Add module cpm_user to read, create, edit and delete users on WTI devices (#44512)
* Add WTI OOB and PDU Device status, control and configuration module * removed accidental file inclusions * removed accidental file * Add module cpm_user to read, create, edit and delete users on WTI devices * changed user_name required to true * fixed whitespace and argument spec problems * fixed dict issues * fixed use_proxy inconsistency fixed whitespace warnings * struggling with AnsibleError removal * remove reference to ansible.errors * changed EXAMPLES to reflect live unit
This commit is contained in:
parent
c9adfdf68b
commit
77b4b2cdc9
2 changed files with 342 additions and 0 deletions
0
lib/ansible/modules/remote_management/cpm/__init__.py
Normal file
0
lib/ansible/modules/remote_management/cpm/__init__.py
Normal file
342
lib/ansible/modules/remote_management/cpm/cpm_user.py
Normal file
342
lib/ansible/modules/remote_management/cpm/cpm_user.py
Normal file
|
@ -0,0 +1,342 @@
|
|||
#!/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# (C) 2018 Red Hat Inc.
|
||||
# Copyright (C) 2018 Western Telematic Inc.
|
||||
#
|
||||
# GNU General Public License v3.0+
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
#
|
||||
# Module to execute CPM User Commands on WTI OOB and PDU devices.
|
||||
# CPM remote_management
|
||||
#
|
||||
from __future__ import absolute_import, division, print_function
|
||||
__metaclass__ = type
|
||||
|
||||
ANSIBLE_METADATA = {
|
||||
'metadata_version': '1.1',
|
||||
'status': ['preview'],
|
||||
'supported_by': 'community'
|
||||
}
|
||||
|
||||
DOCUMENTATION = """
|
||||
---
|
||||
module: cpm_user
|
||||
version_added: "2.7"
|
||||
author: "Western Telematic Inc. (@wtinetworkgear)"
|
||||
short_description: Get various status and parameters from WTI OOB and PDU devices
|
||||
description:
|
||||
- "Get/Add/Edit Delete Users from WTI OOB and PDU devices"
|
||||
options:
|
||||
cpm_action:
|
||||
description:
|
||||
- This is the Action to send the module.
|
||||
required: true
|
||||
choices: [ "getuser", "adduser", "edituser", "deleteuser" ]
|
||||
cpm_url:
|
||||
description:
|
||||
- This is the URL of the WTI device to send the module.
|
||||
required: true
|
||||
cpm_username:
|
||||
description:
|
||||
- This is the Basic Authentication Username of the WTI device to send the module.
|
||||
required: true
|
||||
cpm_password:
|
||||
description:
|
||||
- This is the Basic Authentication Password of the WTI device to send the module.
|
||||
required: true
|
||||
use_https:
|
||||
description:
|
||||
- Designates to use an https connection or http connection.
|
||||
required: false
|
||||
type: bool
|
||||
default: true
|
||||
validate_certs:
|
||||
description:
|
||||
- If false, SSL certificates will not be validated. This should only be used
|
||||
- on personally controlled sites using self-signed certificates.
|
||||
required: false
|
||||
type: bool
|
||||
default: true
|
||||
use_proxy:
|
||||
description: Flag to control if the lookup will observe HTTP proxy environment variables when present.
|
||||
required: false
|
||||
type: bool
|
||||
default: false
|
||||
user_name:
|
||||
description:
|
||||
- This is the User Name that needs to be create/modified/deleted
|
||||
required: true
|
||||
user_pass:
|
||||
description:
|
||||
- This is the User Password that needs to be create/modified/deleted
|
||||
- If the user is being Created this parameter is required
|
||||
required: false
|
||||
user_accesslevel:
|
||||
description:
|
||||
- This is the access level that needs to be create/modified/deleted
|
||||
- 0 View, 1 User, 2 SuperUser, 3 Adminstrator
|
||||
required: false
|
||||
choices: [ 0, 1, 2, 3 ]
|
||||
user_accessssh:
|
||||
description:
|
||||
- If the user has access to the WTI device via SSH
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_accessserial:
|
||||
description:
|
||||
- If the user has access to the WTI device via Serial ports
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_accessweb:
|
||||
description:
|
||||
- If the user has access to the WTI device via Web
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_accessapi:
|
||||
description:
|
||||
- If the user has access to the WTI device via RESTful APIs
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_accessmonitor:
|
||||
description:
|
||||
- If the user has ability to monitor connection sessions
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_accessoutbound:
|
||||
description:
|
||||
- If the user has ability to initiate Outbound connection
|
||||
- 0 No , 1 Yes
|
||||
required: false
|
||||
choices: [ 0, 1 ]
|
||||
user_portaccess:
|
||||
description:
|
||||
- If AccessLevel is lower than Administrator, which ports the user has access
|
||||
required: false
|
||||
user_plugaccess:
|
||||
description:
|
||||
- If AccessLevel is lower than Administrator, which plugs the user has access
|
||||
required: false
|
||||
user_groupaccess:
|
||||
description:
|
||||
- If AccessLevel is lower than Administrator, which Groups the user has access
|
||||
required: false
|
||||
user_callbackphone:
|
||||
description:
|
||||
- This is the Call Back phone number used for POTS modem connections
|
||||
required: false
|
||||
"""
|
||||
|
||||
EXAMPLES = """
|
||||
# Get User Parameters
|
||||
- name: Get the User Parameters for the given user of a WTI device
|
||||
cpm_user:
|
||||
cpm_action: "getuser"
|
||||
cpm_url: "rest.wti.com"
|
||||
cpm_username: "restuser"
|
||||
cpm_password: "restfuluserpass12"
|
||||
use_https: true
|
||||
validate_certs: true
|
||||
user_name: "usernumberone"
|
||||
|
||||
# Create User
|
||||
- name: Create a User on a given WTI device
|
||||
cpm_user:
|
||||
cpm_action: "adduser"
|
||||
cpm_url: "rest.wti.com"
|
||||
cpm_username: "restuser"
|
||||
cpm_password: "restfuluserpass12"
|
||||
use_https: true
|
||||
validate_certs: false
|
||||
user_name: "usernumberone"
|
||||
user_pass: "complicatedpassword"
|
||||
user_accesslevel: 2
|
||||
user_accessssh: 1
|
||||
user_accessserial: 1
|
||||
user_accessweb: 0
|
||||
user_accessapi: 1
|
||||
user_accessmonitor: 0
|
||||
user_accessoutbound: 0
|
||||
user_portaccess: "10011111"
|
||||
user_plugaccess: "00000111"
|
||||
user_groupaccess: "00000000"
|
||||
|
||||
# Edit User
|
||||
- name: Edit a User on a given WTI device
|
||||
cpm_user:
|
||||
cpm_action: "edituser"
|
||||
cpm_url: "rest.wti.com"
|
||||
cpm_username: "restuser"
|
||||
cpm_password: "restfuluserpass12"
|
||||
use_https: true
|
||||
validate_certs: false
|
||||
user_name: "usernumberone"
|
||||
user_pass: "newpasswordcomplicatedpassword"
|
||||
|
||||
# Delete User
|
||||
- name: Delete a User from a given WTI device
|
||||
cpm_user:
|
||||
cpm_action: "deleteuser"
|
||||
cpm_url: "rest.wti.com"
|
||||
cpm_username: "restuser"
|
||||
cpm_password: "restfuluserpass12"
|
||||
use_https: true
|
||||
validate_certs: true
|
||||
user_name: "usernumberone"
|
||||
"""
|
||||
|
||||
RETURN = """
|
||||
data:
|
||||
description: The output JSON returned from the commands sent
|
||||
returned: always
|
||||
type: str
|
||||
"""
|
||||
|
||||
import base64
|
||||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
from ansible.module_utils._text import to_text, to_bytes, to_native
|
||||
from ansible.module_utils.six.moves.urllib.error import HTTPError, URLError
|
||||
from ansible.module_utils.urls import open_url, ConnectionError, SSLValidationError
|
||||
|
||||
|
||||
def assemble_json(cpmmodule):
|
||||
json_load = ""
|
||||
|
||||
json_load = '{"users":'
|
||||
json_load = json_load + '{"username": "' + cpmmodule.params["user_name"] + '"'
|
||||
|
||||
# for Adding there must be a password present
|
||||
if cpmmodule.params["user_pass"] is not None and (len(cpmmodule.params["user_pass"]) > 0):
|
||||
json_load = json_load + ',"newpasswd": "' + cpmmodule.params["user_pass"] + '"'
|
||||
if cpmmodule.params["user_accesslevel"] is not None:
|
||||
json_load = json_load + ',"accesslevel": ' + str(cpmmodule.params["user_accesslevel"]) + ''
|
||||
if cpmmodule.params["user_portaccess"] is not None:
|
||||
json_load = json_load + ',"portaccess": ' + cpmmodule.params["user_portaccess"] + ''
|
||||
if cpmmodule.params["user_plugaccess"] is not None:
|
||||
json_load = json_load + ',"plugaccess": ' + cpmmodule.params["user_plugaccess"] + ''
|
||||
if cpmmodule.params["user_groupaccess"] is not None:
|
||||
json_load = json_load + ',"groupaccess": ' + cpmmodule.params["user_groupaccess"] + ''
|
||||
if cpmmodule.params["user_accessserial"] is not None:
|
||||
json_load = json_load + ',"accessserial": ' + str(cpmmodule.params["user_accessserial"]) + ''
|
||||
if cpmmodule.params["user_accessssh"] is not None:
|
||||
json_load = json_load + ',"accessssh": ' + str(cpmmodule.params["user_accessssh"]) + ''
|
||||
if cpmmodule.params["user_accessweb"] is not None:
|
||||
json_load = json_load + ',"accessweb": ' + str(cpmmodule.params["user_accessweb"]) + ''
|
||||
if cpmmodule.params["user_accessoutbound"] is not None:
|
||||
json_load = json_load + ',"accessoutbound": ' + str(cpmmodule.params["user_accessoutbound"]) + ''
|
||||
if cpmmodule.params["user_accessapi"] is not None:
|
||||
json_load = json_load + ',"accessapi": ' + str(cpmmodule.params["user_accessapi"]) + ''
|
||||
if cpmmodule.params["user_accessmonitor"] is not None:
|
||||
json_load = json_load + ',"accessmonitor": ' + str(cpmmodule.params["user_accessmonitor"]) + ''
|
||||
if cpmmodule.params["user_callbackphone"] is not None:
|
||||
json_load = json_load + ',"callbackphone": "' + cpmmodule.params["user_callbackphone"] + '"'
|
||||
|
||||
json_load = json_load + '}'
|
||||
json_load = json_load + '}'
|
||||
return json_load
|
||||
|
||||
|
||||
def run_module():
|
||||
|
||||
module_args = dict(
|
||||
cpm_action=dict(choices=['getuser', 'adduser', 'edituser', 'deleteuser'], required=True),
|
||||
cpm_url=dict(type='str', required=True),
|
||||
cpm_username=dict(type='str', required=True),
|
||||
cpm_password=dict(type='str', required=True, no_log=True),
|
||||
user_name=dict(type='str', required=True),
|
||||
user_pass=dict(type='str', required=False, default=None, no_log=True),
|
||||
user_accesslevel=dict(type='int', required=False, default=None, choices=[0, 1, 2, 3]),
|
||||
user_accessssh=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_accessserial=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_accessweb=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_accessapi=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_accessmonitor=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_accessoutbound=dict(type='int', required=False, default=None, choices=[0, 1]),
|
||||
user_portaccess=dict(type='str', required=False, default=None),
|
||||
user_plugaccess=dict(type='str', required=False, default=None),
|
||||
user_groupaccess=dict(type='str', required=False, default=None),
|
||||
user_callbackphone=dict(type='str', required=False, default=None),
|
||||
use_https=dict(type='bool', default=True),
|
||||
validate_certs=dict(type='bool', default=True),
|
||||
use_proxy=dict(type='bool', default=False)
|
||||
)
|
||||
|
||||
result = dict(
|
||||
changed=False,
|
||||
data=''
|
||||
)
|
||||
|
||||
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
|
||||
|
||||
if module.check_mode:
|
||||
return result
|
||||
|
||||
auth = to_text(base64.b64encode(to_bytes('{0}:{1}'.format(module.params['cpm_username'], module.params['cpm_password']),
|
||||
errors='surrogate_or_strict')))
|
||||
|
||||
if module.params['use_https'] is True:
|
||||
protocol = "https://"
|
||||
else:
|
||||
protocol = "http://"
|
||||
|
||||
payload = None
|
||||
if (module.params['cpm_action'] == 'getuser'):
|
||||
fullurl = ("%s%s/api/v2/config/users?username=%s" % (protocol, module.params['cpm_url'], module.params['user_name']))
|
||||
method = 'GET'
|
||||
elif (module.params['cpm_action'] == 'adduser'):
|
||||
if module.params["user_pass"] is None or (len(module.params["user_pass"]) == 0):
|
||||
module.fail_json(msg='user_pass not defined.', **result)
|
||||
|
||||
payload = assemble_json(module)
|
||||
fullurl = ("%s%s/api/v2/config/users" % (protocol, module.params['cpm_url']))
|
||||
method = 'POST'
|
||||
elif (module.params['cpm_action'] == 'edituser'):
|
||||
payload = assemble_json(module)
|
||||
fullurl = ("%s%s/api/v2/config/users" % (protocol, module.params['cpm_url']))
|
||||
method = 'PUT'
|
||||
elif (module.params['cpm_action'] == 'deleteuser'):
|
||||
fullurl = ("%s%s/api/v2/config/users?username=%s" % (protocol, module.params['cpm_url'], module.params['user_name']))
|
||||
method = 'DELETE'
|
||||
|
||||
try:
|
||||
response = open_url(fullurl, data=payload, method=method, validate_certs=module.params['validate_certs'], use_proxy=module.params['use_proxy'],
|
||||
headers={'Content-Type': 'application/json', 'Authorization': "Basic %s" % auth})
|
||||
if (method != 'GET'):
|
||||
result['changed'] = True
|
||||
|
||||
except HTTPError as e:
|
||||
fail_json = dict(msg='Received HTTP error for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
|
||||
module.fail_json(**fail_json)
|
||||
except URLError as e:
|
||||
fail_json = dict(msg='Failed lookup url for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
|
||||
module.fail_json(**fail_json)
|
||||
except SSLValidationError as e:
|
||||
fail_json = dict(msg='Error validating the server''s certificate for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
|
||||
module.fail_json(**fail_json)
|
||||
except ConnectionError as e:
|
||||
fail_json = dict(msg='Error connecting to for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
|
||||
module.fail_json(**fail_json)
|
||||
|
||||
result['data'] = to_text(response.read())
|
||||
|
||||
module.exit_json(**result)
|
||||
|
||||
|
||||
def main():
|
||||
run_module()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in a new issue