Add category support for alias/_multi/_purge

ansibleguy · Jan 18, 2025 · fadada2 · fadada2
1 parent 6e40e0b
commit fadada2
Show file tree

Hide file tree

Showing 5 changed files with 280 additions and 3 deletions.
diff --git a/plugins/module_utils/defaults/alias.py b/plugins/module_utils/defaults/alias.py
@@ -19,7 +19,8 @@
     'description': ['desc'],
     'state': ['st'],
     'enabled': ['en'],
-    'interface': ['int', 'if']
+    'interface': ['int', 'if'],
+    'categories': ['cat'],
 }
 
 ALIAS_MOD_ARGS = dict(
@@ -46,6 +47,11 @@
         aliases=ALIAS_MOD_ARG_ALIASES['interface'], required=False,
         description=' Select the interface for the V6 dynamic IP.',
     ),
+    categories=dict(
+        type='list', requird=False,
+        aliases=ALIAS_MOD_ARG_ALIASES['categories'], elements='str',
+        description='Select the categories for the alias.',
+    ),
     **STATE_MOD_ARG,
     **OPN_MOD_ARGS,
 )
diff --git a/plugins/module_utils/main/alias.py b/plugins/module_utils/main/alias.py
@@ -23,7 +23,7 @@ class Alias(BaseModule):
     API_KEY_PATH = 'alias.aliases.alias'
     API_MOD = 'firewall'
     API_CONT = 'alias'
-    FIELDS_CHANGE = ['content', 'description']
+    FIELDS_CHANGE = ['content', 'description', 'categories']
     FIELDS_ALL = ['name', 'type', 'enabled']
     FIELDS_ALL.extend(FIELDS_CHANGE)
     FIELDS_ALL.extend(['updatefreq_days', 'interface'])
@@ -33,6 +33,7 @@ class Alias(BaseModule):
     FIELDS_TYPING = {
         'bool': ['enabled'],
         'select': ['type', 'interface'],
+        'list': ['categories'],
     }
     EXIST_ATTR = 'alias'
     JOIN_CHAR = '\n'
@@ -69,6 +70,18 @@ def check(self) -> None:
         if self.p['state'] == 'present':
             validate_values(error_func=self._error, cnf=self.p)
 
+            if not is_unset(self.p['categories']):
+                self.existing_categories = self.s.get(cnf={
+                    **self.call_cnf,
+                    'controller': 'category',
+                    'command': 'get',
+                })
+                self.p['categories'] = [
+                    k
+                    for k,v in self.existing_categories['category']['categories']['category'].items()
+                    if v['name'] in self.p['categories']
+                ]
+
         self.b.find(match_fields=[self.FIELD_ID])
 
         if self.p['state'] == 'present':
@@ -139,3 +152,7 @@ def get_existing(self) -> list:
                 simplify_func=self.simplify_existing,
             )
         )
+
+    def _build_request(self) -> dict:
+        self.p['categories'] = ','.join(self.p['categories'])
+        return self.b.build_request()
diff --git a/plugins/module_utils/main/alias_purge.py b/plugins/module_utils/main/alias_purge.py
@@ -58,6 +58,18 @@ def obj_func(alias_to_purge: dict) -> Alias:
                 )
 
     else:
+        if not is_unset(p['filters']) and 'categories' in p['filters']:
+            existing_categories = meta_alias.s.get(cnf={
+                **meta_alias.call_cnf,
+                'controller': 'category',
+                'command': 'get',
+            })
+            p['filters']['categories'] = [
+                k
+                for k, v in existing_categories['category']['categories']['category'].items()
+                if v['name'] in p['filters']['categories']
+            ]
+
         # checking if existing alias should be purged
         for alias in existing_aliases:
             if not builtin_alias(name=alias['name']):
@@ -69,7 +81,7 @@ def obj_func(alias_to_purge: dict) -> Alias:
                 if to_purge:
                     if p['debug']:
                         m.warn(
-                            f"Existing alias '{alias[p['key_field']]}' "
+                            f"Existing alias '{alias['name']}' "
                             f"will be purged!"
                         )
 

diff --git a/scripts/test.sh b/scripts/test.sh
@@ -59,6 +59,7 @@ run_test '1_dependencies' 0
 run_test 'alias' 1
 run_test 'alias_multi' 1
 run_test 'alias_purge' 0
+run_test 'alias_category' 0 # check mode => dependency on category
 run_test 'rule' 1
 run_test 'rule_multi' 1
 run_test 'rule_purge' 0
@@ -161,6 +162,7 @@ run_test 'acme_account' 1
 run_test 'acme_validation' 1
 run_test 'acme_action' 1
 run_test 'acme_certificate' 0  # check mode => dependency on other acme-entries
+run_test 'category' 1
 
 echo ''
 echo '##############################'

diff --git a/tests/alias_category.yml b/tests/alias_category.yml
@@ -0,0 +1,240 @@
+---
+- name: Setup Test dummy
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_1'
+        color: ff0000
+
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_2'
+        color: 00ff00
+
+- name: Testing Alias - category
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding 1
+      ansibleguy.opnsense.alias:
+        name: 'ANSIBLE_TEST_1_1'
+        categories: 'ANSIBLE_TEST_DUMMY_1_1'
+        content: '1.1.1.1'
+      register: opn1
+      failed_when: >
+        not opn1.changed or
+        opn1.failed
+
+    - name: Nothing changed
+      ansibleguy.opnsense.alias:
+        name: 'ANSIBLE_TEST_1_1'
+        categories: 'ANSIBLE_TEST_DUMMY_1_1'
+        content: '1.1.1.1'
+      register: opn3
+      failed_when: >
+        opn3.changed or
+        opn3.failed
+
+    - name: Changing
+      ansibleguy.opnsense.alias:
+        name: 'ANSIBLE_TEST_1_1'
+        categories:
+          - 'ANSIBLE_TEST_DUMMY_1_1'
+          - 'ANSIBLE_TEST_DUMMY_1_2'
+        content: '1.1.1.1'
+      register: opn4
+      failed_when: >
+        not opn4.changed or
+        opn4.failed
+
+    - name: Changing
+      ansibleguy.opnsense.alias:
+        name: 'ANSIBLE_TEST_1_1'
+        categories:
+          - 'ANSIBLE_TEST_DUMMY_1_2'
+        content: '1.1.1.1'
+      register: opn4
+      failed_when: >
+        not opn4.changed or
+        opn4.failed
+
+    - name: Removing
+      ansibleguy.opnsense.alias:
+        name: 'ANSIBLE_TEST_1_1'
+        state: 'absent'
+      register: opn4
+      failed_when: >
+        not opn4.changed or
+        opn4.failed
+
+- name: Testing Multiple Alias - category
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding
+      ansibleguy.opnsense.alias_multi:
+        aliases:
+          ANSIBLE_TEST_2_1:
+            content: '192.168.1.1'
+            categories: 'ANSIBLE_TEST_DUMMY_1_1'
+          ANSIBLE_TEST_2_2:
+            content: '192.168.1.2'
+            categories: 'ANSIBLE_TEST_DUMMY_1_1'
+        reload: false  # geoip and urltable take LONG time
+      register: opn5
+      failed_when: >
+        opn5.failed or
+        not opn5.changed
+
+    - name: Changing
+      ansibleguy.opnsense.alias_multi:
+        aliases:
+          ANSIBLE_TEST_2_1:
+            content: '192.168.1.1'
+            categories: 'ANSIBLE_TEST_DUMMY_1_2'
+          ANSIBLE_TEST_2_2:
+            content: '192.168.1.2'
+            categories: ['ANSIBLE_TEST_DUMMY_1_1', 'ANSIBLE_TEST_DUMMY_1_2']
+        reload: false  # geoip and urltable take LONG time
+      register: opn5
+      failed_when: >
+        opn5.failed or
+        not opn5.changed
+
+    - name: Not Changing
+      ansibleguy.opnsense.alias_multi:
+        aliases:
+          ANSIBLE_TEST_2_1:
+            content: '192.168.1.1'
+            categories: 'ANSIBLE_TEST_DUMMY_1_2'
+          ANSIBLE_TEST_2_2:
+            content: '192.168.1.2'
+            categories: ['ANSIBLE_TEST_DUMMY_1_1', 'ANSIBLE_TEST_DUMMY_1_2']
+        reload: false  # geoip and urltable take LONG time
+      register: opn6
+      failed_when: >
+        opn6.failed or
+        opn6.changed
+
+    - name: Removing
+      ansibleguy.opnsense.alias_multi:
+        aliases:
+          ANSIBLE_TEST_2_1:
+          ANSIBLE_TEST_2_2:
+        state: 'absent'
+
+- name: Testing Purging of Alias - category
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding
+      ansibleguy.opnsense.alias_multi:
+        aliases:
+          ANSIBLE_TEST_3_1:
+            content: '192.168.1.1'
+            categories: 'ANSIBLE_TEST_DUMMY_1_1'
+          ANSIBLE_TEST_3_2:
+            content: '192.168.1.2'
+            categories: ['ANSIBLE_TEST_DUMMY_1_1', 'ANSIBLE_TEST_DUMMY_1_2']
+          ANSIBLE_TEST_3_3:
+            content: '192.168.1.3'
+            categories: 'ANSIBLE_TEST_DUMMY_1_2'
+
+    - name: Filtered purge
+      ansibleguy.opnsense.alias_purge:
+        filters:
+          categories: 'ANSIBLE_TEST_DUMMY_1_1'
+      register: opn1
+      failed_when: >
+        opn1.failed or
+        not opn1.changed
+
+    - name: Listing aliases
+      ansibleguy.opnsense.list:
+        target: 'alias'
+      register: opn2
+      failed_when: >
+        'data' not in opn2 or
+        opn2.data | length != 2
+
+    - name: Filtered purge partial
+      ansibleguy.opnsense.alias_purge:
+        filter_partial: true
+        filters:
+          categories: 'ANSIBLE_TEST_DUMMY_1_1'
+      register: opn3
+      failed_when: >
+        opn3.failed or
+        not opn3.changed
+
+    - name: Listing aliases
+      ansibleguy.opnsense.list:
+        target: 'alias'
+      register: opn4
+      failed_when: >
+        'data' not in opn4 or
+        opn4.data | length != 1
+
+    - name: Filtered purge invert
+      ansibleguy.opnsense.alias_purge:
+        filter_invert: true
+        filters:
+          categories: 'ANSIBLE_TEST_DUMMY_1_1'
+      register: opn5
+      failed_when: >
+        opn5.failed or
+        not opn5.changed
+
+    - name: Listing aliases
+      ansibleguy.opnsense.list:
+        target: 'alias'
+      register: opn6
+      failed_when: >
+        'data' not in opn6 or
+        opn6.data | length != 0
+
+- name: Cleanup Test dummy
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_1'
+        state: 'absent'
+
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_2'
+        state: 'absent'