#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2019 Kirill Shirinkin (kirill@mkdev.me) # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import absolute_import, division, print_function __metaclass__ = type DOCUMENTATION = ''' --- module: external_usergroup version_added: 1.0.0 short_description: Manage External User Groups description: - Create, update, and delete external user groups author: - "Kirill Shirinkin (@Fodoj)" options: name: description: - Name of the group required: true type: str usergroup: description: - Name of the linked usergroup required: true type: str auth_source: description: - Name of the authentication source to be used for this group required: true type: str aliases: - auth_source_ldap extends_documentation_fragment: - theforeman.foreman.foreman - theforeman.foreman.foreman.entity_state ''' EXAMPLES = ''' - name: Create an external user group theforeman.foreman.external_usergroup: name: test auth_source: "My LDAP server" usergroup: "Internal Usergroup" state: present - name: Link a group from FreeIPA theforeman.foreman.external_usergroup: name: ipa_users auth_source: "External" usergroup: "Internal Usergroup" state: present ''' RETURN = ''' entity: description: Final state of the affected entities grouped by their type. returned: success type: dict contains: external_usergroups: description: List of external usergroups. type: list elements: dict ''' from ansible_collections.theforeman.foreman.plugins.module_utils.foreman_helper import ForemanEntityAnsibleModule class ForemanExternalUsergroupModule(ForemanEntityAnsibleModule): pass def main(): module = ForemanExternalUsergroupModule( foreman_spec=dict( name=dict(required=True), usergroup=dict(required=True, type='entity', ensure=False), auth_source=dict(required=True, aliases=['auth_source_ldap'], type='entity', flat_name='auth_source_id', resource_type='auth_sources'), auth_source_ldap=dict(type='entity', invisible=True, flat_name='auth_source_id'), auth_source_external=dict(type='entity', invisible=True, flat_name='auth_source_id'), ), ) entity = None with module.api_connection(): params = module.scope_for('usergroup') # There is no way to find by name via API search, so we need # to iterate over all external user groups of a given usergroup for external_usergroup in module.list_resource("external_usergroups", params=params): if external_usergroup['name'] == module.foreman_params['name']: entity = external_usergroup module.set_entity('entity', entity) auth_source = module.lookup_entity('auth_source') if auth_source.get('type') == 'AuthSourceExternal': module.set_entity('auth_source_external', auth_source) elif auth_source.get('type') == 'AuthSourceLdap': module.set_entity('auth_source_ldap', auth_source) else: module.fail_json(msg="Unsupported authentication source type: {0}".format(auth_source.get('type'))) module.run(params=params) if __name__ == '__main__': main()