---

- name: create an ACL with a given token
  consul_acl:
    host: "{{ acl_host }}"
    mgmt_token: "{{ mgmt_token }}"
    name: "{{ test_consul_acl_token_name }}"
    token: "{{ test_consul_acl_token_id }}"
    rules:
      - key: "foo"
        policy: write
  register: created_acl

- name: verify ACL created with given token
  assert:
    that:
      - created_acl.changed
      - created_acl.operation == "create"
      - created_acl.token == test_consul_acl_token_id

- name: re-create ACL with the token
  consul_acl:
    host: "{{ acl_host }}"
    mgmt_token: "{{ mgmt_token }}"
    token: "{{ test_consul_acl_token_id }}"
    rules:
      - key: "foo"
        policy: write
  register: doubly_created_acl

- name: verify idempotence when creating ACL with same token
  assert:
    that:
      - not doubly_created_acl.changed

- name: clean up
  consul_acl:
    host: "{{ acl_host }}"
    mgmt_token: "{{ mgmt_token }}"
    token: "{{ created_acl.token }}"
    state: absent