[ignore_change] Added checks to validate date_time format.

CiscoDevNet · Sep 18, 2024 · 6dd583d · 6dd583d
1 parent 6a397f7
commit 6dd583d
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 10 deletions.
diff --git a/plugins/module_utils/mso.py b/plugins/module_utils/mso.py
@@ -1603,6 +1603,15 @@ def nd_request(self, path, method=None, data=None, file=None, qs=None, prefix=""
             return {}
 
 
+    def verify_time_format(self, date_time):
+        if date_time != "now" or date_time != "infinite":
+            try:
+                formatted_date_time = datetime.datetime.strptime(date_time, '%Y-%m-%d %H:%M:%S')
+                return str(formatted_date_time)
+            except ValueError:
+                return self.fail_json(msg="TIME FORMAT ERROR: The time must be in 'YYYY-MM-DD HH:MM:SS' format.")
+
+
 def service_node_ref_str_to_dict(serviceNodeRefStr):
     serviceNodeRefTokens = serviceNodeRefStr.split("/")
     return dict(

diff --git a/plugins/modules/ndo_mac_sec_policy.py b/plugins/modules/ndo_mac_sec_policy.py
@@ -331,8 +331,8 @@ def main():
                             dict(
                                 keyname=mac_sec_key.get("key_name"),
                                 psk=mac_sec_key.get("psk"),
-                                start=mac_sec_key.get("start_time"),
-                                end=mac_sec_key.get("end_time"),
+                                start=mso.verify_time_format(mac_sec_key.get("start_time")) if mac_sec_key.get("start_time") else None,
+                                end=mso.verify_time_format(mac_sec_key.get("end_time")) if mac_sec_key.get("end_time") else None,
                             )
                         )
 
@@ -380,9 +380,9 @@ def main():
                             "psk": mac_sec_key.get("psk"),
                         }
                         if mac_sec_key.get("start_time"):
-                            mac_sec_key_dict["startTime"] = mac_sec_key.get("start_time")
+                            mac_sec_key_dict["startTime"] = mso.verify_time_format(mac_sec_key.get("start_time"))
                         if mac_sec_key.get("end_time"):
-                            mac_sec_key_dict["endTime"] = mac_sec_key.get("end_time")
+                            mac_sec_key_dict["endTime"] = mso.verify_time_format(mac_sec_key.get("end_time"))
                         mac_sec_keys_list.append(mac_sec_key_dict)
 
                     payload["macsecKeys"] = mac_sec_keys_list

diff --git a/tests/integration/targets/ndo_mac_sec_policy/tasks/main.yml b/tests/integration/targets/ndo_mac_sec_policy/tasks/main.yml
@@ -35,14 +35,14 @@
       cisco.mso.ndo_template: &template_absent
         <<: *mso_info
         name: ansible_fabric_policy_template
-        interface_type: fabric_policy
+        type: fabric_policy
         state: absent
 
     - name: Create a fabric template
       cisco.mso.ndo_template:
         <<: *mso_info
         name: ansible_fabric_policy_template
-        interface_type: fabric_policy
+        type: fabric_policy
         state: present
 
     # CREATE
@@ -82,10 +82,10 @@
           - nm_add_mac_sec_policy_again.previous.type == nm_add_mac_sec_policy_again.current.type == 'fabric'
           - nm_add_mac_sec_policy_again.previous.uuid is defined
           - nm_add_mac_sec_policy_again.current.uuid is defined
-          - nm_add_mac_sec_policy.previous.macsecParams.cipherSuite == '256GcmAesXpn'
-          - nm_add_mac_sec_policy.previous.macsecParams.sakExpiryTime == 0
-          - nm_add_mac_sec_policy.previous.macsecParams.securityPol == 'shouldSecure'
-          - nm_add_mac_sec_policy.previous.macsecParams.windowSize == 0
+          - nm_add_mac_sec_policy_again.previous.macsecParams.cipherSuite == '256GcmAesXpn'
+          - nm_add_mac_sec_policy_again.previous.macsecParams.sakExpiryTime == 0
+          - nm_add_mac_sec_policy_again.previous.macsecParams.securityPol == 'shouldSecure'
+          - nm_add_mac_sec_policy_again.previous.macsecParams.windowSize == 0
 
     # MACsec policy interface_type access
     - name: Create a MACSec policy of interface_type 'access'
@@ -299,6 +299,28 @@
           - nm_update_mac_sec_policy_type is failed
           - nm_update_mac_sec_policy_type.msg == 'Type cannot be changed for an existing MACSec Policy.'
 
+    - name: Validate MACsec policy with invalide time format
+      cisco.mso.ndo_mac_sec_policy:
+        <<: *mso_info
+        template: ansible_fabric_policy_template
+        mac_sec_policy: ansible_mac_sec_policy_2
+        description: 'Ansible MACsec Policy description'
+        interface_type: access
+        mac_sec_key:
+          - key_name: abc12
+            psk: 'AA111111111111111111111111111111111111111111111111111111111111aa'
+            start_time: 'wrong-time 11:12:13'
+            end_time: '2030-12-11 11:12:13'
+        state: present
+      ignore_errors: true
+      register: validate_invalid_time
+
+    - name: Assert that the MACsec policy interface_type cannot be updated
+      assert:
+        that:
+          - validate_invalid_time is failed
+          - validate_invalid_time.msg == "TIME FORMAT ERROR{{":"}} The time must be in 'YYYY-MM-DD HH:MM:SS' format."
+
     # DELETE
     - name: Delete a MACsec policy of interface_type 'fabric' (check mode)
       cisco.mso.ndo_mac_sec_policy: &delete_mac_sec_policy