VhsEddlmZmZmZeZddgddZdZdZdZ dd l Z dd l m Z m Z dd lmZmZd Zdd ZdZdZdZdZdZdZedk(rey y ))absolute_importdivisionprint_functionz1.1 deprecated community)metadata_versionstatus supported_bya --- module: meraki_admin short_description: Manage administrators in the Meraki cloud version_added: '2.16.0' description: - Allows for creation, management, and visibility into administrators within Meraki. deprecated: removed_in: '3.0.0' why: Updated modules released with increased functionality alternative: cisco.meraki.organizations_admins options: name: description: - Name of the dashboard administrator. - Required when creating a new administrator. type: str email: description: - Email address for the dashboard administrator. - Email cannot be updated. - Required when creating or editing an administrator. type: str org_access: description: - Privileges assigned to the administrator in the organization. aliases: [ orgAccess ] choices: [ full, none, read-only ] type: str tags: description: - Tags the administrator has privileges on. - When creating a new administrator, C(org_name), C(network), or C(tags) must be specified. - If C(none) is specified, C(network) or C(tags) must be specified. type: list elements: dict suboptions: tag: description: - Object tag which privileges should be assigned. type: str access: description: - The privilege of the dashboard administrator for the tag. type: str networks: description: - List of networks the administrator has privileges on. - When creating a new administrator, C(org_name), C(network), or C(tags) must be specified. type: list elements: dict suboptions: id: description: - Network ID for which administrator should have privileges assigned. type: str network: description: - Network name for which administrator should have privileges assigned. type: str access: description: - The privilege of the dashboard administrator on the network. - Valid options are C(full), C(read-only), or C(none). type: str state: description: - Create or modify, or delete an organization - If C(state) is C(absent), name takes priority over email if both are specified. choices: [ absent, present, query ] required: true type: str org_name: description: - Name of organization. - Used when C(name) should refer to another object. - When creating a new administrator, C(org_name), C(network), or C(tags) must be specified. aliases: ['organization'] type: str author: - Kevin Breit (@kbreit) extends_documentation_fragment: cisco.meraki.meraki a\ - name: Query information about all administrators associated to the organization meraki_admin: auth_key: abc12345 org_name: YourOrg state: query delegate_to: localhost - name: Query information about a single administrator by name meraki_admin: auth_key: abc12345 org_id: 12345 state: query name: Jane Doe - name: Query information about a single administrator by email meraki_admin: auth_key: abc12345 org_name: YourOrg state: query email: jane@doe.com - name: Create new administrator with organization access meraki_admin: auth_key: abc12345 org_name: YourOrg state: present name: Jane Doe org_access: read-only email: jane@doe.com - name: Create new administrator with organization access meraki_admin: auth_key: abc12345 org_name: YourOrg state: present name: Jane Doe org_access: read-only email: jane@doe.com - name: Create a new administrator with organization access meraki_admin: auth_key: abc12345 org_name: YourOrg state: present name: Jane Doe org_access: read-only email: jane@doe.com - name: Revoke access to an organization for an administrator meraki_admin: auth_key: abc12345 org_name: YourOrg state: absent email: jane@doe.com - name: Create a new administrator with full access to two tags meraki_admin: auth_key: abc12345 org_name: YourOrg state: present name: Jane Doe orgAccess: read-only email: jane@doe.com tags: - tag: tenant access: full - tag: corporate access: read-only - name: Create a new administrator with full access to a network meraki_admin: auth_key: abc12345 org_name: YourOrg state: present name: Jane Doe orgAccess: read-only email: jane@doe.com networks: - id: N_12345 access: full a data: description: List of administrators. returned: success type: complex contains: email: description: Email address of administrator. returned: success type: str sample: your@email.com id: description: Unique identification number of administrator. returned: success type: str sample: 1234567890 name: description: Given name of administrator. returned: success type: str sample: John Doe account_status: description: Status of account. returned: success type: str sample: ok two_factor_auth_enabled: description: Enabled state of two-factor authentication for administrator. returned: success type: bool sample: false has_api_key: description: Defines whether administrator has an API assigned to their account. returned: success type: bool sample: false last_active: description: Date and time of time the administrator was active within Dashboard. returned: success type: str sample: 2019-01-28 14:58:56 -0800 networks: description: List of networks administrator has access on. returned: success type: complex contains: id: description: The network ID. returned: when network permissions are set type: str sample: N_0123456789 access: description: Access level of administrator. Options are 'full', 'read-only', or 'none'. returned: when network permissions are set type: str sample: read-only tags: description: Tags the administrator has access on. returned: success type: complex contains: tag: description: Tag name. returned: when tag permissions are set type: str sample: production access: description: Access level of administrator. Options are 'full', 'read-only', or 'none'. returned: when tag permissions are set type: str sample: full org_access: description: The privilege of the dashboard administrator on the organization. Options are 'full', 'read-only', or 'none'. returned: success type: str sample: full N) AnsibleModulejson) MerakiModulemeraki_argument_speccp|j|jdd|d}|jdk(r|Sy)Nqueryadminfunctionorg_idGETmethod)requestconstruct_pathr )merakiradminss m/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/cisco/meraki/plugins/modules/meraki_admin.py get_adminsr sN ^^    F}} cd}|D]n}|jd1|jd|dk(s(||jd=|d}C|jdsS|jd|dk(si|dcS||jd|S)Nnamez4There are multiple administrators with the same namemsgidemailzNo admin_id found)params fail_json)rdatar!r%admin_idas r get_admin_idr+sH   == ,}}V$& 1'$$)_$` wH ]]7 #}}W%73w 01 OrcN|D]}|d|k(s |cS|jdy)Nr$z)No admin found by specified name or emailr")r')rr(r$r*s r get_adminr-)s5  T7b=H DErc*|D]}|d|k(s |cSy)Nr%)rr(r%r*s r find_adminr00s'  W: H rcz|jdd||z}|j|d}|jdk(r|Sy)NrevokerrDELETEr)rrr )rrr)pathrs r delete_adminr87sN  76 BX MDt&  A}}rcg}|D]d}d|vr?|d:|j|j|jd|d||ddFd|vsK|j|d|ddf|S)Nnetworkorg_name)r;net_namer(access)r$r=r$)append get_net_idr&)rnetworksnets networks_newns rnetwork_factoryrD@sL  $ >a l6   v'8'8&--PZB[BCI,>B(9(D,-X;!# $ QY   qw+,X;!# $ $ rct}||d<||d<t|t|||}|jd|jd|d<|jd|jd|d<|jd1|j |}t ||jd|}||d<||j jdur:||jd <d|jd <|jdi|j|jd d | }|j|dtj|} |jdk(rd|jd <| Sy|f|jdsg|d<|jdsg|d<|j||dur|j jdur]|j!|||j#|d|jd <||jd <|jdi|j|jdd | |dz}|j|dtj|} |jdk(rd|jd <| Sy||jd <|j jdur+||jd <|jdi|jyy)Nr!r% org_access orgAccesstagsr@r3Tr(changedcreaterrPOST)rpayloadupdater$PUTrr/)dictr0rr&get_netsrDmodule check_moderesult exit_jsonrrr dumpsr is_update_required generate_diffrN) rrr!r%rLis_admin_existingrAr@r6r7s r create_adminr[QsfGGFOGG"6:ff+EuM }}\".%}}\:  }}V( --/ }}Z ,f-"66==+DdK&  == # #t +$+FMM& !'+FMM) $ F   -v}} -$$X$O NN4"(#'::g#6   ==C '+FMM) $H   &}}V$ GFO}}Z("$GJ   $ $%6 @D H}}''4/$$%6@!((1+/ i((/ f%   16==1((GF(SVghlVmmDt&+'+zz'':!A}}#+/ i($%6FMM& !}}''4/(/ f%   16==13 'rc bttdtdtd}ttdtd}t}|jtdgddtdtdtddggd  td d | td d | tddgtdt|d}t |d}d|_d|j d<ddi}ddi}ddi}ddi}||jd<||jd<||jd<||jd< tjd|j d<|j ddk(r9dd g|_ |j d!s!|j d"s|jd#$dgd%gd gfg|_ |j d"} |j d"s|j|j d!} |j ddk(rt|| } |j ds|j d s| |j d&<|j dHt#|| |j d'} | |j d&<t%|| | } | |j d&<n`|j d Pt#|| |j d (} | |j d&<t%|| | } | |j d&<n|j dd)k(r=t'|| |j d|j d } | d*k7r| |j d&<n|j dd%k(r|j(j*dur:i|j d&<d|j d+<|j,d,i|j t#|t|| |j d (} t/|| | } | d*k7r| |j d&<d|j d+<|j,d,i|j y#t$rYwxYw)-Nstr)type)r$r:r=)tagr=)presentrabsentT)r^choicesrequiredrG)fullz read-onlynone)r^aliasesrblistrQ)r^elementsoptions organization)r^rf)stater!r%rFrHr@r;r) argument_specsupports_check_moder)rallfollow_redirectsz/organizations/{org_id}/adminsz/organizations/{org_id}/admins/rrJrNr2 MERAKI_KEYauth_keyrkr!r%r;rzorg_name or org_id requiredr"rar()r!)r%r`rPrIr/)rQrrNr r rr& url_catalogosenvironKeyErrormututally_exclusiver' required_if get_org_idrrUr+r-r[rSrTrVr8)network_arg_spec tag_arg_specrlrSr query_urls create_urls update_urls revoke_urlsrrr)rr7s rmainrs!t/$(e$4#'U#3 De,#/L)*Mt8Vaef".#/$(ek]Tq$r"V"&FVM]"^"&EN;K"L $% 0/3F&7 3FFO(-FMM$%;J<K=K=K#-Fw#.Fx #.Fx #.Fx  $&JJ|$< j!}}W(&,g%6"}}Z(x1H   !>  ?#9xj7)<F ]]8 $F == """6==#<= }}W(FF+}}V$V]]7-C$*FMM& ! == ,#FFv9NOH$,FMM& !ffh7E$)FMM& ! ]]7 # /#FF&--:PQH$,FMM& !ffh7E$)FMM& ! w 9 , v.w/  7$%FMM& ! w 8 + == # #t +$&FMM& !'+FMM) $ F   -v}} - *66 :&,mmG&<"  2 7$%FMM& !'+FMM) $F%v}}%w    s P!! P.-P.__main__)NN) __future__rrrr^ __metaclass__ANSIBLE_METADATA DOCUMENTATIONEXAMPLESRETURNrsansible.module_utils.basicr r Kansible_collections.cisco.meraki.plugins.module_utils.network.meraki.merakir rrr+r-r0r8rDr[r__name__r/rrrsA@ n R hQ fM ^ :z "F"5po&d zFr