340 lines
9.4 KiB
YAML
340 lines
9.4 KiB
YAML
---
|
|
- name: setup
|
|
cs_account: name={{ cs_resource_prefix }}_user state=absent
|
|
register: acc
|
|
- name: verify setup
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
|
|
- name: test fail if missing name
|
|
action: cs_account
|
|
register: acc
|
|
ignore_errors: true
|
|
- name: verify results of fail if missing params
|
|
assert:
|
|
that:
|
|
- acc|failed
|
|
- 'acc.msg == "missing required arguments: name"'
|
|
|
|
- name: test fail if missing params if state=present
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
register: acc
|
|
ignore_errors: true
|
|
- name: verify results of fail if missing params if state=present
|
|
assert:
|
|
that:
|
|
- acc|failed
|
|
- 'acc.msg == "missing required arguments: email,username,password,first_name,last_name"'
|
|
|
|
- name: test create user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
register: acc
|
|
- name: verify results of create account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
register: acc
|
|
- name: verify results of create account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test disable user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of disable user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test disable user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of disable user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock disabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock disabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test lock disabled user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of lock disabled user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test enable user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: enabled
|
|
register: acc
|
|
- name: verify results of enable user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test enable user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: enabled
|
|
register: acc
|
|
- name: verify results of enable user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove user account idempotence
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove user account idempotence
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- not acc|changed
|
|
|
|
- name: test create user disabled account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: disabled
|
|
register: acc
|
|
- name: verify results of create disabled account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove disabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove disabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "disabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user locked account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: locked
|
|
register: acc
|
|
- name: verify results of create locked account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove locked user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove locked user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "locked"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test create user unlocked/enabled account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
username: "{{ cs_resource_prefix }}_username"
|
|
password: "{{ cs_resource_prefix }}_password"
|
|
last_name: "{{ cs_resource_prefix }}_last_name"
|
|
first_name: "{{ cs_resource_prefix }}_first_name"
|
|
email: "{{ cs_resource_prefix }}@example.com"
|
|
network_domain: "example.com"
|
|
state: unlocked
|
|
register: acc
|
|
- name: verify results of create unlocked/enabled account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|
|
|
|
- name: test remove unlocked/enabled user account
|
|
cs_account:
|
|
name: "{{ cs_resource_prefix }}_user"
|
|
state: absent
|
|
register: acc
|
|
- name: verify results of remove unlocked/enabled user account
|
|
assert:
|
|
that:
|
|
- acc|success
|
|
- acc|changed
|
|
- acc.name == "{{ cs_resource_prefix }}_user"
|
|
- acc.network_domain == "example.com"
|
|
- acc.account_type == "user"
|
|
- acc.state == "enabled"
|
|
- acc.domain == "ROOT"
|