Class: Cisco::TacacsServer

Inherits:

NodeUtil

• Object
• NodeUtil
• Cisco::TacacsServer

Defined in:

lib/cisco_node_utils/tacacs_server.rb

Overview

TacacsServer - node utility class for TACACS+ server config management

Class Method Summary

• .default_deadtime ⇒ Object

  Get default deadtime.

• .default_directed_request ⇒ Object

  Get default directed_request.

• .default_encryption_password ⇒ Object

  Get default encryption password.

• .default_encryption_type ⇒ Object

  Get default encryption type.

• .default_source_interface ⇒ Object

  Get default source interface.

• .default_timeout ⇒ Object

  Get default timeout.

• .enabled ⇒ Object

  Check feature enablement.

Instance Method Summary

• #deadtime ⇒ Object

  Get deadtime.

• #deadtime=(deadtime) ⇒ Object

  Set deadtime.

• #destroy ⇒ Object

  Disable tacacs_server feature.

• #directed_request=(state) ⇒ Object

  Set directed_request.

• #directed_request? ⇒ Boolean

  Check if directed request is enabled.

• #enable ⇒ Object

  Enable tacacs_server feature.

• #encryption_key_set(enctype, password) ⇒ Object

  Set encryption type and password.

• #encryption_password ⇒ Object

  Get encryption password.

• #encryption_type ⇒ Object

  Get encryption type used for the key.

• #initialize(instantiate = true) ⇒ TacacsServer constructor

  A new instance of TacacsServer.

• #source_interface ⇒ Object

  Get source interface.

• #source_interface=(name) ⇒ Object

  Set source interface.

• #timeout ⇒ Object

  Get timeout.

• #timeout=(timeout) ⇒ Object

  Set timeout.

Methods inherited from NodeUtil

client, #client, config_get, #config_get, #config_get_default, config_get_default, config_set, #config_set, #get, #ios_xr?, #nexus?, #node, node, platform, #platform, supports?, #supports?

Constructor Details

#initialize(instantiate = true) ⇒ TacacsServer

Returns a new instance of TacacsServer.

# File 'lib/cisco_node_utils/tacacs_server.rb', line 27

def initialize(instantiate=true)
  enable if instantiate && !TacacsServer.enabled
end

Class Method Details

.default_deadtime ⇒ Object

Get default deadtime

# File 'lib/cisco_node_utils/tacacs_server.rb', line 84

def self.default_deadtime
  config_get_default('tacacs_server', 'deadtime')
end

.default_directed_request ⇒ Object

Get default directed_request

# File 'lib/cisco_node_utils/tacacs_server.rb', line 104

def self.default_directed_request
  config_get_default('tacacs_server', 'directed_request')
end

.default_encryption_password ⇒ Object

Get default encryption password

# File 'lib/cisco_node_utils/tacacs_server.rb', line 153

def self.default_encryption_password
  config_get_default('tacacs_server', 'encryption_password')
end

.default_encryption_type ⇒ Object

Get default encryption type

# File 'lib/cisco_node_utils/tacacs_server.rb', line 142

def self.default_encryption_type
  config_get_default('tacacs_server', 'encryption_type')
end

.default_source_interface ⇒ Object

Get default source interface

# File 'lib/cisco_node_utils/tacacs_server.rb', line 131

def self.default_source_interface
  config_get_default('tacacs_server', 'source_interface')
end

.default_timeout ⇒ Object

Get default timeout

# File 'lib/cisco_node_utils/tacacs_server.rb', line 67

def self.default_timeout
  config_get_default('tacacs_server', 'timeout')
end

.enabled ⇒ Object

Check feature enablement

# File 'lib/cisco_node_utils/tacacs_server.rb', line 32

def self.enabled
  config_get('tacacs_server', 'feature')
rescue Cisco::CliError => e
  # cmd will syntax reject when feature is not enabled
  raise unless e.clierror =~ /Syntax error/
  return false
end

Instance Method Details

#deadtime ⇒ Object

Get deadtime

# File 'lib/cisco_node_utils/tacacs_server.rb', line 79

def deadtime
  config_get('tacacs_server', 'deadtime')
end

#deadtime=(deadtime) ⇒ Object

Set deadtime

# File 'lib/cisco_node_utils/tacacs_server.rb', line 72

def deadtime=(deadtime)
  # 'no tacacs deadtime' will fail.
  # Just set it to the requested timeout value.
  config_set('tacacs_server', 'deadtime', '', deadtime)
end

#destroy ⇒ Object

Disable tacacs_server feature

# File 'lib/cisco_node_utils/tacacs_server.rb', line 46

def destroy
  config_set('tacacs_server', 'feature', 'no') unless platform == :ios_xr
end

#directed_request=(state) ⇒ Object

Set directed_request

# File 'lib/cisco_node_utils/tacacs_server.rb', line 89

def directed_request=(state)
  fail TypeError unless state == true || state == false
  if state == TacacsServer.default_directed_request
    config_set('tacacs_server', 'directed_request', 'no')
  else
    config_set('tacacs_server', 'directed_request', '')
  end
end

#directed_request? ⇒ Boolean

Check if directed request is enabled

Returns:

• (Boolean)

# File 'lib/cisco_node_utils/tacacs_server.rb', line 99

def directed_request?
  config_get('tacacs_server', 'directed_request')
end

#enable ⇒ Object

Enable tacacs_server feature

# File 'lib/cisco_node_utils/tacacs_server.rb', line 41

def enable
  config_set('tacacs_server', 'feature', '') unless platform == :ios_xr
end

#encryption_key_set(enctype, password) ⇒ Object

Set encryption type and password

# File 'lib/cisco_node_utils/tacacs_server.rb', line 158

def encryption_key_set(enctype, password)
  # if enctype is TACACS_SERVER_ENC_UNKNOWN, we will unset the key
  if enctype == TACACS_SERVER_ENC_UNKNOWN
    # if current encryption type is not TACACS_SERVER_ENC_UNKNOWN, we
    # need to unset it. Otherwise the box is not configured with key, we
    # don't need to do anything
    if encryption_type != TACACS_SERVER_ENC_UNKNOWN
      config_set('tacacs_server', 'encryption', state:  'no',
                                                option: encryption_type,
                                                key:    encryption_password)
    end
  else
    config_set('tacacs_server', 'encryption', state: '', option: enctype,
                key: password)
  end
end

#encryption_password ⇒ Object

Get encryption password

# File 'lib/cisco_node_utils/tacacs_server.rb', line 147

def encryption_password
  match = config_get('tacacs_server', 'encryption_password')
  match.empty? ? TacacsServer.default_encryption_password : match[1]
end

#encryption_type ⇒ Object

Get encryption type used for the key

# File 'lib/cisco_node_utils/tacacs_server.rb', line 136

def encryption_type
  match = config_get('tacacs_server', 'encryption_type')
  match.nil? ? TACACS_SERVER_ENC_UNKNOWN : match[0].to_i
end

#source_interface ⇒ Object

Get source interface

# File 'lib/cisco_node_utils/tacacs_server.rb', line 119

def source_interface
  # Sample output
  # ip tacacs source-interface Ethernet1/1
  # no tacacs source-interface
  match = config_get('tacacs_server', 'source_interface')
  return TacacsServer.default_source_interface if match.empty?
  # match_data will contain one of the following
  # [nil, " Ethernet1/1"] or ["no", nil]
  match[0] == 'no' ? TacacsServer.default_source_interface : match[1]
end

#source_interface=(name) ⇒ Object

Set source interface

# File 'lib/cisco_node_utils/tacacs_server.rb', line 109

def source_interface=(name)
  fail TypeError unless name.is_a? String
  if name.empty?
    config_set('tacacs_server', 'source_interface', 'no', '')
  else
    config_set('tacacs_server', 'source_interface', '', name)
  end
end

#timeout ⇒ Object

Get timeout

# File 'lib/cisco_node_utils/tacacs_server.rb', line 62

def timeout
  config_get('tacacs_server', 'timeout')
end

#timeout=(timeout) ⇒ Object

Set timeout

# File 'lib/cisco_node_utils/tacacs_server.rb', line 55

def timeout=(timeout)
  # 'no tacacs timeout' will fail.
  # Just set it to the requested timeout value.
  config_set('tacacs_server', 'timeout', state: '', timeout: timeout)
end