firewalld - fail offline operations on old lib version

This fixes an issue where the check for an import error would occur
before checking to see if firewalld is in "offline mode" and if it
is, then checking to ensure the version of the firewall python
library was new enough to support offline operations. This patch
will now fail with a correct error message in the scenario that
someone attempts to perform an offline operation but has a version
of the firewall python library that is too old.

Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>

lib/ansible/modules/system/firewalld.py

@@ -158,6 +158,7 @@ try:
         fw.getDefaultZone()
     except AttributeError:
         # Firewalld is not currently running, permanent-only operations
+        fw_offline = True
 
         # Import other required parts of the firewalld API
         #
@@ -167,7 +168,6 @@ try:
         from firewall.client import FirewallClientZoneSettings
         fw = Firewall_test()
         fw.start()
-        fw_offline = True
 
 except ImportError:
     import_failure = True
@@ -749,11 +749,6 @@ def main():
         supports_check_mode=True
     )
 
-    if import_failure:
-        module.fail_json(
-            msg='firewalld and its python module are required for this module, version 0.2.11 or newer required (0.3.9 or newer for offline operations)'
-        )
-
     if fw_offline:
         # Pre-run version checking
         if FW_VERSION < "0.3.9":
@@ -771,6 +766,11 @@ def main():
             module.fail_json(msg="firewalld connection can't be established,\
                     installed version (%s) likely too old. Requires firewalld >= 0.2.11" % FW_VERSION)
 
+    if import_failure:
+        module.fail_json(
+            msg='firewalld and its python module are required for this module, version 0.2.11 or newer required (0.3.9 or newer for offline operations)'
+        )
+
     permanent = module.params['permanent']
     desired_state = module.params['state']
     immediate = module.params['immediate']