cloud: cs_user: add feature keys handling (#27285)

This commit is contained in:
René Moser 2017-07-25 18:07:58 +02:00 committed by GitHub
parent 3a3bdde869
commit a566a7ea2e
2 changed files with 113 additions and 8 deletions

View file

@ -72,6 +72,13 @@ options:
- Timezone of the user.
required: false
default: null
keys_registered:
description:
- If API keys of the user should be generated.
- "Note: Keys can not be removed by the API again."
required: false
default: null
version_added: "2.4"
domain:
description:
- Domain the user is related to.
@ -160,12 +167,12 @@ email:
returned: success
type: string
sample: john.doe@example.com
api_key:
user_api_key:
description: API key of the user.
returned: success
type: string
sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg
api_secret:
user_api_secret:
description: API secret of the user.
returned: success
type: string
@ -219,8 +226,8 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
'firstname': 'first_name',
'lastname': 'last_name',
'email': 'email',
'secretkey': 'api_secret',
'apikey': 'api_key',
'secretkey': 'user_api_secret',
'apikey': 'user_api_key',
'timezone': 'timezone',
}
self.account_types = {
@ -346,8 +353,9 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
user = res['user']
# register user api keys
res = self.query_api('registerUserKeys', id=user['id'])
user.update(res['userkeys'])
if self.module.params.get('keys_registered'):
res = self.query_api('registerUserKeys', id=user['id'])
user.update(res['userkeys'])
return user
@ -366,13 +374,12 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
user = res['user']
# register user api keys
if 'apikey' not in user:
if 'apikey' not in user and self.module.params.get('keys_registered'):
self.result['changed'] = True
if not self.module.check_mode:
res = self.query_api('registerUserKeys', id=user['id'])
user.update(res['userkeys'])
return user
def absent_user(self):
@ -408,6 +415,7 @@ def main():
last_name=dict(),
password=dict(no_log=True),
timezone=dict(),
keys_registered=dict(type='bool'),
poll_async=dict(type='bool', default=True),
))

View file

@ -66,6 +66,7 @@
- user.account == "admin"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is not defined
- name: test create user idempotence
cs_user:
@ -89,6 +90,96 @@
- user.account == "admin"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is not defined
- name: test create account
cs_account:
name: "{{ cs_resource_prefix }}_acc"
username: "{{ cs_resource_prefix }}_acc_username"
password: "{{ cs_resource_prefix }}_acc_password"
last_name: "{{ cs_resource_prefix }}_acc_last_name"
first_name: "{{ cs_resource_prefix }}_acc_first_name"
email: "{{ cs_resource_prefix }}@example.com"
network_domain: "example.com"
register: acc
- name: verify results of create account
assert:
that:
- acc|success
- acc|changed
- acc.name == "{{ cs_resource_prefix }}_acc"
- acc.network_domain == "example.com"
- acc.account_type == "user"
- acc.state == "enabled"
- acc.domain == "ROOT"
- acc|changed
- name: test create user2 in check mode
cs_user:
username: "{{ cs_resource_prefix }}_user2"
password: "{{ cs_resource_prefix }}_password2"
last_name: "{{ cs_resource_prefix }}_last_name2"
first_name: "{{ cs_resource_prefix }}_first_name2"
email: "{{ cs_resource_prefix }}@example2.com"
account: "{{ cs_resource_prefix }}_acc"
keys_registered: true
check_mode: true
register: user
- name: verify results of create user idempotence
assert:
that:
- user|success
- user|changed
- name: test create user2
cs_user:
username: "{{ cs_resource_prefix }}_user2"
password: "{{ cs_resource_prefix }}_password2"
last_name: "{{ cs_resource_prefix }}_last_name2"
first_name: "{{ cs_resource_prefix }}_first_name2"
email: "{{ cs_resource_prefix }}@example2.com"
account: "{{ cs_resource_prefix }}_acc"
keys_registered: true
register: user
- name: verify results of create user idempotence
assert:
that:
- user|success
- user|changed
- user.username == "{{ cs_resource_prefix }}_user2"
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
- user.email == "{{ cs_resource_prefix }}@example2.com"
- user.account_type == "user"
- user.account == "{{ cs_resource_prefix }}_acc"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is defined
- name: test create user2 idempotence
cs_user:
username: "{{ cs_resource_prefix }}_user2"
password: "{{ cs_resource_prefix }}_password2"
last_name: "{{ cs_resource_prefix }}_last_name2"
first_name: "{{ cs_resource_prefix }}_first_name2"
email: "{{ cs_resource_prefix }}@example2.com"
account: "{{ cs_resource_prefix }}_acc"
keys_registered: true
register: user
- name: verify results of create user idempotence
assert:
that:
- user|success
- not user|changed
- user.username == "{{ cs_resource_prefix }}_user2"
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
- user.email == "{{ cs_resource_prefix }}@example2.com"
- user.account_type == "user"
- user.account == "{{ cs_resource_prefix }}_acc"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is defined
- name: test update user in check mode
cs_user:
@ -98,6 +189,7 @@
first_name: "{{ cs_resource_prefix }}_first_name1"
email: "{{ cs_resource_prefix }}@example.com1"
account: "admin"
keys_registered: true
register: user
check_mode: true
- name: verify results of update user in check mode
@ -113,6 +205,7 @@
- user.account == "admin"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is not defined
- name: test update user
cs_user:
@ -122,6 +215,7 @@
first_name: "{{ cs_resource_prefix }}_first_name1"
email: "{{ cs_resource_prefix }}@example.com1"
account: "admin"
keys_registered: true
register: user
- name: verify results of update user
assert:
@ -136,6 +230,7 @@
- user.account == "admin"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is defined
- name: test update user idempotence
cs_user:
@ -145,6 +240,7 @@
first_name: "{{ cs_resource_prefix }}_first_name1"
email: "{{ cs_resource_prefix }}@example.com1"
account: "admin"
keys_registered: true
register: user
- name: verify results of update user idempotence
assert:
@ -159,6 +255,7 @@
- user.account == "admin"
- user.state == "enabled"
- user.domain == "ROOT"
- user.user_api_key is defined
- name: test lock user in check mode
cs_user: