Fix root user authentication

Signed-off-by: rohitthakur2590 <[email protected]>
ansible-collections · Mar 17, 2024 · 822cdf6 · 822cdf6
1 parent 796a6ca
commit 822cdf6
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 5 deletions.
diff --git a/changelogs/fragments/fix_root_auth.yaml b/changelogs/fragments/fix_root_auth.yaml
@@ -0,0 +1,4 @@
+---
+bugfixes:
+  - This fix provide the fucationality to
+    configure root-authentication->enrypted_password when user is root.
diff --git a/plugins/modules/junos_user.py b/plugins/modules/junos_user.py
@@ -258,7 +258,6 @@ def handle_purge(module, want):
 
 def map_obj_to_ele(module, want):
     element = Element("system")
-    login = SubElement(element, "login")
 
     for item in want:
         if item["state"] != "present":
@@ -269,15 +268,15 @@ def map_obj_to_ele(module, want):
             operation = "merge"
 
         if item["name"] != "root":
+            login = SubElement(element, "login")
             user = SubElement(login, "user", {"operation": operation})
             SubElement(user, "name").text = item["name"]
         else:
-            user = auth = SubElement(
+            user = SubElement(
                 element,
                 "root-authentication",
                 {"operation": operation},
             )
-
         if operation == "merge":
             if item["name"] == "root" and (not item["active"] or item["role"] or item["full_name"]):
                 module.fail_json(
@@ -308,8 +307,12 @@ def map_obj_to_ele(module, want):
                 SubElement(ssh_rsa, "name").text = item["sshkey"]
 
             if item.get("encrypted_password"):
-                auth = SubElement(user, "authentication")
-                SubElement(auth, "encrypted-password").text = item["encrypted_password"]
+                if item["name"] == "root":
+                    if "encrypted_password" in item:
+                        SubElement(user, "encrypted-password").text = item["encrypted_password"]
+                else:
+                    auth = SubElement(user, "authentication")
+                    SubElement(auth, "encrypted-password").text = item["encrypted_password"]
 
     return element
 

diff --git a/tests/integration/targets/junos_user/tests/netconf/basic.yaml b/tests/integration/targets/junos_user/tests/netconf/basic.yaml
@@ -199,6 +199,16 @@
       - result.diff.prepared is search("\- *user test_user1")
       - result.diff.prepared is search("\- *user test_user2")
 
+- name: Change Admin user password
+  register: result
+  junipernetworks.junos.junos_user:
+    name: root
+    encrypted_password: "{{ 'test' | password_hash('sha512')}}"
+
+- ansible.builtin.assert:
+    that:
+      - result.changed == true
+
 - ansible.builtin.debug:
     msg="END junos_user netconf/basic.yaml on connection={{ ansible_connection
     }}"