mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
add 'update_password' param to manageiq_user (#29093)
* add 'update_password' param to manageiq_user Currently with the manageiq_user module, if you call it repeatedly while passing the 'password' parameter, it will always run the task and mark it as 'changed'. Following the pattern of the AWS IAM module, add an 'update_password' parameter that takes 'always' (default) or 'on_create'. This will let you set an initial password when creating a user, but allow the user to modify their password and not stomp over their password changes if you re-run the playbook/task that created the user. * don't stomp password when other fields change Handle case where user fields change, but we don't want to stomp on a potentially user-changed password. Previously, if a non-password field changed, and the password param was passed in, it would ignore the 'update_password': 'on_create' setting (ie it would update/modify the password even if the user already exists). Add trailing ',' to list of params.
This commit is contained in:
parent
dbf9634b1b
commit
99f6f0ccc2
1 changed files with 17 additions and 3 deletions
|
@ -68,6 +68,13 @@ options:
|
|||
- The users' E-mail address.
|
||||
required: false
|
||||
default: null
|
||||
update_password:
|
||||
required: false
|
||||
default: always
|
||||
choices: ['always', 'on_create']
|
||||
description:
|
||||
- C(always) will update passwords unconditionally. C(on_create) will only set the password for a newly created user.
|
||||
version_added: '2.5'
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
|
@ -219,11 +226,16 @@ class ManageIQUser(object):
|
|||
resource['group'] = dict(id=group_id)
|
||||
if name is not None:
|
||||
resource['name'] = name
|
||||
if password is not None:
|
||||
resource['password'] = password
|
||||
if email is not None:
|
||||
resource['email'] = email
|
||||
|
||||
# if there is a password param, but 'update_password' is 'on_create'
|
||||
# then discard the password (since we're editing an existing user)
|
||||
if self.module.params['update_password'] == 'on_create':
|
||||
password = None
|
||||
if password is not None:
|
||||
resource['password'] = password
|
||||
|
||||
# check if we need to update ( compare_user is true is no difference found )
|
||||
if self.compare_user(user, name, group_id, password, email):
|
||||
return dict(
|
||||
|
@ -280,7 +292,9 @@ def main():
|
|||
password=dict(no_log=True),
|
||||
group=dict(),
|
||||
email=dict(),
|
||||
state=dict(choices=['absent', 'present'], default='present')
|
||||
state=dict(choices=['absent', 'present'], default='present'),
|
||||
update_password=dict(choices=['always', 'on_create'],
|
||||
default='always'),
|
||||
),
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in a new issue