kevinsteves
diff --git a/‎tests/README.rst‎
Lines changed: 137 additions & 0 deletions b/‎tests/README.rst‎
Lines changed: 137 additions & 0 deletions
diff --git a/‎tests/__init__.py‎ b/‎tests/__init__.py‎
diff --git a/‎tests/test_xapi_fw_tgt_config.py‎
Lines changed: 85 additions & 0 deletions b/‎tests/test_xapi_fw_tgt_config.py‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎tests/test_xapi_fw_tgt_multi_config.py‎
Lines changed: 127 additions & 0 deletions b/‎tests/test_xapi_fw_tgt_multi_config.py‎
Lines changed: 127 additions & 0 deletions
diff --git a/‎tests/test_xapi_fw_tgt_pano_export.py‎
Lines changed: 17 additions & 0 deletions b/‎tests/test_xapi_fw_tgt_pano_export.py‎
Lines changed: 17 additions & 0 deletions
@@ -0,0 +1,137 @@
+pan-python Tests
+================
+
+``pan-python`` tests use the Python `unit testing framework
+<https://docs.python.org/3/library/unittest.html>`_.
+
+Test Naming
+-----------
+
+Tests can be created for any of the components in ``pan-python`` using
+the following naming convention:
+
+  ====================  ==================
+  pan-python Component  Test Script Prefix
+  ====================  ==================
+  PAN-OS XML API        *test_xapi_*
+  PAN-OS Licensing API  *test_licapi_*
+  WildFire API          *test_wfapi_*
+  AutoFocus API         *test_afapi_*
+  ====================  ==================
+
+Tests are currently available for the following components:
+
+- PAN-OS XML API
+
+PAN-OS XML API Tests
+--------------------
+
+A lab PAN-OS firewall or Panorama are required to run tests.
+
+PAN-OS XML API tests can be performed on the following targets:
+
+  ==================================================  ===========
+  Test Target                                         Target Name
+  ==================================================  ===========
+  PAN-OS firewall                                     **fw**
+  Panorama                                            **pano**
+  PAN-OS firewall via Panorama to device redirection  **tgt**
+  ==================================================  ===========
+
+Test scripts use the following naming convention to define the valid
+test targets:
+
+  ===============  ========================  ============
+  Target Names     Test Script Prefix        Test Targets
+  ===============  ========================  ============
+  **fw**           *test_xapi_fw_*           PAN-OS firewall only
+  **pano**         *test_xapi_pano_*         Panorama only
+  **fw_pano**      *test_xapi_fw_pano_*      PAN-OS firewall or Panorama
+  **fw_tgt**       *test_xapi_fw_tgt_*       PAN-OS firewall or firewall via Panorama to device redirection
+  **fw_tgt_pano**  *test_xapi_fw_tgt_pano_*  PAN-OS firewall, Panorama or firewall via Panorama to device redirection
+  ===============  ========================  ============
+
+Specifying Test Target
+~~~~~~~~~~~~~~~~~~~~~~
+
+A `.panrc file
+<https://github.com/kevinsteves/pan-python/blob/master/doc/panrc.rst>`_
+is used to reference the test target by a *tagname*.
+
+Export the ``XAPI_TAG`` environment variable with the *tagname* to
+use from a .panrc file:
+::
+
+  $ export XAPI_TAG=vm-50-3
+
+Panorama to Device Redirection
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Panorama to device redirection can be used to perform XML API
+requests to connected devices via Panorama using the ``target=serial``
+API request argument.  To execute tests using Panorama to device
+redirection the ``.panrc`` *hostname* specifies the Panorama and
+the *serial* specifies the connected device:
+::
+
+  $ grep vm-50-3-panorama .panrc
+  # vm-50-3-panorama
+  hostname%vm-50-3-panorama=172.25.2.100
+  api_username%vm-50-3-panorama=admin
+  api_password%vm-50-3-panorama=password
+  serial%vm-50-3-panorama=015351000046877
+
+Run Tests
+~~~~~~~~~
+
+To run tests from the top-level directory:
+::
+
+  $ python3 -m unittest discover -v -s tests -t . -p TARGET-PATTERN
+
+To run tests from the ``tests/`` directory:
+::
+
+  $ python3 -m unittest discover -v -t .. -p TARGET-PATTERN
+
+Examples
+~~~~~~~~
+
+From the ``tests/`` directory run tests to a Panorama target:
+::
+
+  $ XAPI_TAG=panorama-2 python3 -m unittest discover -v -t .. -p 'test_xapi_*pano*'
+  test_01 (tests.test_xapi_fw_tgt_pano_export.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_log.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_log.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_op.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_op.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_report.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_user_id.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_user_id.PanXapiTest) ... ok
+
+  ----------------------------------------------------------------------
+  Ran 8 tests in 6.184s
+
+  OK
+
+From the ``tests/`` directory run tests to a firewall target:
+::
+
+  $ XAPI_TAG=vm-50-3 python3 -m unittest discover -v -t .. -p 'test_xapi_*fw*'
+  test_01 (tests.test_xapi_fw_tgt_config.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_multi_config.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_multi_config.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_export.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_log.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_log.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_op.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_op.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_report.PanXapiTest) ... ok
+  test_01 (tests.test_xapi_fw_tgt_pano_user_id.PanXapiTest) ... ok
+  test_02 (tests.test_xapi_fw_tgt_pano_user_id.PanXapiTest) ... ok
+
+  ----------------------------------------------------------------------
+  Ran 11 tests in 19.983s
+
+  OK
@@ -0,0 +1,85 @@
+import os
+import sys
+import unittest
+
+from . import xapi_mixin
+
+libpath = os.path.dirname(os.path.abspath(__file__))
+sys.path[:0] = [os.path.join(libpath, os.pardir, 'lib')]
+import pan.xapi
+
+BASE_XPATH = ("/config/devices/entry[@name='localhost.localdomain']"
+              "/vsys/entry[@name='vsys1']/address")
+XPATH_ADDR = BASE_XPATH + "/entry[@name='%s']"
+IP_ADDRESS = '192.0.2.1/32'
+ELEMENT = '<ip-netmask>%s</ip-netmask>' % IP_ADDRESS
+ELEMENT_PATH = './result/entry/ip-netmask'
+
+
+class PanXapiTest(xapi_mixin.Mixin, unittest.TestCase):
+    def test_01(self):
+        address = self.name('address', 16)
+        xpath = XPATH_ADDR % address
+
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '7')
+        x = self.api.element_root.find('./result')
+        self.assertIsNotNone(x)
+        self.assertEqual(len(x), 0)
+
+        with self.assertRaises(pan.xapi.PanXapiError) as e:
+            self.api.show(xpath=xpath)
+        self.assertEqual(self.api.status, 'error')
+        msg = 'No such node'
+        self.assertEqual(str(e.exception), msg)
+        self.assertEqual(self.api.status_detail, msg)
+
+        self.api.set(element=ELEMENT, xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '19')
+        x = self.api.element_root.find(ELEMENT_PATH)
+        self.assertIsNotNone(x)
+        self.assertEqual(x.text, IP_ADDRESS)
+
+        address1 = address + '-1'
+        self.api.clone(xpath_from=xpath,
+                       xpath=BASE_XPATH,
+                       newname=address1)
+        self.assertEqual(self.api.status, 'success')
+
+        xpath1 = XPATH_ADDR % address1
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '19')
+        x = self.api.element_root.find(ELEMENT_PATH)
+        self.assertIsNotNone(x)
+        self.assertEqual(x.text, IP_ADDRESS)
+
+        address2 = address + '-2'
+        self.api.rename(xpath=xpath1,
+                        newname=address2)
+        self.assertEqual(self.api.status, 'success')
+
+        xpath2 = XPATH_ADDR % address2
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '19')
+        x = self.api.element_root.find(ELEMENT_PATH)
+        self.assertIsNotNone(x)
+        self.assertEqual(x.text, IP_ADDRESS)
+
+        for path in [xpath, xpath2]:
+            self.api.delete(xpath=path)
+            self.assertEqual(self.api.status, 'success')
+
+        for path in [xpath, xpath2]:
+            self.api.get(xpath=path)
+            self.assertEqual(self.api.status, 'success')
+            self.assertEqual(self.api.status_code, '7')
+            x = self.api.element_root.find('./result')
+            self.assertIsNotNone(x)
+            self.assertEqual(len(x), 0)
@@ -0,0 +1,127 @@
+import os
+import sys
+import unittest
+import xml.etree.ElementTree as etree
+
+from . import xapi_mixin
+
+libpath = os.path.dirname(os.path.abspath(__file__))
+sys.path[:0] = [os.path.join(libpath, os.pardir, 'lib')]
+import pan.xapi
+
+BASE_XPATH = ("/config/devices/entry[@name='localhost.localdomain']"
+              "/vsys/entry[@name='vsys1']/address")
+XPATH_ADDR = BASE_XPATH + "/entry[@name='%s']"
+IP_ADDRESS1 = '192.0.2.1/32'
+IP_ADDRESS2 = '192.0.2.2/32'
+IP_ADDRESS3 = '192.0.2.3/32'
+ELEMENT_PATH = './result/entry/ip-netmask'
+
+
+def multi_config(actions):
+    root = etree.Element('multi-config')
+    id = 100
+    for _action, attributes, element in actions:
+        if 'id' not in attributes:
+            id += 1
+            attributes.update({'id': str(id)})
+        action = etree.SubElement(root, _action, attributes)
+        if element is not None:
+            action.append(element)
+
+    document = etree.tostring(root, encoding='UTF-8')
+
+    return document
+
+
+class PanXapiTest(xapi_mixin.Mixin, unittest.TestCase):
+    def test_01(self):
+        address = self.name('address', 16)
+        xpath = XPATH_ADDR % address
+        element = etree.Element('ip-netmask')
+        element.text = IP_ADDRESS1
+
+        actions = [
+            ('set', {'xpath': xpath}, element),
+        ]
+        document = multi_config(actions)
+        self.api.multi_config(element=document)
+        self.assertEqual(self.api.status, 'success', msg=document)
+
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '19')
+        x = self.api.element_root.find(ELEMENT_PATH)
+        self.assertIsNotNone(x)
+        self.assertEqual(x.text, IP_ADDRESS1)
+
+        actions = [
+            ('delete', {'xpath': xpath}, None),
+        ]
+        document = multi_config(actions)
+        self.api.multi_config(element=document)
+        self.assertEqual(self.api.status, 'success', msg=document)
+
+        self.api.get(xpath=xpath)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '7')
+        x = self.api.element_root.find('./result')
+        self.assertIsNotNone(x)
+        self.assertEqual(len(x), 0)
+
+    def test_02(self):
+        # set addr1, then set addr2 (valid), addr3 (invalid).
+        # with strict-transactional, addr1 rolled back,
+        # addr2 rolled back due to addr3 error.
+
+        address1 = self.name('address1', 16)
+        xpath1 = XPATH_ADDR % address1
+        element1 = etree.Element('ip-netmask')
+        element1.text = IP_ADDRESS1
+
+        actions = [
+            ('set', {'xpath': xpath1}, element1),
+        ]
+        document = multi_config(actions)
+        self.api.multi_config(element=document)
+        self.assertEqual(self.api.status, 'success', msg=document)
+
+        self.api.get(xpath=xpath1)
+        self.assertEqual(self.api.status, 'success')
+        self.assertEqual(self.api.status_code, '19')
+        x = self.api.element_root.find(ELEMENT_PATH)
+        self.assertIsNotNone(x)
+        self.assertEqual(x.text, IP_ADDRESS1)
+
+        address2 = self.name('address2', 16)
+        xpath2 = XPATH_ADDR % address2
+        element2 = etree.Element('ip-netmask')
+        element2.text = IP_ADDRESS2
+
+        address3 = self.name('address3', 32)  # error, max length 63
+        xpath3 = XPATH_ADDR % address3
+        element3 = etree.Element('ip-netmask')
+        element3.text = IP_ADDRESS3
+
+        actions = [
+            ('set', {'xpath': xpath2}, element2),
+            ('set', {'xpath': xpath3,
+                     'id': 'LEN-ERROR'}, element3),  # error
+        ]
+        document = multi_config(actions)
+        # XXX tgt bug: PAN-196392
+        with self.assertRaises(pan.xapi.PanXapiError) as e:
+            self.api.multi_config(element=document, strict=True)
+        self.assertEqual(self.api.status, 'error', msg=document)
+        msg = ('status="error" code="12" id="LEN-ERROR"  %s '
+               'Node can be at most 63 characters, but current length: 64')
+        msg = msg % address3
+        self.assertIn(msg, self.api.status_detail)
+
+        for xpath in [xpath1, xpath2, xpath3]:
+            self.api.get(xpath=xpath)
+            self.assertEqual(self.api.status, 'success')
+            self.assertEqual(self.api.status_code, '7')
+            x = self.api.element_root.find('./result')
+            self.assertIsNotNone(x)
+            self.assertEqual(len(x), 0)
@@ -0,0 +1,17 @@
+import os
+import sys
+import unittest
+
+from . import xapi_mixin
+
+libpath = os.path.dirname(os.path.abspath(__file__))
+sys.path[:0] = [os.path.join(libpath, os.pardir, 'lib')]
+import pan.xapi
+
+
+class PanXapiTest(xapi_mixin.Mixin, unittest.TestCase):
+    def test_01(self):
+        self.api.export(category='configuration')
+        self.assertEqual(self.api.status, 'success')
+        x = self.api.element_root.find('./mgt-config')
+        self.assertIsNotNone(x)