junos_user declarative module changes (#26475)

* junos_user declarative module changes

*  Active/Deactivate support
*  junos_user integration test
*  net_user intergration test for junos

* Add version_added for active param

lib/ansible/modules/network/junos/junos_user.py

@@ -91,6 +91,12 @@ options:
     required: false
     default: present
     choices: ['present', 'absent']
+  active:
+    description:
+      - Specifies whether or not the configuration is active or deactivated
+    default: True
+    choices: [True, False]
+    version_added: "2.4"
 requirements:
   - ncclient (>=v0.5.2)
 notes:
@@ -160,6 +166,11 @@ def map_obj_to_ele(want):
         SubElement(user, 'name').text = item['name']
 
         if operation == 'replace':
+            if item['active']:
+                user.set('active', 'active')
+            else:
+                user.set('inactive', 'inactive')
+
             SubElement(user, 'class').text = item['role']
 
             if item.get('full_name'):
@@ -220,7 +231,8 @@ def map_params_to_obj(module):
             'full_name': get_value('full_name'),
             'role': get_value('role'),
             'sshkey': get_value('sshkey'),
-            'state': get_value('state')
+            'state': get_value('state'),
+            'active': get_value('active')
         })
 
         for key, value in iteritems(item):
@@ -247,7 +259,8 @@ def main():
 
         purge=dict(type='bool'),
 
-        state=dict(choices=['present', 'absent'], default='present')
+        state=dict(choices=['present', 'absent'], default='present'),
+        active=dict(default=True, type='bool')
     )
 
     mutually_exclusive = [('users', 'name')]

test/integration/junos.yaml

@@ -92,6 +92,13 @@
       rescue:
         - set_fact: test_failed=true
 
+    - block:
+      - include_role:
+          name: junos_user
+        when: "limit_to in ['*', 'junos_user']"
+      rescue:
+        - set_fact: test_failed=true
+
 ###########
     - name: Has any previous test failed?
       fail:

test/integration/targets/junos_user/defaults/main.yaml

@@ -0,0 +1,3 @@
+---
+testcase: "*"
+test_cases: []

test/integration/targets/junos_user/tasks/main.yaml

@@ -0,0 +1,2 @@
+---
+- { include: netconf.yaml, tags: ['netconf'] }

test/integration/targets/junos_user/tasks/netconf.yaml

@@ -0,0 +1,15 @@
+---
+- name: collect netconf test cases
+  find:
+    paths: "{{ role_path }}/tests/netconf"
+    patterns: "{{ testcase }}.yaml"
+  register: test_cases
+
+- name: set test_items
+  set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
+
+- name: run test case
+  include: "{{ test_case_to_run }}"
+  with_items: "{{ test_items }}"
+  loop_control:
+    loop_var: test_case_to_run

test/integration/targets/junos_user/tests/netconf/basic.yaml

@@ -0,0 +1,170 @@
+---
+- debug: msg="START junos_user netconf/basic.yaml"
+
+- name: setup - remove user
+  junos_user:
+    name: test_user
+    state: absent
+    provider: "{{ netconf }}"
+
+- name: Create user
+  junos_user:
+    name: test_user
+    state: present
+    full_name: test_user
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user</name>' in config.xml"
+      - "'<full-name>test_user</full-name>' in config.xml"
+      - "'<class>read-only</class>' in config.xml"
+
+- name: Create user again (idempotent)
+  junos_user:
+    name: test_user
+    state: present
+    full_name: test_user
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- assert:
+    that:
+      - "result.changed == false"
+
+- name: Deactivate user
+  junos_user:
+    name: test_user
+    state: present
+    full_name: test_user
+    role: operator
+    active: False
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<user inactive=\"inactive\">' in config.xml"
+      - "'<name>test_user</name>' in config.xml"
+
+- name: Activate user
+  junos_user:
+    name: test_user
+    state: present
+    full_name: test_user
+    role: operator
+    active: True
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user</name>' in config.xml"
+      - "'<full-name>test_user</full-name>' in config.xml"
+      - "'<class>read-only</class>' in config.xml"
+
+- name: Delete user
+  junos_user:
+    name: test_user
+    state: absent
+    full_name: test_user
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user</name>' not in config.xml"
+      - "'<full-name>test_user</full-name>' not in config.xml"
+
+- name: Delete user again (idempotent check)
+  junos_user:
+    name: test_user
+    state: absent
+    full_name: test_user
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- assert:
+    that:
+      - "result.changed == false"
+
+- name: Teardown list of users
+  junos_user:
+    collection:
+      - {name: test_user1, state: absent}
+      - {name: test_user2, state: absent}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Create list of users
+  junos_user:
+    collection:
+      - {name: test_user1, full_name: test_user2, role: operator, state: present}
+      - {name: test_user2, full_name: test_user2, role: read-only, state: present}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user1</name>' in config.xml"
+      - "'<name>test_user2</name>' in config.xml"
+
+- name: Delete list of users
+  junos_user:
+    collection:
+      - {name: test_user1, full_name: test_user2, role: operator, state: absent}
+      - {name: test_user2, full_name: test_user2, role: read-only, state: absent}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user1</name>' not in config.xml"
+      - "'<name>test_user2</name>' not in config.xml"

test/integration/targets/net_user/tasks/main.yaml

@@ -1,2 +1,3 @@
 ---
 - { include: cli.yaml, tags: ['cli'] }
+- { include: netconf.yaml, tags: ['netconf'] }

test/integration/targets/net_user/tasks/netconf.yaml

@@ -0,0 +1,16 @@
+---
+- name: collect all netconf test cases
+  find:
+    paths: "{{ role_path }}/tests/netconf"
+    patterns: "{{ testcase }}.yaml"
+  register: test_cases
+  delegate_to: localhost
+
+- name: set test_items
+  set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
+
+- name: run test case
+  include: "{{ test_case_to_run }}"
+  with_items: "{{ test_items }}"
+  loop_control:
+    loop_var: test_case_to_run

test/integration/targets/net_user/tests/junos/basic.yaml

@@ -0,0 +1,120 @@
+---
+- debug: msg="START net_user junos/basic.yaml"
+
+- name: setup - remove user
+  net_user:
+    name: test_user
+    state: absent
+    provider: "{{ netconf }}"
+
+- name: Create user
+  net_user:
+    name: test_user
+    state: present
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user</name>' in config.xml"
+      - "'<class>read-only</class>' in config.xml"
+
+- name: Create user again (idempotent)
+  net_user:
+    name: test_user
+    state: present
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- assert:
+    that:
+      - "result.changed == false"
+
+- name: Delete user
+  net_user:
+    name: test_user
+    state: absent
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user</name>' not in config.xml"
+      - "'<full-name>test_user</full-name>' not in config.xml"
+
+- name: Delete user again (idempotent check)
+  net_user:
+    name: test_user
+    state: absent
+    role: operator
+    provider: "{{ netconf }}"
+  register: result
+
+- assert:
+    that:
+      - "result.changed == false"
+
+- name: Teardown list of users
+  net_user:
+    collection:
+      - {name: test_user1, state: absent}
+      - {name: test_user2, state: absent}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Create list of users
+  net_user:
+    collection:
+      - {name: test_user1, role: operator, state: present}
+      - {name: test_user2, role: read-only, state: present}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user1</name>' in config.xml"
+      - "'<name>test_user2</name>' in config.xml"
+
+- name: Delete list of users
+  net_user:
+    collection:
+      - {name: test_user1, role: operator, state: absent}
+      - {name: test_user2, role: read-only, state: absent}
+    provider: "{{ netconf }}"
+  register: result
+
+- name: Get running configuration
+  junos_rpc:
+    rpc: get-configuration
+    provider: "{{ netconf }}"
+  register: config
+
+- assert:
+    that:
+      - "result.changed == true"
+      - "'<name>test_user1</name>' not in config.xml"
+      - "'<name>test_user2</name>' not in config.xml"

test/integration/targets/net_user/tests/netconf/basic.yaml

@@ -0,0 +1,3 @@
+---
+- include: "{{ role_path }}/tests/junos/basic.yaml"
+  when: hostvars[inventory_hostname]['ansible_network_os'] == 'junos'