mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
* ipa_user: Add userauthtype param
* Add changelog fragment
* Update changelogs/fragments/951-ipa_user-add-userauthtype-param.yaml
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Update plugins/modules/identity/ipa/ipa_user.py
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* ipa_user: Add example for userauthtype
Co-authored-by: Lina He <lhe@tmamission.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit 104f6a3e96
)
Co-authored-by: Lina He <lh3su@virginia.edu>
This commit is contained in:
parent
0baceda7f6
commit
c00147e532
2 changed files with 27 additions and 3 deletions
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
minor_changes:
|
||||||
|
- "ipa_user - add ``userauthtype`` option (https://github.com/ansible-collections/community.general/pull/951)."
|
|
@ -90,6 +90,12 @@ options:
|
||||||
- Default home directory of the user.
|
- Default home directory of the user.
|
||||||
type: str
|
type: str
|
||||||
version_added: '0.2.0'
|
version_added: '0.2.0'
|
||||||
|
userauthtype:
|
||||||
|
description:
|
||||||
|
- The authentication type to use for the user.
|
||||||
|
choices: ["password", "radius", "otp", "pkinit", "hardened"]
|
||||||
|
type: str
|
||||||
|
version_added: '1.2.0'
|
||||||
extends_documentation_fragment:
|
extends_documentation_fragment:
|
||||||
- community.general.ipa.documentation
|
- community.general.ipa.documentation
|
||||||
|
|
||||||
|
@ -139,6 +145,15 @@ EXAMPLES = r'''
|
||||||
ipa_user: admin
|
ipa_user: admin
|
||||||
ipa_pass: topsecret
|
ipa_pass: topsecret
|
||||||
update_password: on_create
|
update_password: on_create
|
||||||
|
|
||||||
|
- name: Ensure pinky is present and using one time password authentication
|
||||||
|
community.general.ipa_user:
|
||||||
|
name: pinky
|
||||||
|
state: present
|
||||||
|
userauthtype: otp
|
||||||
|
ipa_host: ipa.example.com
|
||||||
|
ipa_user: admin
|
||||||
|
ipa_pass: topsecret
|
||||||
'''
|
'''
|
||||||
|
|
||||||
RETURN = r'''
|
RETURN = r'''
|
||||||
|
@ -182,7 +197,8 @@ class UserIPAClient(IPAClient):
|
||||||
|
|
||||||
def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None, loginshell=None,
|
def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None, loginshell=None,
|
||||||
mail=None, nsaccountlock=False, sn=None, sshpubkey=None, telephonenumber=None,
|
mail=None, nsaccountlock=False, sn=None, sshpubkey=None, telephonenumber=None,
|
||||||
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None):
|
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None,
|
||||||
|
userauthtype=None):
|
||||||
user = {}
|
user = {}
|
||||||
if displayname is not None:
|
if displayname is not None:
|
||||||
user['displayname'] = displayname
|
user['displayname'] = displayname
|
||||||
|
@ -211,6 +227,8 @@ def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None,
|
||||||
user['uidnumber'] = uidnumber
|
user['uidnumber'] = uidnumber
|
||||||
if homedirectory is not None:
|
if homedirectory is not None:
|
||||||
user['homedirectory'] = homedirectory
|
user['homedirectory'] = homedirectory
|
||||||
|
if userauthtype is not None:
|
||||||
|
user['ipauserauthtype'] = userauthtype
|
||||||
|
|
||||||
return user
|
return user
|
||||||
|
|
||||||
|
@ -293,7 +311,8 @@ def ensure(module, client):
|
||||||
telephonenumber=module.params['telephonenumber'], title=module.params['title'],
|
telephonenumber=module.params['telephonenumber'], title=module.params['title'],
|
||||||
userpassword=module.params['password'],
|
userpassword=module.params['password'],
|
||||||
gidnumber=module.params.get('gidnumber'), uidnumber=module.params.get('uidnumber'),
|
gidnumber=module.params.get('gidnumber'), uidnumber=module.params.get('uidnumber'),
|
||||||
homedirectory=module.params.get('homedirectory'))
|
homedirectory=module.params.get('homedirectory'),
|
||||||
|
userauthtype=module.params.get('userauthtype'))
|
||||||
|
|
||||||
update_password = module.params.get('update_password')
|
update_password = module.params.get('update_password')
|
||||||
ipa_user = client.user_find(name=name)
|
ipa_user = client.user_find(name=name)
|
||||||
|
@ -340,7 +359,9 @@ def main():
|
||||||
choices=['present', 'absent', 'enabled', 'disabled']),
|
choices=['present', 'absent', 'enabled', 'disabled']),
|
||||||
telephonenumber=dict(type='list', elements='str'),
|
telephonenumber=dict(type='list', elements='str'),
|
||||||
title=dict(type='str'),
|
title=dict(type='str'),
|
||||||
homedirectory=dict(type='str'))
|
homedirectory=dict(type='str'),
|
||||||
|
userauthtype=dict(type='str',
|
||||||
|
choices=['password', 'radius', 'otp', 'pkinit', 'hardened']))
|
||||||
|
|
||||||
module = AnsibleModule(argument_spec=argument_spec,
|
module = AnsibleModule(argument_spec=argument_spec,
|
||||||
supports_check_mode=True)
|
supports_check_mode=True)
|
||||||
|
|
Loading…
Reference in a new issue