Implement categories for source_nat

Author: jiuka

plugins/module_utils/main/source_nat.py

@@ -2,6 +2,8 @@
 
 from ansible_collections.ansibleguy.opnsense.plugins.module_utils.base.api import \
     Session
+from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.category import \
+    resolve_categories
 from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.main import \
     validate_int_fields, is_unset
 from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.rule import \
@@ -23,7 +25,7 @@ class SNat(BaseModule):
     FIELDS_CHANGE = [
         'sequence', 'no_nat', 'interface', 'target', 'target_port', 'description',
         'ip_protocol', 'protocol', 'source_invert', 'source_net', 'source_port',
-        'destination_invert', 'destination_net', 'destination_port', 'log',
+        'destination_invert', 'destination_net', 'destination_port', 'log', 'categories',
     ]
     FIELDS_ALL = ['enabled']
     FIELDS_ALL.extend(FIELDS_CHANGE)
@@ -35,7 +37,7 @@ class SNat(BaseModule):
     }
     FIELDS_TYPING = {
         'bool': ['enabled', 'log', 'source_invert', 'no_nat', 'destination_invert'],
-        'list': [],
+        'list': ['categories'],
         'select': ['interface', 'ip_protocol', 'protocol'],
         'int': [],
     }
@@ -63,6 +65,9 @@ def check(self) -> None:
 
             validate_int_fields(module=self.m, data=self.p, field_minmax=self.INT_VALIDATIONS)
 
+            if not is_unset(self.p['categories']):
+                resolve_categories(self, self.p)
+
         self._build_log_name()
         self.b.find(match_fields=self.p['match_fields'])
 

plugins/modules/source_nat.py

@@ -41,6 +41,7 @@ def run_module():
         'log': RULE_MOD_ARGS['log'],
         'uuid': RULE_MOD_ARGS['uuid'],
         'description': RULE_MOD_ARGS['description'],
+        'categories': RULE_MOD_ARGS['categories'],
     }
 
     module_args = dict(

scripts/test.sh

@@ -63,6 +63,7 @@ run_test 'alias_category' 0 # check mode => dependency on category
 run_test 'rule' 1
 run_test 'rule_multi' 1
 run_test 'rule_purge' 0
+run_test 'rule_category' 0 # check mode => dependency on category
 run_test 'rule_interface_group' 1
 run_test 'savepoint' 1
 run_test 'cron' 1
@@ -92,6 +93,7 @@ run_test 'interface_vip' 1
 run_test 'interface_lagg' 1
 run_test 'interface_loopback' 1
 run_test 'source_nat' 1
+run_test 'source_nat_category' 0 # check mode => dependency on category
 run_test 'frr_diagnostic' 1
 run_test 'frr_general' 1
 run_test 'frr_bfd_general' 1

tests/source_nat_category.yml

@@ -0,0 +1,98 @@
+---
+- name: Setup Test dummy
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_1'
+        color: ff0000
+
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_2'
+        color: 00ff00
+
+- name: Testing source-nat - category
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+      match_fields: ['description']
+
+  tasks:
+    - name: Adding 1
+      ansibleguy.opnsense.source_nat:
+        description: 'ANSIBLE_TEST_1_1'
+        interface: 'lan'
+        destination: '192.168.0.1'
+        target: '192.168.0.2'
+        categories: 'ANSIBLE_TEST_DUMMY_1_1'
+      register: opn1
+      failed_when: >
+        not opn1.changed or
+        opn1.failed
+
+    - name: Nothing changed
+      ansibleguy.opnsense.source_nat:
+        description: 'ANSIBLE_TEST_1_1'
+        interface: 'lan'
+        destination: '192.168.0.1'
+        target: '192.168.0.2'
+        categories: 'ANSIBLE_TEST_DUMMY_1_1'
+      register: opn2
+      failed_when: >
+        opn2.changed or
+        opn2.failed
+
+    - name: Changing
+      ansibleguy.opnsense.source_nat:
+        description: 'ANSIBLE_TEST_1_1'
+        interface: 'lan'
+        destination: '192.168.0.1'
+        target: '192.168.0.2'
+        categories:
+          - 'ANSIBLE_TEST_DUMMY_1_1'
+          - 'ANSIBLE_TEST_DUMMY_1_2'
+      register: opn3
+      failed_when: >
+        not opn3.changed or
+        opn3.failed
+
+    - name: Removing
+      ansibleguy.opnsense.source_nat:
+        description: 'ANSIBLE_TEST_1_1'
+        state: 'absent'
+      register: opn4
+      failed_when: >
+        not opn4.changed or
+        opn4.failed
+
+- name: Cleanup Test dummy
+  hosts: localhost
+  gather_facts: no
+  module_defaults:
+    group/ansibleguy.opnsense.all:
+      firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}"
+      api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}"
+      ssl_verify: false
+
+  tasks:
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_1'
+        state: 'absent'
+
+    - name: Adding dummy alias
+      ansibleguy.opnsense.category:
+        name: 'ANSIBLE_TEST_DUMMY_1_2'
+        state: 'absent'