1# Copyright 2019 Fortinet, Inc. 2# 3# This program is free software: you can redistribute it and/or modify 4# it under the terms of the GNU General Public License as published by 5# the Free Software Foundation, either version 3 of the License, or 6# (at your option) any later version. 7# 8# This program is distributed in the hope that it will be useful, 9# but WITHOUT ANY WARRANTY; without even the implied warranty of 10# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11# GNU General Public License for more details. 12# 13# You should have received a copy of the GNU General Public License 14# along with Ansible. If not, see <https://www.gnu.org/licenses/>. 15 16# Make coding more python3-ish 17from __future__ import (absolute_import, division, print_function) 18__metaclass__ = type 19 20import os 21import json 22import pytest 23from mock import ANY 24from ansible.module_utils.network.fortios.fortios import FortiOSHandler 25 26try: 27 from ansible.modules.network.fortios import fortios_log_setting 28except ImportError: 29 pytest.skip("Could not load required modules for testing", allow_module_level=True) 30 31 32@pytest.fixture(autouse=True) 33def connection_mock(mocker): 34 connection_class_mock = mocker.patch('ansible.modules.network.fortios.fortios_log_setting.Connection') 35 return connection_class_mock 36 37 38fos_instance = FortiOSHandler(connection_mock) 39 40 41def test_log_setting_creation(mocker): 42 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 43 44 set_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200} 45 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 46 47 input_data = { 48 'username': 'admin', 49 'state': 'present', 50 'log_setting': { 51 'brief_traffic_format': 'enable', 52 'daemon_log': 'enable', 53 'expolicy_implicit_log': 'enable', 54 'fwpolicy_implicit_log': 'enable', 55 'fwpolicy6_implicit_log': 'enable', 56 'local_in_allow': 'enable', 57 'local_in_deny_broadcast': 'enable', 58 'local_in_deny_unicast': 'enable', 59 'local_out': 'enable', 60 'log_invalid_packet': 'enable', 61 'log_policy_comment': 'enable', 62 'log_policy_name': 'enable', 63 'log_user_in_upper': 'enable', 64 'neighbor_event': 'enable', 65 'resolve_ip': 'enable', 66 'resolve_port': 'enable', 67 'user_anonymize': 'enable' 68 }, 69 'vdom': 'root'} 70 71 is_error, changed, response = fortios_log_setting.fortios_log(input_data, fos_instance) 72 73 expected_data = { 74 'brief-traffic-format': 'enable', 75 'daemon-log': 'enable', 76 'expolicy-implicit-log': 'enable', 77 'fwpolicy-implicit-log': 'enable', 78 'fwpolicy6-implicit-log': 'enable', 79 'local-in-allow': 'enable', 80 'local-in-deny-broadcast': 'enable', 81 'local-in-deny-unicast': 'enable', 82 'local-out': 'enable', 83 'log-invalid-packet': 'enable', 84 'log-policy-comment': 'enable', 85 'log-policy-name': 'enable', 86 'log-user-in-upper': 'enable', 87 'neighbor-event': 'enable', 88 'resolve-ip': 'enable', 89 'resolve-port': 'enable', 90 'user-anonymize': 'enable' 91 } 92 93 set_method_mock.assert_called_with('log', 'setting', data=expected_data, vdom='root') 94 schema_method_mock.assert_not_called() 95 assert not is_error 96 assert changed 97 assert response['status'] == 'success' 98 assert response['http_status'] == 200 99 100 101def test_log_setting_creation_fails(mocker): 102 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 103 104 set_method_result = {'status': 'error', 'http_method': 'POST', 'http_status': 500} 105 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 106 107 input_data = { 108 'username': 'admin', 109 'state': 'present', 110 'log_setting': { 111 'brief_traffic_format': 'enable', 112 'daemon_log': 'enable', 113 'expolicy_implicit_log': 'enable', 114 'fwpolicy_implicit_log': 'enable', 115 'fwpolicy6_implicit_log': 'enable', 116 'local_in_allow': 'enable', 117 'local_in_deny_broadcast': 'enable', 118 'local_in_deny_unicast': 'enable', 119 'local_out': 'enable', 120 'log_invalid_packet': 'enable', 121 'log_policy_comment': 'enable', 122 'log_policy_name': 'enable', 123 'log_user_in_upper': 'enable', 124 'neighbor_event': 'enable', 125 'resolve_ip': 'enable', 126 'resolve_port': 'enable', 127 'user_anonymize': 'enable' 128 }, 129 'vdom': 'root'} 130 131 is_error, changed, response = fortios_log_setting.fortios_log(input_data, fos_instance) 132 133 expected_data = { 134 'brief-traffic-format': 'enable', 135 'daemon-log': 'enable', 136 'expolicy-implicit-log': 'enable', 137 'fwpolicy-implicit-log': 'enable', 138 'fwpolicy6-implicit-log': 'enable', 139 'local-in-allow': 'enable', 140 'local-in-deny-broadcast': 'enable', 141 'local-in-deny-unicast': 'enable', 142 'local-out': 'enable', 143 'log-invalid-packet': 'enable', 144 'log-policy-comment': 'enable', 145 'log-policy-name': 'enable', 146 'log-user-in-upper': 'enable', 147 'neighbor-event': 'enable', 148 'resolve-ip': 'enable', 149 'resolve-port': 'enable', 150 'user-anonymize': 'enable' 151 } 152 153 set_method_mock.assert_called_with('log', 'setting', data=expected_data, vdom='root') 154 schema_method_mock.assert_not_called() 155 assert is_error 156 assert not changed 157 assert response['status'] == 'error' 158 assert response['http_status'] == 500 159 160 161def test_log_setting_idempotent(mocker): 162 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 163 164 set_method_result = {'status': 'error', 'http_method': 'DELETE', 'http_status': 404} 165 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 166 167 input_data = { 168 'username': 'admin', 169 'state': 'present', 170 'log_setting': { 171 'brief_traffic_format': 'enable', 172 'daemon_log': 'enable', 173 'expolicy_implicit_log': 'enable', 174 'fwpolicy_implicit_log': 'enable', 175 'fwpolicy6_implicit_log': 'enable', 176 'local_in_allow': 'enable', 177 'local_in_deny_broadcast': 'enable', 178 'local_in_deny_unicast': 'enable', 179 'local_out': 'enable', 180 'log_invalid_packet': 'enable', 181 'log_policy_comment': 'enable', 182 'log_policy_name': 'enable', 183 'log_user_in_upper': 'enable', 184 'neighbor_event': 'enable', 185 'resolve_ip': 'enable', 186 'resolve_port': 'enable', 187 'user_anonymize': 'enable' 188 }, 189 'vdom': 'root'} 190 191 is_error, changed, response = fortios_log_setting.fortios_log(input_data, fos_instance) 192 193 expected_data = { 194 'brief-traffic-format': 'enable', 195 'daemon-log': 'enable', 196 'expolicy-implicit-log': 'enable', 197 'fwpolicy-implicit-log': 'enable', 198 'fwpolicy6-implicit-log': 'enable', 199 'local-in-allow': 'enable', 200 'local-in-deny-broadcast': 'enable', 201 'local-in-deny-unicast': 'enable', 202 'local-out': 'enable', 203 'log-invalid-packet': 'enable', 204 'log-policy-comment': 'enable', 205 'log-policy-name': 'enable', 206 'log-user-in-upper': 'enable', 207 'neighbor-event': 'enable', 208 'resolve-ip': 'enable', 209 'resolve-port': 'enable', 210 'user-anonymize': 'enable' 211 } 212 213 set_method_mock.assert_called_with('log', 'setting', data=expected_data, vdom='root') 214 schema_method_mock.assert_not_called() 215 assert not is_error 216 assert not changed 217 assert response['status'] == 'error' 218 assert response['http_status'] == 404 219 220 221def test_log_setting_filter_foreign_attributes(mocker): 222 schema_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema') 223 224 set_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200} 225 set_method_mock = mocker.patch('ansible.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result) 226 227 input_data = { 228 'username': 'admin', 229 'state': 'present', 230 'log_setting': { 231 'random_attribute_not_valid': 'tag', 232 'brief_traffic_format': 'enable', 233 'daemon_log': 'enable', 234 'expolicy_implicit_log': 'enable', 235 'fwpolicy_implicit_log': 'enable', 236 'fwpolicy6_implicit_log': 'enable', 237 'local_in_allow': 'enable', 238 'local_in_deny_broadcast': 'enable', 239 'local_in_deny_unicast': 'enable', 240 'local_out': 'enable', 241 'log_invalid_packet': 'enable', 242 'log_policy_comment': 'enable', 243 'log_policy_name': 'enable', 244 'log_user_in_upper': 'enable', 245 'neighbor_event': 'enable', 246 'resolve_ip': 'enable', 247 'resolve_port': 'enable', 248 'user_anonymize': 'enable' 249 }, 250 'vdom': 'root'} 251 252 is_error, changed, response = fortios_log_setting.fortios_log(input_data, fos_instance) 253 254 expected_data = { 255 'brief-traffic-format': 'enable', 256 'daemon-log': 'enable', 257 'expolicy-implicit-log': 'enable', 258 'fwpolicy-implicit-log': 'enable', 259 'fwpolicy6-implicit-log': 'enable', 260 'local-in-allow': 'enable', 261 'local-in-deny-broadcast': 'enable', 262 'local-in-deny-unicast': 'enable', 263 'local-out': 'enable', 264 'log-invalid-packet': 'enable', 265 'log-policy-comment': 'enable', 266 'log-policy-name': 'enable', 267 'log-user-in-upper': 'enable', 268 'neighbor-event': 'enable', 269 'resolve-ip': 'enable', 270 'resolve-port': 'enable', 271 'user-anonymize': 'enable' 272 } 273 274 set_method_mock.assert_called_with('log', 'setting', data=expected_data, vdom='root') 275 schema_method_mock.assert_not_called() 276 assert not is_error 277 assert changed 278 assert response['status'] == 'success' 279 assert response['http_status'] == 200 280