diff --git a/lib/ansible/modules/network/ios/ios_user.py b/lib/ansible/modules/network/ios/ios_user.py index 83f268a5f56543..c40a0adea91d36 100644 --- a/lib/ansible/modules/network/ios/ios_user.py +++ b/lib/ansible/modules/network/ios/ios_user.py @@ -178,7 +178,6 @@ from copy import deepcopy import re -import json import base64 import hashlib @@ -234,20 +233,22 @@ def add(command, want, x): def add_ssh(command, want, x=None): command.append('ip ssh pubkey-chain') - command.append(' no username %s' % want['name']) if x: - command.append(' username %s' % want['name']) - command.append(' key-hash %s' % x) - command.append(' exit') - command.append(' exit') + command.append('username %s' % want['name']) + command.append('key-hash %s' % x) + command.append('exit') + else: + command.append('no username %s' % want['name']) + command.append('exit') for update in updates: want, have = update if want['state'] == 'absent': - commands.append(user_del_cmd(want['name'])) - add_ssh(commands, want) - continue + if have['sshkey']: + add_ssh(commands, want) + else: + commands.append(user_del_cmd(want['name'])) if needs_update(want, have, 'view'): add(commands, want, 'view %s' % want['view']) @@ -292,7 +293,7 @@ def parse_privilege(data): def map_config_to_obj(module): data = get_config(module, flags=['| section username']) - match = re.findall(r'^username (\S+)', data, re.M) + match = re.findall(r'(?:^(?:u|\s{2}u))sername (\S+)', data, re.M) if not match: return list() @@ -450,12 +451,6 @@ def main(): result['commands'] = commands - # the ios cli prevents this by rule so capture it and display - # a nice failure message - for cmd in commands: - if 'no username admin' in cmd: - module.fail_json(msg='cannot delete the `admin` account') - if commands: if not module.check_mode: load_config(module, commands) diff --git a/test/integration/targets/ios_user/tests/cli/basic.yaml b/test/integration/targets/ios_user/tests/cli/basic.yaml index 981339334d494f..8e2dab7e4e7000 100644 --- a/test/integration/targets/ios_user/tests/cli/basic.yaml +++ b/test/integration/targets/ios_user/tests/cli/basic.yaml @@ -80,5 +80,5 @@ that: - 'result.changed == true' - '"no username ansibletest1" in result.commands[0]["command"]' - - '"no username ansibletest2" in result.commands[4]["command"]' - - '"no username ansibletest3" in result.commands[8]["command"]' + - '"no username ansibletest2" in result.commands[1]["command"]' + - '"no username ansibletest3" in result.commands[2]["command"]' diff --git a/test/units/modules/network/ios/test_ios_user.py b/test/units/modules/network/ios/test_ios_user.py index 0cfc7210f476a4..8d836bada57781 100644 --- a/test/units/modules/network/ios/test_ios_user.py +++ b/test/units/modules/network/ios/test_ios_user.py @@ -61,10 +61,7 @@ def test_ios_user_delete(self): { "command": "no username ansible", "answer": "y", "newline": False, "prompt": "This operation will remove all username related configurations with same name", - }, - 'ip ssh pubkey-chain', - ' no username ansible', - ' exit' + } ] result_cmd = [] @@ -124,11 +121,10 @@ def test_ios_user_set_sshkey(self): set_module_args(dict(name='ansible', sshkey='dGVzdA==')) commands = [ 'ip ssh pubkey-chain', - ' no username ansible', - ' username ansible', - ' key-hash ssh-rsa 098F6BCD4621D373CADE4E832627B4F6', - ' exit', - ' exit' + 'username ansible', + 'key-hash ssh-rsa 098F6BCD4621D373CADE4E832627B4F6', + 'exit', + 'exit' ] result = self.execute_module(changed=True, commands=commands) self.assertEqual(result['commands'], commands)