Update SNMP v3 extensions to support authentication and privacy passw… (

#160)
ctera · Jul 6, 2022 · 2d59403 · 2d59403
1 parent 564fdc5
commit 2d59403
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 18 deletions.
diff --git a/cterasdk/edge/snmp.py b/cterasdk/edge/snmp.py
@@ -18,24 +18,26 @@ def is_enabled(self):
         """
         return self._gateway.get('/config/snmp/mode') == enum.Mode.Enabled
 
-    def enable(self, port=161, community_str=None, username=None, password=None):
+    def enable(self, port=161, community_str=None, username=None, auth_password=None, privacy_password=None):
         """
         Enable SNMP
 
         :param int,optional port: SNMP server port, defaults to 161
         :param str,optional community_str: SNMPv2c community string
         :param str,optional username: SNMPv3 username
-        :param str,optional password: SNMPv3 password
+        :param str,optional auth_password: SNMPv3 authentication password
+        :param str,optional privacy_password: SNMPv3 privacy password
         """
         param = Object()
         param.mode = enum.Mode.Enabled
         param.port = port
         param.readCommunity = community_str
-        if username is not None and password is not None:
+        if username is not None and auth_password is not None and privacy_password is not None:
             param.snmpV3 = Object()
             param.snmpV3.mode = enum.Mode.Enabled
             param.snmpV3.username = username
-            param.snmpV3.password = password
+            param.snmpV3.authenticationPassword = auth_password
+            param.snmpV3.privacyPassword = privacy_password
 
         logging.getLogger().info("Enabling SNMP.")
         self._gateway.put('/config/snmp', param)
@@ -50,14 +52,15 @@ def disable(self):
     def get_configuration(self):
         return self._gateway.get('/config/snmp')
 
-    def modify(self, port=None, community_str=None, username=None, password=None):
+    def modify(self, port=None, community_str=None, username=None, auth_password=None, privacy_password=None):
         """
         Modify current SNMP configuration. Only configurations that are not `None` will be changed. SNMP must be enabled
 
         :param int,optional port: SNMP server port, defaults to 161
         :param str,optional community_str: SNMPv2c community string
         :param str,optional username: SNMPv3 username
-        :param str,optional password: SNMPv3 password
+        :param str,optional auth_password: SNMPv3 authentication password
+        :param str,optional privacy_password: SNMPv3 privacy password
         """
         current_config = self.get_configuration()
         if current_config.mode == enum.Mode.Disabled:
@@ -66,11 +69,12 @@ def modify(self, port=None, community_str=None, username=None, password=None):
             current_config.port = port
         if community_str:
             current_config.readCommunity = community_str
-        if username is not None and password is not None:
+        if username is not None and auth_password is not None and privacy_password is not None:
             current_config.snmpV3 = Object()
             current_config.snmpV3.mode = enum.Mode.Enabled
             current_config.snmpV3.username = username
-            current_config.snmpV3.password = password
+            current_config.snmpV3.authenticationPassword = auth_password
+            current_config.snmpV3.privacyPassword = privacy_password
 
         logging.getLogger().info("Updating SNMP configuration.")
         self._gateway.put('/config/snmp', current_config)

diff --git a/docs/source/user_guides/Gateway/Gateway.rst b/docs/source/user_guides/Gateway/Gateway.rst
@@ -1208,7 +1208,8 @@ SNMP
 
 .. code-block:: python
 
-   filer.snmp.enable(community_str='MpPcKl2sArSdTLZ4URj4')
+   filer.snmp.enable(community_str='MpPcKl2sArSdTLZ4URj4')  # enable SNMP v2c
+   filer.snmp.enable(username='snmp_user', auth_password='gVQBaHSOGV', privacy_password='VG0zbn5aJ')  # enable SNMP v3
 
 .. automethod:: cterasdk.edge.snmp.SNMP.disable
    :noindex:
@@ -1218,7 +1219,7 @@ SNMP
 .. automethod:: cterasdk.edge.snmp.SNMP.modify
    :noindex:
 
-   filer.snmp.modify(community_str='L0K2zGpgmOQH2CXaUSuB', username='snmp_user', password='gVQBaHSOGV')
+   filer.snmp.modify(community_str='L0K2zGpgmOQH2CXaUSuB', username='snmp_user', auth_password='gVQBaHSOGV', privacy_password='VG0zbn5aJ')
 
 .. automethod:: cterasdk.edge.snmp.SNMP.get_configuration
    :noindex:

diff --git a/tests/ut/test_edge_snmp.py b/tests/ut/test_edge_snmp.py
@@ -14,7 +14,8 @@ def setUp(self):
         self._snmp_custom_port = 361
         self._snmp_community_str = 'community_string'
         self._snmp_v3_user = 'user'
-        self._snmp_v3_pass = 'pass'
+        self._snmp_v3_auth_pass = 'pass'
+        self._snmp_v3_privacy_pass = 'pass'
 
     def test_get_configuration(self):
         get_response = 'Success'
@@ -43,10 +44,12 @@ def test_enable_snmp_with_port_and_community_str(self):
 
     def test_enable_snmp_v3(self):
         self._init_filer()
-        snmp.SNMP(self._filer).enable(username=self._snmp_v3_user, password=self._snmp_v3_pass)
+        snmp.SNMP(self._filer).enable(username=self._snmp_v3_user, auth_password=self._snmp_v3_auth_pass,
+                                      privacy_password=self._snmp_v3_privacy_pass)
         self._filer.put.assert_called_once_with('/config/snmp', mock.ANY)
 
-        expected_param = self._get_snmp_object(username=self._snmp_v3_user, password=self._snmp_v3_pass)
+        expected_param = self._get_snmp_object(username=self._snmp_v3_user, auth_password=self._snmp_v3_auth_pass,
+                                               privacy_password=self._snmp_v3_privacy_pass)
         actual_param = self._filer.put.call_args[0][1]
         self._assert_equal_objects(actual_param, expected_param)
 
@@ -58,21 +61,23 @@ def test_disable_snmp(self):
     def test_modify_success(self):
         self._init_filer(get_response=self._get_snmp_object())
         snmp.SNMP(self._filer).modify(self._snmp_custom_port, self._snmp_community_str,
-                                      self._snmp_v3_user, self._snmp_v3_pass)
+                                      self._snmp_v3_user, self._snmp_v3_auth_pass, self._snmp_v3_privacy_pass)
         self._filer.get.assert_called_once_with('/config/snmp')
         self._filer.put.assert_called_once_with('/config/snmp', mock.ANY)
-        expected_param = self._get_snmp_object(self._snmp_custom_port, self._snmp_community_str, self._snmp_v3_user, self._snmp_v3_pass)
+        expected_param = self._get_snmp_object(self._snmp_custom_port, self._snmp_community_str,
+                                               self._snmp_v3_user, self._snmp_v3_auth_pass, self._snmp_v3_privacy_pass)
         actual_param = self._filer.put.call_args[0][1]
         self._assert_equal_objects(actual_param, expected_param)
 
-    def _get_snmp_object(self, port=None, community_str=None, username=None, password=None):
+    def _get_snmp_object(self, port=None, community_str=None, username=None, auth_password=None, privacy_password=None):
         param = Object()
         param.mode = Mode.Enabled
         param.port = self._snmp_default_port if port is None else port
         param.readCommunity = community_str
-        if username is not None and password is not None:
+        if username is not None and auth_password is not None and privacy_password is not None:
             param.snmpV3 = Object()
             param.snmpV3.mode = Mode.Enabled
             param.snmpV3.username = username
-            param.snmpV3.password = password
+            param.snmpV3.authenticationPassword = auth_password
+            param.snmpV3.privacyPassword = privacy_password
         return param