ansible/library/cloud/rax_cdb_user

#!/usr/bin/python -tt
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.

DOCUMENTATION = '''
---
module: rax_cdb_user
short_description: create / delete a database in the Cloud Databases
description:
  - create / delete a database in the Cloud Databases.
version_added: "1.6"
options:
  api_key:
    description:
      - Rackspace API key (overrides I(credentials))
    aliases:
      - password
  credentials:
    description:
      - File to find the Rackspace credentials in (ignored if I(api_key) and
        I(username) are provided)
    default: null
    aliases:
      - creds_file
  region:
    description:
      - Region to create an instance in
    default: DFW
  username:
    description:
      - Rackspace username (overrides I(credentials))
  cdb_id:
    description:
      - The databases server UUID
    default: null
  db_username:
    description:
      - Name of the database user
    default: null
  db_password:
    description:
      - Database user password
    default: null
  databases:
    description:
      - Name of the databases that the user can access
    default: []
  host:
    description:
      - Specifies the host from which a user is allowed to connect to
        the database. Possible values are a string containing an IPv4 address
        or "%" to allow connecting from any host
    default: '%'
  state:
    description:
      - Indicate desired state of the resource
    choices: ['present', 'absent']
    default: present
requirements: [ "pyrax" ]
author: Simon JAILLET
notes:
  - The following environment variables can be used, C(RAX_USERNAME),
    C(RAX_API_KEY), C(RAX_CREDS_FILE), C(RAX_CREDENTIALS), C(RAX_REGION).
  - C(RAX_CREDENTIALS) and C(RAX_CREDS_FILE) points to a credentials file
    appropriate for pyrax. See U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating)
  - C(RAX_USERNAME) and C(RAX_API_KEY) obviate the use of a credentials file
  - C(RAX_REGION) defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)
'''

EXAMPLES = '''
- name: Build a user in Cloud Databases
  tasks:
    - name: User build request
      local_action:
        module: rax_cdb_user
        credentials: ~/.raxpub
        region: IAD
        cdb_id: 323e7ce0-9cb0-11e3-a5e2-0800200c9a66
        db_username: user1
        db_password: user1
        databases: ['db1']
        state: present
      register: rax_db_user
'''

import sys
from types import NoneType

try:
    import pyrax
except ImportError:
    print("failed=True msg='pyrax is required for this module'")
    sys.exit(1)

NON_CALLABLES = (basestring, bool, dict, int, list, NoneType)


def to_dict(obj):
    instance = {}
    for key in dir(obj):
        value = getattr(obj, key)
        if (isinstance(value, NON_CALLABLES) and not key.startswith('_')):
            instance[key] = value
    return instance


def find_user(instance, name):
    try:
        user = instance.get_user(name)
    except Exception:
        return False

    return user


def save_user(module, cdb_id, name, password, databases, host):

    for arg, value in dict(cdb_id=cdb_id, name=name).iteritems():
        if not value:
            module.fail_json(msg='%s is required for the "rax_cdb_user" '
                                 'module' % arg)

    cdb = pyrax.cloud_databases

    try:
        instance = cdb.get(cdb_id)
    except Exception, e:
        module.fail_json(msg='%s' % e.message)

    changed = False

    user = find_user(instance, name)

    if not user:
        action = 'create'
        try:
            user = instance.create_user(name=name,
                                        password=password,
                                        database_names=databases,
                                        host=host)
        except Exception, e:
            module.fail_json(msg='%s' % e.message)
        else:
            changed = True
    else:
        action = 'update'

        if user.host != host:
            changed = True

        user.update(password=password, host=host)

        former_dbs = set([item.name for item in user.list_user_access()])
        databases = set(databases)

        if databases != former_dbs:
            try:
                revoke_dbs = [db for db in former_dbs if db not in databases]
                user.revoke_user_access(db_names=revoke_dbs)

                new_dbs = [db for db in databases if db not in former_dbs]
                user.grant_user_access(db_names=new_dbs)
            except Exception, e:
                module.fail_json(msg='%s' % e.message)
            else:
                changed = True

    module.exit_json(changed=changed, action=action, user=to_dict(user))


def delete_user(module, cdb_id, name):

    for arg, value in dict(cdb_id=cdb_id, name=name).iteritems():
        if not value:
            module.fail_json(msg='%s is required for the "rax_cdb_user"'
                                 ' module' % arg)

    cdb = pyrax.cloud_databases

    try:
        instance = cdb.get(cdb_id)
    except Exception, e:
        module.fail_json(msg='%s' % e.message)

    changed = False

    user = find_user(instance, name)

    if user:
        try:
            user.delete()
        except Exception, e:
            module.fail_json(msg='%s' % e.message)
        else:
            changed = True

    module.exit_json(changed=changed, action='delete')


def rax_cdb_user(module, state, cdb_id, name, password, databases, host):

    # act on the state
    if state == 'present':
        save_user(module, cdb_id, name, password, databases, host)
    elif state == 'absent':
        delete_user(module, cdb_id, name)


def main():
    argument_spec = rax_argument_spec()
    argument_spec.update(
        dict(
            cdb_id=dict(type='str', required=True),
            db_username=dict(type='str', required=True),
            db_password=dict(type='str', required=True, no_log=True),
            databases=dict(type='list', default=[]),
            host=dict(type='str', default='%'),
            state=dict(default='present', choices=['present', 'absent'])
        )
    )

    module = AnsibleModule(
        argument_spec=argument_spec,
        required_together=rax_required_together(),
    )

    cdb_id = module.params.get('cdb_id')
    name = module.params.get('db_username')
    password = module.params.get('db_password')
    databases = module.params.get('databases')
    host = unicode(module.params.get('host'))
    state = module.params.get('state')

    setup_rax_module(module, pyrax)
    rax_cdb_user(module, state, cdb_id, name, password, databases, host)


# import module snippets
from ansible.module_utils.basic import *
from ansible.module_utils.rax import *

### invoke the module
main()
Module for managing Rackspace Cloud Databases users. 2014-02-24 01:57:57 +01:00			`#!/usr/bin/python -tt`
			`# This file is part of Ansible`
			`#`
			`# Ansible is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# Ansible is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with Ansible. If not, see <http://www.gnu.org/licenses/>.`

			`DOCUMENTATION = '''`
			`---`
			`module: rax_cdb_user`
			`short_description: create / delete a database in the Cloud Databases`
			`description:`
			`- create / delete a database in the Cloud Databases.`
			`version_added: "1.6"`
			`options:`
			`api_key:`
			`description:`
			`- Rackspace API key (overrides I(credentials))`
			`aliases:`
			`- password`
			`credentials:`
			`description:`
			`- File to find the Rackspace credentials in (ignored if I(api_key) and`
			`I(username) are provided)`
			`default: null`
			`aliases:`
			`- creds_file`
			`region:`
			`description:`
			`- Region to create an instance in`
			`default: DFW`
			`username:`
			`description:`
			`- Rackspace username (overrides I(credentials))`
			`cdb_id:`
			`description:`
			`- The databases server UUID`
			`default: null`
			`db_username:`
			`description:`
			`- Name of the database user`
			`default: null`
			`db_password:`
			`description:`
			`- Database user password`
			`default: null`
			`databases:`
			`description:`
			`- Name of the databases that the user can access`
			`default: []`
			`host:`
			`description:`
			`- Specifies the host from which a user is allowed to connect to`
			`the database. Possible values are a string containing an IPv4 address`
			`or "%" to allow connecting from any host`
			`default: '%'`
			`state:`
			`description:`
			`- Indicate desired state of the resource`
			`choices: ['present', 'absent']`
			`default: present`
			`requirements: [ "pyrax" ]`
			`author: Simon JAILLET`
			`notes:`
			`- The following environment variables can be used, C(RAX_USERNAME),`
			`C(RAX_API_KEY), C(RAX_CREDS_FILE), C(RAX_CREDENTIALS), C(RAX_REGION).`
			`- C(RAX_CREDENTIALS) and C(RAX_CREDS_FILE) points to a credentials file`
			`appropriate for pyrax. See U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating)`
			`- C(RAX_USERNAME) and C(RAX_API_KEY) obviate the use of a credentials file`
			`- C(RAX_REGION) defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)`
			`'''`

			`EXAMPLES = '''`
			`- name: Build a user in Cloud Databases`
			`tasks:`
			`- name: User build request`
			`local_action:`
			`module: rax_cdb_user`
			`credentials: ~/.raxpub`
			`region: IAD`
			`cdb_id: 323e7ce0-9cb0-11e3-a5e2-0800200c9a66`
			`db_username: user1`
			`db_password: user1`
			`databases: ['db1']`
			`state: present`
			`register: rax_db_user`
			`'''`

			`import sys`
			`from types import NoneType`

			`try:`
			`import pyrax`
			`except ImportError:`
			`print("failed=True msg='pyrax is required for this module'")`
			`sys.exit(1)`

			`NON_CALLABLES = (basestring, bool, dict, int, list, NoneType)`


			`def to_dict(obj):`
			`instance = {}`
			`for key in dir(obj):`
			`value = getattr(obj, key)`
			`if (isinstance(value, NON_CALLABLES) and not key.startswith('_')):`
			`instance[key] = value`
			`return instance`


			`def find_user(instance, name):`
			`try:`
			`user = instance.get_user(name)`
			`except Exception:`
			`return False`

			`return user`


			`def save_user(module, cdb_id, name, password, databases, host):`

			`for arg, value in dict(cdb_id=cdb_id, name=name).iteritems():`
			`if not value:`
			`module.fail_json(msg='%s is required for the "rax_cdb_user" '`
			`'module' % arg)`

			`cdb = pyrax.cloud_databases`

			`try:`
			`instance = cdb.get(cdb_id)`
			`except Exception, e:`
			`module.fail_json(msg='%s' % e.message)`

			`changed = False`

			`user = find_user(instance, name)`

			`if not user:`
			`action = 'create'`
			`try:`
			`user = instance.create_user(name=name,`
			`password=password,`
			`database_names=databases,`
			`host=host)`
			`except Exception, e:`
			`module.fail_json(msg='%s' % e.message)`
			`else:`
			`changed = True`
			`else:`
			`action = 'update'`

			`if user.host != host:`
			`changed = True`

			`user.update(password=password, host=host)`

			`former_dbs = set([item.name for item in user.list_user_access()])`
			`databases = set(databases)`

			`if databases != former_dbs:`
			`try:`
			`revoke_dbs = [db for db in former_dbs if db not in databases]`
			`user.revoke_user_access(db_names=revoke_dbs)`

			`new_dbs = [db for db in databases if db not in former_dbs]`
			`user.grant_user_access(db_names=new_dbs)`
			`except Exception, e:`
			`module.fail_json(msg='%s' % e.message)`
			`else:`
			`changed = True`

			`module.exit_json(changed=changed, action=action, user=to_dict(user))`


			`def delete_user(module, cdb_id, name):`

			`for arg, value in dict(cdb_id=cdb_id, name=name).iteritems():`
			`if not value:`
			`module.fail_json(msg='%s is required for the "rax_cdb_user"'`
			`' module' % arg)`

			`cdb = pyrax.cloud_databases`

			`try:`
			`instance = cdb.get(cdb_id)`
			`except Exception, e:`
			`module.fail_json(msg='%s' % e.message)`

			`changed = False`

			`user = find_user(instance, name)`

			`if user:`
			`try:`
			`user.delete()`
			`except Exception, e:`
			`module.fail_json(msg='%s' % e.message)`
			`else:`
			`changed = True`

			`module.exit_json(changed=changed, action='delete')`


			`def rax_cdb_user(module, state, cdb_id, name, password, databases, host):`

			`# act on the state`
			`if state == 'present':`
			`save_user(module, cdb_id, name, password, databases, host)`
			`elif state == 'absent':`
			`delete_user(module, cdb_id, name)`


			`def main():`
			`argument_spec = rax_argument_spec()`
			`argument_spec.update(`
			`dict(`
			`cdb_id=dict(type='str', required=True),`
			`db_username=dict(type='str', required=True),`
			`db_password=dict(type='str', required=True, no_log=True),`
			`databases=dict(type='list', default=[]),`
			`host=dict(type='str', default='%'),`
			`state=dict(default='present', choices=['present', 'absent'])`
			`)`
			`)`

			`module = AnsibleModule(`
			`argument_spec=argument_spec,`
			`required_together=rax_required_together(),`
			`)`

			`cdb_id = module.params.get('cdb_id')`
			`name = module.params.get('db_username')`
			`password = module.params.get('db_password')`
			`databases = module.params.get('databases')`
			`host = unicode(module.params.get('host'))`
			`state = module.params.get('state')`

			`setup_rax_module(module, pyrax)`
			`rax_cdb_user(module, state, cdb_id, name, password, databases, host)`


			`# import module snippets`
			`from ansible.module_utils.basic import *`
			`from ansible.module_utils.rax import *`

			`### invoke the module`
			`main()`