Add support for users/sites to tenants (#50924)

* Add support for users/sites to tenants

* Better work-around
This commit is contained in:
Dag Wieers 2019-01-15 11:49:54 +01:00 committed by GitHub
parent 077d6a63c1
commit 27f4a1f927
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 70 additions and 4 deletions

View file

@ -31,11 +31,17 @@
from copy import deepcopy
from ansible.module_utils.basic import AnsibleModule, json
from ansible.module_utils.six import PY3
from ansible.module_utils.six.moves.urllib.parse import urlencode, urljoin
from ansible.module_utils.urls import fetch_url
from ansible.module_utils._text import to_native, to_bytes
if PY3:
def cmp(a, b):
return (a > b) - (a < b)
def issubset(subset, superset):
''' Recurse through nested dictionary and compare entries '''
@ -52,6 +58,10 @@ def issubset(subset, superset):
return False
for key, value in subset.items():
# Ignore empty values
if value is None:
return True
# Item from subset is missing from superset
if key not in superset:
return False
@ -65,8 +75,14 @@ def issubset(subset, superset):
if not issubset(superset[key], value):
return False
elif isinstance(value, list):
try:
# NOTE: Fails for lists of dicts
if not set(value) <= set(superset[key]):
return False
except TypeError:
# Fall back to exact comparison for lists of dicts
if not cmp(value, superset[key]):
return False
elif isinstance(value, set):
if not value <= superset[key]:
return False
@ -268,6 +284,36 @@ class MSCModule(object):
ids.append(dict(roleId=r['id']))
return ids
def lookup_sites(self, sites):
''' Look up sites and return their ids '''
if sites is None:
return sites
ids = []
for site in sites:
s = self.get_obj('sites', name=site)
if not s:
self.module.fail_json(msg="Site '%s' is not valid." % site)
if 'id' not in s:
self.module.fail_json(msg="Site lookup failed for '%s': %s" % (site, s))
ids.append(dict(siteId=s['id'], securityDomains=[]))
return ids
def lookup_users(self, users):
''' Look up users and return their ids '''
if users is None:
return users
ids = []
for user in users:
u = self.get_obj('users', username=user)
if not u:
self.module.fail_json(msg="User '%s' is not valid." % user)
if 'id' not in u:
self.module.fail_json(msg="User lookup failed for '%s': %s" % (user, u))
ids.append(dict(userId=u['id']))
return ids
def create_label(self, label, label_type):
''' Create a new label '''
return self.request('labels', method='POST', data=dict(displayName=label, type=label_type))

View file

@ -40,6 +40,16 @@ options:
description:
- The description for this tenant.
type: str
users:
description:
- A list of allowed users for this tenant.
- Using this property will replace any existing allowed users.
type: list
sites:
description:
- A list of allowed sites for this tenant.
- Using this property will replace any existing allowed sites.
type: list
state:
description:
- Use C(present) or C(absent) for adding or removing.
@ -106,6 +116,8 @@ def main():
display_name=dict(type='str'),
tenant=dict(type='str', required=False, aliases=['name', 'tenant_name']),
tenant_id=dict(type='str', required=False),
users=dict(type='list'),
sites=dict(type='list'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
)
@ -126,6 +138,10 @@ def main():
msc = MSCModule(module)
# Convert sites and users
sites = msc.lookup_sites(module.params['sites'])
users = msc.lookup_users(module.params['users'])
path = 'tenants'
# Query for existing object(s)
@ -166,8 +182,8 @@ def main():
id=tenant_id,
name=tenant,
displayName=display_name,
siteAssociations=[],
userAssociations=[dict(userId="0000ffff0000000000000020")],
siteAssociations=sites,
userAssociations=users,
)
msc.sanitize(payload, collate=True)
@ -176,6 +192,10 @@ def main():
if msc.sent.get('displayName') is None:
msc.sent['displayName'] = tenant
# Ensure tenant has at least admin user
if msc.sent.get('userAssociations') is None:
msc.sent['userAssociations'] = [dict(userId="0000ffff0000000000000020")]
if msc.existing:
if not issubset(msc.sent, msc.existing):
if module.check_mode: