influxdb_user: implement user password change (#35471)

* Added tests on user removing

* Implemented password changing

* Fix after review

* Added zhhuta changes
This commit is contained in:
Artem Zinenko 2018-02-06 13:01:51 +03:00 committed by René Moser
parent 138de603d9
commit 56f640d874
2 changed files with 90 additions and 5 deletions

View file

@ -81,7 +81,7 @@ RETURN = '''
import ansible.module_utils.urls
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.influxdb import InfluxDb
import ansible.module_utils.influxdb as influx
def find_user(module, client, user_name):
@ -98,6 +98,31 @@ def find_user(module, client, user_name):
return name
def check_user_password(module, client, user_name, user_password):
try:
client.switch_user(user_name, user_password)
client.get_list_users()
except influx.exceptions.InfluxDBClientError as e:
if e.code == 401:
return False
except ansible.module_utils.urls.ConnectionError as e:
module.fail_json(msg=str(e))
finally:
# restore previous user
client.switch_user(module.params['username'], module.params['password'])
return True
def set_user_password(module, client, user_name, user_password):
if not module.check_mode:
try:
client.set_user_password(user_name, user_password)
except ansible.module_utils.urls.ConnectionError as e:
module.fail_json(msg=str(e))
module.exit_json(changed=True)
def create_user(module, client, user_name, user_password, admin):
if not module.check_mode:
try:
@ -112,14 +137,14 @@ def drop_user(module, client, user_name):
if not module.check_mode:
try:
client.drop_user(user_name)
except client.InfluxDBClientError as e:
except influx.exceptions.InfluxDBClientError as e:
module.fail_json(msg=e.content)
module.exit_json(changed=True)
def main():
argument_spec = InfluxDb.influxdb_argument_spec()
argument_spec = influx.InfluxDb.influxdb_argument_spec()
argument_spec.update(
state=dict(default='present', type='str', choices=['present', 'absent']),
user_name=dict(required=True, type='str'),
@ -135,13 +160,16 @@ def main():
user_name = module.params['user_name']
user_password = module.params['user_password']
admin = module.params['admin']
influxdb = InfluxDb(module)
influxdb = influx.InfluxDb(module)
client = influxdb.connect_to_influxdb()
user = find_user(module, client, user_name)
if state == 'present':
if user:
module.exit_json(changed=False)
if check_user_password(module, client, user_name, user_password):
module.exit_json(changed=False)
else:
set_user_password(module, client, user_name, user_password)
else:
create_user(module, client, user_name, user_password, admin)

View file

@ -81,3 +81,60 @@
assert:
that:
- same_user.changed == false
- name: Test change user password in check mode
block:
- name: Change user password
influxdb_user: user_name=user user_password=user2 login_username=admin login_password=admin
check_mode: true
register: change_password
- name: Check that password changing succeeds with a change
assert:
that:
- change_password.changed == true
- name: Test change user password
block:
- name: Change user password
influxdb_user: user_name=user user_password=user2 login_username=admin login_password=admin
register: change_password
- name: Check that password changing succeeds with a change
assert:
that:
- change_password.changed == true
- name: Test remove user in check mode
block:
- name: Remove user
influxdb_user: user_name=user state=absent login_username=admin login_password=admin
check_mode: true
register: remove_user
- name: Check that removing user succeeds with a change
assert:
that:
- remove_user.changed == true
- name: Test remove user
block:
- name: Remove user
influxdb_user: user_name=user state=absent login_username=admin login_password=admin
register: remove_user
- name: Check that removing user succeeds with a change
assert:
that:
- remove_user.changed == true
- name: Test remove user idempotence
block:
- name: Remove user
influxdb_user: user_name=user state=absent login_username=admin login_password=admin
register: remove_user
- name: Check that removing user succeeds without a change
assert:
that:
- remove_user.changed == false