1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Auth to become (#33319)

* terminal.on_(de)?authorize -> terminal.on_(un)?become

* Update network_cli

* Readd on_(de)?authorize as wrappers

* Update tests
This commit is contained in:
Nathaniel Case 2017-11-28 16:28:58 -05:00 committed by GitHub
parent 53d9f9ffae
commit a1da3dc997
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 35 additions and 23 deletions

View file

@ -144,11 +144,11 @@ class Connection(ConnectionBase):
messages = ['updating play_context for connection']
if self._play_context.become is False and play_context.become is True:
auth_pass = play_context.become_pass
self._terminal.on_authorize(passwd=auth_pass)
self._terminal.on_become(passwd=auth_pass)
messages.append('authorizing connection')
elif self._play_context.become is True and not play_context.become:
self._terminal.on_deauthorize()
self._terminal.on_unbecome()
messages.append('deauthorizing connection')
self._play_context = play_context
@ -196,9 +196,9 @@ class Connection(ConnectionBase):
self._terminal.on_open_shell()
if self._play_context.become and self._play_context.become_method == 'enable':
display.vvvv('firing event: on_authorize', host=self._play_context.remote_addr)
display.vvvv('firing event: on_become', host=self._play_context.remote_addr)
auth_pass = self._play_context.become_pass
self._terminal.on_authorize(passwd=auth_pass)
self._terminal.on_become(passwd=auth_pass)
display.vvvv('ssh connection has completed successfully', host=self._play_context.remote_addr)
self._connected = True

View file

@ -91,7 +91,7 @@ class TerminalBase(with_metaclass(ABCMeta, object)):
"""
pass
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
"""Called when privilege escalation is requested
:kwarg passwd: String containing the password
@ -103,7 +103,7 @@ class TerminalBase(with_metaclass(ABCMeta, object)):
"""
pass
def on_deauthorize(self):
def on_unbecome(self):
"""Called when privilege deescalation is requested
This method is called when the privilege changed from escalated
@ -111,3 +111,15 @@ class TerminalBase(with_metaclass(ABCMeta, object)):
of this method to actually perform the deauthorization procedure
"""
pass
def on_authorize(self, passwd=None):
"""Deprecated method for privilege escalation
:kwarg passwd: String containing the password
"""
return self.on_become(passwd)
def on_deauthorize(self):
"""Deprecated method for privilege deescalation
"""
return self.on_unbecome()

View file

@ -50,7 +50,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to disable terminal pager')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().strip().endswith(b'#'):
return

View file

@ -53,7 +53,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith(b'#'):
return
@ -67,7 +67,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -42,7 +42,7 @@ class TerminalModule(TerminalBase):
re.compile(br"'[^']' +returned error code: ?\d+"),
]
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith('#'):
return
@ -60,7 +60,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -51,7 +51,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith(b'#'):
return
@ -65,7 +65,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -67,7 +67,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith(b'#'):
return
@ -87,7 +87,7 @@ class TerminalModule(TerminalBase):
msg = 'unable to elevate privilege to enable mode'
raise AnsibleConnectionFailure(msg)
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -55,7 +55,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith(b'#'):
return
@ -69,7 +69,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -52,7 +52,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to set terminal parameters')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().endswith(b'#'):
return
@ -68,7 +68,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -48,7 +48,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to disable terminal pager')
def on_authorize(self, passwd=None):
def on_become(self, passwd=None):
if self._get_prompt().strip().endswith(b'#'):
return
@ -64,7 +64,7 @@ class TerminalModule(TerminalBase):
except AnsibleConnectionFailure:
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode')
def on_deauthorize(self):
def on_unbecome(self):
prompt = self._get_prompt()
if prompt is None:
# if prompt is None most likely the terminal is hung up at a prompt

View file

@ -74,7 +74,7 @@ class TestConnectionClass(unittest.TestCase):
conn._connect()
self.assertTrue(conn._terminal.on_open_shell.called)
self.assertFalse(conn._terminal.on_authorize.called)
self.assertFalse(conn._terminal.on_become.called)
conn._play_context.become = True
conn._play_context.become_method = 'enable'
@ -82,7 +82,7 @@ class TestConnectionClass(unittest.TestCase):
conn._connected = False
conn._connect()
conn._terminal.on_authorize.assert_called_with(passwd='password')
conn._terminal.on_become.assert_called_with(passwd='password')
@patch("ansible.plugins.connection.paramiko_ssh.Connection.close")
def test_network_cli_close(self, mocked_super):