cloud: cs_user: add feature keys handling (#27285)
This commit is contained in:
parent
3a3bdde869
commit
a566a7ea2e
2 changed files with 113 additions and 8 deletions
|
@ -72,6 +72,13 @@ options:
|
||||||
- Timezone of the user.
|
- Timezone of the user.
|
||||||
required: false
|
required: false
|
||||||
default: null
|
default: null
|
||||||
|
keys_registered:
|
||||||
|
description:
|
||||||
|
- If API keys of the user should be generated.
|
||||||
|
- "Note: Keys can not be removed by the API again."
|
||||||
|
required: false
|
||||||
|
default: null
|
||||||
|
version_added: "2.4"
|
||||||
domain:
|
domain:
|
||||||
description:
|
description:
|
||||||
- Domain the user is related to.
|
- Domain the user is related to.
|
||||||
|
@ -160,12 +167,12 @@ email:
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: string
|
||||||
sample: john.doe@example.com
|
sample: john.doe@example.com
|
||||||
api_key:
|
user_api_key:
|
||||||
description: API key of the user.
|
description: API key of the user.
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: string
|
||||||
sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg
|
sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg
|
||||||
api_secret:
|
user_api_secret:
|
||||||
description: API secret of the user.
|
description: API secret of the user.
|
||||||
returned: success
|
returned: success
|
||||||
type: string
|
type: string
|
||||||
|
@ -219,8 +226,8 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
||||||
'firstname': 'first_name',
|
'firstname': 'first_name',
|
||||||
'lastname': 'last_name',
|
'lastname': 'last_name',
|
||||||
'email': 'email',
|
'email': 'email',
|
||||||
'secretkey': 'api_secret',
|
'secretkey': 'user_api_secret',
|
||||||
'apikey': 'api_key',
|
'apikey': 'user_api_key',
|
||||||
'timezone': 'timezone',
|
'timezone': 'timezone',
|
||||||
}
|
}
|
||||||
self.account_types = {
|
self.account_types = {
|
||||||
|
@ -346,6 +353,7 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
||||||
user = res['user']
|
user = res['user']
|
||||||
|
|
||||||
# register user api keys
|
# register user api keys
|
||||||
|
if self.module.params.get('keys_registered'):
|
||||||
res = self.query_api('registerUserKeys', id=user['id'])
|
res = self.query_api('registerUserKeys', id=user['id'])
|
||||||
user.update(res['userkeys'])
|
user.update(res['userkeys'])
|
||||||
|
|
||||||
|
@ -366,13 +374,12 @@ class AnsibleCloudStackUser(AnsibleCloudStack):
|
||||||
user = res['user']
|
user = res['user']
|
||||||
|
|
||||||
# register user api keys
|
# register user api keys
|
||||||
if 'apikey' not in user:
|
if 'apikey' not in user and self.module.params.get('keys_registered'):
|
||||||
self.result['changed'] = True
|
self.result['changed'] = True
|
||||||
|
|
||||||
if not self.module.check_mode:
|
if not self.module.check_mode:
|
||||||
res = self.query_api('registerUserKeys', id=user['id'])
|
res = self.query_api('registerUserKeys', id=user['id'])
|
||||||
user.update(res['userkeys'])
|
user.update(res['userkeys'])
|
||||||
|
|
||||||
return user
|
return user
|
||||||
|
|
||||||
def absent_user(self):
|
def absent_user(self):
|
||||||
|
@ -408,6 +415,7 @@ def main():
|
||||||
last_name=dict(),
|
last_name=dict(),
|
||||||
password=dict(no_log=True),
|
password=dict(no_log=True),
|
||||||
timezone=dict(),
|
timezone=dict(),
|
||||||
|
keys_registered=dict(type='bool'),
|
||||||
poll_async=dict(type='bool', default=True),
|
poll_async=dict(type='bool', default=True),
|
||||||
))
|
))
|
||||||
|
|
||||||
|
|
|
@ -66,6 +66,7 @@
|
||||||
- user.account == "admin"
|
- user.account == "admin"
|
||||||
- user.state == "enabled"
|
- user.state == "enabled"
|
||||||
- user.domain == "ROOT"
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is not defined
|
||||||
|
|
||||||
- name: test create user idempotence
|
- name: test create user idempotence
|
||||||
cs_user:
|
cs_user:
|
||||||
|
@ -89,6 +90,96 @@
|
||||||
- user.account == "admin"
|
- user.account == "admin"
|
||||||
- user.state == "enabled"
|
- user.state == "enabled"
|
||||||
- user.domain == "ROOT"
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is not defined
|
||||||
|
|
||||||
|
- name: test create account
|
||||||
|
cs_account:
|
||||||
|
name: "{{ cs_resource_prefix }}_acc"
|
||||||
|
username: "{{ cs_resource_prefix }}_acc_username"
|
||||||
|
password: "{{ cs_resource_prefix }}_acc_password"
|
||||||
|
last_name: "{{ cs_resource_prefix }}_acc_last_name"
|
||||||
|
first_name: "{{ cs_resource_prefix }}_acc_first_name"
|
||||||
|
email: "{{ cs_resource_prefix }}@example.com"
|
||||||
|
network_domain: "example.com"
|
||||||
|
register: acc
|
||||||
|
- name: verify results of create account
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- acc|success
|
||||||
|
- acc|changed
|
||||||
|
- acc.name == "{{ cs_resource_prefix }}_acc"
|
||||||
|
- acc.network_domain == "example.com"
|
||||||
|
- acc.account_type == "user"
|
||||||
|
- acc.state == "enabled"
|
||||||
|
- acc.domain == "ROOT"
|
||||||
|
- acc|changed
|
||||||
|
|
||||||
|
- name: test create user2 in check mode
|
||||||
|
cs_user:
|
||||||
|
username: "{{ cs_resource_prefix }}_user2"
|
||||||
|
password: "{{ cs_resource_prefix }}_password2"
|
||||||
|
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||||
|
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||||
|
email: "{{ cs_resource_prefix }}@example2.com"
|
||||||
|
account: "{{ cs_resource_prefix }}_acc"
|
||||||
|
keys_registered: true
|
||||||
|
check_mode: true
|
||||||
|
register: user
|
||||||
|
- name: verify results of create user idempotence
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- user|success
|
||||||
|
- user|changed
|
||||||
|
|
||||||
|
- name: test create user2
|
||||||
|
cs_user:
|
||||||
|
username: "{{ cs_resource_prefix }}_user2"
|
||||||
|
password: "{{ cs_resource_prefix }}_password2"
|
||||||
|
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||||
|
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||||
|
email: "{{ cs_resource_prefix }}@example2.com"
|
||||||
|
account: "{{ cs_resource_prefix }}_acc"
|
||||||
|
keys_registered: true
|
||||||
|
register: user
|
||||||
|
- name: verify results of create user idempotence
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- user|success
|
||||||
|
- user|changed
|
||||||
|
- user.username == "{{ cs_resource_prefix }}_user2"
|
||||||
|
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
|
||||||
|
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
|
||||||
|
- user.email == "{{ cs_resource_prefix }}@example2.com"
|
||||||
|
- user.account_type == "user"
|
||||||
|
- user.account == "{{ cs_resource_prefix }}_acc"
|
||||||
|
- user.state == "enabled"
|
||||||
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is defined
|
||||||
|
|
||||||
|
- name: test create user2 idempotence
|
||||||
|
cs_user:
|
||||||
|
username: "{{ cs_resource_prefix }}_user2"
|
||||||
|
password: "{{ cs_resource_prefix }}_password2"
|
||||||
|
last_name: "{{ cs_resource_prefix }}_last_name2"
|
||||||
|
first_name: "{{ cs_resource_prefix }}_first_name2"
|
||||||
|
email: "{{ cs_resource_prefix }}@example2.com"
|
||||||
|
account: "{{ cs_resource_prefix }}_acc"
|
||||||
|
keys_registered: true
|
||||||
|
register: user
|
||||||
|
- name: verify results of create user idempotence
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- user|success
|
||||||
|
- not user|changed
|
||||||
|
- user.username == "{{ cs_resource_prefix }}_user2"
|
||||||
|
- user.first_name == "{{ cs_resource_prefix }}_first_name2"
|
||||||
|
- user.last_name == "{{ cs_resource_prefix }}_last_name2"
|
||||||
|
- user.email == "{{ cs_resource_prefix }}@example2.com"
|
||||||
|
- user.account_type == "user"
|
||||||
|
- user.account == "{{ cs_resource_prefix }}_acc"
|
||||||
|
- user.state == "enabled"
|
||||||
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is defined
|
||||||
|
|
||||||
- name: test update user in check mode
|
- name: test update user in check mode
|
||||||
cs_user:
|
cs_user:
|
||||||
|
@ -98,6 +189,7 @@
|
||||||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||||
email: "{{ cs_resource_prefix }}@example.com1"
|
email: "{{ cs_resource_prefix }}@example.com1"
|
||||||
account: "admin"
|
account: "admin"
|
||||||
|
keys_registered: true
|
||||||
register: user
|
register: user
|
||||||
check_mode: true
|
check_mode: true
|
||||||
- name: verify results of update user in check mode
|
- name: verify results of update user in check mode
|
||||||
|
@ -113,6 +205,7 @@
|
||||||
- user.account == "admin"
|
- user.account == "admin"
|
||||||
- user.state == "enabled"
|
- user.state == "enabled"
|
||||||
- user.domain == "ROOT"
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is not defined
|
||||||
|
|
||||||
- name: test update user
|
- name: test update user
|
||||||
cs_user:
|
cs_user:
|
||||||
|
@ -122,6 +215,7 @@
|
||||||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||||
email: "{{ cs_resource_prefix }}@example.com1"
|
email: "{{ cs_resource_prefix }}@example.com1"
|
||||||
account: "admin"
|
account: "admin"
|
||||||
|
keys_registered: true
|
||||||
register: user
|
register: user
|
||||||
- name: verify results of update user
|
- name: verify results of update user
|
||||||
assert:
|
assert:
|
||||||
|
@ -136,6 +230,7 @@
|
||||||
- user.account == "admin"
|
- user.account == "admin"
|
||||||
- user.state == "enabled"
|
- user.state == "enabled"
|
||||||
- user.domain == "ROOT"
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is defined
|
||||||
|
|
||||||
- name: test update user idempotence
|
- name: test update user idempotence
|
||||||
cs_user:
|
cs_user:
|
||||||
|
@ -145,6 +240,7 @@
|
||||||
first_name: "{{ cs_resource_prefix }}_first_name1"
|
first_name: "{{ cs_resource_prefix }}_first_name1"
|
||||||
email: "{{ cs_resource_prefix }}@example.com1"
|
email: "{{ cs_resource_prefix }}@example.com1"
|
||||||
account: "admin"
|
account: "admin"
|
||||||
|
keys_registered: true
|
||||||
register: user
|
register: user
|
||||||
- name: verify results of update user idempotence
|
- name: verify results of update user idempotence
|
||||||
assert:
|
assert:
|
||||||
|
@ -159,6 +255,7 @@
|
||||||
- user.account == "admin"
|
- user.account == "admin"
|
||||||
- user.state == "enabled"
|
- user.state == "enabled"
|
||||||
- user.domain == "ROOT"
|
- user.domain == "ROOT"
|
||||||
|
- user.user_api_key is defined
|
||||||
|
|
||||||
- name: test lock user in check mode
|
- name: test lock user in check mode
|
||||||
cs_user:
|
cs_user:
|
||||||
|
|
Loading…
Reference in a new issue