1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Add require_two_factor_authentication property to gitlab group (#3367)

* feat: add require_two_factor_authentication property

* chore: add changelog fragment

* chore: add gitlab_group test tasks

* chore: add gitlab tests

* chore: add gitlab group tests

* docs: apply suggestions

* fix: removing default value
This commit is contained in:
Chris Frage 2021-09-20 06:55:43 +02:00 committed by GitHub
parent e48f9fdf74
commit 9ce1009643
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 53 additions and 6 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- gitlab_group - add new property ``require_two_factor_authentication`` (https://github.com/ansible-collections/community.general/pull/3367).

View file

@ -78,6 +78,11 @@ options:
choices: ["maintainer", "owner"] choices: ["maintainer", "owner"]
type: str type: str
version_added: 3.7.0 version_added: 3.7.0
require_two_factor_authentication:
description:
- Require all users in this group to setup two-factor authentication.
type: bool
version_added: 3.7.0
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -201,6 +206,7 @@ class GitLabGroup(object):
'project_creation_level': options['project_creation_level'], 'project_creation_level': options['project_creation_level'],
'auto_devops_enabled': options['auto_devops_enabled'], 'auto_devops_enabled': options['auto_devops_enabled'],
'subgroup_creation_level': options['subgroup_creation_level'], 'subgroup_creation_level': options['subgroup_creation_level'],
'require_two_factor_authentication': options['require_two_factor_authentication'],
} }
if options.get('description'): if options.get('description'):
payload['description'] = options['description'] payload['description'] = options['description']
@ -214,6 +220,7 @@ class GitLabGroup(object):
'project_creation_level': options['project_creation_level'], 'project_creation_level': options['project_creation_level'],
'auto_devops_enabled': options['auto_devops_enabled'], 'auto_devops_enabled': options['auto_devops_enabled'],
'subgroup_creation_level': options['subgroup_creation_level'], 'subgroup_creation_level': options['subgroup_creation_level'],
'require_two_factor_authentication': options['require_two_factor_authentication'],
}) })
self.groupObject = group self.groupObject = group
@ -299,6 +306,7 @@ def main():
project_creation_level=dict(type='str', choices=['developer', 'maintainer', 'noone']), project_creation_level=dict(type='str', choices=['developer', 'maintainer', 'noone']),
auto_devops_enabled=dict(type='bool'), auto_devops_enabled=dict(type='bool'),
subgroup_creation_level=dict(type='str', choices=['maintainer', 'owner']), subgroup_creation_level=dict(type='str', choices=['maintainer', 'owner']),
require_two_factor_authentication=dict(type='bool'),
)) ))
module = AnsibleModule( module = AnsibleModule(
@ -325,6 +333,7 @@ def main():
project_creation_level = module.params['project_creation_level'] project_creation_level = module.params['project_creation_level']
auto_devops_enabled = module.params['auto_devops_enabled'] auto_devops_enabled = module.params['auto_devops_enabled']
subgroup_creation_level = module.params['subgroup_creation_level'] subgroup_creation_level = module.params['subgroup_creation_level']
require_two_factor_authentication = module.params['require_two_factor_authentication']
if not HAS_GITLAB_PACKAGE: if not HAS_GITLAB_PACKAGE:
module.fail_json(msg=missing_required_lib("python-gitlab"), exception=GITLAB_IMP_ERR) module.fail_json(msg=missing_required_lib("python-gitlab"), exception=GITLAB_IMP_ERR)
@ -361,7 +370,9 @@ def main():
"visibility": group_visibility, "visibility": group_visibility,
"project_creation_level": project_creation_level, "project_creation_level": project_creation_level,
"auto_devops_enabled": auto_devops_enabled, "auto_devops_enabled": auto_devops_enabled,
"subgroup_creation_level": subgroup_creation_level}): "subgroup_creation_level": subgroup_creation_level,
"require_two_factor_authentication": require_two_factor_authentication,
}):
module.exit_json(changed=True, msg="Successfully created or updated the group %s" % group_name, group=gitlab_group.groupObject._attrs) module.exit_json(changed=True, msg="Successfully created or updated the group %s" % group_name, group=gitlab_group.groupObject._attrs)
else: else:
module.exit_json(changed=False, msg="No need to update the group %s" % group_name, group=gitlab_group.groupObject._attrs) module.exit_json(changed=False, msg="No need to update the group %s" % group_name, group=gitlab_group.groupObject._attrs)

View file

@ -97,3 +97,28 @@
assert: assert:
that: that:
- gitlab_group_state_pcl.group.project_creation_level == "noone" - gitlab_group_state_pcl.group.project_creation_level == "noone"
- name: Cleanup GitLab Group for require_two_factor_authentication Test
gitlab_group:
api_url: "{{ gitlab_host }}"
validate_certs: false
api_token: "{{ gitlab_login_token }}"
name: ansible_test_group
path: ansible_test_group
state: absent
- name: Create GitLab Group for project_creation_level Test
gitlab_group:
api_url: "{{ gitlab_host }}"
validate_certs: false
api_token: "{{ gitlab_login_token }}"
name: ansible_test_group
path: ansible_test_group
require_two_factor_authentication: true
state: present
register: gitlab_group_state_rtfa
- name: Test group created with project_creation_level
assert:
that:
- gitlab_group_state_rtfa.group.require_two_factor_authentication == true

View file

@ -195,6 +195,7 @@ def resp_get_group(url, request):
'"web_url": "http://localhost:3000/groups/foo-bar", "request_access_enabled": false,' '"web_url": "http://localhost:3000/groups/foo-bar", "request_access_enabled": false,'
'"full_name": "Foobar Group", "full_path": "foo-bar",' '"full_name": "Foobar Group", "full_path": "foo-bar",'
'"project_creation_level": "maintainer", "subgroup_creation_level": "maintainer",' '"project_creation_level": "maintainer", "subgroup_creation_level": "maintainer",'
'"require_two_factor_authentication": true,'
'"file_template_project_id": 1, "parent_id": null, "projects": [{"id": 1,"description": null, "default_branch": "master",' '"file_template_project_id": 1, "parent_id": null, "projects": [{"id": 1,"description": null, "default_branch": "master",'
'"ssh_url_to_repo": "git@example.com:diaspora/diaspora-client.git",' '"ssh_url_to_repo": "git@example.com:diaspora/diaspora-client.git",'
'"http_url_to_repo": "http://example.com/diaspora/diaspora-client.git",' '"http_url_to_repo": "http://example.com/diaspora/diaspora-client.git",'
@ -227,7 +228,8 @@ def resp_create_group(url, request):
'"web_url": "http://localhost:3000/groups/foo-bar", "request_access_enabled": false,' '"web_url": "http://localhost:3000/groups/foo-bar", "request_access_enabled": false,'
'"full_name": "Foobar Group", "full_path": "foo-bar",' '"full_name": "Foobar Group", "full_path": "foo-bar",'
'"file_template_project_id": 1, "parent_id": null,' '"file_template_project_id": 1, "parent_id": null,'
'"project_creation_level": "developer", "subgroup_creation_level": "maintainer"}') '"project_creation_level": "developer", "subgroup_creation_level": "maintainer",'
'"require_two_factor_authentication": true}')
content = content.encode("utf-8") content = content.encode("utf-8")
return response(200, content, headers, None, 5, request) return response(200, content, headers, None, 5, request)
@ -241,7 +243,8 @@ def resp_create_subgroup(url, request):
'"web_url": "http://localhost:3000/groups/foo-bar/bar-foo", "request_access_enabled": false,' '"web_url": "http://localhost:3000/groups/foo-bar/bar-foo", "request_access_enabled": false,'
'"full_name": "BarFoo Group", "full_path": "foo-bar/bar-foo",' '"full_name": "BarFoo Group", "full_path": "foo-bar/bar-foo",'
'"file_template_project_id": 1, "parent_id": 1,' '"file_template_project_id": 1, "parent_id": 1,'
'"project_creation_level": "noone"}') '"project_creation_level": "noone",'
'"require_two_factor_authentication": true}')
content = content.encode("utf-8") content = content.encode("utf-8")
return response(200, content, headers, None, 5, request) return response(200, content, headers, None, 5, request)

View file

@ -70,7 +70,8 @@ class TestGitlabGroup(GitlabModuleTestCase):
'path': "foo-bar", 'path': "foo-bar",
'description': "An interesting group", 'description': "An interesting group",
'project_creation_level': "developer", 'project_creation_level': "developer",
'subgroup_creation_level': "maintainer"}) 'subgroup_creation_level': "maintainer",
'require_two_factor_authentication': True})
self.assertEqual(type(group), Group) self.assertEqual(type(group), Group)
self.assertEqual(group.name, "Foobar Group") self.assertEqual(group.name, "Foobar Group")
@ -78,6 +79,7 @@ class TestGitlabGroup(GitlabModuleTestCase):
self.assertEqual(group.description, "An interesting group") self.assertEqual(group.description, "An interesting group")
self.assertEqual(group.project_creation_level, "developer") self.assertEqual(group.project_creation_level, "developer")
self.assertEqual(group.subgroup_creation_level, "maintainer") self.assertEqual(group.subgroup_creation_level, "maintainer")
self.assertEqual(group.require_two_factor_authentication, True)
self.assertEqual(group.id, 1) self.assertEqual(group.id, 1)
@with_httmock(resp_create_subgroup) @with_httmock(resp_create_subgroup)
@ -85,12 +87,14 @@ class TestGitlabGroup(GitlabModuleTestCase):
group = self.moduleUtil.createGroup({'name': "BarFoo Group", group = self.moduleUtil.createGroup({'name': "BarFoo Group",
'path': "bar-foo", 'path': "bar-foo",
'parent_id': 1, 'parent_id': 1,
'project_creation_level': "noone"}) 'project_creation_level': "noone",
'require_two_factor_authentication': True})
self.assertEqual(type(group), Group) self.assertEqual(type(group), Group)
self.assertEqual(group.name, "BarFoo Group") self.assertEqual(group.name, "BarFoo Group")
self.assertEqual(group.full_path, "foo-bar/bar-foo") self.assertEqual(group.full_path, "foo-bar/bar-foo")
self.assertEqual(group.project_creation_level, "noone") self.assertEqual(group.project_creation_level, "noone")
self.assertEqual(group.require_two_factor_authentication, True)
self.assertEqual(group.id, 2) self.assertEqual(group.id, 2)
self.assertEqual(group.parent_id, 1) self.assertEqual(group.parent_id, 1)
@ -99,12 +103,14 @@ class TestGitlabGroup(GitlabModuleTestCase):
group = self.gitlab_instance.groups.get(1) group = self.gitlab_instance.groups.get(1)
changed, newGroup = self.moduleUtil.updateGroup(group, {'name': "BarFoo Group", changed, newGroup = self.moduleUtil.updateGroup(group, {'name': "BarFoo Group",
'visibility': "private", 'visibility': "private",
'project_creation_level': "maintainer"}) 'project_creation_level': "maintainer",
'require_two_factor_authentication': True})
self.assertEqual(changed, True) self.assertEqual(changed, True)
self.assertEqual(newGroup.name, "BarFoo Group") self.assertEqual(newGroup.name, "BarFoo Group")
self.assertEqual(newGroup.visibility, "private") self.assertEqual(newGroup.visibility, "private")
self.assertEqual(newGroup.project_creation_level, "maintainer") self.assertEqual(newGroup.project_creation_level, "maintainer")
self.assertEqual(newGroup.require_two_factor_authentication, True)
changed, newGroup = self.moduleUtil.updateGroup(group, {'name': "BarFoo Group"}) changed, newGroup = self.moduleUtil.updateGroup(group, {'name': "BarFoo Group"})