Clarify Error message when bitwarden vault not unlocked (#5811)

* Clarify Error message when vault not unlocked You can be logged into the Bitwarden-CLI, but it can still be locked. This took me several hours to debug, since every time I ran 'bw login' it told me, that I am already logged in. If you run 'bw unlock' without being logged in, you are prompted to log in. This clarifies the Error occurring and can drastically reduce debugging time, since you don't have to look into the source code to get an understanding of whats wrong. * RM: negation Nobody needs negation * Update function name * FIX: tests * ADD: changelog * Update changelogs/fragments/5811-clarify-bitwarden-error.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2024-09-14 20:13:21 +02:00 · 2023-01-22 17:29:11 +01:00 · 2023-01-22 17:29:11 +01:00 · bf117c839c
commit bf117c839c
parent 6781dd1918
3 changed files with 8 additions and 6 deletions
--- a/changelogs/fragments/5811-clarify-bitwarden-error.yml
+++ b/changelogs/fragments/5811-clarify-bitwarden-error.yml
@ -0,0 +1,2 @@
+minor_changes:
+  - bitwarden lookup plugin - clarify what to do, if the bitwarden vault is not unlocked (https://github.com/ansible-collections/community.general/pull/5811).
--- a/plugins/lookup/bitwarden.py
+++ b/plugins/lookup/bitwarden.py
@ -83,7 +83,7 @@ class Bitwarden(object):
        return self._cli_path

    @property
-    def logged_in(self):
+    def unlocked(self):
        out, err = self._run(['status'], stdin="")
        decoded = AnsibleJSONDecoder().raw_decode(out)[0]
        return decoded['status'] == 'unlocked'
@ -135,8 +135,8 @@ class LookupModule(LookupBase):
        self.set_options(var_options=variables, direct=kwargs)
        field = self.get_option('field')
        search_field = self.get_option('search')
-        if not _bitwarden.logged_in:
-            raise AnsibleError("Not logged into Bitwarden. Run 'bw login'.")
+        if not _bitwarden.unlocked:
+            raise AnsibleError("Bitwarden Vault locked. Run 'bw unlock'.")

        return [_bitwarden.get_field(field, term, search_field) for term in terms]

--- a/tests/unit/plugins/lookup/test_bitwarden.py
+++ b/tests/unit/plugins/lookup/test_bitwarden.py
@ -111,7 +111,7 @@ MOCK_RECORDS = [

 class MockBitwarden(Bitwarden):

-    logged_in = True
+    unlocked = True

    def _get_matches(self, search_value, search_field="name"):
        return list(filter(lambda record: record[search_field] == search_value, MOCK_RECORDS))
@ -119,7 +119,7 @@ class MockBitwarden(Bitwarden):

 class LoggedOutMockBitwarden(MockBitwarden):

-    logged_in = False
+    unlocked = False


 class TestLookupModule(unittest.TestCase):
@ -155,7 +155,7 @@ class TestLookupModule(unittest.TestCase):
                         self.lookup.run(['a_test'])[0])

    @patch('ansible_collections.community.general.plugins.lookup.bitwarden._bitwarden', LoggedOutMockBitwarden())
-    def test_bitwarden_plugin_logged_out(self):
+    def test_bitwarden_plugin_unlocked(self):
        record = MOCK_RECORDS[0]
        record_name = record['name']
        with self.assertRaises(AnsibleError):