1# -*- coding: utf-8 -*-
2#
3# Copyright (c) 2017 F5 Networks Inc.
4# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
5
6from __future__ import (absolute_import, division, print_function)
7__metaclass__ = type
8
9import os
10import json
11import pytest
12import sys
13
14if sys.version_info < (2, 7):
15    pytestmark = pytest.mark.skip("F5 Ansible modules require Python >= 2.7")
16
17from ansible.module_utils.basic import AnsibleModule
18
19from ansible_collections.f5networks.f5_modules.plugins.modules.bigip_profile_client_ssl import (
20    ModuleParameters, ApiParameters, ModuleManager, ArgumentSpec
21)
22from ansible_collections.f5networks.f5_modules.tests.unit.compat import unittest
23from ansible_collections.f5networks.f5_modules.tests.unit.compat.mock import Mock, patch
24from ansible_collections.f5networks.f5_modules.tests.unit.modules.utils import set_module_args
25
26fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures')
27fixture_data = {}
28
29
30def load_fixture(name):
31    path = os.path.join(fixture_path, name)
32
33    if path in fixture_data:
34        return fixture_data[path]
35
36    with open(path) as f:
37        data = f.read()
38
39    try:
40        data = json.loads(data)
41    except Exception:
42        pass
43
44    fixture_data[path] = data
45    return data
46
47
48class TestParameters(unittest.TestCase):
49    def test_module_parameters(self):
50        args = dict(
51            name='foo',
52            parent='bar',
53            ciphers='!SSLv3:!SSLv2:ECDHE+AES-GCM+SHA256:ECDHE-RSA-AES128-CBC-SHA',
54            cert_key_chain=[
55                dict(
56                    cert='bigip_ssl_cert1',
57                    key='bigip_ssl_key1',
58                    chain='bigip_ssl_cert1'
59                )
60            ]
61        )
62
63        p = ModuleParameters(params=args)
64        assert p.name == 'foo'
65        assert p.parent == '/Common/bar'
66        assert p.ciphers == '!SSLv3:!SSLv2:ECDHE+AES-GCM+SHA256:ECDHE-RSA-AES128-CBC-SHA'
67
68    def test_api_parameters(self):
69        args = load_fixture('load_ltm_profile_clientssl.json')
70        p = ApiParameters(params=args)
71        assert p.name == 'foo'
72        assert p.ciphers == 'DEFAULT'
73
74
75class TestManager(unittest.TestCase):
76    def setUp(self):
77        self.spec = ArgumentSpec()
78        self.p2 = patch('ansible_collections.f5networks.f5_modules.plugins.modules.bigip_profile_client_ssl.tmos_version')
79        self.p3 = patch('ansible_collections.f5networks.f5_modules.plugins.modules.bigip_profile_client_ssl.send_teem')
80        self.m2 = self.p2.start()
81        self.m2.return_value = '14.1.0'
82        self.m3 = self.p3.start()
83        self.m3.return_value = True
84
85    def tearDown(self):
86        self.p2.stop()
87        self.p3.stop()
88
89    def test_create(self, *args):
90        # Configure the arguments that would be sent to the Ansible module
91        set_module_args(dict(
92            name='foo',
93            parent='bar',
94            ciphers='!SSLv3:!SSLv2:ECDHE+AES-GCM+SHA256:ECDHE-RSA-AES128-CBC-SHA',
95            cert_key_chain=[
96                dict(
97                    cert='bigip_ssl_cert1',
98                    key='bigip_ssl_key1',
99                    chain='bigip_ssl_cert1'
100                )
101            ],
102            provider=dict(
103                server='localhost',
104                password='password',
105                user='admin'
106            )
107        ))
108
109        module = AnsibleModule(
110            argument_spec=self.spec.argument_spec,
111            supports_check_mode=self.spec.supports_check_mode
112        )
113        mm = ModuleManager(module=module)
114
115        # Override methods to force specific logic in the module to happen
116        mm.exists = Mock(return_value=False)
117        mm.create_on_device = Mock(return_value=True)
118
119        results = mm.exec_module()
120
121        assert results['changed'] is True
122