From bc609736c86bc4a4178c707aaa8be9bb2c5369a0 Mon Sep 17 00:00:00 2001 From: Abinash Date: Tue, 26 Mar 2024 11:36:41 +0000 Subject: [PATCH 1/4] Adding method to check valid ip address --- plugins/module_utils/dnac.py | 25 +++++++++++++ plugins/modules/discovery_intent.py | 36 +++++++++++++++++++ plugins/modules/discovery_workflow_manager.py | 36 +++++++++++++++++++ 3 files changed, 97 insertions(+) diff --git a/plugins/module_utils/dnac.py b/plugins/module_utils/dnac.py index a12e7eaf47..ec190d6123 100644 --- a/plugins/module_utils/dnac.py +++ b/plugins/module_utils/dnac.py @@ -27,6 +27,7 @@ # import datetime import inspect import re +import socket class DnacBase(): @@ -485,6 +486,30 @@ def update_site_type_key(self, config): return new_config + def is_valid_ip(self, ip_address): + """ + Validates an IPv4 address. + + Parameters: + ip_address - String denoting the IPv4 address passed. + + Returns: + bool - Returns true if the passed IP address value is correct or it returns + false if it is incorrect + """ + + try: + socket.inet_aton(ip_address) + octets = ip_address.split('.') + if len(octets) != 4: + return False + for octet in octets: + if not 0 <= int(octet) <= 255: + return False + return True + except socket.error: + return False + def is_list_complex(x): return isinstance(x[0], dict) or isinstance(x[0], list) diff --git a/plugins/modules/discovery_intent.py b/plugins/modules/discovery_intent.py index 96759bb9c6..680a31b46a 100644 --- a/plugins/modules/discovery_intent.py +++ b/plugins/modules/discovery_intent.py @@ -622,6 +622,7 @@ ) import time import re +import ipaddress class Discovery(DnacBase): @@ -721,6 +722,40 @@ def validate_input(self, state=None): self.status = "success" return self + def validate_ip_address_list(self): + """ + Validates each ip adress paased in the IP_address_list passed by the user before preprocessing it + """ + + ip_address_list = self.validated_config[0].get('ip_address_list') + for ip in ip_address_list: + if '/' in ip: + ip = ip.split("/")[0] + if '-' in ip: + if len(ip.split('-')) == 2: + ip1, ip2 = ip.split('-') + if self.is_valid_ip(ip1) is False: + msg = "IP address {0} is not valid".format(ip1) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if self.is_valid_ip(ip2) is False: + msg = "IP address {0} is not valid".format(ip2) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if ipaddress.IPv4Address(ip1) > ipaddress.IPv4Address(ip2): + msg = "Incorrect range passed. Please pass correct IP address range" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + else: + msg = "IP address range should have only upper and lower limit values" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if self.is_valid_ip(ip) is False and '-' not in ip: + msg = "IP address {0} is not valid".format(ip) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + self.log("All the IP adresses passed are correct", "INFO") + def get_creds_ids_list(self): """ Retrieve the list of credentials IDs associated with class instance. @@ -1513,6 +1548,7 @@ def get_diff_merged(self): - self: The instance of the class with updated attributes. """ + self.validate_ip_address_list() devices_list_info = self.get_devices_list_info() ip_address_list = self.preprocess_device_discovery(devices_list_info) exist_discovery = self.get_exist_discovery() diff --git a/plugins/modules/discovery_workflow_manager.py b/plugins/modules/discovery_workflow_manager.py index 88ce124a39..4edc873965 100644 --- a/plugins/modules/discovery_workflow_manager.py +++ b/plugins/modules/discovery_workflow_manager.py @@ -622,6 +622,7 @@ ) import time import re +import ipaddress class Discovery(DnacBase): @@ -721,6 +722,40 @@ def validate_input(self, state=None): self.status = "success" return self + def validate_ip_address_list(self): + """ + Validates each ip adress paased in the IP_address_list passed by the user before preprocessing it + """ + + ip_address_list = self.validated_config[0].get('ip_address_list') + for ip in ip_address_list: + if '/' in ip: + ip = ip.split("/")[0] + if '-' in ip: + if len(ip.split('-')) == 2: + ip1, ip2 = ip.split('-') + if self.is_valid_ip(ip1) is False: + msg = "IP address {0} is not valid".format(ip1) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if self.is_valid_ip(ip2) is False: + msg = "IP address {0} is not valid".format(ip2) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if ipaddress.IPv4Address(ip1) > ipaddress.IPv4Address(ip2): + msg = "Incorrect range passed. Please pass correct IP address range" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + else: + msg = "IP address range should have only upper and lower limit values" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + if self.is_valid_ip(ip) is False and '-' not in ip: + msg = "IP address {0} is not valid".format(ip) + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) + self.log("All the IP adresses passed are correct", "INFO") + def get_creds_ids_list(self): """ Retrieve the list of credentials IDs associated with class instance. @@ -1513,6 +1548,7 @@ def get_diff_merged(self): - self: The instance of the class with updated attributes. """ + self.validate_ip_address_list() devices_list_info = self.get_devices_list_info() ip_address_list = self.preprocess_device_discovery(devices_list_info) exist_discovery = self.get_exist_discovery() From 1d05c276a34357c82b7e8ad1ee82a7e48e8e8948 Mon Sep 17 00:00:00 2001 From: Abinash Date: Tue, 26 Mar 2024 11:55:57 +0000 Subject: [PATCH 2/4] Adding method to check valid ip address --- plugins/modules/discovery_intent.py | 12 +++++++----- plugins/modules/discovery_workflow_manager.py | 12 +++++++----- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/plugins/modules/discovery_intent.py b/plugins/modules/discovery_intent.py index 680a31b46a..41f54ae993 100644 --- a/plugins/modules/discovery_intent.py +++ b/plugins/modules/discovery_intent.py @@ -622,7 +622,6 @@ ) import time import re -import ipaddress class Discovery(DnacBase): @@ -742,10 +741,13 @@ def validate_ip_address_list(self): msg = "IP address {0} is not valid".format(ip2) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if ipaddress.IPv4Address(ip1) > ipaddress.IPv4Address(ip2): - msg = "Incorrect range passed. Please pass correct IP address range" - self.log(msg, "CRITICAL") - self.module.fail_json(msg=msg) + ip1_parts = list(map(int, ip1.split('.'))) + ip2_parts = list(map(int, ip2.split('.'))) + for part in range(4): + if ip1_parts[part] > ip2_parts[part]: + msg = "Incorrect range passed. Please pass correct IP address range" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) else: msg = "IP address range should have only upper and lower limit values" self.log(msg, "CRITICAL") diff --git a/plugins/modules/discovery_workflow_manager.py b/plugins/modules/discovery_workflow_manager.py index 4edc873965..da895f33c9 100644 --- a/plugins/modules/discovery_workflow_manager.py +++ b/plugins/modules/discovery_workflow_manager.py @@ -622,7 +622,6 @@ ) import time import re -import ipaddress class Discovery(DnacBase): @@ -742,10 +741,13 @@ def validate_ip_address_list(self): msg = "IP address {0} is not valid".format(ip2) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if ipaddress.IPv4Address(ip1) > ipaddress.IPv4Address(ip2): - msg = "Incorrect range passed. Please pass correct IP address range" - self.log(msg, "CRITICAL") - self.module.fail_json(msg=msg) + ip1_parts = list(map(int, ip1.split('.'))) + ip2_parts = list(map(int, ip2.split('.'))) + for part in range(4): + if ip1_parts[part] > ip2_parts[part]: + msg = "Incorrect range passed. Please pass correct IP address range" + self.log(msg, "CRITICAL") + self.module.fail_json(msg=msg) else: msg = "IP address range should have only upper and lower limit values" self.log(msg, "CRITICAL") From 4b39501161f1ae6352a8687667453a56f04c6c96 Mon Sep 17 00:00:00 2001 From: Abinash Date: Wed, 27 Mar 2024 16:14:04 +0000 Subject: [PATCH 3/4] Adding method to check valid ip address --- plugins/modules/discovery_intent.py | 16 ++++++++-------- plugins/modules/discovery_workflow_manager.py | 16 ++++++++-------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/plugins/modules/discovery_intent.py b/plugins/modules/discovery_intent.py index 41f54ae993..bbe0634883 100644 --- a/plugins/modules/discovery_intent.py +++ b/plugins/modules/discovery_intent.py @@ -721,7 +721,7 @@ def validate_input(self, state=None): self.status = "success" return self - def validate_ip_address_list(self): + def validate_ip4_address_list(self): """ Validates each ip adress paased in the IP_address_list passed by the user before preprocessing it """ @@ -733,11 +733,11 @@ def validate_ip_address_list(self): if '-' in ip: if len(ip.split('-')) == 2: ip1, ip2 = ip.split('-') - if self.is_valid_ip(ip1) is False: + if self.is_valid_ipv4(ip1) is False: msg = "IP address {0} is not valid".format(ip1) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if self.is_valid_ip(ip2) is False: + if self.is_valid_ipv4(ip2) is False: msg = "IP address {0} is not valid".format(ip2) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) @@ -745,18 +745,18 @@ def validate_ip_address_list(self): ip2_parts = list(map(int, ip2.split('.'))) for part in range(4): if ip1_parts[part] > ip2_parts[part]: - msg = "Incorrect range passed. Please pass correct IP address range" + msg = "Incorrect range passed: {0}. Please pass correct IP address range".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) else: - msg = "IP address range should have only upper and lower limit values" + msg = "Provided range '{0}' is incorrect. IP address range should have only upper and lower limit values".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if self.is_valid_ip(ip) is False and '-' not in ip: + if self.is_valid_ipv4(ip) is False and '-' not in ip: msg = "IP address {0} is not valid".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - self.log("All the IP adresses passed are correct", "INFO") + self.log("All the IP addresses passed are correct", "INFO") def get_creds_ids_list(self): """ @@ -1550,7 +1550,7 @@ def get_diff_merged(self): - self: The instance of the class with updated attributes. """ - self.validate_ip_address_list() + self.validate_ip4_address_list() devices_list_info = self.get_devices_list_info() ip_address_list = self.preprocess_device_discovery(devices_list_info) exist_discovery = self.get_exist_discovery() diff --git a/plugins/modules/discovery_workflow_manager.py b/plugins/modules/discovery_workflow_manager.py index da895f33c9..66667260da 100644 --- a/plugins/modules/discovery_workflow_manager.py +++ b/plugins/modules/discovery_workflow_manager.py @@ -721,7 +721,7 @@ def validate_input(self, state=None): self.status = "success" return self - def validate_ip_address_list(self): + def validate_ip4_address_list(self): """ Validates each ip adress paased in the IP_address_list passed by the user before preprocessing it """ @@ -733,11 +733,11 @@ def validate_ip_address_list(self): if '-' in ip: if len(ip.split('-')) == 2: ip1, ip2 = ip.split('-') - if self.is_valid_ip(ip1) is False: + if self.is_valid_ipv4(ip1) is False: msg = "IP address {0} is not valid".format(ip1) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if self.is_valid_ip(ip2) is False: + if self.is_valid_ipv4(ip2) is False: msg = "IP address {0} is not valid".format(ip2) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) @@ -745,18 +745,18 @@ def validate_ip_address_list(self): ip2_parts = list(map(int, ip2.split('.'))) for part in range(4): if ip1_parts[part] > ip2_parts[part]: - msg = "Incorrect range passed. Please pass correct IP address range" + msg = "Incorrect range passed: {0}. Please pass correct IP address range".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) else: - msg = "IP address range should have only upper and lower limit values" + msg = "Provided range '{0}' is incorrect. IP address range should have only upper and lower limit values".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - if self.is_valid_ip(ip) is False and '-' not in ip: + if self.is_valid_ipv4(ip) is False and '-' not in ip: msg = "IP address {0} is not valid".format(ip) self.log(msg, "CRITICAL") self.module.fail_json(msg=msg) - self.log("All the IP adresses passed are correct", "INFO") + self.log("All the IP addresses passed are correct", "INFO") def get_creds_ids_list(self): """ @@ -1550,7 +1550,7 @@ def get_diff_merged(self): - self: The instance of the class with updated attributes. """ - self.validate_ip_address_list() + self.validate_ip4_address_list() devices_list_info = self.get_devices_list_info() ip_address_list = self.preprocess_device_discovery(devices_list_info) exist_discovery = self.get_exist_discovery() From 3071e444dfdc2224c79434eeae6cb75e5f1208ee Mon Sep 17 00:00:00 2001 From: Abinash Date: Wed, 27 Mar 2024 16:15:41 +0000 Subject: [PATCH 4/4] Adding method to check valid ip address --- plugins/module_utils/dnac.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/module_utils/dnac.py b/plugins/module_utils/dnac.py index ec190d6123..8064cc5e76 100644 --- a/plugins/module_utils/dnac.py +++ b/plugins/module_utils/dnac.py @@ -486,7 +486,7 @@ def update_site_type_key(self, config): return new_config - def is_valid_ip(self, ip_address): + def is_valid_ipv4(self, ip_address): """ Validates an IPv4 address.