add UpdateUserName and UpdatePasswordPolicy (#62941)

* add new command UpdateUserName and UpdatePasswordPolicy in redfish_command module * fix errors detected by ansible-test * fix error detected by ansible-test * change command name UpdatePasswordPolicy to UpdateAccountServiceProperties, and update parameter to account_properties to support mlti-properties setting
2019-10-29 21:13:40 +08:00 · 2019-10-29 21:13:40 +08:00 · 31f3a29613
commit 31f3a29613
parent 92a39a0910
2 changed files with 111 additions and 3 deletions
--- a/lib/ansible/module_utils/redfish_utils.py
+++ b/lib/ansible/module_utils/redfish_utils.py
@ -1014,6 +1014,63 @@ class RedfishUtils(object):
            return response
        return {'ret': True}

+    def update_user_name(self, user):
+        if not user.get('account_updatename'):
+            return {'ret': False, 'msg':
+                    'Must provide account_updatename for UpdateUserName command'}
+
+        response = self._find_account_uri(username=user.get('account_username'),
+                                          acct_id=user.get('account_id'))
+        if not response['ret']:
+            return response
+        uri = response['uri']
+        payload = {'UserName': user['account_updatename']}
+        response = self.patch_request(self.root_uri + uri, payload)
+        if response['ret'] is False:
+            return response
+        return {'ret': True}
+
+    def update_accountservice_properties(self, user):
+        if user.get('account_properties') is None:
+            return {'ret': False, 'msg':
+                    'Must provide account_properties for UpdateAccountServiceProperties command'}
+        account_properties = user.get('account_properties')
+
+        # Find AccountService
+        response = self.get_request(self.root_uri + self.service_root)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+        if 'AccountService' not in data:
+            return {'ret': False, 'msg': "AccountService resource not found"}
+        accountservice_uri = data["AccountService"]["@odata.id"]
+
+        # Check support or not
+        response = self.get_request(self.root_uri + accountservice_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+        for property_name in account_properties.keys():
+            if property_name not in data:
+                return {'ret': False, 'msg':
+                        'property %s not supported' % property_name}
+
+        # if properties is already matched, nothing to do
+        need_change = False
+        for property_name in account_properties.keys():
+            if account_properties[property_name] != data[property_name]:
+                need_change = True
+                break
+
+        if not need_change:
+            return {'ret': True, 'changed': False, 'msg': "AccountService properties already set"}
+
+        payload = account_properties
+        response = self.patch_request(self.root_uri + accountservice_uri, payload)
+        if response['ret'] is False:
+            return response
+        return {'ret': True, 'changed': True, 'msg': "Modified AccountService properties"}
+
    def get_sessions(self):
        result = {}
        # listing all users has always been slower than other operations, why?
--- a/lib/ansible/modules/remote_management/redfish/redfish_command.py
+++ b/lib/ansible/modules/remote_management/redfish/redfish_command.py
@ -100,6 +100,19 @@ options:
      - BootNext target when bootdevice is "UefiBootNext"
    type: str
    version_added: "2.9"
+  update_username:
+    required: false
+    aliases: [ account_updatename ]
+    description:
+      - new update user name for account_username
+    type: str
+    version_added: "2.10"
+  account_properties:
+    required: false
+    description:
+      - properties of account service to update
+    type: dict
+    version_added: "2.10"

 author: "Jose Delarosa (@jose-delarosa)"
 '''
@ -230,6 +243,37 @@ EXAMPLES = '''
      account_username: "{{ account_username }}"
      roleid: "{{ roleid }}"

+  - name: Update user name
+    redfish_command:
+      category: Accounts
+      command: UpdateUserName
+      baseuri: "{{ baseuri }}"
+      username: "{{ username }}"
+      password: "{{ password }}"
+      account_username: "{{ account_username }}"
+      account_updatename: "{{ account_updatename }}"
+
+  - name: Update user name
+    redfish_command:
+      category: Accounts
+      command: UpdateUserName
+      baseuri: "{{ baseuri }}"
+      username: "{{ username }}"
+      password: "{{ password }}"
+      account_username: "{{ account_username }}"
+      update_username: "{{ update_username }}"
+
+  - name: Update AccountService properties
+    redfish_command:
+      category: Accounts
+      command: UpdateAccountServiceProperties
+      baseuri: "{{ baseuri }}"
+      username: "{{ username }}"
+      password: "{{ password }}"
+      account_properties:
+        AccountLockoutThreshold: 5
+        AccountLockoutDuration: 600
+
  - name: Clear Manager Logs with a timeout of 20 seconds
    redfish_command:
      category: Manager
@ -259,7 +303,8 @@ CATEGORY_COMMANDS_ALL = {
                "PowerGracefulShutdown", "PowerReboot", "SetOneTimeBoot"],
    "Chassis": ["IndicatorLedOn", "IndicatorLedOff", "IndicatorLedBlink"],
    "Accounts": ["AddUser", "EnableUser", "DeleteUser", "DisableUser",
-                 "UpdateUserRole", "UpdateUserPassword"],
+                 "UpdateUserRole", "UpdateUserPassword", "UpdateUserName",
+                 "UpdateAccountServiceProperties"],
    "Manager": ["GracefulRestart", "ClearLogs"],
 }

@ -277,6 +322,8 @@ def main():
            new_username=dict(aliases=["account_username"]),
            new_password=dict(aliases=["account_password"], no_log=True),
            roleid=dict(aliases=["account_roleid"]),
+            update_username=dict(type='str', aliases=["account_updatename"]),
+            account_properties=dict(type='dict', default={}),
            bootdevice=dict(),
            timeout=dict(type='int', default=10),
            uefi_target=dict(),
@ -296,7 +343,9 @@ def main():
    user = {'account_id': module.params['id'],
            'account_username': module.params['new_username'],
            'account_password': module.params['new_password'],
-            'account_roleid': module.params['roleid']}
+            'account_roleid': module.params['roleid'],
+            'account_updatename': module.params['update_username'],
+            'account_properties': module.params['account_properties']}

    # timeout
    timeout = module.params['timeout']
@ -323,7 +372,9 @@ def main():
            "DeleteUser": rf_utils.delete_user,
            "DisableUser": rf_utils.disable_user,
            "UpdateUserRole": rf_utils.update_user_role,
-            "UpdateUserPassword": rf_utils.update_user_password
+            "UpdateUserPassword": rf_utils.update_user_password,
+            "UpdateUserName": rf_utils.update_user_name,
+            "UpdateAccountServiceProperties": rf_utils.update_accountservice_properties
        }

        # execute only if we find an Account service resource