cloud: cs_user: add feature keys handling (#27285)
This commit is contained in:
parent
3a3bdde869
commit
a566a7ea2e
2 changed files with 113 additions and 8 deletions
|
@ -72,6 +72,13 @@ options:
|
|||
- Timezone of the user.
|
||||
required: false
|
||||
default: null
|
||||
keys_registered:
|
||||
description:
|
||||
- If API keys of the user should be generated.
|
||||
- "Note: Keys can not be removed by the API again."
|
||||
required: false
|
||||
default: null
|
||||
version_added: "2.4"
|
||||
domain:
|
||||
description:
|
||||
- Domain the user is related to.
|
||||
|
@ -160,12 +167,12 @@ email:
|
|||
returned: success
|
||||
type: string
|
||||
sample: john.doe@example.com
|
||||
api_key:
|
||||
user_api_key:
|
||||
description: API key of the user.
|
||||
returned: success
|
||||
type: string
|
||||
sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg
|
||||
api_secret:
|
||||
user_api_secret:
|
||||
description: API secret of the user.
|
||||
returned: success
|
||||
type: string
|
||||
|
@ -219,8 +226,8 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
|||
'firstname': 'first_name',
|
||||
'lastname': 'last_name',
|
||||
'email': 'email',
|
||||
'secretkey': 'api_secret',
|
||||
'apikey': 'api_key',
|
||||
'secretkey': 'user_api_secret',
|
||||
'apikey': 'user_api_key',
|
||||
'timezone': 'timezone',
|
||||
}
|
||||
self.account_types = {
|
||||
|
@ -346,8 +353,9 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
|||
user = res['user']
|
||||
|
||||
# register user api keys
|
||||
res = self.query_api('registerUserKeys', id=user['id'])
|
||||
user.update(res['userkeys'])
|
||||
if self.module.params.get('keys_registered'):
|
||||
res = self.query_api('registerUserKeys', id=user['id'])
|
||||
user.update(res['userkeys'])
|
||||
|
||||
return user
|
||||
|
||||
|
@ -366,13 +374,12 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
|||
user = res['user']
|
||||
|
||||
# register user api keys
|
||||
if 'apikey' not in user:
|
||||
if 'apikey' not in user and self.module.params.get('keys_registered'):
|
||||
self.result['changed'] = True
|
||||
|
||||
if not self.module.check_mode:
|
||||
res = self.query_api('registerUserKeys', id=user['id'])
|
||||
user.update(res['userkeys'])
|
||||
|
||||
return user
|
||||
|
||||
def absent_user(self):
|
||||
|
@ -408,6 +415,7 @@ def main():
|
|||
last_name=dict(),
|
||||
password=dict(no_log=True),
|
||||
timezone=dict(),
|
||||
keys_registered=dict(type='bool'),
|
||||
poll_async=dict(type='bool', default=True),
|
||||
))
|
||||
|
||||
|
|
|
@ -66,6 +66,7 @@
|
|||
- user.account == "admin"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is not defined
|
||||
|
||||
- name: test create user idempotence
|
||||
cs_user:
|
||||
|
@ -89,6 +90,96 @@
|
|||
- user.account == "admin"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is not defined
|
||||
|
||||
- name: test create account
|
||||
cs_account:
|
||||
name: "{{ cs_resource_prefix }}_acc"
|
||||
username: "{{ cs_resource_prefix }}_acc_username"
|
||||
password: "{{ cs_resource_prefix }}_acc_password"
|
||||
last_name: "{{ cs_resource_prefix }}_acc_last_name"
|
||||
first_name: "{{ cs_resource_prefix }}_acc_first_name"
|
||||
email: "{{ cs_resource_prefix }}@example.com"
|
||||
network_domain: "example.com"
|
||||
register: acc
|
||||
- name: verify results of create account
|
||||
assert:
|
||||
that:
|
||||
- acc|success
|
||||
- acc|changed
|
||||
- acc.name == "{{ cs_resource_prefix }}_acc"
|
||||
- acc.network_domain == "example.com"
|
||||
- acc.account_type == "user"
|
||||
- acc.state == "enabled"
|
||||
- acc.domain == "ROOT"
|
||||
- acc|changed
|
||||
|
||||
- name: test create user2 in check mode
|
||||
cs_user:
|
||||
username: "{{ cs_resource_prefix }}_user2"
|
||||
password: "{{ cs_resource_prefix }}_password2"
|
||||
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||
email: "{{ cs_resource_prefix }}@example2.com"
|
||||
account: "{{ cs_resource_prefix }}_acc"
|
||||
keys_registered: true
|
||||
check_mode: true
|
||||
register: user
|
||||
- name: verify results of create user idempotence
|
||||
assert:
|
||||
that:
|
||||
- user|success
|
||||
- user|changed
|
||||
|
||||
- name: test create user2
|
||||
cs_user:
|
||||
username: "{{ cs_resource_prefix }}_user2"
|
||||
password: "{{ cs_resource_prefix }}_password2"
|
||||
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||
email: "{{ cs_resource_prefix }}@example2.com"
|
||||
account: "{{ cs_resource_prefix }}_acc"
|
||||
keys_registered: true
|
||||
register: user
|
||||
- name: verify results of create user idempotence
|
||||
assert:
|
||||
that:
|
||||
- user|success
|
||||
- user|changed
|
||||
- user.username == "{{ cs_resource_prefix }}_user2"
|
||||
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
|
||||
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
|
||||
- user.email == "{{ cs_resource_prefix }}@example2.com"
|
||||
- user.account_type == "user"
|
||||
- user.account == "{{ cs_resource_prefix }}_acc"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is defined
|
||||
|
||||
- name: test create user2 idempotence
|
||||
cs_user:
|
||||
username: "{{ cs_resource_prefix }}_user2"
|
||||
password: "{{ cs_resource_prefix }}_password2"
|
||||
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||
email: "{{ cs_resource_prefix }}@example2.com"
|
||||
account: "{{ cs_resource_prefix }}_acc"
|
||||
keys_registered: true
|
||||
register: user
|
||||
- name: verify results of create user idempotence
|
||||
assert:
|
||||
that:
|
||||
- user|success
|
||||
- not user|changed
|
||||
- user.username == "{{ cs_resource_prefix }}_user2"
|
||||
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
|
||||
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
|
||||
- user.email == "{{ cs_resource_prefix }}@example2.com"
|
||||
- user.account_type == "user"
|
||||
- user.account == "{{ cs_resource_prefix }}_acc"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is defined
|
||||
|
||||
- name: test update user in check mode
|
||||
cs_user:
|
||||
|
@ -98,6 +189,7 @@
|
|||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||
email: "{{ cs_resource_prefix }}@example.com1"
|
||||
account: "admin"
|
||||
keys_registered: true
|
||||
register: user
|
||||
check_mode: true
|
||||
- name: verify results of update user in check mode
|
||||
|
@ -113,6 +205,7 @@
|
|||
- user.account == "admin"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is not defined
|
||||
|
||||
- name: test update user
|
||||
cs_user:
|
||||
|
@ -122,6 +215,7 @@
|
|||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||
email: "{{ cs_resource_prefix }}@example.com1"
|
||||
account: "admin"
|
||||
keys_registered: true
|
||||
register: user
|
||||
- name: verify results of update user
|
||||
assert:
|
||||
|
@ -136,6 +230,7 @@
|
|||
- user.account == "admin"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is defined
|
||||
|
||||
- name: test update user idempotence
|
||||
cs_user:
|
||||
|
@ -145,6 +240,7 @@
|
|||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||
email: "{{ cs_resource_prefix }}@example.com1"
|
||||
account: "admin"
|
||||
keys_registered: true
|
||||
register: user
|
||||
- name: verify results of update user idempotence
|
||||
assert:
|
||||
|
@ -159,6 +255,7 @@
|
|||
- user.account == "admin"
|
||||
- user.state == "enabled"
|
||||
- user.domain == "ROOT"
|
||||
- user.user_api_key is defined
|
||||
|
||||
- name: test lock user in check mode
|
||||
cs_user:
|
||||
|
|
Loading…
Reference in a new issue