Vh8ddlmZmZmZeZdZdZddlZdZ ddl Z dZ ddlmZmZddlmZGd d eZGd d eZdd ZdZdZdZdZdZedk(reyy#e $rejZ dZ Y_wxYw))absolute_importdivisionprint_functiona module: vertica_user short_description: Adds or removes Vertica database users and assigns roles description: - Adds or removes Vertica database user and, optionally, assigns roles. - A user is not removed until all the dependencies have been dropped. - In such a situation, if the module tries to remove the user it fails and only remove roles granted to the user. extends_documentation_fragment: - community.general.attributes attributes: check_mode: support: full diff_mode: support: none options: user: description: - Name of the user to add or remove. required: true type: str aliases: ['name'] profile: description: - Sets the user's profile. type: str resource_pool: description: - Sets the user's resource pool. type: str password: description: - The user's password encrypted by the MD5 algorithm. - The password must be generated with the format C("md5" + md5[password + username]), resulting in a total of 35 characters. An easy way to do this is by querying the Vertica database with select V('md5'|| md5(''\)). type: str expired: description: - Sets the user's password expiration. type: bool ldap: description: - Set to V(true) if users are authenticated using LDAP. - The user is created with password expired and set to V($ldap$). type: bool roles: description: - Comma separated list of roles to assign to the user. aliases: ['role'] type: str state: description: - Whether to create (V(present)), drop (V(absent)), or lock (V(locked)) a user. choices: ['present', 'absent', 'locked'] default: present type: str db: description: - Name of the Vertica database. type: str cluster: description: - Name of the Vertica cluster. default: localhost type: str port: description: - Vertica cluster port to connect to. default: '5433' type: str login_user: description: - The username used to authenticate with. default: dbadmin type: str login_password: description: - The password used to authenticate with. type: str notes: - The default authentication assumes that you are either logging in as or sudo'ing to the C(dbadmin) account on the host. - This module uses C(pyodbc), a Python ODBC database adapter. You must ensure that C(unixODBC) and C(pyodbc) is installed on the host and properly configured. - Configuring C(unixODBC) for Vertica requires C(Driver = /opt/vertica/lib64/libverticaodbc.so) to be added to the C(Vertica) section of either C(/etc/odbcinst.ini) or C($HOME/.odbcinst.ini) and both C(ErrorMessagesPath = /opt/vertica/lib64) and C(DriverManagerEncoding = UTF-16) to be added to the C(Driver) section of either C(/etc/vertica.ini) or C($HOME/.vertica.ini). requirements: ['unixODBC', 'pyodbc'] author: "Dariusz Owczarek (@dareko)" aW - name: Creating a new vertica user with password community.general.vertica_user: name=user_name password=md5 db=db_name state=present - name: Creating a new vertica user authenticated via ldap with roles assigned community.general.vertica_user: name=user_name ldap=true db=db_name roles=schema_name_ro state=present NTF) AnsibleModulemissing_required_lib) to_nativec eZdZy)NotSupportedErrorN__name__ __module__ __qualname__r/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/general/plugins/modules/vertica_user.pyr r zrr c eZdZy)CannotDropErrorNr rrrrr~rrrc i}|jd|| |jd}|s |S|D]}|jj}|jt |j |j t |j|j|jggd||<|j rt |j||d<|jr1|jjddjd||d<|js|jjddjd||d <9) NaN select u.user_name, u.is_locked, u.lock_time, p.password, p.acctexpired as is_expired, u.profile_name, u.resource_pool, u.all_roles, u.default_roles from users u join password_auditor p on p.user_id = u.user_id where not u.is_super_user and (? = '' or u.user_name ilike ?) d)namelockedpasswordexpiredprofile resource_poolroles default_roles locked_time ,rr)execute fetchmany user_namelowerstr is_lockedr is_expired profile_namer lock_time all_rolesreplacesplitr)cursoruserfactsrowsrowuser_keys rget_user_factsr5s= E NN t $ $ L# aC}}**,H cmm,LLs~~.++!$!2!2!#%E(O}}14S]]1Ch .}}+.==+@+@b+I+O+OPS+Th(  363D3D3L3LSRT3U3[3[\_3`h0! a rctt|t|z }|r0|jdjdj ||tt|t|z }|r0|jdjdj |||r1|jdj|dj |yy)Nzrevoke {0} from {1}r"zgrant {0} to {1}zalter user {0} default role {1})listsetr#formatjoin) user_factsr/r0 existing_allexisting_defaultrequired del_roles new_roless r update_rolesrAsS&X67I,33CHHY4GNOS]S%667I)00)1DdKL8??chhxFXYZrc \|j} | |vry|r ||| dk7ry|r ||| dk7ry||| ddk(k7ry|r ||| dk7ry|||| ddk(k7s|||| ddk(k7ry|r;t|t|| dk7st|t|| d k7ryy ) NFrrrTruerrrrT)r&sorted) r;r0rrrrrldaprr4s rcheckrFszz|Hz!7j29==*X*>*OO *X&x0F:;H 8 4Z @@Jx,@,Kv,U V  *X*>y*IV*S!T &-6*X*>w*G#HH-6*X*>*O#PP rc |j} | |vr*dj|g} |r| jd|s|r4|r!| jdj|n| jd|s|r| jd|r | jdj||r | jdj||jdj | |r&|d k7r!|jd j||t |||gg| |j t||y d } d j|g} |7||| ddk(k7r)|rd} nd} | jdj| d } |r-||| dk7r"| jdj|d } |r"||| ddk(k7rE| jdd } n1|/||| ddk(k7r!|r| jdd } n td|r-||| dk7r"| jdj|d } |r||| dk7rz| jdj||| dd k7r'|jdj|| d||d k7r!|jd j||d } | r |jdj | | rXt| t|| dk7st| t|| dk7rt ||||| d|| d| d } | r|j t||| S)Nzcreate user {0}z account lockzidentified by '{0}'zidentified by '$ldap$'zpassword expirez profile {0}zresource pool {0}r generalz'grant usage on resource pool {0} to {1}TFzalter user {0}rrClockunlockz account {0}rrz*Unexpiring user password is not supported.rrz*revoke usage on resource pool {0} from {1}rr) r&r9appendr#r:rAupdater5r rD)r;r/r0rrrrrrErr4query_fragmentschangedstates rpresentrPszz|Hz!,33D9:   " "> 2 t&&'<'C'CH'MN&&'?@ d  " "#4 5   " "=#7#7#@ A   " "#6#=#=m#L Msxx01 ]i7 NNDKKt% &Zr2u=.67+22489  &Z-A(-Kv-U"V   " "=#7#7#> ?G Jx$8$DD  " "#8#?#?#I JG  8,Y76AB&&'89  WH1Ei1PTZ1Z%[&&'89'(TUU w*X"6y"AA  " "=#7#7#@ AG ]j.B?.SS  " "#6#=#=m#L M(#O4 AKRRx(94 AB )HOO!4 )*G  NN388O4 5 fUmvj.B7.K'LLUmvj.B?.S'TT VT#H-g6 88L_8]_d fG    nVT: ;rc|j}||vrGt|||||d||dg |jdj||d||=yy#tj $r t dwxYw)Nrrz drop user {0}rz)Dropping user failed due to dependencies.TF)r&rAr#r9pyodbcErrorr)r;r/r0rr4s rabsentrTszz|H:Z)'2Jx4H4Y[] _ O NN?11*X2Fv2NO P x  || O!"MN N Os &AA<cJtttddgtttdtdtdtdgtd gd  ttd td td td d}ts |jt dt |j d}|j d}|r|j}|j d}|r|j}|j d}|j d}|j d}g}|j dr*|j djd}td|}|j d}|dk(rd} nd} d} |j d r|j d } d} d!j|j d"|j d#| |j d$|j d%d&} tj| d'} | j} t}|j rt#||||| |||| } n.|d*k(r t%||||} n|d+vr t/|||||| |||| } |j7| |d,i.y#t$r+}|jd(j|)Yd}~d}~wwxYw#tj&$r8}|jt)|t+j,Yd}~d}~wwxYw#tj&$r8}|jt)|t+j,Yd}~d}~wwxYw#t0$r)}|jt)|d,i-Yd}~d}~wt2$r)}|jt)|d,i-Yd}~Gd}~wt4$rt$r9}|jt)|t+j,Yd}~d}~wwxYw)/NTr)r>aliases)no_logbool)typerole)rVrP)rTrPr)defaultchoices localhost)r[5433dbadmin) r0rrrrrErrOdbclusterport login_userlogin_password) argument_specsupports_check_moderR)msg exceptionr0rrrrrErr"rOrFr!r`z_Driver=Vertica;Server={0};Port={1};Database={2};User={3};Password={4};ConnectionLoadBalance={5}rarbrcrdtrue) autocommitz#Unable to connect to database: {0}.)rgrT)rPr vertica_users)rg ansible_facts)rNr0rl)rdict pyodbc_found fail_jsonrPYODBC_IMP_ERRparamsr&r.filterr9rRconnectr/ Exceptionr5 check_moderFrTrSr traceback format_excrPr r SystemExit exit_json)moduler0rrrrrErrOrr`rNdsndb_connr/er;s rmainr~"s tfX6F&&f%6"x(y2QRv-f%I.t,  $%F" 1(;~V == DmmI&G--/MM/2M%++- }}Z(HmmI&G == D E }}W g&,,S1tU# MM' "E  B }}T ]]4 GN ( &y)6==+@"|,fmmrsA@ W r  LJA   i F [,EP "Y^x zF])Y))+NLsA##A>=A>