mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
ipa_group: add append option (#3545)
* ipa: add append parameter to modify_if_diff * ipa_group: add state: append * ipa_group: rework append to an option instead of another state * ipa_group: append default=no * ipa_group: add change fragment for new append option * ipa_group: restore descriptions for group and user * ipa_group: re-add missed quotation mark * ipa_group: set default for append in argument_spec * ipa_group: add .yml ext to fragement file * ipa_group: corrections to append description * ipa_group: refine change fragement text Co-authored-by: Felix Fontein <felix@fontein.de> * ipa_group: use correct macros in option descriptions Co-authored-by: Felix Fontein <felix@fontein.de> * ipa_group: include append in user and group descriptions * ipa_group: add version_added Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
e8c37ca605
commit
ef0b83fdf1
3 changed files with 35 additions and 9 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- "ipa_group - add ``append`` option for adding group and users members, instead of replacing the respective lists (https://github.com/ansible-collections/community.general/pull/3545)."
|
|
@ -179,10 +179,10 @@ class IPAClient(object):
|
||||||
result.append(key)
|
result.append(key)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def modify_if_diff(self, name, ipa_list, module_list, add_method, remove_method, item=None):
|
def modify_if_diff(self, name, ipa_list, module_list, add_method, remove_method, item=None, append=None):
|
||||||
changed = False
|
changed = False
|
||||||
diff = list(set(ipa_list) - set(module_list))
|
diff = list(set(ipa_list) - set(module_list))
|
||||||
if len(diff) > 0:
|
if append is not True and len(diff) > 0:
|
||||||
changed = True
|
changed = True
|
||||||
if not self.module.check_mode:
|
if not self.module.check_mode:
|
||||||
if item:
|
if item:
|
||||||
|
|
|
@ -14,6 +14,13 @@ short_description: Manage FreeIPA group
|
||||||
description:
|
description:
|
||||||
- Add, modify and delete group within IPA server
|
- Add, modify and delete group within IPA server
|
||||||
options:
|
options:
|
||||||
|
append:
|
||||||
|
description:
|
||||||
|
- If C(yes), add the listed I(user) and I(group) to the group members.
|
||||||
|
- If C(no), only the listed I(user) and I(group) will be group members, removing any other members.
|
||||||
|
default: no
|
||||||
|
type: bool
|
||||||
|
version_added: 4.0.0
|
||||||
cn:
|
cn:
|
||||||
description:
|
description:
|
||||||
- Canonical name.
|
- Canonical name.
|
||||||
|
@ -37,9 +44,10 @@ options:
|
||||||
group:
|
group:
|
||||||
description:
|
description:
|
||||||
- List of group names assigned to this group.
|
- List of group names assigned to this group.
|
||||||
- If an empty list is passed all groups will be removed from this group.
|
- If I(append=no) and an empty list is passed all groups will be removed from this group.
|
||||||
- If option is omitted assigned groups will not be checked or changed.
|
|
||||||
- Groups that are already assigned but not passed will be removed.
|
- Groups that are already assigned but not passed will be removed.
|
||||||
|
- If I(append=yes) the listed groups will be assigned without removing other groups.
|
||||||
|
- If option is omitted assigned groups will not be checked or changed.
|
||||||
type: list
|
type: list
|
||||||
elements: str
|
elements: str
|
||||||
nonposix:
|
nonposix:
|
||||||
|
@ -49,9 +57,10 @@ options:
|
||||||
user:
|
user:
|
||||||
description:
|
description:
|
||||||
- List of user names assigned to this group.
|
- List of user names assigned to this group.
|
||||||
- If an empty list is passed all users will be removed from this group.
|
- If I(append=no) and an empty list is passed all users will be removed from this group.
|
||||||
- If option is omitted assigned users will not be checked or changed.
|
|
||||||
- Users that are already assigned but not passed will be removed.
|
- Users that are already assigned but not passed will be removed.
|
||||||
|
- If I(append=yes) the listed users will be assigned without removing other users.
|
||||||
|
- If option is omitted assigned users will not be checked or changed.
|
||||||
type: list
|
type: list
|
||||||
elements: str
|
elements: str
|
||||||
state:
|
state:
|
||||||
|
@ -95,6 +104,17 @@ EXAMPLES = r'''
|
||||||
ipa_user: admin
|
ipa_user: admin
|
||||||
ipa_pass: topsecret
|
ipa_pass: topsecret
|
||||||
|
|
||||||
|
- name: Ensure that new starter named john is member of the group, without removing other members
|
||||||
|
community.general.ipa_group:
|
||||||
|
name: developers
|
||||||
|
user:
|
||||||
|
- john
|
||||||
|
append: yes
|
||||||
|
state: present
|
||||||
|
ipa_host: ipa.example.com
|
||||||
|
ipa_user: admin
|
||||||
|
ipa_pass: topsecret
|
||||||
|
|
||||||
- name: Ensure group is absent
|
- name: Ensure group is absent
|
||||||
community.general.ipa_group:
|
community.general.ipa_group:
|
||||||
name: sysops
|
name: sysops
|
||||||
|
@ -187,6 +207,7 @@ def ensure(module, client):
|
||||||
name = module.params['cn']
|
name = module.params['cn']
|
||||||
group = module.params['group']
|
group = module.params['group']
|
||||||
user = module.params['user']
|
user = module.params['user']
|
||||||
|
append = module.params['append']
|
||||||
|
|
||||||
module_group = get_group_dict(description=module.params['description'], external=module.params['external'],
|
module_group = get_group_dict(description=module.params['description'], external=module.params['external'],
|
||||||
gid=module.params['gidnumber'], nonposix=module.params['nonposix'])
|
gid=module.params['gidnumber'], nonposix=module.params['nonposix'])
|
||||||
|
@ -211,12 +232,14 @@ def ensure(module, client):
|
||||||
if group is not None:
|
if group is not None:
|
||||||
changed = client.modify_if_diff(name, ipa_group.get('member_group', []), group,
|
changed = client.modify_if_diff(name, ipa_group.get('member_group', []), group,
|
||||||
client.group_add_member_group,
|
client.group_add_member_group,
|
||||||
client.group_remove_member_group) or changed
|
client.group_remove_member_group,
|
||||||
|
append=append) or changed
|
||||||
|
|
||||||
if user is not None:
|
if user is not None:
|
||||||
changed = client.modify_if_diff(name, ipa_group.get('member_user', []), user,
|
changed = client.modify_if_diff(name, ipa_group.get('member_user', []), user,
|
||||||
client.group_add_member_user,
|
client.group_add_member_user,
|
||||||
client.group_remove_member_user) or changed
|
client.group_remove_member_user,
|
||||||
|
append=append) or changed
|
||||||
|
|
||||||
else:
|
else:
|
||||||
if ipa_group:
|
if ipa_group:
|
||||||
|
@ -236,7 +259,8 @@ def main():
|
||||||
group=dict(type='list', elements='str'),
|
group=dict(type='list', elements='str'),
|
||||||
nonposix=dict(type='bool'),
|
nonposix=dict(type='bool'),
|
||||||
state=dict(type='str', default='present', choices=['present', 'absent']),
|
state=dict(type='str', default='present', choices=['present', 'absent']),
|
||||||
user=dict(type='list', elements='str'))
|
user=dict(type='list', elements='str'),
|
||||||
|
append=dict(type='bool', default=False))
|
||||||
|
|
||||||
module = AnsibleModule(argument_spec=argument_spec,
|
module = AnsibleModule(argument_spec=argument_spec,
|
||||||
supports_check_mode=True,
|
supports_check_mode=True,
|
||||||
|
|
Loading…
Reference in a new issue