influxdb_user - Allows updates to user privileges (#46667)

* influxdb_user - Allows updates to user privileges * influxdb_user - Updated documentation for admin roles
2018-11-20 11:08:39 -08:00 · 2018-11-20 11:08:39 -08:00 · 0886c20d19
commit 0886c20d19
parent 08c3e0a248
2 changed files with 26 additions and 11 deletions
--- a/changelogs/fragments/influxdb_user-admin-role-update.yaml
+++ b/changelogs/fragments/influxdb_user-admin-role-update.yaml
@ -0,0 +1,3 @@
+---
+minor_changes:
+  - influxdb_user - Implemented the update of the admin role of a user
--- a/lib/ansible/modules/database/influxdb/influxdb_user.py
+++ b/lib/ansible/modules/database/influxdb/influxdb_user.py
@ -35,6 +35,7 @@ options:
  admin:
    description:
      - Whether the user should be in the admin role or not.
+      - Since version 2.8, the role will also be updated.
    default: no
    type: bool
  state:
@ -85,17 +86,17 @@ import ansible.module_utils.influxdb as influx


 def find_user(module, client, user_name):
-    name = None
+    user_result = None

    try:
-        names = client.get_list_users()
-        for u_name in names:
-            if u_name['user'] == user_name:
-                name = u_name
+        users = client.get_list_users()
+        for user in users:
+            if user['user'] == user_name:
+                user_result = user
                break
    except ansible.module_utils.urls.ConnectionError as e:
        module.fail_json(msg=str(e))
-    return name
+    return user_result


 def check_user_password(module, client, user_name, user_password):
@ -120,8 +121,6 @@ def set_user_password(module, client, user_name, user_password):
        except ansible.module_utils.urls.ConnectionError as e:
            module.fail_json(msg=str(e))

-    module.exit_json(changed=True)
-

 def create_user(module, client, user_name, user_password, admin):
    if not module.check_mode:
@ -166,10 +165,23 @@ def main():

    if state == 'present':
        if user:
-            if check_user_password(module, client, user_name, user_password):
-                module.exit_json(changed=False)
-            else:
+            changed = False
+
+            if not check_user_password(module, client, user_name, user_password):
                set_user_password(module, client, user_name, user_password)
+                changed = True
+
+            try:
+                if admin and not user['admin']:
+                    client.grant_admin_privileges(user_name)
+                    changed = True
+                elif not admin and user['admin']:
+                    client.revoke_admin_privileges(user_name)
+                    changed = True
+            except influx.exceptions.InfluxDBClientError as e:
+                module.fail_json(msg=str(e))
+
+            module.exit_json(changed=changed)
        else:
            create_user(module, client, user_name, user_password, admin)