1# -*- coding: utf-8 -*-
2#
3# Copyright: (c) 2020, F5 Networks Inc.
4# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
5
6from __future__ import (absolute_import, division, print_function)
7__metaclass__ = type
8
9import os
10import json
11import pytest
12import sys
13
14if sys.version_info < (2, 7):
15    pytestmark = pytest.mark.skip("F5 Ansible modules require Python >= 2.7")
16
17from ansible.module_utils.basic import AnsibleModule
18
19from ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_key_cert import (
20    ApiParameters, ModuleParameters, ModuleManager, ArgumentSpec
21)
22from ansible_collections.f5networks.f5_modules.tests.unit.modules.utils import set_module_args
23from ansible_collections.f5networks.f5_modules.tests.unit.compat import unittest
24from ansible_collections.f5networks.f5_modules.tests.unit.compat.mock import (
25    Mock, patch
26)
27
28
29fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures')
30fixture_data = {}
31
32
33def load_fixture(name):
34    path = os.path.join(fixture_path, name)
35
36    if path in fixture_data:
37        return fixture_data[path]
38
39    with open(path) as f:
40        data = f.read()
41
42    try:
43        data = json.loads(data)
44    except Exception:
45        pass
46
47    fixture_data[path] = data
48    return data
49
50
51class TestParameters(unittest.TestCase):
52    def test_module_parameters_key(self):
53        key_content = load_fixture('create_insecure_key1.key')
54        args = dict(
55            key_content=key_content,
56            key_name="cert1",
57            partition="Common",
58            state="present",
59            password='password',
60            server='localhost',
61            user='admin'
62        )
63        p = ModuleParameters(params=args)
64        assert p.key_name == 'cert1'
65        assert p.key_filename == 'cert1.key'
66        assert '-----BEGIN RSA PRIVATE KEY-----' in p.key_content
67        assert '-----END RSA PRIVATE KEY-----' in p.key_content
68        assert p.key_checksum == '91bdddcf0077e2bb2a0258aae2ae3117be392e83'
69        assert p.state == 'present'
70
71    def test_module_parameters_cert(self):
72        cert_content = load_fixture('create_insecure_cert1.crt')
73        args = dict(
74            cert_content=cert_content,
75            cert_name="cert1",
76            partition="Common",
77            state="present",
78        )
79        p = ModuleParameters(params=args)
80        assert p.cert_name == 'cert1'
81        assert p.cert_filename == 'cert1.crt'
82        assert 'Signature Algorithm' in p.cert_content
83        assert '-----BEGIN CERTIFICATE-----' in p.cert_content
84        assert '-----END CERTIFICATE-----' in p.cert_content
85        assert p.cert_checksum == '1e55aa57ee166a380e756b5aa4a835c5849490fe'
86        assert p.state == 'present'
87
88    def test_module_issuer_cert_key(self):
89        args = dict(
90            issuer_cert='foo',
91            partition="Common",
92        )
93        p = ModuleParameters(params=args)
94        assert p.issuer_cert == '/Common/foo.crt'
95
96    def test_api_issuer_cert_key(self):
97        args = load_fixture('load_sys_file_ssl_cert_with_issuer_cert.json')
98        p = ApiParameters(params=args)
99        assert p.issuer_cert == '/Common/intermediate.crt'
100
101
102class TestModuleManager(unittest.TestCase):
103    def setUp(self):
104        self.spec = ArgumentSpec()
105        self.p2 = patch('ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_key_cert.tmos_version')
106        self.p3 = patch('ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_key_cert.send_teem')
107        self.m2 = self.p2.start()
108        self.m2.return_value = '14.1.0'
109        self.m3 = self.p3.start()
110        self.m3.return_value = True
111
112    def tearDown(self):
113        self.p2.stop()
114        self.p3.stop()
115
116    def test_import_key_no_key_passphrase(self, *args):
117        set_module_args(dict(
118            key_name='foo',
119            key_content=load_fixture('cert1.key'),
120            state='present',
121            provider=dict(
122                server='localhost',
123                password='password',
124                user='admin'
125            )
126        ))
127
128        module = AnsibleModule(
129            argument_spec=self.spec.argument_spec,
130            supports_check_mode=self.spec.supports_check_mode
131        )
132
133        # Override methods in the specific type of manager
134        cm = ModuleManager(module=module)
135        cm.exists = Mock(side_effect=[False, True])
136        cm.create_on_device = Mock(return_value=True)
137        cm.remove_uploaded_file_from_device = Mock(return_value=True)
138
139        results = cm.exec_module()
140
141        assert results['changed'] is True
142