1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

ipa_user: Add userauthtype param (#951) (#1004)

* ipa_user: Add userauthtype param

* Add changelog fragment

* Update changelogs/fragments/951-ipa_user-add-userauthtype-param.yaml

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

* Update plugins/modules/identity/ipa/ipa_user.py

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

* ipa_user: Add example for userauthtype

Co-authored-by: Lina He <lhe@tmamission.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit 104f6a3e96)

Co-authored-by: Lina He <lh3su@virginia.edu>
This commit is contained in:
patchback[bot] 2020-09-29 15:24:30 +00:00 committed by GitHub
parent 0baceda7f6
commit c00147e532
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 27 additions and 3 deletions

View file

@ -0,0 +1,3 @@
---
minor_changes:
- "ipa_user - add ``userauthtype`` option (https://github.com/ansible-collections/community.general/pull/951)."

View file

@ -90,6 +90,12 @@ options:
- Default home directory of the user.
type: str
version_added: '0.2.0'
userauthtype:
description:
- The authentication type to use for the user.
choices: ["password", "radius", "otp", "pkinit", "hardened"]
type: str
version_added: '1.2.0'
extends_documentation_fragment:
- community.general.ipa.documentation
@ -139,6 +145,15 @@ EXAMPLES = r'''
ipa_user: admin
ipa_pass: topsecret
update_password: on_create
- name: Ensure pinky is present and using one time password authentication
community.general.ipa_user:
name: pinky
state: present
userauthtype: otp
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
'''
RETURN = r'''
@ -182,7 +197,8 @@ class UserIPAClient(IPAClient):
def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None, loginshell=None,
mail=None, nsaccountlock=False, sn=None, sshpubkey=None, telephonenumber=None,
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None):
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None,
userauthtype=None):
user = {}
if displayname is not None:
user['displayname'] = displayname
@ -211,6 +227,8 @@ def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None,
user['uidnumber'] = uidnumber
if homedirectory is not None:
user['homedirectory'] = homedirectory
if userauthtype is not None:
user['ipauserauthtype'] = userauthtype
return user
@ -293,7 +311,8 @@ def ensure(module, client):
telephonenumber=module.params['telephonenumber'], title=module.params['title'],
userpassword=module.params['password'],
gidnumber=module.params.get('gidnumber'), uidnumber=module.params.get('uidnumber'),
homedirectory=module.params.get('homedirectory'))
homedirectory=module.params.get('homedirectory'),
userauthtype=module.params.get('userauthtype'))
update_password = module.params.get('update_password')
ipa_user = client.user_find(name=name)
@ -340,7 +359,9 @@ def main():
choices=['present', 'absent', 'enabled', 'disabled']),
telephonenumber=dict(type='list', elements='str'),
title=dict(type='str'),
homedirectory=dict(type='str'))
homedirectory=dict(type='str'),
userauthtype=dict(type='str',
choices=['password', 'radius', 'otp', 'pkinit', 'hardened']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)