a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
community.general/lib/ansible/modules/network/aci/msc_user.py

232 lines
6.4 KiB
Python
Raw Blame History

#!/usr/bin/python
# -*- coding: utf-8 -*-
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: msc_user
short_description: Manage users
description:
- Manage users on Cisco ACI Multi-Site.
author:
- Dag Wieers (@dagwieers)
version_added: '2.8'
options:
user_id:
description:
- The ID of the user.
required: yes
user:
description:
- The name of the user.
required: yes
aliases: [ name, user_name ]
user_password:
description:
- The password of the user.
first_name:
description:
- The first name of the user.
last_name:
description:
- The last name of the user.
email:
description:
- The email address of the user.
phone:
description:
- The phone number of the user.
account_status:
description:
- The status of the user account.
choices: [ active ]
domain:
description:
- The domain this user belongs to.
roles:
description:
- The roles this user has.
state:
description:
- Use C(present) or C(absent) for adding or removing.
- Use C(query) for listing an object or multiple objects.
choices: [ absent, present, query ]
default: present
extends_documentation_fragment: msc
'''
EXAMPLES = r'''
- name: Add a new user
msc_user:
host: msc_host
username: admin
password: SomeSecretPassword
name: north_europe
user_id: 101
description: North European Datacenter
state: present
delegate_to: localhost
- name: Remove a user
msc_user:
host: msc_host
username: admin
password: SomeSecretPassword
name: north_europe
state: absent
delegate_to: localhost
- name: Query a user
msc_user:
host: msc_host
username: admin
password: SomeSecretPassword
name: north_europe
state: query
delegate_to: localhost
register: query_result
- name: Query all users
msc_user:
host: msc_host
username: admin
password: SomeSecretPassword
state: query
delegate_to: localhost
register: query_result
'''
RETURN = r''' # '''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.network.aci.msc import MSCModule, msc_argument_spec, issubset
def main():
argument_spec = msc_argument_spec()
argument_spec.update(
user_id=dict(type='str', required=False),
user=dict(type='str', required=False, aliases=['name', 'user_name']),
user_password=dict(type='str', no_log=True),
first_name=dict(type='str'),
last_name=dict(type='str'),
email=dict(type='str'),
phone=dict(type='str'),
# FIXME: What possible options do we have ?
account_status=dict(type='str', choices=['active']),
domain=dict(type='str'),
roles=dict(type='list'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['user_name']],
['state', 'present', ['user_name', 'password', 'first_name', 'last_name', 'email', 'phone', 'account_status']],
],
)
user_id = module.params['user_id']
user_name = module.params['user']
user_password = module.params['user_password']
first_name = module.params['first_name']
last_name = module.params['last_name']
email = module.params['email']
phone = module.params['phone']
account_status = module.params['account_status']
# FIXME: Look up domain
domain = module.params['domain']
# FIXME: Look up roles
roles = module.params['roles']
roles_dict = list()
if roles:
for role in roles:
roles_dict.append(dict(roleId=role))
state = module.params['state']
msc = MSCModule(module)
path = 'users'
# Query for existing object(s)
if user_id is None and user_name is None:
msc.existing = msc.query_objs(path)
elif user_id is None:
msc.existing = msc.get_obj(path, username=user_name)
if msc.existing:
user_id = msc.existing['id']
elif user_name is None:
msc.existing = msc.get_obj(path, id=user_id)
else:
msc.existing = msc.get_obj(path, id=user_id)
existing_by_name = msc.get_obj(path, username=user_name)
if existing_by_name and user_id != existing_by_name['id']:
msc.fail_json(msg="Provided user '{1}' with id '{2}' does not match existing id '{3}'.".format(user_name, user_id, existing_by_name['id']))
# If we found an existing object, continue with it
if user_id:
path = 'users/{id}'.format(id=user_id)
if state == 'query':
pass
elif state == 'absent':
msc.previous = msc.existing
if msc.existing:
if module.check_mode:
msc.existing = {}
else:
msc.existing = msc.request(path, method='DELETE')
elif state == 'present':
msc.previous = msc.existing
msc.sanitize(dict(
id=user_id,
username=user_name,
password=user_password,
firstName=first_name,
lastName=last_name,
emailAddress=email,
phoneNumber=phone,
# accountStatus={},
accountStatus=account_status,
needsPasswordUpdate=False,
domainId=domain,
roles=roles_dict,
# active=True,
# remote=True,
), collate=True)
if msc.existing:
if not issubset(msc.sent, msc.existing):
# NOTE: Since MSC always returns '******' as password, we need to assume a change
if 'password' in msc.sent:
msc.result['changed'] = True
if module.check_mode:
msc.existing = msc.proposed
else:
msc.existing = msc.request(path, method='PUT', data=msc.sent)
else:
if module.check_mode:
msc.existing = msc.proposed
else:
msc.existing = msc.request(path, method='POST', data=msc.sent)
msc.exit_json()
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink