Skip to content

Commit

Permalink
Update f5 module utils from downstream (ansible#45819)
Browse files Browse the repository at this point in the history 
* various refactoring
* lgtm fixes
* bigiq support to different auth providers
  • Loading branch information
@caphrim007
caphrim007 authored Sep 18, 2018
1 parent 1ed3bd9 commit 35e0434
Show file tree
Hide file tree
Showing 5 changed files with 255 additions and 90 deletions.
75 changes: 74 additions & 1 deletion lib/ansible/module_utils/network/f5/bigiq.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
__metaclass__ = type


import os
import time

try:
Expand Down Expand Up @@ -73,14 +74,21 @@ def api(self):
return self._client
for x in range(0, 10):
try:
provider = self.provider['auth_provider'] or 'local'
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
self.provider['server'], self.provider['server_port']
)
payload = {
'username': self.provider['user'],
'password': self.provider['password'],
'loginProviderName': self.provider['auth_provider'] or 'local'
}

# - local is a special provider that is baked into the system and
# has no loginReference
if provider != 'local':
login_ref = self.get_login_ref(provider)
payload.update(login_ref)

session = iControlRestSession()
session.verify = self.provider['validate_certs']
response = session.post(url, json=payload)
Expand All @@ -102,3 +110,68 @@ def api(self):
if exc is not None:
error += ' The reported error was "{0}".'.format(str(exc))
raise F5ModuleError(error)

def get_login_ref(self, provider):
info = self.read_provider_info_from_device()
uuids = [os.path.basename(os.path.dirname(x['link'])) for x in info['providers'] if '-' in x['link']]
if provider in uuids:
name = self.get_name_of_provider_id(info, provider)
if not name:
raise F5ModuleError(
"No name found for the provider '{0}'".format(provider)
)
return dict(
loginReference=dict(
link="https://localhost/mgmt/cm/system/authn/providers/{0}/{1}/login".format(name, provider)
)
)
names = [os.path.basename(os.path.dirname(x['link'])) for x in info['providers'] if '-' in x['link']]
if names.count(provider) > 1:
raise F5ModuleError(
"Ambiguous auth_provider provided. Please specify a specific provider ID."
)
uuid = self.get_id_of_provider_name(info, provider)
if not uuid:
raise F5ModuleError(
"No name found for the provider '{0}'".format(provider)
)
return dict(
loginReference=dict(
link="https://localhost/mgmt/cm/system/authn/providers/{0}/{1}/login".format(provider, uuid)
)
)

def get_name_of_provider_id(self, info, provider):
# Add slashes to the provider name so that it specifically finds the provider
# as part of the URL and not a part of another substring
provider = '/' + provider + '/'
for x in info['providers']:
if x['link'].find(provider) > -1:
return x['name']
return None

def get_id_of_provider_name(self, info, provider):
for x in info['providers']:
if x['name'] == provider:
return os.path.basename(os.path.dirname(x['link']))
return None

def read_provider_info_from_device(self):
uri = "https://{0}:{1}/info/system".format(
self.provider['server'], self.provider['server_port']
)
session = iControlRestSession()
session.verify = self.provider['validate_certs']

resp = session.get(uri)
try:
response = resp.json()
except ValueError as ex:
raise F5ModuleError(str(ex))

if 'code' in response and response['code'] == 400:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
return response
44 changes: 36 additions & 8 deletions lib/ansible/module_utils/network/f5/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -532,9 +532,18 @@ def validate_params(key, store):

def merge_provider_params(self):
result = dict()

provider = self.params.get('provider', {})

self.merge_provider_server_param(result, provider)
self.merge_provider_server_port_param(result, provider)
self.merge_provider_validate_certs_param(result, provider)
self.merge_provider_auth_provider_param(result, provider)
self.merge_provider_user_param(result, provider)
self.merge_provider_password_param(result, provider)

return result

def merge_provider_server_param(self, result, provider):
if self.validate_params('server', provider):
result['server'] = provider['server']
elif self.validate_params('server', self.params):
Expand All @@ -544,6 +553,7 @@ def merge_provider_params(self):
else:
raise F5ModuleError('Server parameter cannot be None or missing, please provide a valid value')

def merge_provider_server_port_param(self, result, provider):
if self.validate_params('server_port', provider):
result['server_port'] = provider['server_port']
elif self.validate_params('server_port', self.params):
Expand All @@ -553,6 +563,7 @@ def merge_provider_params(self):
else:
result['server_port'] = 443

def merge_provider_validate_certs_param(self, result, provider):
if self.validate_params('validate_certs', provider):
result['validate_certs'] = provider['validate_certs']
elif self.validate_params('validate_certs', self.params):
Expand All @@ -561,14 +572,37 @@ def merge_provider_params(self):
result['validate_certs'] = os.environ['F5_VALIDATE_CERTS']
else:
result['validate_certs'] = True
if result['validate_certs'] in BOOLEANS_TRUE:
result['validate_certs'] = True
else:
result['validate_certs'] = False

def merge_provider_auth_provider_param(self, result, provider):
if self.validate_params('auth_provider', provider):
result['auth_provider'] = provider['auth_provider']
elif self.validate_params('auth_provider', self.params):
result['auth_provider'] = self.params['auth_provider']
elif self.validate_params('F5_AUTH_PROVIDER', os.environ):
result['auth_provider'] = os.environ['F5_AUTH_PROVIDER']
else:
result['auth_provider'] = None

# Handle a specific case of the user specifying ``|default(omit)``
# as the value to the auth_provider.
#
# In this case, Ansible will inject the omit-placeholder value
# and the module params incorrectly interpret this. This case
# can occur when specifying ``|default(omit)`` for a variable
# value defined in the ``environment`` section of a Play.
#
# An example of the omit placeholder is shown below.
#
# __omit_place_holder__11bd71a2840bff144594b9cc2149db814256f253
#
if result['auth_provider'] is not None and '__omit_place_holder__' in result['auth_provider']:
result['auth_provider'] = None

def merge_provider_user_param(self, result, provider):
if self.validate_params('user', provider):
result['user'] = provider['user']
elif self.validate_params('user', self.params):
Expand All @@ -580,6 +614,7 @@ def merge_provider_params(self):
else:
result['user'] = None

def merge_provider_password_param(self, result, provider):
if self.validate_params('password', provider):
result['password'] = provider['password']
elif self.validate_params('password', self.params):
Expand All @@ -591,13 +626,6 @@ def merge_provider_params(self):
else:
result['password'] = None

if result['validate_certs'] in BOOLEANS_TRUE:
result['validate_certs'] = True
else:
result['validate_certs'] = False

return result


class AnsibleF5Parameters(object):
def __init__(self, *args, **kwargs):
Expand Down
4 changes: 2 additions & 2 deletions lib/ansible/module_utils/network/f5/compare.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@
def cmp_simple_list(want, have):
if want is None:
return None
if have is None and want == '':
if have is None and want in ['', 'none']:
return None
if have is not None and want == '':
if have is not None and want in ['', 'none']:
return []
if have is None:
return want
Expand Down
Loading

0 comments on commit 35e0434

Please sign in to comment.