Class: Cisco::TacacsServerHost

Inherits:
NodeUtil
  • Object
show all
Defined in:
lib/cisco_node_utils/tacacs_server_host.rb

Overview

TacacsServerHost - node utility class for TACACS+ server host config

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from NodeUtil

client, #client, config_get, #config_get, #config_get_default, config_get_default, config_set, #config_set, #get, #ios_xr?, #nexus?, #node, node, platform, #platform, supports?, #supports?

Constructor Details

#initialize(name, instantiate = true, host_port = nil) ⇒ TacacsServerHost

Returns a new instance of TacacsServerHost.



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 26

def initialize(name, instantiate=true, host_port=nil)
  fail TypeError unless name.is_a? String
  fail ArgumentError if name.empty?
  @name = name

  if platform == :ios_xr
    if host_port.nil?
      @port = config_get_default('tacacs_server_host', 'port')
    else
      fail ArgumentError, 'host_port must be an Integer' \
        unless host_port.is_a?(Integer)
      @port = host_port
    end
  end

  create if instantiate

  return if platform == :ios_xr

  return if host_port.nil?
  fail ArgumentError, 'host_port must be an Integer' \
    unless host_port.is_a?(Integer)
  self.port = host_port
end

Instance Attribute Details

#nameObject (readonly)

Returns the value of attribute name.



23
24
25
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 23

def name
  @name
end

Class Method Details

.default_encryption_passwordObject 



153
154
155
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 153

def self.default_encryption_password
  config_get_default('tacacs_server_host', 'encryption_password')
end

.default_encryption_typeObject 



138
139
140
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 138

def self.default_encryption_type
  TacacsServer.default_encryption_type
end

.default_portObject 



126
127
128
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 126

def self.default_port
  config_get_default('tacacs_server_host', 'port')
end

.default_timeoutObject 



208
209
210
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 208

def self.default_timeout
  config_get_default('tacacs_server_host', 'timeout')
end

.hostsObject 



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 51

def self.hosts
  hosts = {}
  return hosts unless Feature.tacacs_enabled?

  hosts_list = config_get('tacacs_server_host', 'hosts')
  return hosts if hosts_list.nil? || hosts_list.empty?

  hosts_list.each do |name|
    if platform == :ios_xr
      host_port = config_get('tacacs_server_host', 'port', ip: name)
      host_port = host_port[0] if host_port.is_a?(Array)
      host_port = host_port.to_i

      hosts[name] = TacacsServerHost.new(name, false, host_port)
    else
      hosts[name] = TacacsServerHost.new(name, false) if @hosts[name].nil?
    end
  end
  hosts
end

Instance Method Details

#==(other) ⇒ Object 



212
213
214
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 212

def ==(other)
  name == other.name
end

#createObject 



72
73
74
75
76
77
78
79
80
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 72

def create
  destroy if platform == :ios_xr
  Feature.tacacs_enable
  config_set('tacacs_server_host',
             'host',
             state: '',
             ip:    name,
             port:  @port)
end

#destroyObject 



82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 82

def destroy
  if platform == :ios_xr
    # This provider only support a 1-1 mapping between host and ports.
    # Thus, we must remove the other entries on different ports.
    all_hosts = config_get('tacacs_server_host',
                           'host_port_pairs',
                           ip: @name)
    return unless all_hosts.is_a?(Array)

    warn("#{name} is configured multiple times on the device" \
        ' (possibly using different ports). This is unsupported by this' \
        ' API and the duplicate entries are being deleted.') \
      if all_hosts.count > 1

    all_hosts.each do |host_port|
      config_set('tacacs_server_host',
                 'host',
                 state: 'no',
                 ip:    @name,
                 port:  host_port)
    end
  else
    config_set('tacacs_server_host',
               'host',
               state: 'no',
               ip:    @name,
               port:  @port)
  end
end

#encryption_key_set(enctype, password) ⇒ Object 



157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 157

def encryption_key_set(enctype, password)
  fail TypeError unless enctype.is_a? Fixnum
  fail ArgumentError if password && ![TACACS_SERVER_ENC_NONE,
                                      TACACS_SERVER_ENC_CISCO_TYPE_7,
                                      TACACS_SERVER_ENC_UNKNOWN,
                                     ].include?(enctype)
  password = Utils.add_quotes(password) unless password.empty?
  # if enctype is TACACS_SERVER_ENC_UNKNOWN, we'll unset the key
  if enctype == TACACS_SERVER_ENC_UNKNOWN
    # if current encryption type is not TACACS_SERVER_ENC_UNKNOWN, we need
    # to unset the key value. Otherwise, the box is not configured with key,
    # thus we don't need to do anything
    if encryption_type != TACACS_SERVER_ENC_UNKNOWN
      config_set('tacacs_server_host',
                 'encryption',
                 state:    'no',
                 ip:       @name,
                 port:     @port,
                 enc_type: encryption_type,
                 password: encryption_password)
    end
  else
    config_set('tacacs_server_host',
               'encryption',
               state:    '',
               ip:       @name,
               port:     @port,
               enc_type: enctype,
               password: password)
  end
end

#encryption_passwordObject 



142
143
144
145
146
147
148
149
150
151
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 142

def encryption_password
  str = config_get('tacacs_server_host',
                   'encryption_password',
                   ip:   @name,
                   port: @port)
  return str if str.nil? || str.empty?
  index = str.index('port')
  str = str[0..index - 2] unless index.nil?
  str.strip
end

#encryption_typeObject 



130
131
132
133
134
135
136
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 130

def encryption_type
  type = config_get('tacacs_server_host',
                    'encryption_type',
                    ip:   @name,
                    port: @port)
  type.nil? ? TACACS_SERVER_ENC_UNKNOWN : type.to_i
end

#portObject 



112
113
114
115
116
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 112

def port
  platform == :ios_xr ? @port : config_get('tacacs_server_host',
                                           'port',
                                           ip: @name)
end

#port=(n) ⇒ Object 



118
119
120
121
122
123
124
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 118

def port=(n)
  fail("'port' setter method not applicable for this platform." \
    'port must be passed in to the constructor.') \
      if platform == :ios_xr

  config_set('tacacs_server_host', 'port', ip: @name, port: n.to_i)
end

#timeoutObject 



189
190
191
192
193
194
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 189

def timeout
  config_get('tacacs_server_host',
             'timeout',
             ip:   @name,
             port: @port)
end

#timeout=(t) ⇒ Object 



196
197
198
199
200
201
202
203
204
205
206
 
# File 'lib/cisco_node_utils/tacacs_server_host.rb', line 196

def timeout=(t)
  fail TypeError unless t.is_a? Fixnum
  return if t == timeout

  config_set('tacacs_server_host',
             'timeout',
             state:   '',
             ip:      @name,
             port:    @port,
             timeout: t)
end