diff --git a/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py b/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py index 10a845bb32..be791549e6 100644 --- a/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py +++ b/lib/ansible/modules/cloud/ovirt/ovirt_permissions.py @@ -71,7 +71,7 @@ options: object_type: description: - "The object where the permissions should be managed." - default: 'virtual_machine' + default: 'vm' choices: [ 'data_center', 'cluster', @@ -82,13 +82,22 @@ options: 'vm', 'vm_pool', 'template', + 'cpu_profile', + 'disk_profile', + 'vnic_profile', + 'system', ] user_name: description: - - "Username of the the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user." + - "Username of the the user to manage. In most LDAPs it's I(uid) of the user, + but in Active Directory you must specify I(UPN) of the user." + - "Note that if user don't exist in the system this module will fail, + you should ensure the user exists by using M(ovirt_users) module." group_name: description: - "Name of the the group to manage." + - "Note that if group don't exist in the system this module will fail, + you should ensure the group exists by using M(ovirt_groups) module." authz_name: description: - "Authorization provider of the user/group. In previous versions of oVirt known as domain." @@ -137,6 +146,9 @@ permission: def _objects_service(connection, object_type): + if object_type == 'system': + return connection.system_service() + return getattr( connection.system_service(), '%ss_service' % object_type, @@ -147,6 +159,8 @@ def _objects_service(connection, object_type): def _object_service(connection, module): object_type = module.params['object_type'] objects_service = _objects_service(connection, object_type) + if object_type == 'system': + return objects_service object_id = module.params['object_id'] if object_id is None: @@ -232,7 +246,7 @@ def main(): ), role=dict(default='UserRole'), object_type=dict( - default='virtual_machine', + default='vm', choices=[ 'data_center', 'cluster', @@ -243,6 +257,10 @@ def main(): 'vm', 'vm_pool', 'template', + 'cpu_profile', + 'disk_profile', + 'vnic_profile', + 'system', ] ), authz_name=dict(required=True, aliases=['domain']), @@ -258,7 +276,10 @@ def main(): ) check_sdk(module) - if module.params['object_name'] is None and module.params['object_id'] is None: + if ( + (module.params['object_name'] is None and module.params['object_id'] is None) + and module.params['object_type'] != 'system' + ): module.fail_json(msg='"object_name" or "object_id" is required') if module.params['user_name'] is None and module.params['group_name'] is None: