cloud: ovirt_permissions: Add new entities (#20388)

This patch add new entities to manage permissions: - disk_profile - cpu_profile - vnic_profile - system It also enhance the documentation.
2017-01-18 16:01:25 +01:00 · 2017-01-18 16:01:25 +01:00 · aa6ce16aa4
commit aa6ce16aa4
parent d9d1194c80
1 changed files with 25 additions and 4 deletions
--- a/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py
+++ b/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py
@ -71,7 +71,7 @@ options:
    object_type:
        description:
            - "The object where the permissions should be managed."
-        default: 'virtual_machine'
+        default: 'vm'
        choices: [
            'data_center',
            'cluster',
@ -82,13 +82,22 @@ options:
            'vm',
            'vm_pool',
            'template',
+            'cpu_profile',
+            'disk_profile',
+            'vnic_profile',
+            'system',
        ]
    user_name:
        description:
-            - "Username of the the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user."
+            - "Username of the the user to manage. In most LDAPs it's I(uid) of the user,
+               but in Active Directory you must specify I(UPN) of the user."
+            - "Note that if user don't exist in the system this module will fail,
+               you should ensure the user exists by using M(ovirt_users) module."
    group_name:
        description:
            - "Name of the the group to manage."
+            - "Note that if group don't exist in the system this module will fail,
+               you should ensure the group exists by using M(ovirt_groups) module."
    authz_name:
        description:
            - "Authorization provider of the user/group. In previous versions of oVirt known as domain."
@ -137,6 +146,9 @@ permission:


 def _objects_service(connection, object_type):
+    if object_type == 'system':
+        return connection.system_service()
+
    return getattr(
        connection.system_service(),
        '%ss_service' % object_type,
@ -147,6 +159,8 @@ def _objects_service(connection, object_type):
 def _object_service(connection, module):
    object_type = module.params['object_type']
    objects_service = _objects_service(connection, object_type)
+    if object_type == 'system':
+        return objects_service

    object_id = module.params['object_id']
    if object_id is None:
@ -232,7 +246,7 @@ def main():
        ),
        role=dict(default='UserRole'),
        object_type=dict(
-            default='virtual_machine',
+            default='vm',
            choices=[
                'data_center',
                'cluster',
@ -243,6 +257,10 @@ def main():
                'vm',
                'vm_pool',
                'template',
+                'cpu_profile',
+                'disk_profile',
+                'vnic_profile',
+                'system',
            ]
        ),
        authz_name=dict(required=True, aliases=['domain']),
@ -258,7 +276,10 @@ def main():
    )
    check_sdk(module)

-    if module.params['object_name'] is None and module.params['object_id'] is None:
+    if (
+        (module.params['object_name'] is None and module.params['object_id'] is None)
+        and module.params['object_type'] != 'system'
+    ):
        module.fail_json(msg='"object_name" or "object_id" is required')

    if module.params['user_name'] is None and module.params['group_name'] is None: