RubyGems - cisco_node_utils_mgx - Versions diffs - 2.1.0.1 - Mend

cisco_node_utils_mgx 2.1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (357) hide show

checksums.yaml +7 -0
data/.gitignore +10 -0
data/.rspec +2 -0
data/.rubocop.yml +96 -0
data/.travis.yml +17 -0
data/CHANGELOG.md +676 -0
data/CONTRIBUTING.md +43 -0
data/Gemfile +10 -0
data/LICENSE +201 -0
data/README.md +246 -0
data/Rakefile +44 -0
data/SUPPORT.md +3 -0
data/bin/.rubocop.yml +18 -0
data/bin/check_metric_limits.rb +109 -0
data/bin/git/hooks/commit-msg/enforce_style +89 -0
data/bin/git/hooks/hook_lib +115 -0
data/bin/git/hooks/hooks-wrapper +38 -0
data/bin/git/hooks/post-flow-hotfix-start/update-version +24 -0
data/bin/git/hooks/post-flow-release-finish/update-version +29 -0
data/bin/git/hooks/post-flow-release-start/update-version +19 -0
data/bin/git/hooks/post-merge/update-hooks +6 -0
data/bin/git/hooks/post-rewrite/update-hooks +6 -0
data/bin/git/hooks/pre-commit/check_unstaged_changes +18 -0
data/bin/git/hooks/pre-commit/rubocop +25 -0
data/bin/git/hooks/pre-commit/validate-diffs +45 -0
data/bin/git/hooks/pre-commit/validate-yaml +18 -0
data/bin/git/hooks/pre-push/check-changelog +24 -0
data/bin/git/hooks/pre-push/rubocop +7 -0
data/bin/git/update-hooks +123 -0
data/bin/show_running_yang.rb +233 -0
data/cisco_node_utils.gemspec +41 -0
data/docs/README-develop-best-practices.md +521 -0
data/docs/README-develop-node-utils-APIs.md +570 -0
data/docs/README-maintainers.md +77 -0
data/docs/README-test-execution.md +57 -0
data/docs/README-utilities.md +14 -0
data/docs/agent_files.png +0 -0
data/docs/cisco_node_utils.yaml.example +36 -0
data/docs/template-router.rb +123 -0
data/docs/template-test_router.rb +104 -0
data/ext/mkrf_conf.rb +63 -0
data/lib/.rubocop.yml +18 -0
data/lib/cisco_node_utils/aaa_authentication_login.rb +95 -0
data/lib/cisco_node_utils/aaa_authentication_login_service.rb +138 -0
data/lib/cisco_node_utils/aaa_authorization_service.rb +156 -0
data/lib/cisco_node_utils/ace.rb +467 -0
data/lib/cisco_node_utils/acl.rb +101 -0
data/lib/cisco_node_utils/banner.rb +63 -0
data/lib/cisco_node_utils/bfd_global.rb +305 -0
data/lib/cisco_node_utils/bgp.rb +988 -0
data/lib/cisco_node_utils/bgp_af.rb +545 -0
data/lib/cisco_node_utils/bgp_af_aggr_addr.rb +207 -0
data/lib/cisco_node_utils/bgp_neighbor.rb +527 -0
data/lib/cisco_node_utils/bgp_neighbor_af.rb +780 -0
data/lib/cisco_node_utils/bridge_domain.rb +178 -0
data/lib/cisco_node_utils/bridge_domain_vni.rb +206 -0
data/lib/cisco_node_utils/cisco_cmn_utils.rb +444 -0
data/lib/cisco_node_utils/client/client.rb +238 -0
data/lib/cisco_node_utils/client/grpc/client.rb +395 -0
data/lib/cisco_node_utils/client/grpc/ems.proto +148 -0
data/lib/cisco_node_utils/client/grpc/ems.rb +111 -0
data/lib/cisco_node_utils/client/grpc/ems_services.rb +49 -0
data/lib/cisco_node_utils/client/grpc.rb +33 -0
data/lib/cisco_node_utils/client/nxapi/client.rb +368 -0
data/lib/cisco_node_utils/client/nxapi.rb +31 -0
data/lib/cisco_node_utils/client/utils.rb +180 -0
data/lib/cisco_node_utils/client.rb +35 -0
data/lib/cisco_node_utils/cmd_ref/README_YAML.md +590 -0
data/lib/cisco_node_utils/cmd_ref/aaa_auth_login_service.yaml +25 -0
data/lib/cisco_node_utils/cmd_ref/aaa_authentication_login.yaml +38 -0
data/lib/cisco_node_utils/cmd_ref/aaa_authorization_service.yaml +40 -0
data/lib/cisco_node_utils/cmd_ref/acl.yaml +48 -0
data/lib/cisco_node_utils/cmd_ref/banner.yaml +11 -0
data/lib/cisco_node_utils/cmd_ref/bfd_global.yaml +117 -0
data/lib/cisco_node_utils/cmd_ref/bgp.yaml +383 -0
data/lib/cisco_node_utils/cmd_ref/bgp_af.yaml +223 -0
data/lib/cisco_node_utils/cmd_ref/bgp_af_aa.yaml +38 -0
data/lib/cisco_node_utils/cmd_ref/bgp_neighbor.yaml +174 -0
data/lib/cisco_node_utils/cmd_ref/bgp_neighbor_af.yaml +236 -0
data/lib/cisco_node_utils/cmd_ref/bridge_domain.yaml +49 -0
data/lib/cisco_node_utils/cmd_ref/bridge_domain_vni.yaml +33 -0
data/lib/cisco_node_utils/cmd_ref/dhcp_relay_global.yaml +128 -0
data/lib/cisco_node_utils/cmd_ref/dnsclient.yaml +55 -0
data/lib/cisco_node_utils/cmd_ref/encapsulation.yaml +25 -0
data/lib/cisco_node_utils/cmd_ref/evpn_multicast.yaml +12 -0
data/lib/cisco_node_utils/cmd_ref/evpn_multisite.yaml +18 -0
data/lib/cisco_node_utils/cmd_ref/evpn_stormcontrol.yaml +18 -0
data/lib/cisco_node_utils/cmd_ref/evpn_vni.yaml +48 -0
data/lib/cisco_node_utils/cmd_ref/fabricpath.yaml +183 -0
data/lib/cisco_node_utils/cmd_ref/fabricpath_topology.yaml +40 -0
data/lib/cisco_node_utils/cmd_ref/feature.yaml +126 -0
data/lib/cisco_node_utils/cmd_ref/hostname.yaml +8 -0
data/lib/cisco_node_utils/cmd_ref/hsrp_global.yaml +25 -0
data/lib/cisco_node_utils/cmd_ref/images.yaml +8 -0
data/lib/cisco_node_utils/cmd_ref/interface.yaml +781 -0
data/lib/cisco_node_utils/cmd_ref/interface_channel_group.yaml +45 -0
data/lib/cisco_node_utils/cmd_ref/interface_evpn_multisite.yaml +17 -0
data/lib/cisco_node_utils/cmd_ref/interface_hsrp_group.yaml +120 -0
data/lib/cisco_node_utils/cmd_ref/interface_ospf.yaml +112 -0
data/lib/cisco_node_utils/cmd_ref/interface_portchannel.yaml +87 -0
data/lib/cisco_node_utils/cmd_ref/interface_service_vni.yaml +42 -0
data/lib/cisco_node_utils/cmd_ref/inventory.yaml +45 -0
data/lib/cisco_node_utils/cmd_ref/ip_multicast.yaml +22 -0
data/lib/cisco_node_utils/cmd_ref/itd_device_group.yaml +83 -0
data/lib/cisco_node_utils/cmd_ref/itd_service.yaml +119 -0
data/lib/cisco_node_utils/cmd_ref/memory.yaml +24 -0
data/lib/cisco_node_utils/cmd_ref/ntp_auth_key.yaml +10 -0
data/lib/cisco_node_utils/cmd_ref/ntp_config.yaml +27 -0
data/lib/cisco_node_utils/cmd_ref/ntp_server.yaml +34 -0
data/lib/cisco_node_utils/cmd_ref/object_group.yaml +32 -0
data/lib/cisco_node_utils/cmd_ref/ospf.yaml +91 -0
data/lib/cisco_node_utils/cmd_ref/ospf_area.yaml +91 -0
data/lib/cisco_node_utils/cmd_ref/ospf_area_vlink.yaml +88 -0
data/lib/cisco_node_utils/cmd_ref/overlay_global.yaml +37 -0
data/lib/cisco_node_utils/cmd_ref/pim.yaml +43 -0
data/lib/cisco_node_utils/cmd_ref/portchannel_global.yaml +86 -0
data/lib/cisco_node_utils/cmd_ref/radius_global.yaml +37 -0
data/lib/cisco_node_utils/cmd_ref/radius_server.yaml +100 -0
data/lib/cisco_node_utils/cmd_ref/radius_server_group.yaml +19 -0
data/lib/cisco_node_utils/cmd_ref/route_map.yaml +601 -0
data/lib/cisco_node_utils/cmd_ref/show_system.yaml +9 -0
data/lib/cisco_node_utils/cmd_ref/show_version.yaml +84 -0
data/lib/cisco_node_utils/cmd_ref/snmp_community.yaml +81 -0
data/lib/cisco_node_utils/cmd_ref/snmp_group.yaml +9 -0
data/lib/cisco_node_utils/cmd_ref/snmp_notification_receiver.yaml +74 -0
data/lib/cisco_node_utils/cmd_ref/snmp_server.yaml +91 -0
data/lib/cisco_node_utils/cmd_ref/snmp_user.yaml +57 -0
data/lib/cisco_node_utils/cmd_ref/snmpnotification.yaml +23 -0
data/lib/cisco_node_utils/cmd_ref/span_session.yaml +65 -0
data/lib/cisco_node_utils/cmd_ref/stp_global.yaml +235 -0
data/lib/cisco_node_utils/cmd_ref/syslog_facility.yaml +10 -0
data/lib/cisco_node_utils/cmd_ref/syslog_server.yaml +34 -0
data/lib/cisco_node_utils/cmd_ref/syslog_settings.yaml +45 -0
data/lib/cisco_node_utils/cmd_ref/system.yaml +7 -0
data/lib/cisco_node_utils/cmd_ref/tacacs_global.yaml +37 -0
data/lib/cisco_node_utils/cmd_ref/tacacs_server.yaml +63 -0
data/lib/cisco_node_utils/cmd_ref/tacacs_server_group.yaml +45 -0
data/lib/cisco_node_utils/cmd_ref/tacacs_server_host.yaml +64 -0
data/lib/cisco_node_utils/cmd_ref/upgrade.yaml +38 -0
data/lib/cisco_node_utils/cmd_ref/vdc.yaml +52 -0
data/lib/cisco_node_utils/cmd_ref/virtual_service.yaml +8 -0
data/lib/cisco_node_utils/cmd_ref/vlan.yaml +106 -0
data/lib/cisco_node_utils/cmd_ref/vpc.yaml +233 -0
data/lib/cisco_node_utils/cmd_ref/vrf.yaml +86 -0
data/lib/cisco_node_utils/cmd_ref/vrf_af.yaml +139 -0
data/lib/cisco_node_utils/cmd_ref/vtp.yaml +32 -0
data/lib/cisco_node_utils/cmd_ref/vxlan_vtep.yaml +114 -0
data/lib/cisco_node_utils/cmd_ref/vxlan_vtep_vni.yaml +71 -0
data/lib/cisco_node_utils/cmd_ref/yang.yaml +7 -0
data/lib/cisco_node_utils/cmd_ref/yum.yaml +68 -0
data/lib/cisco_node_utils/command_reference.rb +724 -0
data/lib/cisco_node_utils/configparser_lib.rb +195 -0
data/lib/cisco_node_utils/constants.rb +40 -0
data/lib/cisco_node_utils/dhcp_relay_global.rb +302 -0
data/lib/cisco_node_utils/dns_domain.rb +93 -0
data/lib/cisco_node_utils/domain_name.rb +82 -0
data/lib/cisco_node_utils/encapsulation.rb +112 -0
data/lib/cisco_node_utils/environment.rb +110 -0
data/lib/cisco_node_utils/evpn_multicast.rb +66 -0
data/lib/cisco_node_utils/evpn_multisite.rb +96 -0
data/lib/cisco_node_utils/evpn_stormcontrol.rb +84 -0
data/lib/cisco_node_utils/evpn_vni.rb +159 -0
data/lib/cisco_node_utils/exceptions.rb +140 -0
data/lib/cisco_node_utils/fabricpath_global.rb +405 -0
data/lib/cisco_node_utils/fabricpath_topology.rb +137 -0
data/lib/cisco_node_utils/feature.rb +377 -0
data/lib/cisco_node_utils/hostname.rb +62 -0
data/lib/cisco_node_utils/hsrp_global.rb +97 -0
data/lib/cisco_node_utils/interface.rb +2128 -0
data/lib/cisco_node_utils/interface_channel_group.rb +142 -0
data/lib/cisco_node_utils/interface_evpn_multisite.rb +72 -0
data/lib/cisco_node_utils/interface_hsrp_group.rb +557 -0
data/lib/cisco_node_utils/interface_ospf.rb +378 -0
data/lib/cisco_node_utils/interface_portchannel.rb +180 -0
data/lib/cisco_node_utils/interface_service_vni.rb +132 -0
data/lib/cisco_node_utils/ip_multicast.rb +90 -0
data/lib/cisco_node_utils/itd_device_group.rb +228 -0
data/lib/cisco_node_utils/itd_device_group_node.rb +144 -0
data/lib/cisco_node_utils/itd_service.rb +511 -0
data/lib/cisco_node_utils/logger.rb +78 -0
data/lib/cisco_node_utils/name_server.rb +64 -0
data/lib/cisco_node_utils/node.rb +443 -0
data/lib/cisco_node_utils/node_util.rb +111 -0
data/lib/cisco_node_utils/ntp_auth_key.rb +67 -0
data/lib/cisco_node_utils/ntp_config.rb +83 -0
data/lib/cisco_node_utils/ntp_server.rb +86 -0
data/lib/cisco_node_utils/object_group.rb +75 -0
data/lib/cisco_node_utils/object_group_entry.rb +143 -0
data/lib/cisco_node_utils/overlay_global.rb +142 -0
data/lib/cisco_node_utils/pim.rb +131 -0
data/lib/cisco_node_utils/pim_group_list.rb +109 -0
data/lib/cisco_node_utils/pim_rp_address.rb +103 -0
data/lib/cisco_node_utils/platform.rb +217 -0
data/lib/cisco_node_utils/portchannel_global.rb +347 -0
data/lib/cisco_node_utils/radius_global.rb +165 -0
data/lib/cisco_node_utils/radius_server.rb +421 -0
data/lib/cisco_node_utils/radius_server_group.rb +117 -0
data/lib/cisco_node_utils/route_map.rb +2540 -0
data/lib/cisco_node_utils/router_ospf.rb +77 -0
data/lib/cisco_node_utils/router_ospf_area.rb +416 -0
data/lib/cisco_node_utils/router_ospf_area_vlink.rb +313 -0
data/lib/cisco_node_utils/router_ospf_vrf.rb +342 -0
data/lib/cisco_node_utils/snmp_notification_receiver.rb +176 -0
data/lib/cisco_node_utils/snmpcommunity.rb +109 -0
data/lib/cisco_node_utils/snmpgroup.rb +54 -0
data/lib/cisco_node_utils/snmpnotification.rb +57 -0
data/lib/cisco_node_utils/snmpserver.rb +132 -0
data/lib/cisco_node_utils/snmpuser.rb +403 -0
data/lib/cisco_node_utils/span_session.rb +149 -0
data/lib/cisco_node_utils/stp_global.rb +676 -0
data/lib/cisco_node_utils/syslog_facility.rb +64 -0
data/lib/cisco_node_utils/syslog_server.rb +146 -0
data/lib/cisco_node_utils/syslog_settings.rb +174 -0
data/lib/cisco_node_utils/tacacs_global.rb +137 -0
data/lib/cisco_node_utils/tacacs_server.rb +173 -0
data/lib/cisco_node_utils/tacacs_server_group.rb +149 -0
data/lib/cisco_node_utils/tacacs_server_host.rb +216 -0
data/lib/cisco_node_utils/upgrade.rb +122 -0
data/lib/cisco_node_utils/vdc.rb +118 -0
data/lib/cisco_node_utils/version.rb +21 -0
data/lib/cisco_node_utils/vlan.rb +301 -0
data/lib/cisco_node_utils/vpc.rb +466 -0
data/lib/cisco_node_utils/vrf.rb +192 -0
data/lib/cisco_node_utils/vrf_af.rb +327 -0
data/lib/cisco_node_utils/vtp.rb +125 -0
data/lib/cisco_node_utils/vxlan_vtep.rb +286 -0
data/lib/cisco_node_utils/vxlan_vtep_vni.rb +331 -0
data/lib/cisco_node_utils/yang.rb +160 -0
data/lib/cisco_node_utils/yum.rb +213 -0
data/lib/cisco_node_utils.rb +21 -0
data/lib/minitest/environment_plugin.rb +31 -0
data/lib/minitest/log_level_plugin.rb +41 -0
data/spec/client_spec.rb +7 -0
data/spec/environment_spec.rb +384 -0
data/spec/grpc_client_spec.rb +23 -0
data/spec/isolate/all_clients_spec.rb +9 -0
data/spec/isolate/grpc_only_spec.rb +16 -0
data/spec/isolate/no_clients_spec.rb +26 -0
data/spec/isolate/nxapi_only_spec.rb +16 -0
data/spec/nxapi_client_spec.rb +42 -0
data/spec/schema.yaml +82 -0
data/spec/shared_examples_for_clients.rb +14 -0
data/spec/spec_helper.rb +91 -0
data/spec/whitespace_spec.rb +10 -0
data/spec/yaml_spec.rb +42 -0
data/tests/.rubocop.yml +18 -0
data/tests/CSCuxdublin-1.0.0-7.0.3.I3.1.lib32_n9000.rpm +0 -0
data/tests/basetest.rb +243 -0
data/tests/ciscotest.rb +577 -0
data/tests/cmd_config.yaml +75 -0
data/tests/cmd_config_invalid.yaml +16 -0
data/tests/n9000_sample-1.0.0-7.0.3.x86_64.rpm +0 -0
data/tests/noop.rb +7 -0
data/tests/platform_info.rb +63 -0
data/tests/tacacs_server.yaml.example +6 -0
data/tests/test_aaa_authentication_login.rb +243 -0
data/tests/test_aaa_authentication_login_service.rb +761 -0
data/tests/test_aaa_authorization_service.rb +874 -0
data/tests/test_ace.rb +304 -0
data/tests/test_acl.rb +185 -0
data/tests/test_banner.rb +85 -0
data/tests/test_bfd_global.rb +272 -0
data/tests/test_bgp_af.rb +875 -0
data/tests/test_bgp_af_aa.rb +108 -0
data/tests/test_bgp_neighbor.rb +596 -0
data/tests/test_bgp_neighbor_af.rb +781 -0
data/tests/test_bridge_domain.rb +198 -0
data/tests/test_bridge_domain_vni.rb +109 -0
data/tests/test_client_utils.rb +111 -0
data/tests/test_cmn_utils.rb +76 -0
data/tests/test_command_config.rb +206 -0
data/tests/test_command_reference.rb +669 -0
data/tests/test_dhcp_relay_global.rb +286 -0
data/tests/test_dns_domain.rb +123 -0
data/tests/test_domain_name.rb +96 -0
data/tests/test_encapsulation.rb +75 -0
data/tests/test_evpn_multicast.rb +65 -0
data/tests/test_evpn_multisite.rb +70 -0
data/tests/test_evpn_stormcontrol.rb +56 -0
data/tests/test_evpn_vni.rb +131 -0
data/tests/test_fabricpath_global.rb +246 -0
data/tests/test_fabricpath_topology.rb +77 -0
data/tests/test_feature.rb +272 -0
data/tests/test_grpc.rb +166 -0
data/tests/test_hostname.rb +64 -0
data/tests/test_hsrp_global.rb +79 -0
data/tests/test_interface.rb +1958 -0
data/tests/test_interface_bdi.rb +80 -0
data/tests/test_interface_channel_group.rb +131 -0
data/tests/test_interface_evpn_multisite.rb +94 -0
data/tests/test_interface_hsrp.rb +134 -0
data/tests/test_interface_hsrp_group.rb +570 -0
data/tests/test_interface_ospf.rb +820 -0
data/tests/test_interface_portchannel.rb +135 -0
data/tests/test_interface_private_vlan.rb +365 -0
data/tests/test_interface_service_vni.rb +203 -0
data/tests/test_interface_svi.rb +210 -0
data/tests/test_interface_switchport.rb +468 -0
data/tests/test_ip_multicast.rb +80 -0
data/tests/test_itd_device_group.rb +145 -0
data/tests/test_itd_device_group_node.rb +199 -0
data/tests/test_itd_service.rb +314 -0
data/tests/test_logger.rb +43 -0
data/tests/test_name_server.rb +94 -0
data/tests/test_node.rb +50 -0
data/tests/test_node_ext.rb +406 -0
data/tests/test_node_util.rb +119 -0
data/tests/test_ntp_auth_key.rb +77 -0
data/tests/test_ntp_config.rb +100 -0
data/tests/test_ntp_server.rb +146 -0
data/tests/test_nxapi.rb +236 -0
data/tests/test_object_group.rb +122 -0
data/tests/test_overlay_global.rb +108 -0
data/tests/test_pim.rb +203 -0
data/tests/test_pim_group_list.rb +147 -0
data/tests/test_pim_rp_address.rb +155 -0
data/tests/test_platform.rb +254 -0
data/tests/test_portchannel_global.rb +322 -0
data/tests/test_radius_global.rb +108 -0
data/tests/test_radius_server.rb +377 -0
data/tests/test_radius_server_group.rb +151 -0
data/tests/test_route_map.rb +1479 -0
data/tests/test_router_bgp.rb +1325 -0
data/tests/test_router_ospf.rb +56 -0
data/tests/test_router_ospf_area.rb +433 -0
data/tests/test_router_ospf_area_vlink.rb +298 -0
data/tests/test_router_ospf_vrf.rb +690 -0
data/tests/test_snmp_notification_receiver.rb +169 -0
data/tests/test_snmpcommunity.rb +422 -0
data/tests/test_snmpgroup.rb +71 -0
data/tests/test_snmpnotification.rb +91 -0
data/tests/test_snmpserver.rb +251 -0
data/tests/test_snmpuser.rb +666 -0
data/tests/test_span_session.rb +155 -0
data/tests/test_stp_global.rb +575 -0
data/tests/test_syslog_facility.rb +80 -0
data/tests/test_syslog_server.rb +119 -0
data/tests/test_syslog_settings.rb +123 -0
data/tests/test_tacacs_global.rb +109 -0
data/tests/test_tacacs_server.rb +436 -0
data/tests/test_tacacs_server_group.rb +434 -0
data/tests/test_tacacs_server_host.rb +427 -0
data/tests/test_upgrade.rb +105 -0
data/tests/test_vdc.rb +64 -0
data/tests/test_vlan.rb +386 -0
data/tests/test_vlan_private.rb +656 -0
data/tests/test_vpc.rb +548 -0
data/tests/test_vrf.rb +248 -0
data/tests/test_vrf_af.rb +288 -0
data/tests/test_vtp.rb +278 -0
data/tests/test_vxlan_vtep.rb +327 -0
data/tests/test_vxlan_vtep_vni.rb +326 -0
data/tests/test_yang.rb +369 -0
data/tests/test_yum.rb +109 -0
data/tests/upgrade_info.yaml.example +3 -0
data/tests/yum_package.yaml +94 -0
metadata +534 -0

data/lib/cisco_node_utils/aaa_authorization_service.rb ADDED Viewed

@@ -0,0 +1,156 @@
+# NXAPI implementation of AaaAuthorizationService class
+#
+# May 2015, Alex Hunsberger
+#
+# Copyright (c) 2015-2016 Cisco and/or its affiliates.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require_relative 'node_util'
+module Cisco
+  # AaaAuthorizationService - node util class for aaa authorization management
+  class AaaAuthorizationService < NodeUtil
+    attr_reader :name, :type
+    def initialize(type, name, create=true)
+      fail TypeError unless name.is_a? String
+      fail TypeError unless type.is_a? Symbol
+      # only console and default are supported currently
+      fail ArgumentError unless %w(console default).include? name
+      fail ArgumentError unless
+        %i(commands config_commands ssh_certificate ssh_publickey).include? type
+      @name = name
+      @type = type
+      type_str = AaaAuthorizationService.auth_type_sym_to_str(type)
+      return unless create
+      config_set('aaa_authorization_service', 'method', '', type_str, name)
+    end
+    def self.remove_local_auth
+      config_get('aaa_authorization_service', 'remove_local_auth')
+    end
+    def self.services
+      servs = {}
+      servs_arr = config_get('aaa_authorization_service', 'services')
+      unless servs_arr.nil?
+        servs_arr.each do |type, name|
+          type = auth_type_str_to_sym(type)
+          servs[type] ||= {}
+          servs[type][name] = AaaAuthorizationService.new(type, name, false)
+        end
+      end
+      servs
+    end
+    def destroy
+      # must specify exact current config string to unconfigure
+      m = method
+      m_str = m == :unselected ? '' : m.to_s
+      g_str = groups.join(' ')
+      t_str = AaaAuthorizationService.auth_type_sym_to_str(@type)
+      if g_str.empty?
+        # cannot remove no groups + local, so do nothing in this case
+        unless m == :local
+          config_set('aaa_authorization_service', 'method',
+                     'no', t_str, @name)
+        end
+      else
+        # Removal of auth method local is not supported on all platforms.
+        m_str = AaaAuthorizationService.remove_local_auth ? m_str : ''
+        config_set('aaa_authorization_service', 'groups',
+                   'no', t_str, @name, g_str, m_str)
+      end
+    end
+    # groups aren't retrieved via the usual CLI regex memory type because
+    # there can be an arbitrary number of groups and specifying a repeating
+    # memory regex only captures the last match
+    # ex: aaa authorization console group group1 group2 group3 local
+    def groups
+      # config_get returns the following format:
+      # [{"appl_subtype": "console",
+      #   "cmd_type": "config-commands",
+      #   "methods": "group foo bar local "}], ...
+      hsh_arr = config_get('aaa_authorization_service', 'groups')
+      fail 'unable to retrieve aaa groups information' if hsh_arr.empty?
+      type_s = AaaAuthorizationService.auth_type_sym_to_str(@type)
+      hsh = hsh_arr.find do |x|
+        x['appl_subtype'] == @name && x['cmd_type'] == type_s
+      end
+      fail "no aaa info for #{@type},#{@name}" if hsh.nil?
+      fail "no aaa info for #{@type},#{@name}. api/feature change?" unless
+        hsh.key? 'methods'
+      # ex: ["group", "group1", "local"]
+      grps = hsh['methods'].strip.split
+      # return [] if grps.size == 1
+      # remove local, group keywords
+      grps -= %w(local group)
+      grps
+    end
+    # default is []
+    def default_groups
+      config_get_default('aaa_authorization_service', 'groups')
+    end
+    def method
+      t_str = AaaAuthorizationService.auth_type_sym_to_str(@type)
+      m = config_get('aaa_authorization_service', 'method', @name, t_str)
+      m.nil? ? :unselected : m.to_sym
+    end
+    # default is :local
+    def default_method
+      config_get_default('aaa_authorization_service', 'method')
+    end
+    # groups and method must be set in the same CLI string
+    # aaa authorization login <type> <name> /
+    #   local | group <group1 [group2, ...]> [local]
+    def groups_method_set(grps, m)
+      grps = Array(grps) unless grps.is_a? Array
+      fail TypeError unless grps.all? { |x| x.is_a? String }
+      fail TypeError unless m.is_a? Symbol
+      # only the following are supported (unselected = blank)
+      fail ArgumentError unless [:local, :unselected].include? m
+      # raise "type 'local' not allowed when groups are configured" if
+      #  m == :local and not grps.empty?
+      m_str = m == :unselected ? '' : m.to_s
+      g_str = grps.join(' ')
+      t_str = AaaAuthorizationService.auth_type_sym_to_str(@type)
+      # config_set depends on whether we're setting groups or not
+      if g_str.empty?
+        config_set('aaa_authorization_service', 'method',
+                   '', t_str, @name)
+      else
+        config_set('aaa_authorization_service', 'groups',
+                   '', t_str, @name, g_str, m_str)
+      end
+    end
+    def self.auth_type_sym_to_str(sym)
+      sym.to_s.sub('_', '-')
+    end
+    def self.auth_type_str_to_sym(str)
+      str.sub('-', '_').to_sym
+    end
+  end
+end

data/lib/cisco_node_utils/ace.rb ADDED Viewed

@@ -0,0 +1,467 @@
+# Copyright (c) 2015-2018 Cisco and/or its affiliates.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require 'ipaddr'
+require_relative 'node_util'
+module Cisco
+  # Ace - node utility class for Ace Configuration
+  class Ace < NodeUtil
+    attr_reader :afi, :acl_name
+    def initialize(afi, acl_name, seqno)
+      @afi = Acl.afi_cli(afi)
+      @acl_name = acl_name.to_s
+      @seqno = seqno.to_s
+      set_args_keys_default
+    end
+    # Create a hash of all aces under a given acl_name.
+    def self.aces
+      afis = %w(ipv4 ipv6)
+      hash = {}
+      afis.each do |afi|
+        hash[afi] = {}
+        acls = config_get('acl', 'all_acls', afi: Acl.afi_cli(afi))
+        next if acls.nil?
+        acls.each do |acl_name|
+          hash[afi][acl_name] = {}
+          aces = config_get('acl', 'all_aces',
+                            afi: Acl.afi_cli(afi), acl_name: acl_name)
+          next if aces.nil?
+          aces.each do |seqno|
+            hash[afi][acl_name][seqno] = Ace.new(afi, acl_name, seqno)
+          end
+        end
+      end
+      hash
+    end
+    def destroy
+      set_args_keys(state: 'no')
+      config_set('acl', 'ace_destroy', @set_args)
+    end
+    def set_args_keys_default
+      keys = { afi: @afi, acl_name: @acl_name, seqno: @seqno }
+      @get_args = @set_args = keys
+    end
+    # rubocop:disable Style/AccessorMethodName
+    def set_args_keys(hash={})
+      set_args_keys_default
+      @set_args = @get_args.merge!(hash) unless hash.empty?
+    end
+    # common ace getter
+    def ace_get
+      str = config_get('acl', 'ace', @get_args)
+      return nil if str.nil?
+      remark = Regexp.new('(?<seqno>\d+) remark (?<remark>.*)').match(str)
+      return remark unless remark.nil?
+      # specialized icmp protocol handling
+      return icmp_ace_get(str) if str.include?('icmp')
+      # rubocop:disable Metrics/LineLength
+      regexp = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
+                 ' *(?<proto>\d+|\S+)'\
+                 ' *(?<src_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<src_port>range \S+ \S+|(lt|eq|gt|neq|portgroup) \S+)?'\
+                 ' *(?<dst_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<dst_port>range \S+ \S+|(lt|eq|gt|neq|portgroup) \S+)?'\
+                 ' *(?<tcp_flags>(ack *|fin *|urg *|syn *|psh *|rst *)*)?'\
+                 ' *(?<established>established)?'\
+                 ' *(?<precedence>precedence \S+)?'\
+                 ' *(?<dscp>dscp \S+)?'\
+                 ' *(?<time_range>time-range \S+)?'\
+                 ' *(?<packet_length>packet-length (range \d+ \d+|(lt|eq|gt|neq) \d+))?'\
+                 ' *(?<ttl>ttl \d+)?'\
+                 ' *(?<http_method>http-method (\d+|connect|delete|get|head|post|put|trace))?'\
+                 ' *(?<tcp_option_length>tcp-option-length \d+)?'\
+                 ' *(?<redirect>redirect \S+)?'\
+                 ' *(?<log>log)?')
+      # rubocop:enable Metrics/LineLength
+      regexp.match(str)
+    end
+    # icmp ace getter
+    def icmp_ace_get(str)
+      # rubocop:disable Metrics/LineLength
+      # fragments is nvgen at a different location than all other
+      # proto_option so get rid of it so as not to mess up other fields
+      str.sub!('fragments ', '')
+      regexp = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
+                 ' *(?<proto>\d+|\S+)'\
+                 ' *(?<src_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<dst_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<proto_option>\S+)?'\
+                 ' *(?<precedence>precedence \S+)?'\
+                 ' *(?<dscp>dscp \S+)?'\
+                 ' *(?<time_range>time-range \S+)?'\
+                 ' *(?<packet_length>packet-length (range \d+ \d+|(lt|eq|gt|neq) \d+))?'\
+                 ' *(?<ttl>ttl \d+)?'\
+                 ' *(?<vlan>vlan \d+)?'\
+                 ' *(?<set_erspan_gre_proto>set-erspan-gre-proto \d+)?'\
+                 ' *(?<set_erspan_dscp>set-erspan-dscp \d+)?'\
+                 ' *(?<redirect>redirect \S+)?')
+      regexp_no_proto_option = Regexp.new('(?<seqno>\d+) (?<action>\S+)'\
+                 ' *(?<proto>\d+|\S+)'\
+                 ' *(?<src_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<dst_addr>any|host \S+|[:\.0-9a-fA-F]+ [:\.0-9a-fA-F]+|[:\.0-9a-fA-F]+\/\d+|addrgroup \S+)'\
+                 ' *(?<precedence>precedence \S+)?'\
+                 ' *(?<dscp>dscp \S+)?'\
+                 ' *(?<time_range>time-range \S+)?'\
+                 ' *(?<packet_length>packet-length (range \d+ \d+|(lt|eq|gt|neq) \d+))?'\
+                 ' *(?<ttl>ttl \d+)?'\
+                 ' *(?<vlan>vlan \d+)?'\
+                 ' *(?<set_erspan_gre_proto>set-erspan-gre-proto \d+)?'\
+                 ' *(?<set_erspan_dscp>set-erspan-dscp \d+)?'\
+                 ' *(?<redirect>redirect \S+)?')
+      temp = regexp.match(str)
+      po = temp[:proto_option]
+      if po.nil?
+        return temp
+      # redirect can be proto_option or an actual redirect to interface
+      elsif po.strip.match(/redirect$/)
+        if str.match(/Ethernet|port-channel/)
+          # if proto_option is given as redirect and also redirect to intf
+          # we need to do extra processing
+          return temp if check_redirect_repeat(str)
+          return regexp_no_proto_option.match(str)
+        end
+      # the reserved keywords check
+      elsif po.strip.match(/precedence$|dscp$|time-range$|packet-length$|ttl$|vlan$|set-erspan-gre-proto$|set-erspan-dscp$|log$/)
+        return regexp_no_proto_option.match(str)
+      else
+        return temp
+      end
+      # rubocop:enable Metrics/LineLength
+    end
+    # common ace setter. Put the values you need in a hash and pass it in.
+    # attrs = {:action=>'permit', :proto=>'tcp', :src =>'host 1.1.1.1'}
+    def ace_set(attrs)
+      if attrs.empty?
+        attrs[:state] = 'no'
+      else
+        # remove existing ace first
+        destroy if seqno
+        attrs[:state] = ''
+      end
+      if attrs[:remark]
+        cmd = 'ace_remark'
+        set_args_keys(attrs)
+      else
+        cmd = 'ace'
+        set_args_keys_default
+        set_args_keys(attrs)
+        [:action,
+         :proto,
+         :src_addr,
+         :src_port,
+         :dst_addr,
+         :dst_port,
+         :tcp_flags,
+         :established,
+         :precedence,
+         :dscp,
+         :time_range,
+         :packet_length,
+         :ttl,
+         :http_method,
+         :tcp_option_length,
+         :redirect,
+         :log,
+         :proto_option,
+         :set_erspan_dscp,
+         :set_erspan_gre_proto,
+         :vlan,
+        ].each do |p|
+          attrs[p] = '' if attrs[p].nil?
+          send(p.to_s + '=', attrs[p])
+        end
+        @get_args = @set_args
+      end
+      config_set('acl', cmd, @set_args)
+    end
+    def valid_ipv6?(addr)
+      begin
+        ret = IPAddr.new(addr.split[0]).ipv6?
+      rescue
+        ret = false
+      end
+      ret
+    end
+    def check_redirect_repeat(str)
+      return false unless str.include?('redirect')
+      nstr = str.sub('redirect', '').strip
+      nstr.include?('redirect') ? true : false
+    end
+    # PROPERTIES
+    # ----------
+    def seqno
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('seqno') ? match[:seqno] : nil
+    end
+    def action
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('action') ? match[:action] : nil
+    end
+    def action=(action)
+      @set_args[:action] = action
+    end
+    def remark
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('remark') ? match[:remark] : nil
+    end
+    def remark=(remark)
+      @set_args[:remark] = remark
+    end
+    def proto
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('proto') ? match[:proto] : nil
+    end
+    def proto=(proto)
+      @set_args[:proto] = proto # TBD ip vs ipv4
+    end
+    def src_addr
+      match = ace_get
+      return nil if match.nil? || !match.names.include?('src_addr')
+      addr = match[:src_addr]
+      # Normalize addr. Some platforms zero_pad ipv6 addrs.
+      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':') if valid_ipv6?(addr)
+      addr
+    end
+    def src_addr=(src_addr)
+      @set_args[:src_addr] = src_addr
+    end
+    def src_port
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('src_port') ? match[:src_port] : nil
+    end
+    def src_port=(src_port)
+      @set_args[:src_port] = src_port
+    end
+    def dst_addr
+      match = ace_get
+      return nil if match.nil? || !match.names.include?('dst_addr')
+      addr = match[:dst_addr]
+      # Normalize addr. Some platforms zero_pad ipv6 addrs.
+      addr.gsub!(/^0*/, '').gsub!(/:0*/, ':') if valid_ipv6?(addr)
+      addr
+    end
+    def dst_addr=(dst_addr)
+      @set_args[:dst_addr] = dst_addr
+    end
+    def dst_port
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('dst_port') ? match[:dst_port] : nil
+    end
+    def dst_port=(src_port)
+      @set_args[:dst_port] = src_port
+    end
+    def tcp_flags
+      match = ace_get
+      return nil if match.nil?
+      match.names.include?('tcp_flags') ? match[:tcp_flags].strip : nil
+    end
+    def tcp_flags=(tcp_flags)
+      @set_args[:tcp_flags] = tcp_flags.strip
+    end
+    def established
+      match = ace_get
+      return nil unless remark.nil?
+      return false if match.nil?
+      return false unless match.names.include?('established')
+      match[:established] == 'established' ? true : false
+    end
+    def established=(established)
+      @set_args[:established] = established.to_s == 'true' ? 'established' : ''
+    end
+    def precedence
+      Utils.extract_value(ace_get, 'precedence')
+    end
+    def precedence=(precedence)
+      @set_args[:precedence] = Utils.attach_prefix(precedence, :precedence)
+    end
+    def dscp
+      Utils.extract_value(ace_get, 'dscp')
+    end
+    def dscp=(dscp)
+      @set_args[:dscp] = Utils.attach_prefix(dscp, :dscp)
+    end
+    def vlan
+      Utils.extract_value(ace_get, 'vlan')
+    end
+    def vlan=(vlan)
+      @set_args[:vlan] = Utils.attach_prefix(vlan, :vlan)
+    end
+    def set_erspan_dscp
+      ret = Utils.extract_value(ace_get, 'set_erspan_dscp', 'set-erspan-dscp')
+      return ret if ret
+      # position of set_erspan_dscp is different in older release so check again
+      str = config_get('acl', 'ace', @get_args)
+      sstr = str.split
+      return sstr[sstr.index('set-erspan-dscp') + 1] if
+        sstr.include?('set-erspan-dscp')
+    end
+    def set_erspan_dscp=(set_erspan_dscp)
+      @set_args[:set_erspan_dscp] = Utils.attach_prefix(set_erspan_dscp,
+                                                        :set_erspan_dscp,
+                                                        'set-erspan-dscp')
+    end
+    def set_erspan_gre_proto
+      ret = Utils.extract_value(ace_get, 'set_erspan_gre_proto',
+                                'set-erspan-gre-proto')
+      return ret if ret
+      # position of set_erspan_gre_proto is different in older release
+      # so check again
+      str = config_get('acl', 'ace', @get_args)
+      sstr = str.split
+      return sstr[sstr.index('set-erspan-gre-proto') + 1] if
+        sstr.include?('set-erspan-gre-proto')
+    end
+    def set_erspan_gre_proto=(set_erspan_gre_proto)
+      @set_args[:set_erspan_gre_proto] =
+          Utils.attach_prefix(set_erspan_gre_proto,
+                              :set_erspan_gre_proto,
+                              'set-erspan-gre-proto')
+    end
+    def time_range
+      Utils.extract_value(ace_get, 'time_range', 'time-range')
+    end
+    def time_range=(time_range)
+      @set_args[:time_range] = Utils.attach_prefix(time_range,
+                                                   :time_range,
+                                                   'time-range')
+    end
+    def packet_length
+      Utils.extract_value(ace_get, 'packet_length', 'packet-length')
+    end
+    def packet_length=(packet_length)
+      @set_args[:packet_length] = Utils.attach_prefix(packet_length,
+                                                      :packet_length,
+                                                      'packet-length')
+    end
+    def ttl
+      Utils.extract_value(ace_get, 'ttl')
+    end
+    def ttl=(ttl)
+      @set_args[:ttl] = Utils.attach_prefix(ttl, :ttl)
+    end
+    def http_method
+      Utils.extract_value(ace_get, 'http_method', 'http-method')
+    end
+    def http_method=(http_method)
+      @set_args[:http_method] = Utils.attach_prefix(http_method,
+                                                    :http_method,
+                                                    'http-method')
+    end
+    def tcp_option_length
+      Utils.extract_value(ace_get, 'tcp_option_length', 'tcp-option-length')
+    end
+    def tcp_option_length=(tcp_option_length)
+      @set_args[:tcp_option_length] = Utils.attach_prefix(tcp_option_length,
+                                                          :tcp_option_length,
+                                                          'tcp-option-length')
+    end
+    def redirect
+      Utils.extract_value(ace_get, 'redirect')
+    end
+    def redirect=(redirect)
+      @set_args[:redirect] = Utils.attach_prefix(redirect, :redirect)
+    end
+    def proto_option
+      match = ace_get
+      return nil if match.nil? || proto != 'icmp' || !remark.nil?
+      # fragments is nvgen at a different location than all other
+      # proto_option
+      if config_get('acl', 'ace', @get_args).include?('fragments')
+        return 'fragments'
+      end
+      # log is special case
+      return nil if !match.names.include?('proto_option') ||
+                    match[:proto_option] == 'log'
+      match[:proto_option]
+    end
+    def proto_option=(proto_option)
+      @set_args[:proto_option] = proto_option
+    end
+    def log
+      return nil unless remark.nil?
+      config_get('acl', 'ace', @get_args).include?('log') ? true : false
+    end
+    def log=(log)
+      @set_args[:log] = log.to_s == 'true' ? 'log' : ''
+    end
+  end
+end