1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

fix #1731 : mongodb_user always says changed

This commit is contained in:
Guillaume Dufour 2016-02-25 11:01:34 +01:00 committed by Matt Clay
parent d20b7ee6e6
commit b07e1c13f7

View file

@ -159,9 +159,9 @@ else:
# MongoDB module specific support methods.
#
def user_find(client, user):
def user_find(client, user, db_name):
for mongo_user in client["admin"].system.users.find():
if mongo_user['user'] == user:
if mongo_user['user'] == user and mongo_user['db'] == db_name:
return mongo_user
return False
@ -169,6 +169,7 @@ def user_add(module, client, db_name, user, password, roles):
#pymongo's user_add is a _create_or_update_user so we won't know if it was changed or updated
#without reproducing a lot of the logic in database.py of pymongo
db = client[db_name]
if roles is None:
db.add_user(user, password, False)
else:
@ -181,7 +182,7 @@ def user_add(module, client, db_name, user, password, roles):
module.fail_json(msg=err_msg)
def user_remove(module, client, db_name, user):
exists = user_find(client, user)
exists = user_find(client, user, db_name)
if exists:
if module.check_mode:
module.exit_json(changed=True, user=user)
@ -274,8 +275,11 @@ def main():
if password is None and update_password == 'always':
module.fail_json(msg='password parameter required when adding a user unless update_password is set to on_create')
if update_password != 'always' and user_find(client, user):
uinfo = user_find(client, user, db_name)
if update_password != 'always' and uinfo:
password = None
if list(map((lambda x: x['role']), uinfo['roles'])) == roles:
module.exit_json(changed=False, user=user)
if module.check_mode:
module.exit_json(changed=True, user=user)
@ -285,6 +289,11 @@ def main():
except OperationFailure, e:
module.fail_json(msg='Unable to add or update user: %s' % str(e))
# Here we can check password change if mongo provide a query for that : https://jira.mongodb.org/browse/SERVER-22848
#newuinfo = user_find(client, user, db_name)
#if uinfo['role'] == newuinfo['role'] and CheckPasswordHere:
# module.exit_json(changed=False, user=user)
elif state == 'absent':
try:
user_remove(module, client, db_name, user)