CORD-654 configure MAAS via ansible module
Change-Id: I9f1b3b83b41d2cf1e87660d4a50fd3267ad1679a
diff --git a/library/maas_user.py b/library/maas_user.py
new file mode 100644
index 0000000..285269f
--- /dev/null
+++ b/library/maas_user.py
@@ -0,0 +1,200 @@
+#!/usr/bin/python
+
+DOCUMENTATION = '''
+---
+module: maas_user
+short_description: Manage MAAS Clusters Interfaces
+options:
+ maas:
+ description:
+ - URL of MAAS server
+ default: http://localhost/MAAS/api/1.0/
+ key:
+ description:
+ - MAAS API key
+ required: yes
+ name:
+ description:
+ - name of the user
+ required: yes
+ email:
+ description:
+ - email address of the user
+ required: no
+ password:
+ description:
+ - password for the user
+ required: no
+ is_superuser:
+ description:
+ - does the user have priviledges
+ default: no
+ state:
+ description:
+ - possible states for this user
+ choices: ['present', 'absent', 'query']
+ default: present
+
+requirements: [ipaddress, requests_oauthlib, maasclient]
+author: David Bainbridge
+'''
+
+EXAMPLES = '''
+examples:
+ maas_user:
+ maas: http://my.maas.server.com/MAAS/api/1.0/
+ key: 'xBvr9dx5k7S52myufC:fqBXV7hJgXegNZDw9c:K8hsmL47XjAppfQy2pDVW7G49p6PELgp'
+ name: MyUser
+ email: user@company.com
+ password: donttell
+ is_superuser: no
+ state: present
+
+ maas_user:
+ maas: http://my.maas.server.com/MAAS/api/1.0/
+ key: 'xBvr9dx5k7S52myufC:fqBXV7hJgXegNZDw9c:K8hsmL47XjAppfQy2pDVW7G49p6PELgp'
+ name: MyDeadUser
+ state: absent
+'''
+
+import sys
+import json
+import ipaddress
+import requests
+from maasclient.auth import MaasAuth
+from maasclient import MaasClient
+
+# For some reason the maasclient doesn't provide a put method. So
+# we will add it here
+def put(client, url, params=None):
+ return requests.put(url=client.auth.api_url + url,
+ auth=client._oauth(), data=params)
+
+# Attempt to interpret the given value as a JSON object, if that fails
+# just return it as a string
+def string_or_object(val):
+ try:
+ return json.loads(val)
+ except:
+ return val
+
+# Return a copy of the given dictionary with any `null` valued entries
+# removed
+def remove_null(d_in):
+ d = d_in.copy()
+ to_remove = []
+ for k in d.keys():
+ if d[k] == None:
+ to_remove.append(k)
+ for k in to_remove:
+ del d[k]
+ return d
+
+# Deterine if two dictionaries are different
+def different(have, want):
+ have_keys = have.keys()
+ for key in want.keys():
+ if (key in have_keys and want[key] != have[key]) or key not in have_keys:
+ return True
+ return False
+
+# Get an user from MAAS using its name, if not found return None
+def get_user(maas, name):
+ res = maas.get('/users/%s/' % name)
+ if res.ok:
+ return json.loads(res.text)
+ return None
+
+# Create an user based on the value given
+def create_user(maas, user):
+ merged = user.copy()
+ # merged['op'] = 'new'
+ res = maas.post('/users/', merged)
+ if res.ok:
+ return { 'error': False, 'status': get_user(maas, merged['username']) }
+ return { 'error': True, 'status': string_or_object(res.text) }
+
+# Delete an user based on the name
+def delete_user(maas, name):
+ res = maas.delete('/users/%s/' % name)
+ if res.ok:
+ return { 'error': False }
+ return { 'error': True, 'status': string_or_object(res.text) }
+
+def main():
+ module = AnsibleModule(
+ argument_spec = dict(
+ maas=dict(default='http://localhost/MAAS/api/1.0/'),
+ key=dict(required=True),
+ name=dict(required=True),
+ email=dict(required=False),
+ password=dict(required=False),
+ is_superuser=dict(default=False, type='bool'),
+ state=dict(default='present', choices=['present', 'absent', 'query'])
+ ),
+ supports_check_mode = False
+ )
+
+ maas = module.params['maas']
+ key = module.params['key']
+ state = module.params['state']
+
+ # Construct a sparsely populate desired state
+ desired = remove_null({
+ 'username': module.params['name'],
+ 'email': module.params['email'],
+ 'password': module.params['password'],
+ 'is_superuser': 0 if not module.params['is_superuser'] else 1
+ })
+
+ # Authenticate into MAAS
+ auth = MaasAuth(maas, key)
+ maas = MaasClient(auth)
+
+ # Attempt to get the user from MAAS
+ user = get_user(maas, desired['username'])
+
+ # Actions if the user does not currently exist
+ if not user:
+ if state == 'query':
+ # If this is a query, returne it is not found
+ module.exit_json(changed=False, found=False)
+ elif state == 'present':
+ # If this should be present, then attempt to create it
+ res = create_user(maas, desired)
+ if res['error']:
+ module.fail_json(msg=res['status'])
+ else:
+ module.exit_json(changed=True, user=res['status'])
+ else:
+ # If this should be absent, then we are done and in the desired state
+ module.exit_json(changed=False)
+
+ # Done with users does not exists actions
+ return
+
+ # Actions if the user does exist
+ if state == 'query':
+ # If this is a query, return the user
+ module.exit_json(changed=False, found=True, user=user)
+ elif state == 'present':
+ # If we want this to exists check to see if this is different and
+ # needs updated
+ if different(user, desired):
+ module.fail_json(msg='Specified user, "%s", exists and MAAS does not allow the user to be modified programatically'
+ % user['username'])
+ else:
+ # No differences, to nothing to change
+ module.exit_json(changed=False, user=user)
+ else:
+ # If we don't want this user, then delete it
+ res = delete_user(maas, user['username'])
+ if res['error']:
+ module.fail_json(msg=res['status'])
+ else:
+ module.exit_json(changed=True, user=user)
+
+# this is magic, see lib/ansible/module_common.py
+#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
+if __name__ == '__main__':
+ main()