181 lines
5.7 KiB
Python
181 lines
5.7 KiB
Python
#!/usr/bin/python
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
from __future__ import (absolute_import, division, print_function)
|
|
__metaclass__ = type
|
|
|
|
DOCUMENTATION = r'''
|
|
---
|
|
module: zephir_variante
|
|
|
|
short_description: This is a module to automate edition of zephir configuration
|
|
|
|
# If this is part of a collection, you need to use semantic versioning,
|
|
# i.e. the version is of the form "2.5.0" and not "2.4".
|
|
version_added: "1.0.0"
|
|
|
|
description: This is my longer description explaining my test module.
|
|
|
|
options:
|
|
zephir_user:
|
|
description: zephir user authorized to perform action
|
|
required: true
|
|
type: str
|
|
zephir_user_password:
|
|
description: zephir user password
|
|
required: true
|
|
type: str
|
|
user:
|
|
description: User name
|
|
required: true
|
|
type: str
|
|
user_password:
|
|
description: user password
|
|
required: true
|
|
type: str
|
|
permissions:
|
|
description: permissions given to user
|
|
required: true
|
|
type: str
|
|
state:
|
|
description: wether data have to be added or deleted from the database
|
|
required: false
|
|
type: str
|
|
# Specify this value according to your collection
|
|
# in format of namespace.collection.doc_fragment_name
|
|
extends_documentation_fragment:
|
|
- cadoles.eole.zephir_user
|
|
|
|
author:
|
|
- Cadoles
|
|
'''
|
|
|
|
EXAMPLES = r'''
|
|
# Pass in a message
|
|
- libelle: Test with a message
|
|
cadoles.eole.zephir_user:
|
|
zephir_user: admin_zephir
|
|
zephir_user_password: eole
|
|
user: admin
|
|
user_password: admin
|
|
permissions:
|
|
- "Lecture"
|
|
'''
|
|
|
|
RETURN = r'''
|
|
# These are examples of possible return values, and in general should use other names for return values.
|
|
permissions:
|
|
description: permissions list after edition
|
|
type: list
|
|
returned: always
|
|
sample: [1]
|
|
user:
|
|
description: user name.
|
|
type: str
|
|
returned: always
|
|
sample: admin
|
|
'''
|
|
|
|
from ansible.module_utils.basic import AnsibleModule
|
|
|
|
from zephir.eolerpclib import EoleProxy
|
|
from zephir.web import config
|
|
from zephir.utils.ldap_user import add_user, encrypt_passwd
|
|
|
|
def run_module():
|
|
# define available arguments/parameters a user can pass to the module
|
|
key_mapping = {
|
|
"Lecture": 1,
|
|
"Ecriture": 2,
|
|
"Configuration et actions sur les serveurs": 3,
|
|
"Gestion des permissions": 4,
|
|
"Fonction des clients": 5,
|
|
"Export de variantes": 6,
|
|
"Configuration vpn": 7,
|
|
"Enregistrement": 8,
|
|
"Ajout/Modification de serveur (enregistrement)": 9,
|
|
"Enregistrement des sondes prelude": 10,
|
|
"Migration de serveur (enregistrement)": 11,
|
|
"Gestion des identifiants ENT": 12,
|
|
"Gestion de la réplication LDAP": 13,
|
|
"Gestion de la synchronisation AAF": 14,
|
|
"Ecriture (serveurs)": 21,
|
|
"Ecriture (modules)": 22,
|
|
"Ecriture (etablissements)": 23,
|
|
"Actions sans modification de configuration": 31,
|
|
"Mise à jour du mot de passe (annuaire local)": 40,
|
|
}
|
|
mapped_keys = {value: key for key, value in key_mapping.items()}
|
|
|
|
module_args = dict(
|
|
zephir_user=dict(type='str', required=True),
|
|
zephir_user_password=dict(type='str', required=True),
|
|
user=dict(type='str', required=True),
|
|
user_password=dict(type='str', required=True),
|
|
permissions=dict(type='list', required=True),
|
|
state=dict(type='str', required=False, default='present'),
|
|
)
|
|
|
|
# seed the result dict in the object
|
|
# we primarily care about changed and state
|
|
# changed is if this module effectively modified the target
|
|
# state will include any data that you want your module to pass back
|
|
# for consumption, for example, in a subsequent task
|
|
result = dict(
|
|
changed=False,
|
|
permissions=[],
|
|
user=None,
|
|
)
|
|
|
|
# the AnsibleModule object will be our abstraction working with Ansible
|
|
# this includes instantiation, a couple of common attr would be the
|
|
# args/params passed to the execution, as well as if the module
|
|
# supports check mode
|
|
module = AnsibleModule(
|
|
argument_spec=module_args,
|
|
supports_check_mode=True
|
|
)
|
|
|
|
if module.check_mode:
|
|
module.exit_json(**result)
|
|
#module.fail_json(**result)
|
|
#module.params['module']
|
|
|
|
port_zephir = int(config.PORT_ZEPHIR) + 1
|
|
proxy_addr = "http://{0}:{1}@localhost:{2}/".format(module.params['zephir_user'], module.params['zephir_user_password'], port_zephir)
|
|
proxy = EoleProxy(proxy_addr)
|
|
|
|
add_user(module.params['user'], encrypt_passwd(module.params['user_password']))
|
|
|
|
return_code, permissions = proxy.get_permissions(module.params['user'])
|
|
if return_code:
|
|
result['user'] = module.params['user']
|
|
result['permissions'] = [mapped_keys[p] for p in permissions]
|
|
|
|
new_permissions = [key_mapping[p] for p in module.params['permissions']]
|
|
if module.params['state'] == 'exact':
|
|
permissions = new_permissions
|
|
else:
|
|
old_permissions = set(permissions)
|
|
if module.params['state'] == 'present':
|
|
permissions = old_permissions.union(set(new_permissions))
|
|
elif module.params['state'] == 'absent':
|
|
permissions = old_permissions.difference(set(new_permissions))
|
|
|
|
return_code, proxy_msg = proxy.save_permissions(module.params['user'], str(list(permissions)))
|
|
if return_code:
|
|
result['changed'] = True
|
|
result['permissions'] = [mapped_keys[p] for p in permissions]
|
|
module.exit_json(**result)
|
|
else:
|
|
module.fail_json(**result)
|
|
|
|
|
|
def main():
|
|
run_module()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|
|
|