--- - name: setup cs_account: name={{ cs_resource_prefix }}_user state=absent register: acc - name: verify setup assert: that: - acc is successful - name: test fail if missing name action: cs_account register: acc ignore_errors: true - name: verify results of fail if missing params assert: that: - acc is failed - 'acc.msg == "missing required arguments: name"' - name: test fail if missing params if state=present cs_account: name: "{{ cs_resource_prefix }}_user" register: acc ignore_errors: true - name: verify results of fail if missing params if state=present assert: that: - acc is failed - 'acc.msg == "missing required arguments: email, username, password, first_name, last_name"' - name: test create user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" register: acc check_mode: true - name: verify results of create account in check mode assert: that: - acc is successful - acc is changed - name: test create user account cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" register: acc - name: verify results of create account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test create user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" register: acc - name: verify results of create account idempotence assert: that: - acc is successful - acc is not changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test lock user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc check_mode: true - name: verify results of lock user account in check mode assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test lock user account cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc - name: verify results of lock user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test lock user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc - name: verify results of lock user account idempotence assert: that: - acc is successful - acc is not changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test disable user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" state: disabled register: acc check_mode: true - name: verify results of disable user account in check mode assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test disable user account cs_account: name: "{{ cs_resource_prefix }}_user" state: disabled register: acc - name: verify results of disable user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "disabled" - acc.domain == "ROOT" - name: test disable user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" state: disabled register: acc - name: verify results of disable user account idempotence assert: that: - acc is successful - acc is not changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "disabled" - acc.domain == "ROOT" - name: test lock disabled user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc check_mode: true - name: verify results of lock disabled user account in check mode assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "disabled" - acc.domain == "ROOT" - name: test lock disabled user account cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc - name: verify results of lock disabled user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test lock disabled user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" state: locked register: acc - name: verify results of lock disabled user account idempotence assert: that: - acc is successful - acc is not changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test enable user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" state: enabled register: acc check_mode: true - name: verify results of enable user account in check mode assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test enable user account cs_account: name: "{{ cs_resource_prefix }}_user" state: enabled register: acc - name: verify results of enable user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test enable user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" state: enabled register: acc - name: verify results of enable user account idempotence assert: that: - acc is successful - acc is not changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test remove user account in check mode cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc check_mode: true - name: verify results of remove user account in check mode assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test remove user account cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc - name: verify results of remove user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test remove user account idempotence cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc - name: verify results of remove user account idempotence assert: that: - acc is successful - acc is not changed - name: test create user disabled account cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" state: disabled register: acc - name: verify results of create disabled account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "disabled" - acc.domain == "ROOT" - name: test remove disabled user account cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc - name: verify results of remove disabled user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "disabled" - acc.domain == "ROOT" - name: test create user locked account cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" state: locked register: acc - name: verify results of create locked account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test remove locked user account cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc - name: verify results of remove locked user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "locked" - acc.domain == "ROOT" - name: test create user unlocked/enabled account cs_account: name: "{{ cs_resource_prefix }}_user" username: "{{ cs_resource_prefix }}_username" password: "{{ cs_resource_prefix }}_password" last_name: "{{ cs_resource_prefix }}_last_name" first_name: "{{ cs_resource_prefix }}_first_name" email: "{{ cs_resource_prefix }}@example.com" network_domain: "example.com" state: unlocked register: acc - name: verify results of create unlocked/enabled account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT" - name: test remove unlocked/enabled user account cs_account: name: "{{ cs_resource_prefix }}_user" state: absent register: acc - name: verify results of remove unlocked/enabled user account assert: that: - acc is successful - acc is changed - acc.name == "{{ cs_resource_prefix }}_user" - acc.network_domain == "example.com" - acc.account_type == "user" - acc.state == "enabled" - acc.domain == "ROOT"