638de22b35
These tests are doing string matches on the error condition. Update them to match the new strings. This is probably okay to push out to old releases even though it's technically backwards incompatible because production playbooks won't be checking that a parameter was missing. Param missing is something detected and fixed while writing the playbook.
442 lines
12 KiB
YAML
442 lines
12 KiB
YAML
---
|
|
- name: setup
|
|
cs_account: name={{ cs_resource_prefix }}_user state=absent
|
|
register: acc
|
|
- name: verify setup
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
|
|
- name: test fail if missing name
|
|
action: cs_account
|
|
register: acc
|
|
ignore_errors: true
|
|
- name: verify results of fail if missing params
|
|
assert:
|
|
that:
|
|
- acc|failed
|
|
- 'acc.msg == "missing required arguments: name"'
|
|
|
|
- name: test fail if missing params if state=present
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
register: acc
|
|
ignore_errors: true
|
|
- name: verify results of fail if missing params if state=present
|
|
assert:
|
|
that:
|
|
- acc|failed
|
|
- 'acc.msg == "missing required arguments: email, username, password, first_name, last_name"'
|
|
|
|
- name: test create user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of create account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
|
|
- name: test create user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
register: acc
|
|
- name: verify results of create account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
register: acc
|
|
- name: verify results of create account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of lock user account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test disable user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: disabled
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of disable user account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test disable user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of disable user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test disable user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of disable user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock disabled user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of lock disabled user account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock disabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock disabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock disabled user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock disabled user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test enable user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: enabled
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of enable user account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test enable user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: enabled
|
|
register: acc
|
|
- name: verify results of enable user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test enable user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: enabled
|
|
register: acc
|
|
- name: verify results of enable user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove user account in check mode
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
check_mode: true
|
|
- name: verify results of remove user account in check mode
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
|
|
- name: test create user disabled account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of create disabled account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove disabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove disabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user locked account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of create locked account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove locked user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove locked user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user unlocked/enabled account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: unlocked
|
|
register: acc
|
|
- name: verify results of create unlocked/enabled account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove unlocked/enabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove unlocked/enabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|