From e9816e10bc0a682ebacf4d6f9d06dcca397fbd7b Mon Sep 17 00:00:00 2001 From: linnil1 Date: Fri, 15 Mar 2019 01:34:47 +0800 Subject: [PATCH] junos_user add condition when user = root (#53111) * junos_user add condition when user = root * Modify the failure message. Thanks NilashishC. --- lib/ansible/modules/network/junos/junos_user.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/lib/ansible/modules/network/junos/junos_user.py b/lib/ansible/modules/network/junos/junos_user.py index ac32a1bede..aaef0faf6f 100644 --- a/lib/ansible/modules/network/junos/junos_user.py +++ b/lib/ansible/modules/network/junos/junos_user.py @@ -202,11 +202,16 @@ def map_obj_to_ele(module, want): else: operation = 'merge' - user = SubElement(login, 'user', {'operation': operation}) - - SubElement(user, 'name').text = item['name'] + if item['name'] != 'root': + user = SubElement(login, 'user', {'operation': operation}) + SubElement(user, 'name').text = item['name'] + else: + user = auth = SubElement(element, 'root-authentication', {'operation': operation}) if operation == 'merge': + if item['name'] == 'root' and (not item['active'] or item['role'] or item['full_name']): + module.fail_json(msg="'root' account cannot be deactivated or be assigned a role and a full name") + if item['active']: user.set('active', 'active') else: @@ -219,7 +224,8 @@ def map_obj_to_ele(module, want): SubElement(user, 'full-name').text = item['full_name'] if item.get('sshkey'): - auth = SubElement(user, 'authentication') + if 'auth' not in locals(): + auth = SubElement(user, 'authentication') if 'ssh-rsa' in item['sshkey']: ssh_rsa = SubElement(auth, 'ssh-rsa') elif 'ssh-dss' in item['sshkey']: