vultr: new module vr_user (#34521)

* vultr: new module vr_user

* add missing doc of arg force

* make password less required

* optimize error msg

* update docs
This commit is contained in:
René Moser 2018-01-11 18:58:02 +01:00 committed by GitHub
parent 185f28ecee
commit adbb2f7016
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 319 additions and 2 deletions

View file

@ -126,10 +126,14 @@ class Vultr:
if data:
data_encoded = dict()
data_list = ""
for k, v in data.items():
if v is not None:
if isinstance(v, list):
for s in v:
data_list += '&%s[]=%s' % (k, urllib.quote(s))
elif v is not None:
data_encoded[k] = v
data = urllib.urlencode(data_encoded)
data = urllib.urlencode(data_encoded) + data_list
for s in range(0, self.api_config['api_retries']):
response, info = fetch_url(

View file

@ -0,0 +1,313 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# (c) 2017, René Moser <mail@renemoser.net>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: vr_user
short_description: Manages users on Vultr.
description:
- Create, update and remove users.
version_added: "2.5"
author: "René Moser (@resmo)"
options:
name:
description:
- Name of the user
required: true
email:
description:
- Email of the user.
- Required if C(state=present).
password:
description:
- Password of the user.
- Only considered while creating a user or when C(force=yes).
force:
description:
- Password will only be changed with enforcement.
default: no
choices: [ yes, no ]
api_enabled:
description:
- Whether the API is enabled or not.
default: yes
choices: [ yes, no ]
acls:
description:
- List of ACLs this users should have, see U(https://www.vultr.com/api/#user_user_list).
- Required if C(state=present).
- One or more of the choices list, some depend on each other.
choices:
- manage_users
- subscriptions
- provisioning
- billing
- support
- abuse
- dns
- upgrade
state:
description:
- State of the user.
default: present
choices: [ present, absent ]
extends_documentation_fragment: vultr
'''
EXAMPLES = r'''
- name: Ensure a user exists
local_action:
module: vr_user
name: john
email: john.doe@example.com
password: s3cr3t
acls:
- upgrade
- dns
- manage_users
- subscriptions
- upgrade
- name: Remove a user
local_action:
module: vr_user
name: john
state: absent
'''
RETURN = r'''
---
vultr_api:
description: Response from Vultr API with a few additions/modification
returned: success
type: complex
contains:
api_account:
description: Account used in the ini file to select the key
returned: success
type: string
sample: default
api_timeout:
description: Timeout used for the API requests
returned: success
type: int
sample: 60
vultr_user:
description: Response from Vultr API
returned: success
type: complex
contains:
id:
description: ID of the user.
returned: success
type: string
sample: 5904bc6ed9234
api_key:
description: API key of the user.
returned: only after resource was created
type: string
sample: 567E6K567E6K567E6K567E6K567E6K
name:
description: Name of the user.
returned: success
type: string
sample: john
email:
description: Email of the user.
returned: success
type: string
sample: "john@exmaple.com"
api_enabled:
description: Whether the API is enabled or not.
returned: success
type: bool
sample: true
acls:
description: List of ACLs of the user.
returned: success
type: list
sample: [manage_users, support, upgrade]
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.vultr import (
Vultr,
vultr_argument_spec,
)
ACLS = [
'manage_users',
'subscriptions',
'provisioning',
'billing',
'support',
'abuse',
'dns',
'upgrade',
]
class AnsibleVultrUser(Vultr):
def __init__(self, module):
super(AnsibleVultrUser, self).__init__(module, "vultr_user")
self.returns = {
'USERID': dict(key='id'),
'name': dict(),
'email': dict(),
'api_enabled': dict(convert_to='bool'),
'acls': dict(),
'api_key': dict()
}
def _common_args(self):
return {
'name': self.module.params.get('name'),
'email': self.module.params.get('email'),
'acls': self.module.params.get('acls'),
'password': self.module.params.get('password'),
'api_enabled': self.get_yes_or_no('api_enabled'),
}
def get_user(self):
users = self.api_query(path="/v1/user/list")
for user in users or []:
if user.get('name') == self.module.params.get('name'):
return user
return {}
def present_user(self):
# Choices with list
acls = self.module.params.get('acls')
for acl in acls or []:
if acl not in ACLS:
self.fail_json(msg='value of acls must be one or more of: %s, got: %s' % (ACLS, acls))
user = self.get_user()
if not user:
user = self._create_user(user)
else:
user = self._update_user(user)
return user
def _has_changed(self, user, data):
for k, v in data.items():
if k not in user:
continue
elif isinstance(v, list):
for i in v:
if i not in user[k]:
return True
elif data[k] != user[k]:
return True
return False
def _create_user(self, user):
self.module.fail_on_missing_params(required_params=['password'])
self.result['changed'] = True
data = self._common_args()
self.result['diff']['before'] = {}
self.result['diff']['after'] = data
if not self.module.check_mode:
user = self.api_query(
path="/v1/user/create",
method="POST",
data=data
)
user.update(self.get_user())
return user
def _update_user(self, user):
data = self._common_args()
data.update({
'USERID': user['USERID'],
})
force = self.module.params.get('force')
if not force:
del data['password']
if force or self._has_changed(user=user, data=data):
self.result['changed'] = True
self.result['diff']['before'] = user
self.result['diff']['after'] = user.copy()
self.result['diff']['after'].update(data)
if not self.module.check_mode:
self.api_query(
path="/v1/user/update",
method="POST",
data=data
)
user = self.get_user()
return user
def absent_user(self):
user = self.get_user()
if user:
self.result['changed'] = True
data = {
'USERID': user['USERID'],
}
self.result['diff']['before'] = user
self.result['diff']['after'] = {}
if not self.module.check_mode:
self.api_query(
path="/v1/user/delete",
method="POST",
data=data
)
return user
def main():
argument_spec = vultr_argument_spec()
argument_spec.update(dict(
name=dict(required=True),
email=dict(),
password=dict(no_log=True),
force=dict(type='bool', default=False),
api_enabled=dict(type='bool', default=True),
acls=dict(type='list', aliases=['acl']),
state=dict(choices=['present', 'absent'], default='present'),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_if=[
('state', 'present', ['email', 'acls']),
],
supports_check_mode=True,
)
vr_user = AnsibleVultrUser(module)
if module.params.get('state') == "absent":
user = vr_user.absent_user()
else:
user = vr_user.present_user()
result = vr_user.get_result(user)
module.exit_json(**result)
if __name__ == '__main__':
main()