From 2447bc90a4a2d9f21a825b671411f42d31ec2731 Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 16:37:15 +0100 Subject: [PATCH] [PR #9403/e853bdf6 backport][stable-10] Redfish: implement obtaining AccountService config (#9511) Redfish: implement obtaining AccountService config (#9403) Example result from querying OpenBMC's bmcweb Redfish server: ``` changed: false failed: false redfish_facts: accountservice_config: entries: '@odata.id': /redfish/v1/AccountService '@odata.type': '#AccountService.v1_15_0.AccountService' AccountLockoutDuration: 0 AccountLockoutThreshold: 0 Accounts: '@odata.id': /redfish/v1/AccountService/Accounts ActiveDirectory: Authentication: AuthenticationType: UsernameAndPassword Password: null Username: '' LDAPService: SearchSettings: BaseDistinguishedNames: - '' GroupsAttribute: '' UsernameAttribute: '' RemoteRoleMapping: [] ServiceAddresses: - '' ServiceEnabled: false Description: Account Service HTTPBasicAuth: Enabled HTTPBasicAuth@AllowableValues: - Enabled - Disabled Id: AccountService LDAP: Authentication: AuthenticationType: UsernameAndPassword Password: null Username: '' Certificates: '@odata.id': /redfish/v1/AccountService/LDAP/Certificates LDAPService: SearchSettings: BaseDistinguishedNames: - '' GroupsAttribute: '' UsernameAttribute: '' RemoteRoleMapping: [] ServiceAddresses: - '' ServiceEnabled: false MaxPasswordLength: 20 MinPasswordLength: 8 MultiFactorAuth: ClientCertificate: CertificateMappingAttribute: CommonName Certificates: '@odata.id': /redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates '@odata.type': '#CertificateCollection.CertificateCollection' Members: [] Members@odata.count: 0 Enabled: true RespondToUnauthenticatedClients: true Name: Account Service Oem: OpenBMC: '@odata.id': /redfish/v1/AccountService#/Oem/OpenBMC '@odata.type': '#OpenBMCAccountService.v1_0_0.AccountService' AuthMethods: BasicAuth: true Cookie: true SessionToken: true TLS: true XToken: true Roles: '@odata.id': /redfish/v1/AccountService/Roles ServiceEnabled: true ret: true ``` Signed-off-by: Paul Fertser (cherry picked from commit e853bdf6f907872fdd39e8c507061269399942e9) Co-authored-by: Paul Fertser --- .../9403-redfish-add-get-accountservice.yml | 2 ++ plugins/module_utils/redfish_utils.py | 18 ++++++++++++++++++ plugins/modules/redfish_info.py | 12 +++++++++++- 3 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/9403-redfish-add-get-accountservice.yml diff --git a/changelogs/fragments/9403-redfish-add-get-accountservice.yml b/changelogs/fragments/9403-redfish-add-get-accountservice.yml new file mode 100644 index 0000000000..a57ecfec61 --- /dev/null +++ b/changelogs/fragments/9403-redfish-add-get-accountservice.yml @@ -0,0 +1,2 @@ +minor_changes: + - redfish_info - add command ``GetAccountServiceConfig`` to get full information about AccountService configuration (https://github.com/ansible-collections/community.general/pull/9403). diff --git a/plugins/module_utils/redfish_utils.py b/plugins/module_utils/redfish_utils.py index f9649ce6d7..0a8cc37bcc 100644 --- a/plugins/module_utils/redfish_utils.py +++ b/plugins/module_utils/redfish_utils.py @@ -3951,3 +3951,21 @@ class RedfishUtils(object): "rsp_uri": rsp_uri } return res + + def get_accountservice_properties(self): + # Find the AccountService resource + response = self.get_request(self.root_uri + self.service_root) + if response['ret'] is False: + return response + data = response['data'] + accountservice_uri = data.get("AccountService", {}).get("@odata.id") + if accountservice_uri is None: + return {'ret': False, 'msg': "AccountService resource not found"} + + response = self.get_request(self.root_uri + accountservice_uri) + if response['ret'] is False: + return response + return { + 'ret': True, + 'entries': response['data'] + } diff --git a/plugins/modules/redfish_info.py b/plugins/modules/redfish_info.py index e4e909ad48..cd8521f2da 100644 --- a/plugins/modules/redfish_info.py +++ b/plugins/modules/redfish_info.py @@ -199,6 +199,14 @@ EXAMPLES = r""" username: "{{ username }}" password: "{{ password }}" +- name: Get configuration of the AccountService + community.general.redfish_info: + category: Accounts + command: GetAccountServiceConfig + baseuri: "{{ baseuri }}" + username: "{{ username }}" + password: "{{ password }}" + - name: Get default system inventory and user information community.general.redfish_info: category: Systems,Accounts @@ -396,7 +404,7 @@ CATEGORY_COMMANDS_ALL = { "GetBiosAttributes", "GetBootOrder", "GetBootOverride", "GetVirtualMedia", "GetBiosRegistries"], "Chassis": ["GetFanInventory", "GetPsuInventory", "GetChassisPower", "GetChassisThermals", "GetChassisInventory", "GetHealthReport", "GetHPEThermalConfig", "GetHPEFanPercentMin"], - "Accounts": ["ListUsers"], + "Accounts": ["ListUsers", "GetAccountServiceConfig"], "Sessions": ["GetSessions"], "Update": ["GetFirmwareInventory", "GetFirmwareUpdateCapabilities", "GetSoftwareInventory", "GetUpdateStatus"], @@ -569,6 +577,8 @@ def main(): for command in command_list: if command == "ListUsers": result["user"] = rf_utils.list_users() + elif command == "GetAccountServiceConfig": + result["accountservice_config"] = rf_utils.get_accountservice_properties() elif category == "Update": # execute only if we find UpdateService resources