Class: Rbeapi::Api::Tacacs

Inherits:
Entity
  • Object
show all
Defined in:
lib/rbeapi/api/tacacs.rb

Overview

Tacacs provides instance methods to retrieve and set tacacs configuration values.

Constant Summary collapse

DEFAULT_KEY_FORMAT = 
0
DEFAULT_KEY = 
nil
SERVER_REGEXP =

Regular expression to extract a tacacs server’s attributes from the running-configuration text. The explicit [ ] spaces enable line wrapping and indentation with the /x flag.

/tacacs-server[ ]host[ ]([^\s]+)
(?:[ ](single-connection))?
(?:[ ]vrf[ ]([^\s]+))?
(?:[ ]port[ ](\d+))?
(?:[ ]timeout[ ](\d+))?
(?:[ ]key[ ](\d+)[ ](\w+))?\s/x
DEFAULT_PORT =

Default Tacacs TCP port

49

Instance Attribute Summary

Attributes inherited from Entity

#config, #error, #node

Instance Method Summary collapse

Methods inherited from Entity

#command_builder, #configure, #configure_interface, #get_block, #initialize, instance

Constructor Details

This class inherits a constructor from Rbeapi::Api::Entity

Instance Method Details

#getArray<Hash>

getall Returns an Array with a single resource Hash describing the current state of the global tacacs configuration on the target device. This method is intended to be used by a provider’s instances class method.

The resource hash returned contains the following information:

* name: ('settings')
* enable: (true | false) if tacacs functionality is enabled.  This is
  always true for EOS.
* key: (String) the key either in plain text or hashed format
* key_format: (Integer) e.g. 0 or 7
* timeout: (Integer) seconds before the timeout period ends

Returns:

  • (Array<Hash>)

    Single element Array of resource hashes



77
78
79
80
81
82
83
 
# File 'lib/rbeapi/api/tacacs.rb', line 77

def get
  global = {}
  global.merge!(parse_global_timeout)
  global.merge!(parse_global_key)
  resource = { global: global, servers: servers }
  resource
end

#remove_server(opts = {}) ⇒ Boolean

remove_server removes the tacacs server identified by the hostname, and port attributes.

Returns:

  • (Boolean)

    true if no errors



223
224
225
226
227
 
# File 'lib/rbeapi/api/tacacs.rb', line 223

def remove_server(opts = {})
  cmd = "no tacacs-server host #{opts[:hostname]}"
  cmd << " port #{opts[:port]}" if opts[:port]
  configure cmd
end

#serversArray<Hash<Symbol,Object>>

servers returns an Array of tacacs server resource hashes. Each hash describes the current state of the tacacs server and is suitable for use in initializing a tacacs_server provider.

The resource hash returned contains the following information:

* hostname: hostname or ip address, part of the identifier
* port: (Fixnum) TCP port of the server, part of the identifier
* key: (String) the key either in plain text or hashed format
* key_format: (Fixnum) e.g. 0 or 7
* timeout: (Fixnum) seconds before the timeout period ends
* multiplex: (Boolean) true when configured to make requests through a
  single connection

Returns:

  • (Array<Hash<Symbol,Object>>)

    Array of resource hashes



142
143
144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'lib/rbeapi/api/tacacs.rb', line 142

def servers
  tuples = config.scan(SERVER_REGEXP)
  tuples.map do |(host, mplex, vrf, port, tout, keyfm, key)|
    hsh = {}
    hsh[:hostname]         = host
    hsh[:vrf]              = vrf
    hsh[:port]             = port.to_i
    hsh[:timeout]          = tout.to_i
    hsh[:key_format]       = keyfm.to_i
    hsh[:key]              = key
    hsh[:multiplex]        = mplex ? true : false
    hsh
  end
end

#set_global_key(opts = {}) ⇒ Boolean

set_global_key configures the tacacs default key. This method maps to the ‘tacacs-server key` EOS configuration command, e.g. `tacacs-server key 7 070E234F1F5B4A`.

Parameters:

  • opts (Hash) (defaults to: {})

    a customizable set of options

Options Hash (opts):

  • :key (String) — default: '070E234F1F5B4A'

    The key value

  • :key_format (Fixnum) — default: 7

    The key format, 0 for plain text and 7 for a hashed value. 7 will be assumed if this option is not provided.

Returns:

  • (Boolean)

    true if no errors



171
172
173
174
175
176
177
 
# File 'lib/rbeapi/api/tacacs.rb', line 171

def set_global_key(opts = {})
  format = opts[:key_format]
  key = opts[:key]
  fail ArgumentError, 'key option is required' unless key
  result = api.config("tacacs-server key #{format} #{key}")
  result == [{}]
end

#set_global_timeout(opts = {}) ⇒ Boolean

set_timeout configures the tacacs default timeout. This method maps to the ‘tacacs-server timeout` setting.

Parameters:

  • opts (Hash) (defaults to: {})

    The configuration parameters

  • :opts (Hash)

    a customizable set of options

Options Hash (opts):

  • :value (string)

    The value to set the timeout to

  • :default (Boolean)

    The value should be set to default

Returns:

  • (Boolean)

    true if no errors



192
193
194
195
 
# File 'lib/rbeapi/api/tacacs.rb', line 192

def set_global_timeout(opts = {})
  cmd = command_builder('tacacs-server timeout', opts)
  configure cmd
end

#update_server(opts = {}) ⇒ Boolean

update_server configures a tacacs server resource on the target device. This API method maps to the ‘tacacs server host` command, e.g. `tacacs-server host 1.2.3.4 single-connection port 4949 timeout 6 key 7 06070D221D1C5A`

Returns:

  • (Boolean)

    true if there are no errors



206
207
208
209
210
211
212
213
214
 
# File 'lib/rbeapi/api/tacacs.rb', line 206

def update_server(opts = {})
  key_format = opts[:key_format] || 7
  cmd = "tacacs-server host #{opts[:hostname]}"
  cmd << ' single-connection'               if opts[:multiplex]
  cmd << " port #{opts[:port]}"             if opts[:port]
  cmd << " timeout #{opts[:timeout]}"       if opts[:timeout]
  cmd << " key #{key_format} #{opts[:key]}" if opts[:key]
  configure cmd
end