From 31f3a29613d47908939e863d953a55c9dc7bada1 Mon Sep 17 00:00:00 2001 From: panyy3 Date: Tue, 29 Oct 2019 21:13:40 +0800 Subject: [PATCH] add UpdateUserName and UpdatePasswordPolicy (#62941) * add new command UpdateUserName and UpdatePasswordPolicy in redfish_command module * fix errors detected by ansible-test * fix error detected by ansible-test * change command name UpdatePasswordPolicy to UpdateAccountServiceProperties, and update parameter to account_properties to support mlti-properties setting --- lib/ansible/module_utils/redfish_utils.py | 57 +++++++++++++++++++ .../redfish/redfish_command.py | 57 ++++++++++++++++++- 2 files changed, 111 insertions(+), 3 deletions(-) diff --git a/lib/ansible/module_utils/redfish_utils.py b/lib/ansible/module_utils/redfish_utils.py index 5f13cb926cf..9454253b93a 100644 --- a/lib/ansible/module_utils/redfish_utils.py +++ b/lib/ansible/module_utils/redfish_utils.py @@ -1014,6 +1014,63 @@ class RedfishUtils(object): return response return {'ret': True} + def update_user_name(self, user): + if not user.get('account_updatename'): + return {'ret': False, 'msg': + 'Must provide account_updatename for UpdateUserName command'} + + response = self._find_account_uri(username=user.get('account_username'), + acct_id=user.get('account_id')) + if not response['ret']: + return response + uri = response['uri'] + payload = {'UserName': user['account_updatename']} + response = self.patch_request(self.root_uri + uri, payload) + if response['ret'] is False: + return response + return {'ret': True} + + def update_accountservice_properties(self, user): + if user.get('account_properties') is None: + return {'ret': False, 'msg': + 'Must provide account_properties for UpdateAccountServiceProperties command'} + account_properties = user.get('account_properties') + + # Find AccountService + response = self.get_request(self.root_uri + self.service_root) + if response['ret'] is False: + return response + data = response['data'] + if 'AccountService' not in data: + return {'ret': False, 'msg': "AccountService resource not found"} + accountservice_uri = data["AccountService"]["@odata.id"] + + # Check support or not + response = self.get_request(self.root_uri + accountservice_uri) + if response['ret'] is False: + return response + data = response['data'] + for property_name in account_properties.keys(): + if property_name not in data: + return {'ret': False, 'msg': + 'property %s not supported' % property_name} + + # if properties is already matched, nothing to do + need_change = False + for property_name in account_properties.keys(): + if account_properties[property_name] != data[property_name]: + need_change = True + break + + if not need_change: + return {'ret': True, 'changed': False, 'msg': "AccountService properties already set"} + + payload = account_properties + response = self.patch_request(self.root_uri + accountservice_uri, payload) + if response['ret'] is False: + return response + return {'ret': True, 'changed': True, 'msg': "Modified AccountService properties"} + def get_sessions(self): result = {} # listing all users has always been slower than other operations, why? diff --git a/lib/ansible/modules/remote_management/redfish/redfish_command.py b/lib/ansible/modules/remote_management/redfish/redfish_command.py index f16e486edb0..cea70da2655 100644 --- a/lib/ansible/modules/remote_management/redfish/redfish_command.py +++ b/lib/ansible/modules/remote_management/redfish/redfish_command.py @@ -100,6 +100,19 @@ options: - BootNext target when bootdevice is "UefiBootNext" type: str version_added: "2.9" + update_username: + required: false + aliases: [ account_updatename ] + description: + - new update user name for account_username + type: str + version_added: "2.10" + account_properties: + required: false + description: + - properties of account service to update + type: dict + version_added: "2.10" author: "Jose Delarosa (@jose-delarosa)" ''' @@ -230,6 +243,37 @@ EXAMPLES = ''' account_username: "{{ account_username }}" roleid: "{{ roleid }}" + - name: Update user name + redfish_command: + category: Accounts + command: UpdateUserName + baseuri: "{{ baseuri }}" + username: "{{ username }}" + password: "{{ password }}" + account_username: "{{ account_username }}" + account_updatename: "{{ account_updatename }}" + + - name: Update user name + redfish_command: + category: Accounts + command: UpdateUserName + baseuri: "{{ baseuri }}" + username: "{{ username }}" + password: "{{ password }}" + account_username: "{{ account_username }}" + update_username: "{{ update_username }}" + + - name: Update AccountService properties + redfish_command: + category: Accounts + command: UpdateAccountServiceProperties + baseuri: "{{ baseuri }}" + username: "{{ username }}" + password: "{{ password }}" + account_properties: + AccountLockoutThreshold: 5 + AccountLockoutDuration: 600 + - name: Clear Manager Logs with a timeout of 20 seconds redfish_command: category: Manager @@ -259,7 +303,8 @@ CATEGORY_COMMANDS_ALL = { "PowerGracefulShutdown", "PowerReboot", "SetOneTimeBoot"], "Chassis": ["IndicatorLedOn", "IndicatorLedOff", "IndicatorLedBlink"], "Accounts": ["AddUser", "EnableUser", "DeleteUser", "DisableUser", - "UpdateUserRole", "UpdateUserPassword"], + "UpdateUserRole", "UpdateUserPassword", "UpdateUserName", + "UpdateAccountServiceProperties"], "Manager": ["GracefulRestart", "ClearLogs"], } @@ -277,6 +322,8 @@ def main(): new_username=dict(aliases=["account_username"]), new_password=dict(aliases=["account_password"], no_log=True), roleid=dict(aliases=["account_roleid"]), + update_username=dict(type='str', aliases=["account_updatename"]), + account_properties=dict(type='dict', default={}), bootdevice=dict(), timeout=dict(type='int', default=10), uefi_target=dict(), @@ -296,7 +343,9 @@ def main(): user = {'account_id': module.params['id'], 'account_username': module.params['new_username'], 'account_password': module.params['new_password'], - 'account_roleid': module.params['roleid']} + 'account_roleid': module.params['roleid'], + 'account_updatename': module.params['update_username'], + 'account_properties': module.params['account_properties']} # timeout timeout = module.params['timeout'] @@ -323,7 +372,9 @@ def main(): "DeleteUser": rf_utils.delete_user, "DisableUser": rf_utils.disable_user, "UpdateUserRole": rf_utils.update_user_role, - "UpdateUserPassword": rf_utils.update_user_password + "UpdateUserPassword": rf_utils.update_user_password, + "UpdateUserName": rf_utils.update_user_name, + "UpdateAccountServiceProperties": rf_utils.update_accountservice_properties } # execute only if we find an Account service resource