cisco_node_utils 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -1
- data/CHANGELOG.md +126 -1
- data/README.md +19 -12
- data/Rakefile +1 -0
- data/bin/git/hooks/commit-msg/enforce_style +8 -0
- data/cisco_node_utils.gemspec +4 -3
- data/docs/README-develop-best-practices.md +127 -109
- data/docs/README-develop-node-utils-APIs.md +47 -39
- data/docs/template-router.rb +3 -7
- data/lib/.rubocop.yml +4 -4
- data/lib/cisco_node_utils.rb +1 -1
- data/lib/cisco_node_utils/aaa_authentication_login.rb +96 -0
- data/lib/cisco_node_utils/aaa_authentication_login_service.rb +133 -0
- data/lib/cisco_node_utils/aaa_authorization_service.rb +150 -0
- data/lib/cisco_node_utils/ace.rb +196 -0
- data/lib/cisco_node_utils/acl.rb +100 -0
- data/lib/cisco_node_utils/bgp.rb +301 -163
- data/lib/cisco_node_utils/bgp_af.rb +187 -19
- data/lib/cisco_node_utils/bgp_neighbor.rb +18 -33
- data/lib/cisco_node_utils/bgp_neighbor_af.rb +25 -48
- data/lib/cisco_node_utils/cisco_cmn_utils.rb +23 -4
- data/lib/cisco_node_utils/cmd_ref/README_YAML.md +593 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_auth_login_service.yaml +22 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_authentication_login.yaml +31 -0
- data/lib/cisco_node_utils/cmd_ref/aaa_authorization_service.yaml +22 -0
- data/lib/cisco_node_utils/cmd_ref/acl.yaml +43 -0
- data/lib/cisco_node_utils/cmd_ref/bgp.yaml +242 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_af.yaml +164 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_neighbor.yaml +131 -0
- data/lib/cisco_node_utils/cmd_ref/bgp_neighbor_af.yaml +179 -0
- data/lib/cisco_node_utils/cmd_ref/dnsclient.yaml +34 -0
- data/lib/cisco_node_utils/cmd_ref/evpn_vni.yaml +42 -0
- data/lib/cisco_node_utils/cmd_ref/fabricpath.yaml +172 -0
- data/lib/cisco_node_utils/cmd_ref/fabricpath_topology.yaml +35 -0
- data/lib/cisco_node_utils/cmd_ref/feature.yaml +42 -0
- data/lib/cisco_node_utils/cmd_ref/fex.yaml +9 -0
- data/lib/cisco_node_utils/cmd_ref/images.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/interface.yaml +339 -0
- data/lib/cisco_node_utils/cmd_ref/interface_channel_group.yaml +28 -0
- data/lib/cisco_node_utils/cmd_ref/interface_ospf.yaml +61 -0
- data/lib/cisco_node_utils/cmd_ref/interface_portchannel.yaml +54 -0
- data/lib/cisco_node_utils/cmd_ref/interface_service_vni.yaml +32 -0
- data/lib/cisco_node_utils/cmd_ref/inventory.yaml +45 -0
- data/lib/cisco_node_utils/cmd_ref/memory.yaml +13 -0
- data/lib/cisco_node_utils/cmd_ref/ntp_config.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/ntp_server.yaml +14 -0
- data/lib/cisco_node_utils/cmd_ref/ospf.yaml +74 -0
- data/lib/cisco_node_utils/cmd_ref/overlay_global.yaml +33 -0
- data/lib/cisco_node_utils/cmd_ref/pim.yaml +40 -0
- data/lib/cisco_node_utils/cmd_ref/portchannel_global.yaml +69 -0
- data/lib/cisco_node_utils/cmd_ref/radius_global.yaml +25 -0
- data/lib/cisco_node_utils/cmd_ref/radius_server.yaml +64 -0
- data/lib/cisco_node_utils/cmd_ref/radius_server_group.yaml +14 -0
- data/lib/cisco_node_utils/cmd_ref/show_system.yaml +5 -0
- data/lib/cisco_node_utils/cmd_ref/show_version.yaml +72 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_community.yaml +23 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_group.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_notification_receiver.yaml +50 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_server.yaml +51 -0
- data/lib/cisco_node_utils/cmd_ref/snmp_user.yaml +55 -0
- data/lib/cisco_node_utils/cmd_ref/snmpnotification.yaml +11 -0
- data/lib/cisco_node_utils/cmd_ref/syslog_server.yaml +18 -0
- data/lib/cisco_node_utils/cmd_ref/syslog_settings.yaml +7 -0
- data/lib/cisco_node_utils/cmd_ref/system.yaml +6 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server.yaml +49 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server_group.yaml +33 -0
- data/lib/cisco_node_utils/cmd_ref/tacacs_server_host.yaml +35 -0
- data/lib/cisco_node_utils/cmd_ref/vdc.yaml +38 -0
- data/lib/cisco_node_utils/cmd_ref/virtual_service.yaml +6 -0
- data/lib/cisco_node_utils/cmd_ref/vlan.yaml +56 -0
- data/lib/cisco_node_utils/cmd_ref/vni.yaml +76 -0
- data/lib/cisco_node_utils/cmd_ref/vpc.yaml +197 -0
- data/lib/cisco_node_utils/cmd_ref/vrf.yaml +88 -0
- data/lib/cisco_node_utils/cmd_ref/vtp.yaml +38 -0
- data/lib/cisco_node_utils/cmd_ref/vxlan_vtep.yaml +60 -0
- data/lib/cisco_node_utils/cmd_ref/vxlan_vtep_vni.yaml +39 -0
- data/lib/cisco_node_utils/cmd_ref/yum.yaml +13 -0
- data/lib/cisco_node_utils/command_reference.rb +359 -187
- data/lib/cisco_node_utils/configparser_lib.rb +1 -1
- data/lib/cisco_node_utils/dns_domain.rb +19 -5
- data/lib/cisco_node_utils/domain_name.rb +4 -8
- data/lib/cisco_node_utils/evpn_vni.rb +157 -0
- data/lib/cisco_node_utils/fabricpath_global.rb +388 -0
- data/lib/cisco_node_utils/fabricpath_topology.rb +150 -0
- data/lib/cisco_node_utils/feature.rb +111 -0
- data/lib/cisco_node_utils/interface.rb +390 -97
- data/lib/cisco_node_utils/interface_channel_group.rb +124 -0
- data/lib/cisco_node_utils/interface_ospf.rb +11 -34
- data/lib/cisco_node_utils/interface_portchannel.rb +157 -0
- data/lib/cisco_node_utils/interface_service_vni.rb +132 -0
- data/lib/cisco_node_utils/name_server.rb +1 -1
- data/lib/cisco_node_utils/node.rb +55 -249
- data/lib/cisco_node_utils/node_util.rb +5 -1
- data/lib/cisco_node_utils/ntp_config.rb +2 -2
- data/lib/cisco_node_utils/ntp_server.rb +14 -5
- data/lib/cisco_node_utils/overlay_global.rb +153 -0
- data/lib/cisco_node_utils/pim.rb +124 -0
- data/lib/cisco_node_utils/pim_group_list.rb +108 -0
- data/lib/cisco_node_utils/pim_rp_address.rb +102 -0
- data/lib/cisco_node_utils/platform.rb +8 -9
- data/lib/cisco_node_utils/portchannel_global.rb +277 -0
- data/lib/cisco_node_utils/radius_global.rb +9 -19
- data/lib/cisco_node_utils/radius_server.rb +31 -41
- data/lib/cisco_node_utils/radius_server_group.rb +117 -0
- data/lib/cisco_node_utils/router_ospf.rb +1 -1
- data/lib/cisco_node_utils/router_ospf_vrf.rb +14 -19
- data/lib/cisco_node_utils/snmp_notification_receiver.rb +158 -0
- data/lib/cisco_node_utils/snmpcommunity.rb +3 -5
- data/lib/cisco_node_utils/snmpgroup.rb +1 -1
- data/lib/cisco_node_utils/snmpnotification.rb +57 -0
- data/lib/cisco_node_utils/snmpserver.rb +8 -17
- data/lib/cisco_node_utils/snmpuser.rb +67 -28
- data/lib/cisco_node_utils/syslog_server.rb +3 -9
- data/lib/cisco_node_utils/syslog_settings.rb +2 -10
- data/lib/cisco_node_utils/tacacs_server.rb +9 -14
- data/lib/cisco_node_utils/tacacs_server_group.rb +145 -0
- data/lib/cisco_node_utils/tacacs_server_host.rb +5 -9
- data/lib/cisco_node_utils/vdc.rb +88 -0
- data/lib/cisco_node_utils/version.rb +5 -2
- data/lib/cisco_node_utils/vlan.rb +71 -8
- data/lib/cisco_node_utils/vni.rb +227 -0
- data/lib/cisco_node_utils/vpc.rb +377 -0
- data/lib/cisco_node_utils/vrf.rb +60 -9
- data/lib/cisco_node_utils/vrf_af.rb +191 -0
- data/lib/cisco_node_utils/vtp.rb +8 -6
- data/lib/cisco_node_utils/vxlan_vtep.rb +151 -0
- data/lib/cisco_node_utils/vxlan_vtep_vni.rb +234 -0
- data/lib/cisco_node_utils/yum.rb +1 -1
- data/tests/.rubocop.yml +1 -1
- data/tests/basetest.rb +16 -7
- data/tests/ciscotest.rb +55 -13
- data/tests/cmd_config.yaml +2 -2
- data/tests/platform_info.rb +3 -2
- data/tests/test_aaa_authentication_login.rb +219 -0
- data/tests/test_aaa_authentication_login_service.rb +759 -0
- data/tests/test_aaa_authorization_service.rb +1041 -0
- data/tests/test_ace.rb +160 -0
- data/tests/test_acl.rb +176 -0
- data/tests/test_bgp_af.rb +269 -13
- data/tests/test_bgp_neighbor.rb +38 -40
- data/tests/test_bgp_neighbor_af.rb +92 -32
- data/tests/test_command_config.rb +5 -5
- data/tests/test_command_reference.rb +284 -101
- data/tests/test_dns_domain.rb +1 -1
- data/tests/test_domain_name.rb +1 -1
- data/tests/test_evpn_vni.rb +106 -0
- data/tests/test_fabricpath_global.rb +243 -0
- data/tests/test_fabricpath_topology.rb +98 -0
- data/tests/test_interface.rb +292 -74
- data/tests/test_interface_channel_group.rb +74 -0
- data/tests/test_interface_ospf.rb +9 -4
- data/tests/test_interface_portchannel.rb +105 -0
- data/tests/test_interface_service_vni.rb +232 -0
- data/tests/test_interface_svi.rb +77 -62
- data/tests/test_interface_switchport.rb +17 -5
- data/tests/test_name_server.rb +1 -1
- data/tests/test_node.rb +1 -1
- data/tests/test_node_ext.rb +10 -20
- data/tests/test_ntp_config.rb +1 -1
- data/tests/test_ntp_server.rb +18 -6
- data/tests/test_overlay_global.rb +102 -0
- data/tests/test_pim.rb +177 -0
- data/tests/test_pim_group_list.rb +181 -0
- data/tests/test_pim_rp_address.rb +153 -0
- data/tests/test_platform.rb +3 -3
- data/tests/test_portchannel_global.rb +202 -0
- data/tests/test_radius_global.rb +1 -1
- data/tests/test_radius_server.rb +92 -57
- data/tests/test_radius_server_group.rb +149 -0
- data/tests/test_router_bgp.rb +283 -112
- data/tests/test_router_ospf.rb +2 -2
- data/tests/test_router_ospf_vrf.rb +4 -4
- data/tests/test_snmp_notification_receiver.rb +167 -0
- data/tests/test_snmpcommunity.rb +1 -1
- data/tests/test_snmpgroup.rb +1 -1
- data/tests/test_snmpnotification.rb +72 -0
- data/tests/test_snmpserver.rb +29 -105
- data/tests/test_snmpuser.rb +32 -30
- data/tests/test_syslog_server.rb +36 -10
- data/tests/test_syslog_settings.rb +1 -1
- data/tests/test_tacacs_server.rb +1 -1
- data/tests/test_tacacs_server_group.rb +405 -0
- data/tests/test_tacacs_server_host.rb +1 -1
- data/tests/test_vdc.rb +78 -0
- data/tests/test_vlan.rb +74 -19
- data/tests/test_vlan_mt_full.rb +95 -0
- data/tests/test_vni.rb +106 -0
- data/tests/test_vpc.rb +361 -0
- data/tests/test_vrf.rb +172 -29
- data/tests/test_vtp.rb +1 -1
- data/tests/test_vxlan_vtep.rb +214 -0
- data/tests/test_vxlan_vtep_vni.rb +201 -0
- data/tests/test_yum.rb +1 -1
- metadata +120 -11
- data/lib/cisco_node_utils/README_YAML.md +0 -325
- data/lib/cisco_node_utils/command_reference_common.yaml +0 -1051
- data/lib/cisco_node_utils/command_reference_common_bgp.yaml +0 -535
- data/lib/cisco_node_utils/command_reference_n3064.yaml +0 -13
- data/lib/cisco_node_utils/command_reference_n7k.yaml +0 -52
- data/lib/cisco_node_utils/command_reference_n9k.yaml +0 -26
- data/tests/platform_info.yaml +0 -10
data/lib/cisco_node_utils/yum.rb
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
#
|
4
4
|
# April 2015, Alex Hunsberger
|
5
5
|
#
|
6
|
-
# Copyright (c) 2015 Cisco and/or its affiliates.
|
6
|
+
# Copyright (c) 2015-2016 Cisco and/or its affiliates.
|
7
7
|
#
|
8
8
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
9
9
|
# you may not use this file except in compliance with the License.
|
data/tests/.rubocop.yml
CHANGED
data/tests/basetest.rb
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
# Basic unit test case class.
|
4
4
|
# December 2014, Glenn F. Matthews
|
5
5
|
#
|
6
|
-
# Copyright (c) 2014-
|
6
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
7
7
|
#
|
8
8
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
9
9
|
# you may not use this file except in compliance with the License.
|
@@ -27,11 +27,7 @@ require 'rubygems'
|
|
27
27
|
gem 'minitest', '~> 5.0'
|
28
28
|
require 'minitest/autorun'
|
29
29
|
require 'net/telnet'
|
30
|
-
|
31
|
-
require 'cisco_nxapi'
|
32
|
-
rescue LoadError
|
33
|
-
require File.expand_path('../../../cisco-nxapi/lib/cisco_nxapi')
|
34
|
-
end
|
30
|
+
require 'cisco_nxapi'
|
35
31
|
|
36
32
|
# rubocop:disable Style/ClassVars
|
37
33
|
# We *want* the address/username/password class variables to be shared
|
@@ -88,7 +84,7 @@ class TestCase < Minitest::Test
|
|
88
84
|
@device.login(username, password)
|
89
85
|
CiscoLogger.debug_enable if ARGV[3] == 'debug' || ENV['DEBUG'] == '1'
|
90
86
|
rescue Errno::ECONNREFUSED
|
91
|
-
puts '
|
87
|
+
puts 'Telnet login refused - please check that the IP address is correct'
|
92
88
|
puts " and that you have enabled 'feature telnet' on the UUT"
|
93
89
|
exit
|
94
90
|
end
|
@@ -98,12 +94,25 @@ class TestCase < Minitest::Test
|
|
98
94
|
GC.start
|
99
95
|
end
|
100
96
|
|
97
|
+
# Extend standard Minitest error handling to report UnsupportedError as skip
|
98
|
+
def capture_exceptions
|
99
|
+
super do
|
100
|
+
begin
|
101
|
+
yield
|
102
|
+
rescue Cisco::UnsupportedError => e
|
103
|
+
skip(e.to_s)
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
101
108
|
def config(*args)
|
102
109
|
# Send the entire config as one string but be sure not to return until
|
103
110
|
# we are safely back out of config mode, i.e. prompt is
|
104
111
|
# 'switch#' not 'switch(config)#' or 'switch(config-if)#' etc.
|
105
112
|
@device.cmd('String' => "configure terminal\n" + args.join("\n") + "\nend",
|
106
113
|
'Match' => /^[^()]+[$%#>] \z/n)
|
114
|
+
rescue Net::ReadTimeout => e
|
115
|
+
raise "Timeout when configuring:\n#{args.join("\n")}\n\n#{e}"
|
107
116
|
end
|
108
117
|
|
109
118
|
def assert_show_match(pattern: nil, command: nil, msg: nil)
|
data/tests/ciscotest.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2013-
|
1
|
+
# Copyright (c) 2013-2016 Cisco and/or its affiliates.
|
2
2
|
#
|
3
3
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
4
|
# you may not use this file except in compliance with the License.
|
@@ -12,8 +12,11 @@
|
|
12
12
|
# See the License for the specific language governing permissions and
|
13
13
|
# limitations under the License.
|
14
14
|
|
15
|
+
require 'ipaddr'
|
16
|
+
require 'resolv'
|
15
17
|
require_relative 'basetest'
|
16
18
|
require_relative 'platform_info'
|
19
|
+
require_relative '../lib/cisco_node_utils/interface'
|
17
20
|
require_relative '../lib/cisco_node_utils/node'
|
18
21
|
|
19
22
|
include Cisco
|
@@ -42,8 +45,9 @@ class CiscoTestCase < TestCase
|
|
42
45
|
end
|
43
46
|
@@node
|
44
47
|
rescue CiscoNxapi::HTTPUnauthorized
|
45
|
-
|
46
|
-
|
48
|
+
abort "Unauthorized to connect as #{username}:#{password}@#{address}"
|
49
|
+
rescue StandardError => e
|
50
|
+
abort "Error in establishing connection: #{e}"
|
47
51
|
end
|
48
52
|
|
49
53
|
def setup
|
@@ -61,23 +65,39 @@ class CiscoTestCase < TestCase
|
|
61
65
|
result
|
62
66
|
end
|
63
67
|
|
68
|
+
def ip_address?(ip)
|
69
|
+
return IPAddr.new(ip).ipv4?
|
70
|
+
rescue IPAddr::InvalidAddressError
|
71
|
+
false
|
72
|
+
end
|
73
|
+
|
74
|
+
def convert_dns_name(ip)
|
75
|
+
ip_address?(ip) ? ip : Resolv.getaddress(ip)
|
76
|
+
rescue Resolv::ResolvError
|
77
|
+
raise "Unable to resolve name #{ip}. Use static ip to connect instead!"
|
78
|
+
end
|
79
|
+
|
80
|
+
def address_match?(int_ip)
|
81
|
+
# Compare the interface address with the current session address.
|
82
|
+
# and return true if they match.
|
83
|
+
return false if int_ip.nil?
|
84
|
+
int_ip == convert_dns_name(address)
|
85
|
+
end
|
86
|
+
|
64
87
|
def interfaces
|
65
88
|
unless @@interfaces
|
66
89
|
# Build the platform_info, used for interface lookup
|
67
90
|
# rubocop:disable Style/ClassVars
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
# assign default values
|
74
|
-
default_interfaces = ['Ethernet1/1', 'Ethernet1/2', 'Ethernet1/3']
|
75
|
-
puts "Caught exception: #{e}, assigning interfaces to default " \
|
76
|
-
"- #{default_interfaces}"
|
77
|
-
@@interfaces = default_interfaces
|
91
|
+
@@interfaces = []
|
92
|
+
Interface.interfaces.each do |int, obj|
|
93
|
+
next unless /ethernet/.match(int)
|
94
|
+
next if address_match?(obj.ipv4_address)
|
95
|
+
@@interfaces << int
|
78
96
|
end
|
79
97
|
# rubocop:enable Style/ClassVars
|
80
98
|
end
|
99
|
+
abort "No suitable interfaces found on #{node} for this test" if
|
100
|
+
@@interfaces.empty?
|
81
101
|
@@interfaces
|
82
102
|
end
|
83
103
|
|
@@ -93,4 +113,26 @@ class CiscoTestCase < TestCase
|
|
93
113
|
end
|
94
114
|
@@interfaces_id
|
95
115
|
end
|
116
|
+
|
117
|
+
# Remove all router bgps.
|
118
|
+
def remove_all_bgps
|
119
|
+
require_relative '../lib/cisco_node_utils/bgp'
|
120
|
+
RouterBgp.routers.each do |_asn, vrfs|
|
121
|
+
vrfs.each do |vrf, obj|
|
122
|
+
if vrf == 'default'
|
123
|
+
obj.destroy
|
124
|
+
break
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
# Remove all user vrfs.
|
131
|
+
def remove_all_vrfs
|
132
|
+
require_relative '../lib/cisco_node_utils/vrf'
|
133
|
+
Vrf.vrfs.each do |vrf, obj|
|
134
|
+
next if vrf[/management/]
|
135
|
+
obj.destroy
|
136
|
+
end
|
137
|
+
end
|
96
138
|
end
|
data/tests/cmd_config.yaml
CHANGED
@@ -41,11 +41,11 @@ feature-snmp-comm-acl-rw:
|
|
41
41
|
snmp-server community admincom use-acl SNMP_RW
|
42
42
|
|
43
43
|
feature-int-loopback:
|
44
|
-
command: >
|
44
|
+
command: >
|
45
45
|
interface loopback0
|
46
46
|
description testloopback
|
47
47
|
|
48
48
|
feature-int-portchannel:
|
49
|
-
command: >
|
49
|
+
command: >
|
50
50
|
interface port-channel100
|
51
51
|
description test-portchannel
|
data/tests/platform_info.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2013-
|
1
|
+
# Copyright (c) 2013-2016 Cisco and/or its affiliates.
|
2
2
|
#
|
3
3
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
4
|
# you may not use this file except in compliance with the License.
|
@@ -27,7 +27,7 @@ class PlatformInfo
|
|
27
27
|
# @param[in] device_name hostname of device on which
|
28
28
|
# UTs are to be run
|
29
29
|
#
|
30
|
-
def initialize(device_name)
|
30
|
+
def initialize(device_name, platform)
|
31
31
|
if device_name.nil? || device_name.empty?
|
32
32
|
fail 'device name must be specified in PlatformInfo constructor.'
|
33
33
|
end
|
@@ -41,6 +41,7 @@ class PlatformInfo
|
|
41
41
|
end
|
42
42
|
|
43
43
|
@platform_info_hash = project_info_hash[device_name]
|
44
|
+
@platform_info_hash ||= project_info_hash['default'][platform.to_s]
|
44
45
|
fail "Error - could not find #{device_name} device specific information " \
|
45
46
|
'in platform_info.yaml' if @platform_info_hash.nil?
|
46
47
|
end
|
@@ -0,0 +1,219 @@
|
|
1
|
+
# Copyright (c) 2013-2016 Cisco and/or its affiliates.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require_relative 'ciscotest'
|
16
|
+
require_relative '../lib/cisco_node_utils/aaa_authentication_login'
|
17
|
+
|
18
|
+
# Test class for AAA Authentication Login
|
19
|
+
class TestAaaAuthenticationLogin < CiscoTestCase
|
20
|
+
# DEFAULT(:ascii_authentication)
|
21
|
+
# => false
|
22
|
+
# rubocop:disable Style/MethodName
|
23
|
+
def DEFAULT(prop_name)
|
24
|
+
cmd_ref.lookup('aaa_authentication_login', prop_name.to_s).default_value
|
25
|
+
end
|
26
|
+
# rubocop:enable Style/MethodName
|
27
|
+
|
28
|
+
def aaaauthenticationlogin_detach(authlogin)
|
29
|
+
# Reset the device to a clean test state. Note that AAA will raise an error
|
30
|
+
# when disabling an authentication method while a different type is present.
|
31
|
+
s = @device.cmd("show run | i 'aaa authentication login'")
|
32
|
+
if s[/aaa authentication login (\S+) enable/]
|
33
|
+
config("no aaa authentication login #{Regexp.last_match(1)} enable")
|
34
|
+
end
|
35
|
+
authlogin.ascii_authentication = DEFAULT(:ascii_authentication)
|
36
|
+
authlogin.error_display = DEFAULT(:error_display)
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_get_ascii_authentication
|
40
|
+
aaaauthlogin = AaaAuthenticationLogin
|
41
|
+
|
42
|
+
config('no aaa authentication login ascii-authentication')
|
43
|
+
refute(aaaauthlogin.ascii_authentication)
|
44
|
+
|
45
|
+
config('aaa authentication login ascii-authentication')
|
46
|
+
assert(aaaauthlogin.ascii_authentication,
|
47
|
+
'Error: AAA authentication login ascii get with preconfig')
|
48
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_get_default_ascii_authentication
|
52
|
+
aaaauthlogin = AaaAuthenticationLogin
|
53
|
+
config('no aaa authentication login ascii-authentication')
|
54
|
+
assert_equal(DEFAULT(:ascii_authentication),
|
55
|
+
aaaauthlogin.default_ascii_authentication,
|
56
|
+
'Error: AAA authentication login, default ascii incorrect')
|
57
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_set_ascii_authentication
|
61
|
+
aaaauthlogin = AaaAuthenticationLogin
|
62
|
+
|
63
|
+
aaaauthlogin.ascii_authentication = true
|
64
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
65
|
+
pattern: /^aaa authentication login ascii-authentication/)
|
66
|
+
|
67
|
+
aaaauthlogin.ascii_authentication = false
|
68
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
69
|
+
pattern: /^aaa authentication login ascii-authentication/)
|
70
|
+
|
71
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
72
|
+
end
|
73
|
+
|
74
|
+
def test_get_chap
|
75
|
+
aaaauthlogin = AaaAuthenticationLogin
|
76
|
+
|
77
|
+
config('no aaa authentication login chap enable')
|
78
|
+
refute(aaaauthlogin.chap)
|
79
|
+
|
80
|
+
config('aaa authentication login chap enable')
|
81
|
+
assert(aaaauthlogin.chap,
|
82
|
+
"Error: AAA authentication login chap get with preconfig\n")
|
83
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
84
|
+
end
|
85
|
+
|
86
|
+
def test_get_default_chap
|
87
|
+
aaaauthlogin = AaaAuthenticationLogin
|
88
|
+
|
89
|
+
config('no aaa authentication login chap enable')
|
90
|
+
assert_equal(DEFAULT(:chap),
|
91
|
+
aaaauthlogin.default_chap,
|
92
|
+
'Error: AAA authentication login, default chap incorrect')
|
93
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
94
|
+
end
|
95
|
+
|
96
|
+
def test_set_chap
|
97
|
+
aaaauthlogin = AaaAuthenticationLogin
|
98
|
+
|
99
|
+
aaaauthlogin.chap = true
|
100
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
101
|
+
pattern: /^aaa authentication login chap enable/)
|
102
|
+
aaaauthlogin.chap = false
|
103
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
104
|
+
pattern: /^aaa authentication login chap enable/)
|
105
|
+
|
106
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
107
|
+
end
|
108
|
+
|
109
|
+
def test_get_error_display
|
110
|
+
aaaauthlogin = AaaAuthenticationLogin
|
111
|
+
|
112
|
+
config('no aaa authentication login error-enable')
|
113
|
+
refute(aaaauthlogin.error_display,
|
114
|
+
'Error: AAA authentication login error display get')
|
115
|
+
|
116
|
+
config('aaa authentication login error-enable')
|
117
|
+
assert(aaaauthlogin.error_display,
|
118
|
+
'Error: AAA authentication login error display get with preconfig')
|
119
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
120
|
+
end
|
121
|
+
|
122
|
+
def test_get_default_error_display
|
123
|
+
aaaauthlogin = AaaAuthenticationLogin
|
124
|
+
|
125
|
+
config('no aaa authentication login error-enable')
|
126
|
+
assert_equal(DEFAULT(:error_display),
|
127
|
+
aaaauthlogin.default_error_display,
|
128
|
+
'Error: default error display incorrect')
|
129
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
130
|
+
end
|
131
|
+
|
132
|
+
def test_set_error_display
|
133
|
+
aaaauthlogin = AaaAuthenticationLogin
|
134
|
+
|
135
|
+
aaaauthlogin.error_display = true
|
136
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
137
|
+
pattern: /^aaa authentication login error-enable/)
|
138
|
+
|
139
|
+
aaaauthlogin.error_display = false
|
140
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
141
|
+
pattern: /^aaa authentication login error-enable/)
|
142
|
+
|
143
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
144
|
+
end
|
145
|
+
|
146
|
+
def test_get_mschap
|
147
|
+
aaaauthlogin = AaaAuthenticationLogin
|
148
|
+
|
149
|
+
config('no aaa authentication login mschap enable')
|
150
|
+
refute(aaaauthlogin.mschap,
|
151
|
+
"Error: AAA authentication login mschap get\n")
|
152
|
+
|
153
|
+
config('aaa authentication login mschap enable')
|
154
|
+
assert(aaaauthlogin.mschap,
|
155
|
+
"Error: AAA authentication login mschap get with preconfig\n")
|
156
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
157
|
+
end
|
158
|
+
|
159
|
+
def test_get_default_mschap
|
160
|
+
aaaauthlogin = AaaAuthenticationLogin
|
161
|
+
|
162
|
+
config('no aaa authentication login mschap enable')
|
163
|
+
assert_equal(DEFAULT(:mschap),
|
164
|
+
aaaauthlogin.default_mschap,
|
165
|
+
'Error: AAA authentication login, default mschap incorrect')
|
166
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
167
|
+
end
|
168
|
+
|
169
|
+
def test_set_mschap
|
170
|
+
aaaauthlogin = AaaAuthenticationLogin
|
171
|
+
|
172
|
+
aaaauthlogin.mschap = true
|
173
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
174
|
+
pattern: /^aaa authentication login mschap enable/)
|
175
|
+
|
176
|
+
aaaauthlogin.mschap = false
|
177
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
178
|
+
pattern: /^aaa authentication login mschap enable/)
|
179
|
+
|
180
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
181
|
+
end
|
182
|
+
|
183
|
+
def test_get_mschapv2
|
184
|
+
aaaauthlogin = AaaAuthenticationLogin
|
185
|
+
|
186
|
+
config('no aaa authentication login mschapv2 enable')
|
187
|
+
refute(aaaauthlogin.mschapv2,
|
188
|
+
"Error: AAA authentication login mschapv2 get\n")
|
189
|
+
|
190
|
+
config('aaa authentication login mschapv2 enable')
|
191
|
+
assert(aaaauthlogin.mschapv2,
|
192
|
+
"Error: AAA authentication login mschapv2 get with preconfig\n")
|
193
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
194
|
+
end
|
195
|
+
|
196
|
+
def test_get_default_mschapv2
|
197
|
+
aaaauthlogin = AaaAuthenticationLogin
|
198
|
+
|
199
|
+
config('no aaa authentication login mschapv2 enable')
|
200
|
+
assert_equal(DEFAULT(:mschapv2),
|
201
|
+
aaaauthlogin.default_mschapv2,
|
202
|
+
'Error: AAA authentication login, default mschapv2 incorrect')
|
203
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
204
|
+
end
|
205
|
+
|
206
|
+
def test_set_mschapv2
|
207
|
+
aaaauthlogin = AaaAuthenticationLogin
|
208
|
+
|
209
|
+
aaaauthlogin.mschapv2 = true
|
210
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
211
|
+
pattern: /^aaa authentication login mschapv2 enable/)
|
212
|
+
|
213
|
+
aaaauthlogin.mschapv2 = false
|
214
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
215
|
+
pattern: /^aaa authentication login mschapv2 enable/)
|
216
|
+
|
217
|
+
aaaauthenticationlogin_detach(aaaauthlogin)
|
218
|
+
end
|
219
|
+
end
|
@@ -0,0 +1,759 @@
|
|
1
|
+
# Copyright (c) 2014-2016 Cisco and/or its affiliates.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require_relative 'ciscotest'
|
16
|
+
require_relative '../lib/cisco_node_utils/aaa_authentication_login_service'
|
17
|
+
|
18
|
+
AAA_AUTH_LOGIN_SERVICE_METHOD_NONE = :none
|
19
|
+
AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL = :local
|
20
|
+
AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED = :unselected
|
21
|
+
|
22
|
+
# Test class for AAA Authentication Login Service
|
23
|
+
class TestAaaAuthenticationLoginService < CiscoTestCase
|
24
|
+
def unconfig_tacacs
|
25
|
+
config('no feature tacacs+')
|
26
|
+
end
|
27
|
+
|
28
|
+
def unconfig_aaa
|
29
|
+
# configure defaults = unconfigure
|
30
|
+
config('aaa authentication login default local')
|
31
|
+
config('aaa authentication login console local')
|
32
|
+
end
|
33
|
+
|
34
|
+
def config_tacacs_servers(servers)
|
35
|
+
config('feature tacacs+')
|
36
|
+
servers.each do |server|
|
37
|
+
config("aaa group server tacacs+ #{server}")
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def aaaauthloginservices_default
|
42
|
+
config('aaa authentication login default local')
|
43
|
+
config('aaa authentication login console local')
|
44
|
+
end
|
45
|
+
|
46
|
+
def aaaauthloginservice_detach(authloginservice, revert=true)
|
47
|
+
aaaauthloginservices_default if revert != false
|
48
|
+
authloginservice.destroy
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_create_empty_service
|
52
|
+
assert_raises(ArgumentError) do
|
53
|
+
AaaAuthenticationLoginService.new('')
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def test_create_invalid_service
|
58
|
+
assert_raises(TypeError) do
|
59
|
+
AaaAuthenticationLoginService.new(:test)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
def test_create_service_default
|
64
|
+
aaaauthloginservice = AaaAuthenticationLoginService.new('default')
|
65
|
+
refute_nil(aaaauthloginservice,
|
66
|
+
'Error: login service default create')
|
67
|
+
aaaauthloginservice_detach(aaaauthloginservice) unless
|
68
|
+
aaaauthloginservice.nil?
|
69
|
+
end
|
70
|
+
|
71
|
+
def test_create_service_console
|
72
|
+
aaaauthloginservice = AaaAuthenticationLoginService.new('console')
|
73
|
+
refute_nil(aaaauthloginservice,
|
74
|
+
'Error: login service console create')
|
75
|
+
aaaauthloginservice_detach(aaaauthloginservice) unless
|
76
|
+
aaaauthloginservice.nil?
|
77
|
+
end
|
78
|
+
|
79
|
+
def test_collection_with_service_default
|
80
|
+
unconfig_aaa
|
81
|
+
aaaauthloginservice_list = AaaAuthenticationLoginService.services
|
82
|
+
refute_empty(aaaauthloginservice_list,
|
83
|
+
'Error: service collection is not filled')
|
84
|
+
assert_equal(1, aaaauthloginservice_list.size,
|
85
|
+
'Error: collection not reporting correct ')
|
86
|
+
assert(aaaauthloginservice_list.key?('default'),
|
87
|
+
'Error: collection does contain default')
|
88
|
+
aaaauthloginservice_list.each do |name, aaaauthloginservice|
|
89
|
+
assert_equal(name, aaaauthloginservice.name,
|
90
|
+
"Error: Invalid name #{name} in collection")
|
91
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
92
|
+
aaaauthloginservice.method,
|
93
|
+
'Error: Invalid method for defaultin collection')
|
94
|
+
assert_empty(aaaauthloginservice.groups,
|
95
|
+
'Error: Invalid groups for default in collection')
|
96
|
+
aaaauthloginservice_detach(aaaauthloginservice, false)
|
97
|
+
end
|
98
|
+
aaaauthloginservices_default
|
99
|
+
end
|
100
|
+
|
101
|
+
def test_collection_with_service_default_and_console
|
102
|
+
unconfig_aaa
|
103
|
+
# preconfig console
|
104
|
+
config('aaa authentication login console none')
|
105
|
+
|
106
|
+
aaaauthloginservice_list = AaaAuthenticationLoginService.services
|
107
|
+
refute_empty(aaaauthloginservice_list,
|
108
|
+
'Error: service collection is not filled')
|
109
|
+
assert_equal(2, aaaauthloginservice_list.size,
|
110
|
+
'Error: collection not reporting correct size')
|
111
|
+
assert(aaaauthloginservice_list.key?('default'),
|
112
|
+
'Error: collection does contain default')
|
113
|
+
assert(aaaauthloginservice_list.key?('console'),
|
114
|
+
'Error: collection does contain console')
|
115
|
+
aaaauthloginservice_list.each do |name, aaaauthloginservice|
|
116
|
+
assert_equal(name, aaaauthloginservice.name,
|
117
|
+
"Error: Invalid name #{name} in collection")
|
118
|
+
if name == 'default'
|
119
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
120
|
+
aaaauthloginservice.method,
|
121
|
+
'Error: Invalid method for default in collection')
|
122
|
+
end
|
123
|
+
|
124
|
+
if name == 'console'
|
125
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
126
|
+
aaaauthloginservice.method,
|
127
|
+
'Error: Invalid method for console in collection')
|
128
|
+
end
|
129
|
+
|
130
|
+
assert_equal([], aaaauthloginservice.groups,
|
131
|
+
'Error: Invalid groups for default in collection')
|
132
|
+
aaaauthloginservice_detach(aaaauthloginservice, false)
|
133
|
+
end
|
134
|
+
aaaauthloginservices_default
|
135
|
+
end
|
136
|
+
|
137
|
+
def test_collection_with_service_default_and_console_with_group
|
138
|
+
# preconfig servers
|
139
|
+
servers = %w(group1 group2)
|
140
|
+
config_tacacs_servers(servers)
|
141
|
+
|
142
|
+
# preconfig console
|
143
|
+
# we need in some specific order
|
144
|
+
config('aaa authentication login default group group2 group1 none',
|
145
|
+
'aaa authentication login console group group1')
|
146
|
+
|
147
|
+
aaaauthloginservice_list = AaaAuthenticationLoginService.services
|
148
|
+
refute_empty(aaaauthloginservice_list,
|
149
|
+
'Error: service collection is not filled')
|
150
|
+
assert_equal(2, aaaauthloginservice_list.size,
|
151
|
+
'Error: Login collection not reporting correct size')
|
152
|
+
assert(aaaauthloginservice_list.key?('default'),
|
153
|
+
'Error: collection does contain default')
|
154
|
+
assert(aaaauthloginservice_list.key?('console'),
|
155
|
+
'Error: collection does contain console')
|
156
|
+
aaaauthloginservice_list.each do |name, aaaauthloginservice|
|
157
|
+
assert_equal(name, aaaauthloginservice.name,
|
158
|
+
"Error: Invalid name #{name} in collection")
|
159
|
+
|
160
|
+
if name == 'default'
|
161
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
162
|
+
aaaauthloginservice.method,
|
163
|
+
'Error: Invalid method for default in collection')
|
164
|
+
groups = %w(group2 group1)
|
165
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
166
|
+
'Error: Invalid groups for default in collection')
|
167
|
+
end
|
168
|
+
|
169
|
+
if name == 'console'
|
170
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED,
|
171
|
+
aaaauthloginservice.method,
|
172
|
+
'Error: Invalid method for console in collection')
|
173
|
+
groups = ['group1']
|
174
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
175
|
+
'Error: Invalid groups for default in collection')
|
176
|
+
end
|
177
|
+
aaaauthloginservice_detach(aaaauthloginservice, false)
|
178
|
+
end
|
179
|
+
aaaauthloginservices_default
|
180
|
+
unconfig_tacacs
|
181
|
+
end
|
182
|
+
|
183
|
+
def test_service_default_get_method
|
184
|
+
aaaauthloginservice =
|
185
|
+
AaaAuthenticationLoginService.new('default')
|
186
|
+
|
187
|
+
# default case
|
188
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
189
|
+
aaaauthloginservice.method,
|
190
|
+
'Error: login service default get method for local')
|
191
|
+
|
192
|
+
# preconfig default
|
193
|
+
config('aaa authentication login default none')
|
194
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
195
|
+
aaaauthloginservice.method,
|
196
|
+
'Error: login service default get method for none')
|
197
|
+
|
198
|
+
# preconfig servers
|
199
|
+
servers = %w(bxb100 bxb200)
|
200
|
+
config_tacacs_servers(servers)
|
201
|
+
|
202
|
+
# preconfig default
|
203
|
+
config('aaa authentication login default group bxb100 bxb200')
|
204
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED,
|
205
|
+
aaaauthloginservice.method,
|
206
|
+
'Error: login service group or method incorrect')
|
207
|
+
|
208
|
+
# preconfig default
|
209
|
+
config('aaa authentication login default group bxb200 none')
|
210
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
211
|
+
aaaauthloginservice.method,
|
212
|
+
"Error: login service group incorrect or method not 'none'")
|
213
|
+
|
214
|
+
# cleanup
|
215
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
216
|
+
unconfig_tacacs
|
217
|
+
end
|
218
|
+
|
219
|
+
def test_service_console_get_method
|
220
|
+
aaaauthloginservice = AaaAuthenticationLoginService.new('console')
|
221
|
+
|
222
|
+
# default case
|
223
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
224
|
+
aaaauthloginservice.method,
|
225
|
+
"Error: login service method not 'local'")
|
226
|
+
|
227
|
+
# preconfig console
|
228
|
+
config('aaa authentication login console none')
|
229
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
230
|
+
aaaauthloginservice.method,
|
231
|
+
"Error: login service method not 'none'")
|
232
|
+
|
233
|
+
# preconfig servers
|
234
|
+
servers = %w(bxb100 bxb200)
|
235
|
+
config_tacacs_servers(servers)
|
236
|
+
|
237
|
+
# preconfig console
|
238
|
+
config('aaa authentication login console group bxb100 bxb200')
|
239
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED,
|
240
|
+
aaaauthloginservice.method,
|
241
|
+
"Error: login service method not 'unselected'")
|
242
|
+
|
243
|
+
# preconfig console
|
244
|
+
config('aaa authentication login console group bxb200 none')
|
245
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
246
|
+
aaaauthloginservice.method,
|
247
|
+
"Error: login service group incorrect or method not 'none'")
|
248
|
+
|
249
|
+
# cleanup
|
250
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
251
|
+
unconfig_tacacs
|
252
|
+
end
|
253
|
+
|
254
|
+
def test_get_default_method
|
255
|
+
# service default
|
256
|
+
aaaauthloginservice =
|
257
|
+
AaaAuthenticationLoginService.new('default')
|
258
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
259
|
+
aaaauthloginservice.default_method,
|
260
|
+
'Error: login service default, default method')
|
261
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
262
|
+
|
263
|
+
# service console
|
264
|
+
aaaauthloginservice =
|
265
|
+
AaaAuthenticationLoginService.new('console')
|
266
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
267
|
+
aaaauthloginservice.default_method,
|
268
|
+
'Error: login service console, default method')
|
269
|
+
aaaauthloginservice_detach(aaaauthloginservice, false)
|
270
|
+
end
|
271
|
+
|
272
|
+
def test_service_default_get_groups
|
273
|
+
aaaauthloginservice =
|
274
|
+
AaaAuthenticationLoginService.new('default')
|
275
|
+
|
276
|
+
# default case
|
277
|
+
assert_equal(aaaauthloginservice.default_groups, aaaauthloginservice.groups,
|
278
|
+
'Error: login service default get groups for default')
|
279
|
+
|
280
|
+
# preconfig servers
|
281
|
+
servers = %w(bxb100 sjc200 rtp10)
|
282
|
+
config_tacacs_servers(servers)
|
283
|
+
|
284
|
+
# preconfig default
|
285
|
+
config('aaa authentication login default group bxb100 sjc200')
|
286
|
+
groups = %w(bxb100 sjc200)
|
287
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
288
|
+
'Error: login service default get groups')
|
289
|
+
|
290
|
+
# preconfig default
|
291
|
+
config('aaa authentication login default group sjc200 bxb100 rtp10 none')
|
292
|
+
groups = %w(sjc200 bxb100 rtp10)
|
293
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
294
|
+
'Error: login service default get groups')
|
295
|
+
|
296
|
+
# cleanup
|
297
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
298
|
+
unconfig_tacacs
|
299
|
+
end
|
300
|
+
|
301
|
+
def test_service_console_get_groups
|
302
|
+
aaaauthloginservice =
|
303
|
+
AaaAuthenticationLoginService.new('console')
|
304
|
+
|
305
|
+
# default case
|
306
|
+
assert_equal(aaaauthloginservice.default_groups, aaaauthloginservice.groups,
|
307
|
+
'Error: login service console get groups for default')
|
308
|
+
|
309
|
+
# preconfig servers
|
310
|
+
servers = %w(bxb100 sjc200 rtp10)
|
311
|
+
config_tacacs_servers(servers)
|
312
|
+
|
313
|
+
# preconfig console
|
314
|
+
config('aaa authentication login console group bxb100 sjc200')
|
315
|
+
groups = %w(bxb100 sjc200)
|
316
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
317
|
+
"Error: login service console get groups #{groups}")
|
318
|
+
|
319
|
+
# preconfig console
|
320
|
+
config('aaa authentication login console group rtp10 bxb100 none')
|
321
|
+
groups = %w(rtp10 bxb100)
|
322
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
323
|
+
"Error: login service console get groups #{groups}")
|
324
|
+
|
325
|
+
# preconfig console
|
326
|
+
config('aaa authentication login console group sjc200 bxb100 rtp10')
|
327
|
+
groups = %w(sjc200 bxb100 rtp10)
|
328
|
+
assert_equal(groups, aaaauthloginservice.groups,
|
329
|
+
"Error: login service console get groups #{groups}")
|
330
|
+
|
331
|
+
# cleanup
|
332
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
333
|
+
unconfig_tacacs
|
334
|
+
end
|
335
|
+
|
336
|
+
# rubocop:disable Metrics/MethodLength
|
337
|
+
# TODO: Consider refactoring this method
|
338
|
+
def test_service_default_and_console_mix
|
339
|
+
aaaauthloginservice_default =
|
340
|
+
AaaAuthenticationLoginService.new('default')
|
341
|
+
aaaauthloginservice_console =
|
342
|
+
AaaAuthenticationLoginService.new('console')
|
343
|
+
|
344
|
+
# default cases
|
345
|
+
assert_equal(aaaauthloginservice_default.default_groups,
|
346
|
+
aaaauthloginservice_default.groups,
|
347
|
+
'Error: login default, get groups default')
|
348
|
+
assert_equal(aaaauthloginservice_console.default_groups,
|
349
|
+
aaaauthloginservice_console.groups,
|
350
|
+
'Error: login console, get groups default')
|
351
|
+
assert_equal(aaaauthloginservice_default.default_method,
|
352
|
+
aaaauthloginservice_default.method,
|
353
|
+
'Error: login default, get method default')
|
354
|
+
assert_equal(aaaauthloginservice_console.default_method,
|
355
|
+
aaaauthloginservice_console.method,
|
356
|
+
'Error: login console, get method default')
|
357
|
+
|
358
|
+
# preconfig servers
|
359
|
+
servers = %w(bxb100 sjc200 rtp10)
|
360
|
+
config_tacacs_servers(servers)
|
361
|
+
|
362
|
+
groups = %w(bxb100 sjc200)
|
363
|
+
aaaauthloginservice_default.groups_method_set(
|
364
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED)
|
365
|
+
|
366
|
+
assert_equal(groups, aaaauthloginservice_default.groups,
|
367
|
+
"Error: login default, get groups #{groups}")
|
368
|
+
assert_empty(aaaauthloginservice_console.groups,
|
369
|
+
'Error: login console, get groups non empty')
|
370
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED,
|
371
|
+
aaaauthloginservice_default.method,
|
372
|
+
'Error: login default, get method')
|
373
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
374
|
+
aaaauthloginservice_console.method,
|
375
|
+
'Error: login console, get method')
|
376
|
+
|
377
|
+
# set groups
|
378
|
+
aaaauthloginservice_default.groups_method_set(
|
379
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
380
|
+
aaaauthloginservice_console.groups_method_set(
|
381
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
382
|
+
|
383
|
+
# get
|
384
|
+
assert(aaaauthloginservice_default.groups.empty?,
|
385
|
+
'Error: login default ,get groups non empty')
|
386
|
+
assert_empty(aaaauthloginservice_console.groups,
|
387
|
+
'Error: login console, get groups empty')
|
388
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
389
|
+
aaaauthloginservice_default.method,
|
390
|
+
'Error: login default, get method none')
|
391
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
392
|
+
aaaauthloginservice_console.method,
|
393
|
+
'Error: login console, get method none')
|
394
|
+
|
395
|
+
# set groups
|
396
|
+
aaaauthloginservice_default.groups_method_set(
|
397
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
398
|
+
aaaauthloginservice_console.groups_method_set(
|
399
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
400
|
+
|
401
|
+
# get
|
402
|
+
assert_empty(aaaauthloginservice_default.groups,
|
403
|
+
'Error: login default, get groups non-empty')
|
404
|
+
assert_empty(aaaauthloginservice_console.groups,
|
405
|
+
'Error: login console, get groups non-empty')
|
406
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
407
|
+
aaaauthloginservice_default.method,
|
408
|
+
'Error: login default, get method local')
|
409
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
410
|
+
aaaauthloginservice_console.method,
|
411
|
+
'Error: login console, get method local')
|
412
|
+
|
413
|
+
# set groups
|
414
|
+
aaaauthloginservice_default.groups_method_set(
|
415
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
416
|
+
aaaauthloginservice_console.groups_method_set(
|
417
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
418
|
+
|
419
|
+
# get
|
420
|
+
assert_empty(aaaauthloginservice_default.groups,
|
421
|
+
'Error: login default, get groups non-empty')
|
422
|
+
assert_empty(aaaauthloginservice_console.groups,
|
423
|
+
'Error: login console, get groups non-empty')
|
424
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
425
|
+
aaaauthloginservice_default.method,
|
426
|
+
'Error: login default, get method none')
|
427
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
428
|
+
aaaauthloginservice_console.method,
|
429
|
+
'Error: login console, get method local')
|
430
|
+
|
431
|
+
# set groups
|
432
|
+
aaaauthloginservice_default.groups_method_set(
|
433
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
434
|
+
aaaauthloginservice_console.groups_method_set(
|
435
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
436
|
+
|
437
|
+
# get
|
438
|
+
assert_empty(aaaauthloginservice_default.groups,
|
439
|
+
'Error: login default, get groups non-empty')
|
440
|
+
assert_empty(aaaauthloginservice_console.groups,
|
441
|
+
'Error: login console, get groups non-empty')
|
442
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
443
|
+
aaaauthloginservice_default.method,
|
444
|
+
'Error: login default, get method local')
|
445
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
446
|
+
aaaauthloginservice_console.method,
|
447
|
+
'Error: login console, get method none')
|
448
|
+
|
449
|
+
# set groups
|
450
|
+
groups_default = ['bxb100']
|
451
|
+
groups_console = %w(bxb100 sjc200)
|
452
|
+
aaaauthloginservice_default.groups_method_set(
|
453
|
+
groups_default, AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED)
|
454
|
+
aaaauthloginservice_console.groups_method_set(
|
455
|
+
groups_console, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
456
|
+
|
457
|
+
# get
|
458
|
+
assert_equal(groups_default,
|
459
|
+
aaaauthloginservice_default.groups,
|
460
|
+
"Error: login default, get groups #{groups}")
|
461
|
+
assert_equal(groups_console,
|
462
|
+
aaaauthloginservice_console.groups,
|
463
|
+
"Error: login console, get groups #{groups}")
|
464
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED,
|
465
|
+
aaaauthloginservice_default.method,
|
466
|
+
'Error: login default, get method local')
|
467
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
468
|
+
aaaauthloginservice_console.method,
|
469
|
+
'Error: login console, get method none')
|
470
|
+
|
471
|
+
# set same groups and method
|
472
|
+
groups = ['bxb100']
|
473
|
+
aaaauthloginservice_default.groups_method_set(
|
474
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
475
|
+
aaaauthloginservice_console.groups_method_set(
|
476
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
477
|
+
# get
|
478
|
+
assert_equal(groups,
|
479
|
+
aaaauthloginservice_default.groups,
|
480
|
+
"Error: login default, get groups #{groups}")
|
481
|
+
assert_equal(groups,
|
482
|
+
aaaauthloginservice_console.groups,
|
483
|
+
"Error: login console, get groups #{groups}")
|
484
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
485
|
+
aaaauthloginservice_default.method,
|
486
|
+
'Error: login default, get method none')
|
487
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
488
|
+
aaaauthloginservice_console.method,
|
489
|
+
'Error: login console, get method none')
|
490
|
+
|
491
|
+
# set group for console and empty for default
|
492
|
+
groups = %w(bxb100 rtp10)
|
493
|
+
aaaauthloginservice_default.groups_method_set(
|
494
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
495
|
+
aaaauthloginservice_console.groups_method_set(
|
496
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
497
|
+
|
498
|
+
# get
|
499
|
+
assert_empty(aaaauthloginservice_default.groups,
|
500
|
+
'Error: login default, get groups non empty')
|
501
|
+
assert_equal(groups,
|
502
|
+
aaaauthloginservice_console.groups,
|
503
|
+
"Error: login console, get groups #{groups}")
|
504
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
505
|
+
aaaauthloginservice_default.method,
|
506
|
+
'Error: login default, get method local')
|
507
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
508
|
+
aaaauthloginservice_console.method,
|
509
|
+
'Error: login console, get method none')
|
510
|
+
|
511
|
+
# set groups for default and empty for console
|
512
|
+
groups = %w(bxb100 rtp10)
|
513
|
+
aaaauthloginservice_default.groups_method_set(
|
514
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
515
|
+
aaaauthloginservice_console.groups_method_set(
|
516
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
517
|
+
|
518
|
+
# get
|
519
|
+
assert_equal(groups,
|
520
|
+
aaaauthloginservice_default.groups,
|
521
|
+
"Error: login default, get groups #{groups}")
|
522
|
+
assert_empty(aaaauthloginservice_console.groups,
|
523
|
+
'Error: login console, get groups non-empty')
|
524
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
525
|
+
aaaauthloginservice_default.method,
|
526
|
+
'Error: login default, get method none')
|
527
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL,
|
528
|
+
aaaauthloginservice_console.method,
|
529
|
+
'Error: login console, get method local')
|
530
|
+
|
531
|
+
# set group for default and empty for console, same methos none
|
532
|
+
groups = %w(bxb100 rtp10)
|
533
|
+
aaaauthloginservice_default.groups_method_set(
|
534
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
535
|
+
aaaauthloginservice_console.groups_method_set(
|
536
|
+
[], AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
537
|
+
|
538
|
+
# get
|
539
|
+
assert_equal(groups,
|
540
|
+
aaaauthloginservice_default.groups,
|
541
|
+
"Error: login default, get groups #{groups}")
|
542
|
+
assert_empty(aaaauthloginservice_console.groups,
|
543
|
+
'Error: login console, get groups non-empty')
|
544
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
545
|
+
aaaauthloginservice_default.method,
|
546
|
+
'Error: login default, get method none')
|
547
|
+
assert_equal(AAA_AUTH_LOGIN_SERVICE_METHOD_NONE,
|
548
|
+
aaaauthloginservice_console.method,
|
549
|
+
'Error: login console, get method none')
|
550
|
+
|
551
|
+
# cleanup
|
552
|
+
aaaauthloginservice_detach(aaaauthloginservice_default)
|
553
|
+
aaaauthloginservice_detach(aaaauthloginservice_console)
|
554
|
+
unconfig_tacacs
|
555
|
+
end
|
556
|
+
# rubocop:enable Metrics/MethodLength,Metrics/AbcSize
|
557
|
+
|
558
|
+
def test_get_default_groups
|
559
|
+
# service default
|
560
|
+
aaaauthloginservice =
|
561
|
+
AaaAuthenticationLoginService.new('default')
|
562
|
+
assert_empty(aaaauthloginservice.default_groups,
|
563
|
+
'Error: login default, default groups')
|
564
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
565
|
+
|
566
|
+
# service console
|
567
|
+
aaaauthloginservice =
|
568
|
+
AaaAuthenticationLoginService.new('console')
|
569
|
+
assert_empty(aaaauthloginservice.default_groups,
|
570
|
+
'Error: login console, default groups')
|
571
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
572
|
+
end
|
573
|
+
|
574
|
+
def test_service_default_set_groups
|
575
|
+
# preconfig servers
|
576
|
+
prefix = '^aaa authentication login default group '
|
577
|
+
servers = %w(bxb100 sjc200 rtp10)
|
578
|
+
config_tacacs_servers(servers)
|
579
|
+
|
580
|
+
# service default
|
581
|
+
service = 'default'
|
582
|
+
aaaauthloginservice =
|
583
|
+
AaaAuthenticationLoginService.new(service)
|
584
|
+
|
585
|
+
# one group and method is unselected
|
586
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED
|
587
|
+
groups = ['bxb100']
|
588
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
589
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
590
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
591
|
+
|
592
|
+
# multiple group and method is unselected
|
593
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED
|
594
|
+
groups = %w(bxb100 sjc200)
|
595
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
596
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
597
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
598
|
+
|
599
|
+
# multi group and method is none
|
600
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_NONE
|
601
|
+
groups = %w(rtp10 bxb100 sjc200)
|
602
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
603
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
604
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
605
|
+
|
606
|
+
# default group and method
|
607
|
+
method = aaaauthloginservice.default_method
|
608
|
+
groups = aaaauthloginservice.default_groups
|
609
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
610
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
611
|
+
pattern: /^aaa authentication login default local/)
|
612
|
+
|
613
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
614
|
+
unconfig_tacacs
|
615
|
+
end
|
616
|
+
|
617
|
+
def test_service_console_set_groups
|
618
|
+
# preconfig servers
|
619
|
+
prefix = '^aaa authentication login console group '
|
620
|
+
servers = %w(bxb100 sjc200 rtp10)
|
621
|
+
config_tacacs_servers(servers)
|
622
|
+
|
623
|
+
# service console
|
624
|
+
service = 'console'
|
625
|
+
aaaauthloginservice =
|
626
|
+
AaaAuthenticationLoginService.new(service)
|
627
|
+
|
628
|
+
# one group and method is unselected
|
629
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED
|
630
|
+
groups = ['bxb100']
|
631
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
632
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
633
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
634
|
+
|
635
|
+
# multi group and method is unselected
|
636
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED
|
637
|
+
groups = %w(bxb100 sjc200)
|
638
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
639
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
640
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
641
|
+
|
642
|
+
# multi group and method is none
|
643
|
+
method = AAA_AUTH_LOGIN_SERVICE_METHOD_NONE
|
644
|
+
groups = %w(rtp10 bxb100 sjc200)
|
645
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
646
|
+
assert_show_match(command: 'show run aaa all | no-more',
|
647
|
+
pattern: Regexp.new(prefix + groups.join(' ')))
|
648
|
+
|
649
|
+
# default group and method
|
650
|
+
method = aaaauthloginservice.default_method
|
651
|
+
groups = aaaauthloginservice.default_groups
|
652
|
+
aaaauthloginservice.groups_method_set(groups, method)
|
653
|
+
refute_show_match(command: 'show run aaa all | no-more',
|
654
|
+
pattern: /^aaa authentication login console local/)
|
655
|
+
|
656
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
657
|
+
unconfig_tacacs
|
658
|
+
end
|
659
|
+
|
660
|
+
def test_service_set_groups_invalid_groups
|
661
|
+
# preconfig servers
|
662
|
+
servers = %w(bxb100 sjc200 rtp10)
|
663
|
+
config_tacacs_servers(servers)
|
664
|
+
|
665
|
+
# service default
|
666
|
+
service = 'default'
|
667
|
+
aaaauthloginservice =
|
668
|
+
AaaAuthenticationLoginService.new(service)
|
669
|
+
|
670
|
+
# one invalid group
|
671
|
+
groups = ['test1']
|
672
|
+
assert_raises(RuntimeError) do
|
673
|
+
aaaauthloginservice.groups_method_set(
|
674
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
675
|
+
end
|
676
|
+
|
677
|
+
# multiple groups with invalid group
|
678
|
+
groups = %w(rtp10 test2 bxb100)
|
679
|
+
assert_raises(CliError) do
|
680
|
+
aaaauthloginservice.groups_method_set(
|
681
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
682
|
+
end
|
683
|
+
|
684
|
+
# multiple groups with invalid group
|
685
|
+
groups = %w(test4 test2 bxb100)
|
686
|
+
assert_raises(CliError) do
|
687
|
+
aaaauthloginservice.groups_method_set(
|
688
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
689
|
+
end
|
690
|
+
|
691
|
+
# invalid array
|
692
|
+
groups = ['bxb100', 100, 'bxb100']
|
693
|
+
assert_raises(TypeError) do
|
694
|
+
aaaauthloginservice.groups_method_set(
|
695
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
696
|
+
end
|
697
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
698
|
+
|
699
|
+
# repeat the test for service 'console'
|
700
|
+
service = 'console'
|
701
|
+
aaaauthloginservice =
|
702
|
+
AaaAuthenticationLoginService.new(service)
|
703
|
+
|
704
|
+
# one invalid group
|
705
|
+
groups = ['test1']
|
706
|
+
assert_raises(CliError) do
|
707
|
+
aaaauthloginservice.groups_method_set(
|
708
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_UNSELECTED)
|
709
|
+
end
|
710
|
+
|
711
|
+
# multiple group with invalid group
|
712
|
+
groups = %w(rtp1 test1 bxb100)
|
713
|
+
assert_raises(RuntimeError) do
|
714
|
+
aaaauthloginservice.groups_method_set(
|
715
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_LOCAL)
|
716
|
+
end
|
717
|
+
|
718
|
+
# multiple group with invalid group
|
719
|
+
groups = %w(rtp10 test1 bxb100)
|
720
|
+
assert_raises(CliError) do
|
721
|
+
aaaauthloginservice.groups_method_set(
|
722
|
+
groups, AAA_AUTH_LOGIN_SERVICE_METHOD_NONE)
|
723
|
+
end
|
724
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
725
|
+
unconfig_tacacs
|
726
|
+
end
|
727
|
+
|
728
|
+
def test_service_set_groups_invalid_method
|
729
|
+
# service default
|
730
|
+
service = 'default'
|
731
|
+
aaaauthloginservice =
|
732
|
+
AaaAuthenticationLoginService.new(service)
|
733
|
+
|
734
|
+
assert_raises(TypeError) do
|
735
|
+
aaaauthloginservice.groups_method_set([], 'bxb100')
|
736
|
+
end
|
737
|
+
|
738
|
+
assert_raises(ArgumentError) do
|
739
|
+
aaaauthloginservice.groups_method_set([], :invalid)
|
740
|
+
end
|
741
|
+
|
742
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
743
|
+
|
744
|
+
# service console
|
745
|
+
service = 'console'
|
746
|
+
aaaauthloginservice =
|
747
|
+
AaaAuthenticationLoginService.new(service)
|
748
|
+
|
749
|
+
assert_raises(TypeError) do
|
750
|
+
aaaauthloginservice.groups_method_set([], 'test')
|
751
|
+
end
|
752
|
+
|
753
|
+
assert_raises(TypeError) do
|
754
|
+
aaaauthloginservice.groups_method_set([], 15)
|
755
|
+
end
|
756
|
+
|
757
|
+
aaaauthloginservice_detach(aaaauthloginservice)
|
758
|
+
end
|
759
|
+
end
|