Class: Rbeapi::Api::AaaGroups

Inherits:
Entity
  • Object
show all
Defined in:
lib/rbeapi/api/aaa.rb

Overview

The AaaGroups class manages the server groups on a EOS node.

Constant Summary collapse

DEFAULT_RADIUS_AUTH_PORT = 
1812
DEFAULT_RADIUS_ACCT_PORT = 
1813
RADIUS_GROUP_SERVER =

Regular express that parses the radius servers from the aaa group server radius configuration block

/\s{3}server
[ ]([^\s]+)
[ ]auth-port[ ](\d+)
[ ]acct-port[ ](\d+)/x
TACACS_GROUP_SERVER =

Regular expression that parse the tacacs servers from the aaa group server tacacs+ configuration block

/\s{3}server
[ ]([^\s]+)
(?:[ ]vrf[ ](\w+))?
(?:[ ]port[ ](\d+))?/x

Instance Attribute Summary

Attributes inherited from Entity

#config, #error, #node

Instance Method Summary collapse

Methods inherited from Entity

#command_builder, #configure, #configure_interface, #get_block, #initialize, instance

Constructor Details

This class inherits a constructor from Rbeapi::Api::Entity

Instance Method Details

#add_radius_server(name, server, opts = {}) ⇒ Boolean

add_radius_server adds a new radius server to the nodes current configuration. If the server already exists in the specified group name this method will still return successfully

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully



344
345
346
347
348
349
350
351
 
# File 'lib/rbeapi/api/aaa.rb', line 344

def add_radius_server(name, server, opts = {})
  # order of command options matter here!
  server = "server #{server} "
  server << "auth-port #{opts[:auth_port]} " if opts[:auth_port]
  server << "acct-port #{opts[:acct_port]} " if opts[:acct_port]
  server << "vrf #{opts[:vrf]}" if opts[:vrf]
  configure ["aaa group server radius #{name}", server, 'exit']
end

#add_server(name, server, opts = {}) ⇒ Boolean

add_server adds a new server to the specified aaa server group. If the server is already configured in the list of servers, this method will still return successfully.

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully

See Also:



313
314
315
316
317
318
319
320
321
 
# File 'lib/rbeapi/api/aaa.rb', line 313

def add_server(name, server, opts = {})
  type = find_type(name)
  return false unless type
  case type
  when 'radius' then add_radius_server(name, server, opts)
  when 'tacacs+' then add_tacacs_server(name, server, opts)
  else return false
  end
end

#add_tacacs_server(name, server, opts = {}) ⇒ Boolean

add_tacacs_server adds a new tacacs server to the nodes current configuration. If the server already exists in the specified group name this method will still return successfully

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully



374
375
376
377
378
379
380
 
# File 'lib/rbeapi/api/aaa.rb', line 374

def add_tacacs_server(name, server, opts = {})
  # order of command options matter here!
  server = "server #{server} "
  server << "vrf #{opts[:vrf]} "    if opts[:vrf]
  server << "port #{opts[:port]} "  if opts[:port]
  configure ["aaa group server tacacs+ #{name}", server, 'exit']
end

#create(name, type) ⇒ Boolean

create adds a new aaa group server to the nodes current configuration. If the specified name and type are already created then this method will return successfully. If the name is configured but the type is different, this method will not return successfully (returns false).

Parameters:

  • :name (String)

    The name of the aaa group server to create in the nodes running configuration

  • :type (String)

    The type of aaa group server to create in the nodes running configuration. Valid values include ‘radius’ or ‘tacacs+’

Returns:

  • (Boolean)

    returns true if the commands complete successfully



241
242
243
 
# File 'lib/rbeapi/api/aaa.rb', line 241

def create(name, type)
  configure ["aaa group server #{type} #{name}", 'exit']
end

#delete(name) ⇒ Boolean

delete removes a current aaa server group from the nodes current configuration. This method will automatically determine the server group type based on the name. If the name is not configured in the nodes current configuration, this method will return successfully.

Parameters:

  • :name (String)

    The name of the aaa group server to create in the nodes running configuration

Returns:

  • (Boolean)

    returns true if the commands complete successfully



260
261
262
263
264
 
# File 'lib/rbeapi/api/aaa.rb', line 260

def delete(name)
  type = find_type(name)
  return true unless type
  configure "no aaa group server #{type} #{name}"
end

#get(name) ⇒ nil, Hash<Symbol, Object>

get returns the aaa server group resource hash that describes the current configuration for the specified server group name

The resource hash returned contains the following:

* type: (String) The server group type.  Valid values are either
'tacacs' or 'radius'
* servers: (Array) The set of servers associated with the group.
Servers are returned as either IP address or host name

Parameters:

  • :name (String)

    The server group name to return f:rom the nodes current running configuration. If the name is not configured a nil object is returned.

Returns:

  • (nil, Hash<Symbol, Object>)

    returns the resource hash for the specified name. If the name does not exist, a nil object is returned



93
94
95
96
97
98
99
100
 
# File 'lib/rbeapi/api/aaa.rb', line 93

def get(name)
  block = get_block("aaa group server ([^\s]+) #{name}")
  return nil unless block
  response = {}
  response.merge!(parse_type(block))
  response.merge!(parse_servers(block, response[:type]))
  response
end

#getallObject 



102
103
104
105
106
107
108
 
# File 'lib/rbeapi/api/aaa.rb', line 102

def getall
  cfg = config.scan(/aaa group server (?:radius|tacacs\+) (.+)$/)
  cfg.each_with_object({}) do |name, hsh|
    values = get(name.first)
    hsh[name.first] = values if values
  end
end

#parse_tacacs_server(config) ⇒ Hash<Symbol, Object>

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

parse_tacacs_server scans the provide configuration block and returns the list of servers configured. The configuration block is expected to be a tacacs configuration block. If there are no servers configured for the group the servers value will return an empty array.

Parameters:

  • :config (String)

    The aaa server group block configuration for the group name to parse

Returns:

  • (Hash<Symbol, Object>)

    resource hash attribute



190
191
192
193
194
195
196
197
198
199
 
# File 'lib/rbeapi/api/aaa.rb', line 190

def parse_tacacs_server(config)
  values = config.scan(TACACS_GROUP_SERVER).map do |(name, vrf, port)|
    {
      name: name,
      vrf: vrf,
      port: port
    }
  end
  { servers: values }
end

#remove_server(name, server, opts = {}) ⇒ Boolean

remove_server deletes an existing server from the specified aaa server group. If the specified server is not configured in the specified server group, this method will still return true.

Parameters:

  • :name (String)

    The name of the aaa group server to remove

  • :server (String)

    The IP address or host name of the server

Returns:

  • (Boolean)

    returns true if the commands complete successfully



398
399
400
401
402
403
404
 
# File 'lib/rbeapi/api/aaa.rb', line 398

def remove_server(name, server, opts = {})
  type = find_type(name)
  return false unless type
  server = "no server #{server} "
  server << "vrf #{opts[:vrf]}" if opts[:vrf]
  configure ["aaa group server #{type} #{name}", server, 'exit']
end

#set_servers(name, servers) ⇒ Boolean

set_servers configures the set of servers for a specified aaa server group. This is an atomic operation that first removes all current servers and then adds the new servers back. If any of the servers failes to be removed or added, this method will return unsuccessfully.

Parameters:

  • :name (String)

    The name of the aaa group server to add the new server configuration to.

  • :server (String)

    The IP address or host name of the server to add to the configuration

  • :opts (Hash)

    Optional configuration parameters

Returns:

  • (Boolean)

    returns true if the commands complete successfully

See Also:



284
285
286
287
288
289
290
291
292
293
294
 
# File 'lib/rbeapi/api/aaa.rb', line 284

def set_servers(name, servers)
  current = get(name)
  current[:servers].each do |srv|
    return false unless remove_server(name, srv)
  end
  servers.each do |srv|
    hostname = srv[:name]
    return false unless add_server(name, hostname, srv)
  end
  true
end