Class: Rbeapi::Api::AaaGroups

Inherits:
Entity
  • Object
show all
Defined in:
lib/rbeapi/api/aaa.rb

Constant Summary collapse

DEFAULT_RADIUS_AUTH_PORT =
1812
DEFAULT_RADIUS_ACCT_PORT =
1813
RADIUS_GROUP_SERVER =

Regular express that parses the radius servers from the aaa group server radius configuration block

/\s{3}server
[ ]([^\s]+)
[ ]auth-port[ ](\d+)
[ ]acct-port[ ](\d+)/x
TACACS_GROUP_SERVER =

Regular expression that parse the tacacs servers from the aaa group server tacacs+ configuration block

/\s{3}server
[ ]([^\s]+)
(?:[ ]vrf[ ](\w+))?
(?:[ ]port[ ](\d+))?/x

Instance Attribute Summary

Attributes inherited from Entity

#config, #error, #node

Instance Method Summary collapse

Methods inherited from Entity

#configure, #get_block, #initialize, instance

Constructor Details

This class inherits a constructor from Rbeapi::Api::Entity

Instance Method Details

#add_radius_server(name, server, opts = {}) ⇒ Boolean

add_radius_server adds a new radius server to the nodes current configuration. If the server already exists in the specified group name this method will still return successfully

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully


346
347
348
349
350
351
352
353
# File 'lib/rbeapi/api/aaa.rb', line 346

def add_radius_server(name, server, opts = {})
  # order of command options matter here!
  server = "server #{server} "
  server << "auth-port #{opts[:auth_port]} " if opts[:auth_port]
  server << "acct-port #{opts[:acct_port]} " if opts[:acct_port]
  server << "vrf #{opts[:vrf]}" if opts[:vrf]
  configure ["aaa group server radius #{name}", server, "exit"]
end

#add_server(name, server, opts = {}) ⇒ Boolean

add_server adds a new server to the specified aaa server group. If the server is already configured in the list of servers, this method will still return successfully.

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully

See Also:


315
316
317
318
319
320
321
322
323
# File 'lib/rbeapi/api/aaa.rb', line 315

def add_server(name, server, opts = {})
  type = find_type(name)
  return false unless type
  case type
  when 'radius' then add_radius_server(name, server, opts)
  when 'tacacs+' then add_tacacs_server(name, server, opts)
  else return false
  end
end

#add_tacacs_server(name, server, opts = {}) ⇒ Boolean

add_tacacs_server adds a new tacacs server to the nodes current configuration. If the server already exists in the specified group name this method will still return successfully

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully


377
378
379
380
381
382
383
# File 'lib/rbeapi/api/aaa.rb', line 377

def add_tacacs_server(name, server, opts = {})
  # order of command options matter here!
  server = "server #{server} "
  server << "vrf #{opts[:vrf]} "    if opts[:vrf]
  server << "port #{opts[:port]} "  if opts[:port]
  configure ["aaa group server tacacs+ #{name}", server, "exit"]
end

#create(name, type) ⇒ Boolean

create adds a new aaa group server to the nodes current configuration. If the specified name and type are already created then this method will return successfully. If the name is configured but the type is different, this method will not return successfully (returns false).

Parameters:

  • :name (String)

    The name of the aaa group server to create in the nodes running configuration

  • :type (String)

    The type of aaa group server to create in the nodes running configuration. Valid values include 'radius' or 'tacacs+'

Returns:

  • (Boolean)

    returns true if the commands complete successfully


243
244
245
# File 'lib/rbeapi/api/aaa.rb', line 243

def create(name, type)
  configure ["aaa group server #{type} #{name}", "exit"]
end

#delete(name) ⇒ Boolean

delete removes a current aaa server group from the nodes current configuration. This method will automatically determine the server group type based on the name. If the name is not configured in the nodes current configuration, this method will return successfully.

Parameters:

  • :name (String)

    The name of the aaa group server to create in the nodes running configuration

Returns:

  • (Boolean)

    returns true if the commands complete successfully


262
263
264
265
266
# File 'lib/rbeapi/api/aaa.rb', line 262

def delete(name)
  type = find_type(name)
  return true unless type
  configure "no aaa group server #{type} #{name}"
end

#get(name) ⇒ nil, Hash<Symbol, Object>

get returns the aaa server group resource hash that describes the current configuration for the specified server group name

The resource hash returned contains the following:

* type: (String) The server group type.  Valid values are either
'tacacs' or 'radius'
* servers: (Array) The set of servers associated with the group.
Servers are returned as either IP address or host name

Parameters:

  • :name (String)

    The server group name to return f:rom the nodes current running configuration. If the name is not configured a nil object is returned.

Returns:

  • (nil, Hash<Symbol, Object>)

    returns the resource hash for the specified name. If the name does not exist, a nil object is returned


94
95
96
97
98
99
100
101
# File 'lib/rbeapi/api/aaa.rb', line 94

def get(name)
  block = get_block("aaa group server ([^\s]+) #{name}")
  return nil unless block
  response = {}
  response.merge!(parse_type(block))
  response.merge!(parse_servers(block, response[:type]))
  response
end

#getallObject


103
104
105
106
107
108
109
# File 'lib/rbeapi/api/aaa.rb', line 103

def getall
  cfg = config.scan(/aaa group server (?:radius|tacacs\+) (.+)$/)
  cfg.each_with_object({}) do |name, hsh|
    values = get(name.first)
    hsh[name.first] = values if values
  end
end

#parse_tacacs_server(config) ⇒ Hash<Symbol, Object>

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

parse_tacacs_server scans the provide configuration block and returns the list of servers configured. The configuration block is expected to be a tacacs configuration block. If there are no servers configured for the group the servers value will return an empty array.

Parameters:

  • :config (String)

    The aaa server group block configuration for the group name to parse

Returns:

  • (Hash<Symbol, Object>)

    resource hash attribute


191
192
193
194
195
196
197
198
199
200
# File 'lib/rbeapi/api/aaa.rb', line 191

def parse_tacacs_server(config)
  values = config.scan(TACACS_GROUP_SERVER).map do |(name, vrf, port)|
    {
      name: name,
      vrf: vrf,
      port: port
    }
  end
  { servers: values }
end

#remove_server(name, server, opts = {}) ⇒ Boolean

remove_server deletes an existing server from the specified aaa server group. If the specified server is not configured in the specified server group, this method will still return true.

Parameters:

  • :name (String)

    The name of the aaa group server to remove

  • :server (String)

    The IP address or host name of the server

Returns:

  • (Boolean)

    returns true if the commands complete successfully


401
402
403
404
405
406
407
# File 'lib/rbeapi/api/aaa.rb', line 401

def remove_server(name, server, opts={})
  type = find_type(name)
  return false unless type
  server = "no server #{server} "
  server << "vrf #{opts[:vrf]}" if opts[:vrf]
  configure ["aaa group server #{type} #{name}", server, "exit"]
end

#set_servers(name, servers) ⇒ Boolean

set_servers configures the set of servers for a specified aaa server group. This is an atomic operation that first removes all current servers and then adds the new servers back. If any of the servers failes to be removed or added, this method will return unsuccessfully.

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully

See Also:


286
287
288
289
290
291
292
293
294
295
296
# File 'lib/rbeapi/api/aaa.rb', line 286

def set_servers(name, servers)
  current = get(name)
  current[:servers].each do |srv|
    return false unless remove_server(name, srv)
  end
  servers.each do |srv|
    hostname = srv[:name]
    return false unless add_server(name, hostname, srv)
  end
  return true
end