ansible-collections · KB-perByte · Jan 31, 2024 · Jan 18, 2024 · Jan 18, 2024 · Jan 18, 2024
diff --git a/changelogs/fragments/snmp_idempotancy_fix.yml b/changelogs/fragments/snmp_idempotancy_fix.yml
@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - ios_snmp_server - fixed config issue with snmp user password update being idempotent on consecutive runs.
diff --git a/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py b/plugins/module_utils/network/ios/config/snmp_server/snmp_server.py
@@ -237,39 +237,20 @@ def _compare(self, want, have):
     def _compare_lists_attrs(self, want, have):
         """Compare list of dict"""
         for _parser in self.list_parsers:
-            if _parser == "users":
-                i_want = want.get(_parser, {})
-                i_have = have.get(_parser, {})
-                for key, wanting in iteritems(i_want):
-                    wanting_compare = deepcopy(wanting)
-                    if (
-                        "authentication" in wanting_compare
-                        and "password" in wanting_compare["authentication"]
-                    ):
-                        wanting_compare["authentication"].pop("password")
-                    if (
-                        "encryption" in wanting_compare
-                        and "password" in wanting_compare["encryption"]
-                    ):
-                        wanting_compare["encryption"].pop("password")
-                    haveing = i_have.pop(key, {})
-                    if wanting_compare != haveing:
-                        if haveing and self.state in ["overridden", "replaced"]:
+            i_want = want.get(_parser, {})
+            i_have = have.get(_parser, {})
+            for key, wanting in iteritems(i_want):
+                haveing = i_have.pop(key, {})
+                if wanting != haveing:
+                    if haveing and self.state in ["overridden", "replaced"]:
+                        if not (
+                            _parser == "users"
+                            and wanting.get("username") == haveing.get("username")
+                        ):
                             self.addcmd(haveing, _parser, negate=True)
-                        self.addcmd(wanting, _parser)
-                for key, haveing in iteritems(i_have):
-                    self.addcmd(haveing, _parser, negate=True)
-            else:
-                i_want = want.get(_parser, {})
-                i_have = have.get(_parser, {})
-                for key, wanting in iteritems(i_want):
-                    haveing = i_have.pop(key, {})
-                    if wanting != haveing:
-                        if haveing and self.state in ["overridden", "replaced"]:
-                            self.addcmd(haveing, _parser, negate=True)
-                        self.addcmd(wanting, _parser)
-                for key, haveing in iteritems(i_have):
-                    self.addcmd(haveing, _parser, negate=True)
+                    self.addcmd(wanting, _parser)
+            for key, haveing in iteritems(i_have):
+                self.addcmd(haveing, _parser, negate=True)
 
     def _snmp_list_to_dict(self, data):
         """Convert all list of dicts to dicts of dicts"""

diff --git a/tests/unit/modules/network/ios/test_ios_snmp_server.py b/tests/unit/modules/network/ios/test_ios_snmp_server.py
@@ -1933,10 +1933,11 @@ def test_ios_snmpv3_user_server_overridden(self):
             },
         }
         overridden = [
-            "no snmp-server user flow mfamily v3 access 27",
+            "snmp-server user replaceUser replaceUser v3 auth md5 replaceUser access 22",
             "snmp-server user flow mfamily v3 access 27",
             "no snmp-server user newuser newfamily v1 access 24",
         ]
+
         playbook["state"] = "overridden"
         set_module_args(playbook)
         result = self.execute_module(changed=True)