blob: 66629c3bc67d7e5949ff4fbe79f871a12d7fce2b [file] [log] [blame]
#!/usr/bin/python
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
DOCUMENTATION = '''
---
module: maas_user
short_description: Manage MAAS Clusters Interfaces
options:
maas:
description:
- URL of MAAS server
default: http://localhost/MAAS/api/1.0/
key:
description:
- MAAS API key
required: yes
name:
description:
- name of the user
required: yes
email:
description:
- email address of the user
required: no
password:
description:
- password for the user
required: no
is_superuser:
description:
- does the user have priviledges
default: no
state:
description:
- possible states for this user
choices: ['present', 'absent', 'query']
default: present
requirements: [ipaddress, requests_oauthlib, maasclient]
author: David Bainbridge
'''
EXAMPLES = '''
examples:
maas_user:
maas: http://my.maas.server.com/MAAS/api/1.0/
key: 'xBvr9dx5k7S52myufC:fqBXV7hJgXegNZDw9c:K8hsmL47XjAppfQy2pDVW7G49p6PELgp'
name: MyUser
email: user@company.com
password: donttell
is_superuser: no
state: present
maas_user:
maas: http://my.maas.server.com/MAAS/api/1.0/
key: 'xBvr9dx5k7S52myufC:fqBXV7hJgXegNZDw9c:K8hsmL47XjAppfQy2pDVW7G49p6PELgp'
name: MyDeadUser
state: absent
'''
import sys
import json
import ipaddress
import requests
from maasclient.auth import MaasAuth
from maasclient import MaasClient
# For some reason the maasclient doesn't provide a put method. So
# we will add it here
def put(client, url, params=None):
return requests.put(url=client.auth.api_url + url,
auth=client._oauth(), data=params)
# Attempt to interpret the given value as a JSON object, if that fails
# just return it as a string
def string_or_object(val):
try:
return json.loads(val)
except:
return val
# Return a copy of the given dictionary with any `null` valued entries
# removed
def remove_null(d_in):
d = d_in.copy()
to_remove = []
for k in d.keys():
if d[k] == None:
to_remove.append(k)
for k in to_remove:
del d[k]
return d
# Deterine if two dictionaries are different
def different(have, want):
have_keys = have.keys()
for key in want.keys():
if (key in have_keys and want[key] != have[key]) or key not in have_keys:
return True
return False
# Get an user from MAAS using its name, if not found return None
def get_user(maas, name):
res = maas.get('/users/%s/' % name)
if res.ok:
return json.loads(res.text)
return None
# Create an user based on the value given
def create_user(maas, user):
merged = user.copy()
# merged['op'] = 'new'
res = maas.post('/users/', merged)
if res.ok:
return { 'error': False, 'status': get_user(maas, merged['username']) }
return { 'error': True, 'status': string_or_object(res.text) }
# Delete an user based on the name
def delete_user(maas, name):
res = maas.delete('/users/%s/' % name)
if res.ok:
return { 'error': False }
return { 'error': True, 'status': string_or_object(res.text) }
def main():
module = AnsibleModule(
argument_spec = dict(
maas=dict(default='http://localhost/MAAS/api/1.0/'),
key=dict(required=True),
name=dict(required=True),
email=dict(required=False),
password=dict(required=False),
is_superuser=dict(default=False, type='bool'),
state=dict(default='present', choices=['present', 'absent', 'query'])
),
supports_check_mode = False
)
maas = module.params['maas']
key = module.params['key']
state = module.params['state']
# Construct a sparsely populate desired state
desired = remove_null({
'username': module.params['name'],
'email': module.params['email'],
'password': module.params['password'],
'is_superuser': 0 if not module.params['is_superuser'] else 1
})
# Authenticate into MAAS
auth = MaasAuth(maas, key)
maas = MaasClient(auth)
# Attempt to get the user from MAAS
user = get_user(maas, desired['username'])
# Actions if the user does not currently exist
if not user:
if state == 'query':
# If this is a query, returne it is not found
module.exit_json(changed=False, found=False)
elif state == 'present':
# If this should be present, then attempt to create it
res = create_user(maas, desired)
if res['error']:
module.fail_json(msg=res['status'])
else:
module.exit_json(changed=True, user=res['status'])
else:
# If this should be absent, then we are done and in the desired state
module.exit_json(changed=False)
# Done with users does not exists actions
return
# Actions if the user does exist
if state == 'query':
# If this is a query, return the user
module.exit_json(changed=False, found=True, user=user)
elif state == 'present':
# If we want this to exists check to see if this is different and
# needs updated
if different(user, desired):
module.fail_json(msg='Specified user, "%s", exists and MAAS does not allow the user to be modified programatically'
% user['username'])
else:
# No differences, to nothing to change
module.exit_json(changed=False, user=user)
else:
# If we don't want this user, then delete it
res = delete_user(maas, user['username'])
if res['error']:
module.fail_json(msg=res['status'])
else:
module.exit_json(changed=True, user=user)
# this is magic, see lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
if __name__ == '__main__':
main()