From 559fa4f93fe5bea654433e62fa78376a57e75032 Mon Sep 17 00:00:00 2001 From: Oliver Gorwits Date: Mon, 18 Sep 2017 22:46:35 +0100 Subject: [PATCH] build device_auth from communities --- lib/App/Netdisco/Configuration.pm | 4 ++ lib/App/Netdisco/Util/SNMP.pm | 65 ++++++++++++++++++++++++++++++- 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/lib/App/Netdisco/Configuration.pm b/lib/App/Netdisco/Configuration.pm index 2606f3cb..54b777a9 100644 --- a/lib/App/Netdisco/Configuration.pm +++ b/lib/App/Netdisco/Configuration.pm @@ -1,6 +1,7 @@ package App::Netdisco::Configuration; use App::Netdisco::Environment; +use App::Netdisco::Util::SNMP (); use Dancer ':script'; use Path::Class 'dir'; @@ -110,6 +111,9 @@ foreach my $name (qw/discover_only macsuck_only arpnip_only nbtstat_only/) { push @{setting($name)}, @{ setting('devices_only') }; } +# fix up device_auth (or create it from old settings) +config->{'device_auth'} = [ App::Netdisco::Util::SNMP::fixup_device_auth() ]; + # legacy config item names config->{'devport_vlan_limit'} = diff --git a/lib/App/Netdisco/Util/SNMP.pm b/lib/App/Netdisco/Util/SNMP.pm index 0fad3d7f..a3af49db 100644 --- a/lib/App/Netdisco/Util/SNMP.pm +++ b/lib/App/Netdisco/Util/SNMP.pm @@ -6,7 +6,7 @@ use App::Netdisco::Util::Permission ':all'; use base 'Exporter'; our @EXPORT = (); our @EXPORT_OK = qw/ - build_communities snmp_comm_reindex + fixup_device_auth build_communities snmp_comm_reindex /; our %EXPORT_TAGS = (all => \@EXPORT_OK); @@ -23,6 +23,69 @@ subroutines. =head1 EXPORT_OK +=head2 fixup_device_auth + +Rebuilds the C config with missing defaults and other fixups for +config changes over time. Returns a list which can replace C. + +=cut + +sub fixup_device_auth { + my $seen_tags = {}; # for cleaning community table + my $config = (setting('device_auth') || []); + my @new_stanzas = (); + + # new style snmp config + foreach my $stanza (@$config) { + # user tagged + my $tag = ''; + if (1 == scalar keys %$stanza) { + $tag = (keys %$stanza)[0]; + $stanza = $stanza->{$tag}; + + # corner case: untagged lone community + if ($tag eq 'community') { + $tag = $stanza; + $stanza = {community => $tag}; + } + } + + # defaults + $stanza->{tag} ||= $tag; + ++$seen_tags->{ $stanza->{tag} }; + $stanza->{read} = 1 if !exists $stanza->{read}; + $stanza->{no} ||= []; + $stanza->{only} ||= ['any']; + + die "error: config: snmpv2 community in device_auth must be single item, not list\n" + if ref $stanza->{community}; + + die "error: config: stanza in device_auth must have a tag\n" + if not $stanza->{tag} and exists $stanza->{user}; + + push @new_stanzas, $stanza + } + + # FIXME: clean the community table of obsolete tags + #if ($stored_tag and !exists $seen_tags->{ $stored_tag }) { + # eval { $device->community->update({$tag_name => undef}) }; + #} + + # legacy config (note: read strings tried before write) + + push @new_stanzas, map {{ + read => 1, + community => $_, + }} @{setting('community') || []}; + + push @new_stanzas, map {{ + write => 1, + community => $_, + }} @{setting('community_rw') || []}; + + return @new_stanzas; +} + =head2 build_communities( $device, $mode ) Takes a Netdisco L instance and