} 355 356 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 357 358 expected_data = { 359 'acct-interim-interval': '3', 360 'alias': 'test_value_4', 361 'auth': 'psk', 362 'broadcast-ssid': 'enable', 363 'broadcast-suppression': 'dhcp-up', 364 'captive-portal-ac-name': 'test_value_8', 365 'captive-portal-macauth-radius-secret': 'test_value_9', 366 'captive-portal-macauth-radius-server': 'test_value_10', 367 'captive-portal-radius-secret': 'test_value_11', 368 'captive-portal-radius-server': 'test_value_12', 369 'captive-portal-session-timeout-interval': '13', 370 'dhcp-lease-time': '14', 371 'dhcp-option82-circuit-id-insertion': 'style-1', 372 'dhcp-option82-insertion': 'enable', 373 'dhcp-option82-remote-id-insertion': 'style-1', 374 'dynamic-vlan': 'enable', 375 'eap-reauth': 'enable', 376 'eap-reauth-intv': '20', 377 'eapol-key-retries': 'disable', 378 'encrypt': 'TKIP', 379 'external-fast-roaming': 'enable', 380 'external-logout': 'test_value_24', 381 'external-web': 'test_value_25', 382 'fast-bss-transition': 'disable', 383 'fast-roaming': 'enable', 384 'ft-mobility-domain': '28', 385 'ft-over-ds': 'disable', 386 'ft-r0-key-lifetime': '30', 387 'gtk-rekey': 'enable', 388 'gtk-rekey-intv': '32', 389 'hotspot20-profile': 'test_value_33', 390 'intra-vap-privacy': 'enable', 391 'ip': 'test_value_35', 392 'key': 'test_value_36', 393 'keyindex': '37', 394 'ldpc': 'disable', 395 'local-authentication': 'enable', 396 'local-bridging': 'enable', 397 'local-lan': 'allow', 398 'local-standalone': 'enable', 399 'local-standalone-nat': 'enable', 400 'mac-auth-bypass': 'enable', 401 'mac-filter': 'enable', 402 'mac-filter-policy-other': 'allow', 403 'max-clients': '47', 404 'max-clients-ap': '48', 405 'me-disable-thresh': '49', 406 'mesh-backhaul': 'enable', 407 'mpsk': 'enable', 408 'mpsk-concurrent-clients': '52', 409 'multicast-enhance': 'enable', 410 'multicast-rate': '0', 411 'name': 'default_name_55', 412 'okc': 'disable', 413 'passphrase': 'test_value_57', 414 'pmf': 'disable', 415 'pmf-assoc-comeback-timeout': '59', 416 'pmf-sa-query-retry-timeout': '60', 417 'portal-message-override-group': 'test_value_61', 418 'portal-type': 'auth', 419 'probe-resp-suppression': 'enable', 420 'probe-resp-threshold': 'test_value_64', 421 'ptk-rekey': 'enable', 422 'ptk-rekey-intv': '66', 423 'qos-profile': 'test_value_67', 424 'quarantine': 'enable', 425 'radio-2g-threshold': 'test_value_69', 426 'radio-5g-threshold': 'test_value_70', 427 'radio-sensitivity': 'enable', 428 'radius-mac-auth': 'enable', 429 'radius-mac-auth-server': 'test_value_73', 430 'radius-server': 'test_value_74', 431 'rates-11a': '1', 432 'rates-11ac-ss12': 'mcs0/1', 433 'rates-11ac-ss34': 'mcs0/3', 434 'rates-11bg': '1', 435 'rates-11n-ss12': 'mcs0/1', 436 'rates-11n-ss34': 'mcs16/3', 437 'schedule': 'test_value_81', 438 'security': 'open', 439 'security-exempt-list': 'test_value_83', 440 'security-obsolete-option': 'enable', 441 'security-redirect-url': 'test_value_85', 442 'split-tunneling': 'enable', 443 'ssid': 'test_value_87', 444 'tkip-counter-measure': 'enable', 445 'utm-profile': 'test_value_89', 446 'vdom': 'test_value_90', 447 'vlan-auto': 'enable', 448 'vlan-pooling': 'wtp-group', 449 'vlanid': '93', 450 'voice-enterprise': 'disable' 451 } 452 453 set_method_mock.assert_called_with('wireless-controller', 'vap', data=expected_data, vdom='root') 454 schema_method_mock.assert_not_called() 455 assert is_error 456 assert not changed 457 assert response['status'] == 'error' 458 assert response['http_status'] == 500 459 460 461def test_wireless_controller_vap_removal(mocker): 462 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 463 464 delete_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200} 465 delete_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.delete', return_value=delete_method_result) 466 467 input_data = { 468 'username': 'admin', 469 'state': 'absent', 470 'wireless_controller_vap': { 471 'acct_interim_interval': '3', 472 'alias': 'test_value_4', 473 'auth': 'psk', 474 'broadcast_ssid': 'enable', 475 'broadcast_suppression': 'dhcp-up', 476 'captive_portal_ac_name': 'test_value_8', 477 'captive_portal_macauth_radius_secret': 'test_value_9', 478 'captive_portal_macauth_radius_server': 'test_value_10', 479 'captive_portal_radius_secret': 'test_value_11', 480 'captive_portal_radius_server': 'test_value_12', 481 'captive_portal_session_timeout_interval': '13', 482 'dhcp_lease_time': '14', 483 'dhcp_option82_circuit_id_insertion': 'style-1', 484 'dhcp_option82_insertion': 'enable', 485 'dhcp_option82_remote_id_insertion': 'style-1', 486 'dynamic_vlan': 'enable', 487 'eap_reauth': 'enable', 488 'eap_reauth_intv': '20', 489 'eapol_key_retries': 'disable', 490 'encrypt': 'TKIP', 491 'external_fast_roaming': 'enable', 492 'external_logout': 'test_value_24', 493 'external_web': 'test_value_25', 494 'fast_bss_transition': 'disable', 495 'fast_roaming': 'enable', 496 'ft_mobility_domain': '28', 497 'ft_over_ds': 'disable', 498 'ft_r0_key_lifetime': '30', 499 'gtk_rekey': 'enable', 500 'gtk_rekey_intv': '32', 501 'hotspot20_profile': 'test_value_33', 502 'intra_vap_privacy': 'enable', 503 'ip': 'test_value_35', 504 'key': 'test_value_36', 505 'keyindex': '37', 506 'ldpc': 'disable', 507 'local_authentication': 'enable', 508 'local_bridging': 'enable', 509 'local_lan': 'allow', 510 'local_standalone': 'enable', 511 'local_standalone_nat': 'enable', 512 'mac_auth_bypass': 'enable', 513 'mac_filter': 'enable', 514 'mac_filter_policy_other': 'allow', 515 'max_clients': '47', 516 'max_clients_ap': '48', 517 'me_disable_thresh': '49', 518 'mesh_backhaul': 'enable', 519 'mpsk': 'enable', 520 'mpsk_concurrent_clients': '52', 521 'multicast_enhance': 'enable', 522 'multicast_rate': '0', 523 'name': 'default_name_55', 524 'okc': 'disable', 525 'passphrase': 'test_value_57', 526 'pmf': 'disable', 527 'pmf_assoc_comeback_timeout': '59', 528 'pmf_sa_query_retry_timeout': '60', 529 'portal_message_override_group': 'test_value_61', 530 'portal_type': 'auth', 531 'probe_resp_suppression': 'enable', 532 'probe_resp_threshold': 'test_value_64', 533 'ptk_rekey': 'enable', 534 'ptk_rekey_intv': '66', 535 'qos_profile': 'test_value_67', 536 'quarantine': 'enable', 537 'radio_2g_threshold': 'test_value_69', 538 'radio_5g_threshold': 'test_value_70', 539 'radio_sensitivity': 'enable', 540 'radius_mac_auth': 'enable', 541 'radius_mac_auth_server': 'test_value_73', 542 'radius_server': 'test_value_74', 543 'rates_11a': '1', 544 'rates_11ac_ss12': 'mcs0/1', 545 'rates_11ac_ss34': 'mcs0/3', 546 'rates_11bg': '1', 547 'rates_11n_ss12': 'mcs0/1', 548 'rates_11n_ss34': 'mcs16/3', 549 'schedule': 'test_value_81', 550 'security': 'open', 551 'security_exempt_list': 'test_value_83', 552 'security_obsolete_option': 'enable', 553 'security_redirect_url': 'test_value_85', 554 'split_tunneling': 'enable', 555 'ssid': 'test_value_87', 556 'tkip_counter_measure': 'enable', 557 'utm_profile': 'test_value_89', 558 'vdom': 'test_value_90', 559 'vlan_auto': 'enable', 560 'vlan_pooling': 'wtp-group', 561 'vlanid': '93', 562 'voice_enterprise': 'disable' 563 }, 564 'vdom': 'root'} 565 566 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 567 568 delete_method_mock.assert_called_with('wireless-controller', 'vap', mkey=ANY, vdom='root') 569 schema_method_mock.assert_not_called() 570 assert not is_error 571 assert changed 572 assert response['status'] == 'success' 573 assert response['http_status'] == 200 574 575 576def test_wireless_controller_vap_deletion_fails(mocker): 577 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 578 579 delete_method_result = {'status': 'error', 'http_method': 'POST', 'http_status': 500} 580 delete_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.delete', return_value=delete_method_result) 581 582 input_data = { 583 'username': 'admin', 584 'state': 'absent', 585 'wireless_controller_vap': { 586 'acct_interim_interval': '3', 587 'alias': 'test_value_4', 588 'auth': 'psk', 589 'broadcast_ssid': 'enable', 590 'broadcast_suppression': 'dhcp-up', 591 'captive_portal_ac_name': 'test_value_8', 592 'captive_portal_macauth_radius_secret': 'test_value_9', 593 'captive_portal_macauth_radius_server': 'test_value_10', 594 'captive_portal_radius_secret': 'test_value_11', 595 'captive_portal_radius_server': 'test_value_12', 596 'captive_portal_session_timeout_interval': '13', 597 'dhcp_lease_time': '14', 598 'dhcp_option82_circuit_id_insertion': 'style-1', 599 'dhcp_option82_insertion': 'enable', 600 'dhcp_option82_remote_id_insertion': 'style-1', 601 'dynamic_vlan': 'enable', 602 'eap_reauth': 'enable', 603 'eap_reauth_intv': '20', 604 'eapol_key_retries': 'disable', 605 'encrypt': 'TKIP', 606 'external_fast_roaming': 'enable', 607 'external_logout': 'test_value_24', 608 'external_web': 'test_value_25', 609 'fast_bss_transition': 'disable', 610 'fast_roaming': 'enable', 611 'ft_mobility_domain': '28', 612 'ft_over_ds': 'disable', 613 'ft_r0_key_lifetime': '30', 614 'gtk_rekey': 'enable', 615 'gtk_rekey_intv': '32', 616 'hotspot20_profile': 'test_value_33', 617 'intra_vap_privacy': 'enable', 618 'ip': 'test_value_35', 619 'key': 'test_value_36', 620 'keyindex': '37', 621 'ldpc': 'disable', 622 'local_authentication': 'enable', 623 'local_bridging': 'enable', 624 'local_lan': 'allow', 625 'local_standalone': 'enable', 626 'local_standalone_nat': 'enable', 627 'mac_auth_bypass': 'enable', 628 'mac_filter': 'enable', 629 'mac_filter_policy_other': 'allow', 630 'max_clients': '47', 631 'max_clients_ap': '48', 632 'me_disable_thresh': '49', 633 'mesh_backhaul': 'enable', 634 'mpsk': 'enable', 635 'mpsk_concurrent_clients': '52', 636 'multicast_enhance': 'enable', 637 'multicast_rate': '0', 638 'name': 'default_name_55', 639 'okc': 'disable', 640 'passphrase': 'test_value_57', 641 'pmf': 'disable', 642 'pmf_assoc_comeback_timeout': '59', 643 'pmf_sa_query_retry_timeout': '60', 644 'portal_message_override_group': 'test_value_61', 645 'portal_type': 'auth', 646 'probe_resp_suppression': 'enable', 647 'probe_resp_threshold': 'test_value_64', 648 'ptk_rekey': 'enable', 649 'ptk_rekey_intv': '66', 650 'qos_profile': 'test_value_67', 651 'quarantine': 'enable', 652 'radio_2g_threshold': 'test_value_69', 653 'radio_5g_threshold': 'test_value_70', 654 'radio_sensitivity': 'enable', 655 'radius_mac_auth': 'enable', 656 'radius_mac_auth_server': 'test_value_73', 657 'radius_server': 'test_value_74', 658 'rates_11a': '1', 659 'rates_11ac_ss12': 'mcs0/1', 660 'rates_11ac_ss34': 'mcs0/3', 661 'rates_11bg': '1', 662 'rates_11n_ss12': 'mcs0/1', 663 'rates_11n_ss34': 'mcs16/3', 664 'schedule': 'test_value_81', 665 'security': 'open', 666 'security_exempt_list': 'test_value_83', 667 'security_obsolete_option': 'enable', 668 'security_redirect_url': 'test_value_85', 669 'split_tunneling': 'enable', 670 'ssid': 'test_value_87', 671 'tkip_counter_measure': 'enable', 672 'utm_profile': 'test_value_89', 673 'vdom': 'test_value_90', 674 'vlan_auto': 'enable', 675 'vlan_pooling': 'wtp-group', 676 'vlanid': '93', 677 'voice_enterprise': 'disable' 678 }, 679 'vdom': 'root'} 680 681 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 682 683 delete_method_mock.assert_called_with('wireless-controller', 'vap', mkey=ANY, vdom='root') 684 schema_method_mock.assert_not_called() 685 assert is_error 686 assert not changed 687 assert response['status'] == 'error' 688 assert response['http_status'] == 500 689 690 691def test_wireless_controller_vap_idempotent(mocker): 692 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 693 694 set_method_result = {'status': 'error', 'http_method': 'DELETE', 'http_status': 404} 695 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 696 697 input_data = { 698 'username': 'admin', 699 'state': 'present', 700 'wireless_controller_vap': { 701 'acct_interim_interval': '3', 702 'alias': 'test_value_4', 703 'auth': 'psk', 704 'broadcast_ssid': 'enable', 705 'broadcast_suppression': 'dhcp-up', 706 'captive_portal_ac_name': 'test_value_8', 707 'captive_portal_macauth_radius_secret': 'test_value_9', 708 'captive_portal_macauth_radius_server': 'test_value_10', 709 'captive_portal_radius_secret': 'test_value_11', 710 'captive_portal_radius_server': 'test_value_12', 711 'captive_portal_session_timeout_interval': '13', 712 'dhcp_lease_time': '14', 713 'dhcp_option82_circuit_id_insertion': 'style-1', 714 'dhcp_option82_insertion': 'enable', 715 'dhcp_option82_remote_id_insertion': 'style-1', 716 'dynamic_vlan': 'enable', 717 'eap_reauth': 'enable', 718 'eap_reauth_intv': '20', 719 'eapol_key_retries': 'disable', 720 'encrypt': 'TKIP', 721 'external_fast_roaming': 'enable', 722 'external_logout': 'test_value_24', 723 'external_web': 'test_value_25', 724 'fast_bss_transition': 'disable', 725 'fast_roaming': 'enable', 726 'ft_mobility_domain': '28', 727 'ft_over_ds': 'disable', 728 'ft_r0_key_lifetime': '30', 729 'gtk_rekey': 'enable', 730 'gtk_rekey_intv': '32', 731 'hotspot20_profile': 'test_value_33', 732 'intra_vap_privacy': 'enable', 733 'ip': 'test_value_35', 734 'key': 'test_value_36', 735 'keyindex': '37', 736 'ldpc': 'disable', 737 'local_authentication': 'enable', 738 'local_bridging': 'enable', 739 'local_lan': 'allow', 740 'local_standalone': 'enable', 741 'local_standalone_nat': 'enable', 742 'mac_auth_bypass': 'enable', 743 'mac_filter': 'enable', 744 'mac_filter_policy_other': 'allow', 745 'max_clients': '47', 746 'max_clients_ap': '48', 747 'me_disable_thresh': '49', 748 'mesh_backhaul': 'enable', 749 'mpsk': 'enable', 750 'mpsk_concurrent_clients': '52', 751 'multicast_enhance': 'enable', 752 'multicast_rate': '0', 753 'name': 'default_name_55', 754 'okc': 'disable', 755 'passphrase': 'test_value_57', 756 'pmf': 'disable', 757 'pmf_assoc_comeback_timeout': '59', 758 'pmf_sa_query_retry_timeout': '60', 759 'portal_message_override_group': 'test_value_61', 760 'portal_type': 'auth', 761 'probe_resp_suppression': 'enable', 762 'probe_resp_threshold': 'test_value_64', 763 'ptk_rekey': 'enable', 764 'ptk_rekey_intv': '66', 765 'qos_profile': 'test_value_67', 766 'quarantine': 'enable', 767 'radio_2g_threshold': 'test_value_69', 768 'radio_5g_threshold': 'test_value_70', 769 'radio_sensitivity': 'enable', 770 'radius_mac_auth': 'enable', 771 'radius_mac_auth_server': 'test_value_73', 772 'radius_server': 'test_value_74', 773 'rates_11a': '1', 774 'rates_11ac_ss12': 'mcs0/1', 775 'rates_11ac_ss34': 'mcs0/3', 776 'rates_11bg': '1', 777 'rates_11n_ss12': 'mcs0/1', 778 'rates_11n_ss34': 'mcs16/3', 779 'schedule': 'test_value_81', 780 'security': 'open', 781 'security_exempt_list': 'test_value_83', 782 'security_obsolete_option': 'enable', 783 'security_redirect_url': 'test_value_85', 784 'split_tunneling': 'enable', 785 'ssid': 'test_value_87', 786 'tkip_counter_measure': 'enable', 787 'utm_profile': 'test_value_89', 788 'vdom': 'test_value_90', 789 'vlan_auto': 'enable', 790 'vlan_pooling': 'wtp-group', 791 'vlanid': '93', 792 'voice_enterprise': 'disable' 793 }, 794 'vdom': 'root'} 795 796 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 797 798 expected_data = { 799 'acct-interim-interval': '3', 800 'alias': 'test_value_4', 801 'auth': 'psk', 802 'broadcast-ssid': 'enable', 803 'broadcast-suppression': 'dhcp-up', 804 'captive-portal-ac-name': 'test_value_8', 805 'captive-portal-macauth-radius-secret': 'test_value_9', 806 'captive-portal-macauth-radius-server': 'test_value_10', 807 'captive-portal-radius-secret': 'test_value_11', 808 'captive-portal-radius-server': 'test_value_12', 809 'captive-portal-session-timeout-interval': '13', 810 'dhcp-lease-time': '14', 811 'dhcp-option82-circuit-id-insertion': 'style-1', 812 'dhcp-option82-insertion': 'enable', 813 'dhcp-option82-remote-id-insertion': 'style-1', 814 'dynamic-vlan': 'enable', 815 'eap-reauth': 'enable', 816 'eap-reauth-intv': '20', 817 'eapol-key-retries': 'disable', 818 'encrypt': 'TKIP', 819 'external-fast-roaming': 'enable', 820 'external-logout': 'test_value_24', 821 'external-web': 'test_value_25', 822 'fast-bss-transition': 'disable', 823 'fast-roaming': 'enable', 824 'ft-mobility-domain': '28', 825 'ft-over-ds': 'disable', 826 'ft-r0-key-lifetime': '30', 827 'gtk-rekey': 'enable', 828 'gtk-rekey-intv': '32', 829 'hotspot20-profile': 'test_value_33', 830 'intra-vap-privacy': 'enable', 831 'ip': 'test_value_35', 832 'key': 'test_value_36', 833 'keyindex': '37', 834 'ldpc': 'disable', 835 'local-authentication': 'enable', 836 'local-bridging': 'enable', 837 'local-lan': 'allow', 838 'local-standalone': 'enable', 839 'local-standalone-nat': 'enable', 840 'mac-auth-bypass': 'enable', 841 'mac-filter': 'enable', 842 'mac-filter-policy-other': 'allow', 843 'max-clients': '47', 844 'max-clients-ap': '48', 845 'me-disable-thresh': '49', 846 'mesh-backhaul': 'enable', 847 'mpsk': 'enable', 848 'mpsk-concurrent-clients': '52', 849 'multicast-enhance': 'enable', 850 'multicast-rate': '0', 851 'name': 'default_name_55', 852 'okc': 'disable', 853 'passphrase': 'test_value_57', 854 'pmf': 'disable', 855 'pmf-assoc-comeback-timeout': '59', 856 'pmf-sa-query-retry-timeout': '60', 857 'portal-message-override-group': 'test_value_61', 858 'portal-type': 'auth', 859 'probe-resp-suppression': 'enable', 860 'probe-resp-threshold': 'test_value_64', 861 'ptk-rekey': 'enable', 862 'ptk-rekey-intv': '66', 863 'qos-profile': 'test_value_67', 864 'quarantine': 'enable', 865 'radio-2g-threshold': 'test_value_69', 866 'radio-5g-threshold': 'test_value_70', 867 'radio-sensitivity': 'enable', 868 'radius-mac-auth': 'enable', 869 'radius-mac-auth-server': 'test_value_73', 870 'radius-server': 'test_value_74', 871 'rates-11a': '1', 872 'rates-11ac-ss12': 'mcs0/1', 873 'rates-11ac-ss34': 'mcs0/3', 874 'rates-11bg': '1', 875 'rates-11n-ss12': 'mcs0/1', 876 'rates-11n-ss34': 'mcs16/3', 877 'schedule': 'test_value_81', 878 'security': 'open', 879 'security-exempt-list': 'test_value_83', 880 'security-obsolete-option': 'enable', 881 'security-redirect-url': 'test_value_85', 882 'split-tunneling': 'enable', 883 'ssid': 'test_value_87', 884 'tkip-counter-measure': 'enable', 885 'utm-profile': 'test_value_89', 886 'vdom': 'test_value_90', 887 'vlan-auto': 'enable', 888 'vlan-pooling': 'wtp-group', 889 'vlanid': '93', 890 'voice-enterprise': 'disable' 891 } 892 893 set_method_mock.assert_called_with('wireless-controller', 'vap', data=expected_data, vdom='root') 894 schema_method_mock.assert_not_called() 895 assert not is_error 896 assert not changed 897 assert response['status'] == 'error' 898 assert response['http_status'] == 404 899 900 901def test_wireless_controller_vap_filter_foreign_attributes(mocker): 902 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 903 904 set_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200} 905 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 906 907 input_data = { 908 'username': 'admin', 909 'state': 'present', 910 'wireless_controller_vap': { 911 'random_attribute_not_valid': 'tag', 912 'acct_interim_interval': '3', 913 'alias': 'test_value_4', 914 'auth': 'psk', 915 'broadcast_ssid': 'enable', 916 'broadcast_suppression': 'dhcp-up', 917 'captive_portal_ac_name': 'test_value_8', 918 'captive_portal_macauth_radius_secret': 'test_value_9', 919 'captive_portal_macauth_radius_server': 'test_value_10', 920 'captive_portal_radius_secret': 'test_value_11', 921 'captive_portal_radius_server': 'test_value_12', 922 'captive_portal_session_timeout_interval': '13', 923 'dhcp_lease_time': '14', 924 'dhcp_option82_circuit_id_insertion': 'style-1', 925 'dhcp_option82_insertion': 'enable', 926 'dhcp_option82_remote_id_insertion': 'style-1', 927 'dynamic_vlan': 'enable', 928 'eap_reauth': 'enable', 929 'eap_reauth_intv': '20', 930 'eapol_key_retries': 'disable', 931 'encrypt': 'TKIP', 932 'external_fast_roaming': 'enable', 933 'external_logout': 'test_value_24', 934 'external_web': 'test_value_25', 935 'fast_bss_transition': 'disable', 936 'fast_roaming': 'enable', 937 'ft_mobility_domain': '28', 938 'ft_over_ds': 'disable', 939 'ft_r0_key_lifetime': '30', 940 'gtk_rekey': 'enable', 941 'gtk_rekey_intv': '32', 942 'hotspot20_profile': 'test_value_33', 943 'intra_vap_privacy': 'enable', 944 'ip': 'test_value_35', 945 'key': 'test_value_36', 946 'keyindex': '37', 947 'ldpc': 'disable', 948 'local_authentication': 'enable', 949 'local_bridging': 'enable', 950 'local_lan': 'allow', 951 'local_standalone': 'enable', 952 'local_standalone_nat': 'enable', 953 'mac_auth_bypass': 'enable', 954 'mac_filter': 'enable', 955 'mac_filter_policy_other': 'allow', 956 'max_clients': '47', 957 'max_clients_ap': '48', 958 'me_disable_thresh': '49', 959 'mesh_backhaul': 'enable', 960 'mpsk': 'enable', 961 'mpsk_concurrent_clients': '52', 962 'multicast_enhance': 'enable', 963 'multicast_rate': '0', 964 'name': 'default_name_55', 965 'okc': 'disable', 966 'passphrase': 'test_value_57', 967 'pmf': 'disable', 968 'pmf_assoc_comeback_timeout': '59', 969 'pmf_sa_query_retry_timeout': '60', 970 'portal_message_override_group': 'test_value_61', 971 'portal_type': 'auth', 972 'probe_resp_suppression': 'enable', 973 'probe_resp_threshold': 'test_value_64', 974 'ptk_rekey': 'enable', 975 'ptk_rekey_intv': '66', 976 'qos_profile': 'test_value_67', 977 'quarantine': 'enable', 978 'radio_2g_threshold': 'test_value_69', 979 'radio_5g_threshold': 'test_value_70', 980 'radio_sensitivity': 'enable', 981 'radius_mac_auth': 'enable', 982 'radius_mac_auth_server': 'test_value_73', 983 'radius_server': 'test_value_74', 984 'rates_11a': '1', 985 'rates_11ac_ss12': 'mcs0/1', 986 'rates_11ac_ss34': 'mcs0/3', 987 'rates_11bg': '1', 988 'rates_11n_ss12': 'mcs0/1', 989 'rates_11n_ss34': 'mcs16/3', 990 'schedule': 'test_value_81', 991 'security': 'open', 992 'security_exempt_list': 'test_value_83', 993 'security_obsolete_option': 'enable', 994 'security_redirect_url': 'test_value_85', 995 'split_tunneling': 'enable', 996 'ssid': 'test_value_87', 997 'tkip_counter_measure': 'enable', 998 'utm_profile': 'test_value_89', 999 'vdom': 'test_value_90', 1000 'vlan_auto': 'enable', 1001 'vlan_pooling': 'wtp-group', 1002 'vlanid': '93', 1003 'voice_enterprise': 'disable' 1004 }, 1005 'vdom': 'root'} 1006 1007 is_error, changed, response = fortios_wireless_controller_vap.fortios_wireless_controller(input_data, fos_instance) 1008 1009 expected_data = { 1010 'acct-interim-interval': '3', 1011 'alias': 'test_value_4', 1012 'auth': 'psk', 1013 'broadcast-ssid': 'enable', 1014 'broadcast-suppression': 'dhcp-up', 1015 'captive-portal-ac-name': 'test_value_8', 1016 'captive-portal-macauth-radius-secret': 'test_value_9', 1017 'captive-portal-macauth-radius-server': 'test_value_10', 1018 'captive-portal-radius-secret': 'test_value_11', 1019 'captive-portal-radius-server': 'test_value_12', 1020 'captive-portal-session-timeout-interval': '13', 1021 'dhcp-lease-time': '14', 1022 'dhcp-option82-circuit-id-insertion': 'style-1', 1023 'dhcp-option82-insertion': 'enable', 1024 'dhcp-option82-remote-id-insertion': 'style-1', 1025 'dynamic-vlan': 'enable', 1026 'eap-reauth': 'enable', 1027 'eap-reauth-intv': '20', 1028 'eapol-key-retries': 'disable', 1029 'encrypt': 'TKIP', 1030 'external-fast-roaming': 'enable', 1031 'external-logout': 'test_value_24', 1032 'external-web': 'test_value_25', 1033 'fast-bss-transition': 'disable', 1034 'fast-roaming': 'enable', 1035 'ft-mobility-domain': '28', 1036 'ft-over-ds': 'disable', 1037 'ft-r0-key-lifetime': '30', 1038 'gtk-rekey': 'enable', 1039 'gtk-rekey-intv': '32', 1040 'hotspot20-profile': 'test_value_33', 1041 'intra-vap-privacy': 'enable', 1042 'ip': 'test_value_35', 1043 'key': 'test_value_36', 1044 'keyindex': '37', 1045 'ldpc': 'disable', 1046 'local-authentication': 'enable', 1047 'local-bridging': 'enable', 1048 'local-lan': 'allow', 1049 'local-standalone': 'enable', 1050 'local-standalone-nat': 'enable', 1051 'mac-auth-bypass': 'enable', 1052 'mac-filter': 'enable', 1053 'mac-filter-policy-other': 'allow', 1054 'max-clients': '47', 1055 'max-clients-ap': '48', 1056 'me-disable-thresh': '49', 1057 'mesh-backhaul': 'enable', 1058 'mpsk': 'enable', 1059 'mpsk-concurrent-clients': '52', 1060 'multicast-enhance': 'enable', 1061 'multicast-rate': '0', 1062 'name': 'default_name_55', 1063 'okc': 'disable', 1064 'passphrase': 'test_value_57', 1065 'pmf': 'disable', 1066 'pmf-assoc-comeback-timeout': '59', 1067 'pmf-sa-query-retry-timeout': '60', 1068 'portal-message-override-group': 'test_value_61', 1069 'portal-type': 'auth', 1070 'probe-resp-suppression': 'enable', 1071 'probe-resp-threshold': 'test_value_64', 1072 'ptk-rekey': 'enable', 1073 'ptk-rekey-intv': '66', 1074 'qos-profile': 'test_value_67', 1075 'quarantine': 'enable', 1076 'radio-2g-threshold': 'test_value_69', 1077 'radio-5g-threshold': 'test_value_70', 1078 'radio-sensitivity': 'enable', 1079 'radius-mac-auth': 'enable', 1080 'radius-mac-auth-server': 'test_value_73', 1081 'radius-server': 'test_value_74', 1082 'rates-11a': '1', 1083 'rates-11ac-ss12': 'mcs0/1', 1084 'rates-11ac-ss34': 'mcs0/3', 1085 'rates-11bg': '1', 1086 'rates-11n-ss12': 'mcs0/1', 1087 'rates-11n-ss34': 'mcs16/3', 1088 'schedule': 'test_value_81', 1089 'security': 'open', 1090 'security-exempt-list': 'test_value_83', 1091 'security-obsolete-option': 'enable', 1092 'security-redirect-url': 'test_value_85', 1093 'split-tunneling': 'enable', 1094 'ssid': 'test_value_87', 1095 'tkip-counter-measure': 'enable', 1096 'utm-profile': 'test_value_89', 1097 'vdom': 'test_value_90', 1098 'vlan-auto': 'enable', 1099 'vlan-pooling': 'wtp-group', 1100 'vlanid': '93', 1101 'voice-enterprise': 'disable' 1102 } 1103 1104 set_method_mock.assert_called_with('wireless-controller', 'vap', data=expected_data, vdom='root') 1105 schema_method_mock.assert_not_called() 1106 assert not is_error 1107 assert changed 1108 assert response['status'] == 'success' 1109 assert response['http_status'] == 200 1110