Merge pull request #41 from billwanjohi/add_expired_state

user: add expired state
This commit is contained in:
Brian Coca 2015-01-27 18:29:45 -05:00
commit fc1045a1ee

View file

@ -84,10 +84,12 @@ options:
state:
required: false
default: "present"
choices: [ present, absent ]
choices: [ present, absent, expired ]
description:
- Whether the account should exist. When C(absent), removes
the user account.
- Whether the account should exist, and whether it is expired.
When C(absent), removes the user account.
When C(expired), the user will not be able to login through any means.
Expired state is only implemented for Linux.
createhome:
required: false
default: "yes"
@ -328,6 +330,10 @@ class User(object):
cmd.append('-s')
cmd.append(self.shell)
if self.state == 'expired':
cmd.append('--expiredate')
cmd.append('1')
if self.password is not None:
cmd.append('-p')
cmd.append(self.password)
@ -434,6 +440,10 @@ class User(object):
cmd.append('-s')
cmd.append(self.shell)
if self.state == 'expired':
cmd.append('--expiredate')
cmd.append('1')
if self.update_password == 'always' and self.password is not None and info[1] != self.password:
cmd.append('-p')
cmd.append(self.password)
@ -704,6 +714,10 @@ class FreeBsdUser(User):
cmd.append('-L')
cmd.append(self.login_class)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1970-01-01')
# system cannot be handled currently - should we error if its requested?
# create the user
(rc, out, err) = self.execute_command(cmd)
@ -788,6 +802,10 @@ class FreeBsdUser(User):
new_groups = groups | set(current_groups)
cmd.append(','.join(new_groups))
if self.state == 'expired':
cmd.append('-e')
cmd.append('1970-01-01')
# modify the user if cmd will do anything
if cmd_len != len(cmd):
(rc, out, err) = self.execute_command(cmd)
@ -864,6 +882,10 @@ class OpenBSDUser(User):
cmd.append('-L')
cmd.append(self.login_class)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1')
if self.password is not None:
cmd.append('-p')
cmd.append(self.password)
@ -958,6 +980,10 @@ class OpenBSDUser(User):
cmd.append('-L')
cmd.append(self.login_class)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1')
if self.update_password == 'always' and self.password is not None and info[1] != self.password:
cmd.append('-p')
cmd.append(self.password)
@ -1031,6 +1057,10 @@ class NetBSDUser(User):
cmd.append('-L')
cmd.append(self.login_class)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1')
if self.password is not None:
cmd.append('-p')
cmd.append(self.password)
@ -1113,6 +1143,10 @@ class NetBSDUser(User):
cmd.append('-L')
cmd.append(self.login_class)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1')
if self.update_password == 'always' and self.password is not None and info[1] != self.password:
cmd.append('-p')
cmd.append(self.password)
@ -1190,6 +1224,10 @@ class SunOS(User):
if self.createhome:
cmd.append('-m')
if self.state == 'expired':
cmd.append('-e')
cmd.append('1/1/70')
cmd.append(self.name)
if self.module.check_mode:
@ -1274,6 +1312,10 @@ class SunOS(User):
cmd.append('-s')
cmd.append(self.shell)
if self.state == 'expired':
cmd.append('-e')
cmd.append('1/1/70')
if self.module.check_mode:
return (0, '', '')
else:
@ -1363,6 +1405,10 @@ class AIX(User):
if self.createhome:
cmd.append('-m')
if self.state == 'expired':
cmd.append('-e')
cmd.append('0101000070')
cmd.append(self.name)
(rc, out, err) = self.execute_command(cmd)
@ -1431,6 +1477,9 @@ class AIX(User):
cmd.append('-s')
cmd.append(self.shell)
if self.state == 'expired':
cmd.append('-e')
cmd.append('0101000070')
# skip if no changes to be made
if len(cmd) == 1:
@ -1467,7 +1516,7 @@ def main():
}
module = AnsibleModule(
argument_spec = dict(
state=dict(default='present', choices=['present', 'absent'], type='str'),
state=dict(default='present', choices=['present', 'absent', 'expired'], type='str'),
name=dict(required=True, aliases=['user'], type='str'),
uid=dict(default=None, type='str'),
non_unique=dict(default='no', type='bool'),
@ -1522,7 +1571,10 @@ def main():
module.fail_json(name=user.name, msg=err, rc=rc)
result['force'] = user.force
result['remove'] = user.remove
elif user.state == 'present':
elif user.state == 'expired' and user.platform != 'Generic':
module.fail_json(name=user.state,
msg='expired state not yet support for {0} platform'.format(user.platform))
elif user.state == 'present' or user.state == 'expired':
if not user.user_exists():
if module.check_mode:
module.exit_json(changed=True)