carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-11 23:25:28 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #297 from saito-hideki/issue/255

Browse source 
Refine the handling of exclusive options

SUMMARY
Refine the handling of exclusive options using mutually_exclusive:

Fixes #255

ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME

ansible.posix.firewalld

ADDITIONAL INFORMATION
None

Reviewed-by: Adam Miller <maxamillion@fedoraproject.org>
Reviewed-by: None <None>
This commit is contained in:
ansible-zuul[bot] 2021-11-29 17:46:34 +00:00 committed by GitHub
commit a8fcc028c0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelogs/fragments/297_firewalld_exclusive_options_handling.yml Normal file
View file

@ -0,0 +1,3 @@
---
bugfixes:
- firewalld - Refine the handling of exclusive options (https://github.com/ansible-collections/ansible.posix/issues/255).

38
plugins/modules/firewalld.py
View file

@ -760,6 +760,10 @@ def main():
target=('zone',), target=('zone',),
source=('permanent',), source=('permanent',),
), ),
mutually_exclusive=[
['icmp_block', 'icmp_block_inversion', 'service', 'port', 'port_forward', 'rich_rule',
'interface', 'masquerade', 'source', 'target']
],
) )
permanent = module.params['permanent'] permanent = module.params['permanent']
@ -816,33 +820,11 @@ def main():
if 'toaddr' in port_forward: if 'toaddr' in port_forward:
port_forward_toaddr = port_forward['toaddr'] port_forward_toaddr = port_forward['toaddr']
modification_count = 0 modification = False
if icmp_block is not None: if any([icmp_block, icmp_block_inversion, service, port, port_forward, rich_rule,
modification_count += 1 interface, masquerade, source, target]):
if icmp_block_inversion is not None: modification = True
modification_count += 1 if modification and desired_state in ['absent', 'present'] and target is None:
if service is not None:
modification_count += 1
if port is not None:
modification_count += 1
if port_forward is not None:
modification_count += 1
if rich_rule is not None:
modification_count += 1
if interface is not None:
modification_count += 1
if masquerade is not None:
modification_count += 1
if source is not None:
modification_count += 1
if target is not None:
modification_count += 1
if modification_count > 1:
module.fail_json(
msg='can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once'
)
elif (modification_count > 0) and (desired_state in ['absent', 'present']) and (target is None):
module.fail_json( module.fail_json(
msg='absent and present state can only be used in zone level operations' msg='absent and present state can only be used in zone level operations'
) )
@ -1027,7 +1009,7 @@ def main():
msgs = msgs + transaction_msgs msgs = msgs + transaction_msgs
''' If there are no changes within the zone we are operating on the zone itself ''' ''' If there are no changes within the zone we are operating on the zone itself '''
if modification_count == 0 and desired_state in ['absent', 'present']: if not modification and desired_state in ['absent', 'present']:
transaction = ZoneTransaction( transaction = ZoneTransaction(
module, module,

2
tests/integration/targets/firewalld/tasks/source_test_cases.yml
View file

@ -82,4 +82,4 @@
assert: assert:
that: that:
- result is not changed - result is not changed
- "result.msg == 'can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once'" - "result.msg == 'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|port|port_forward|rich_rule|interface|masquerade|source|target'"