ansible  2.9.27
About: Ansible is an IT Configuration Management, Deployment \
About: Ansible (2.x) is an IT Configuration Management, Deployment & Orchestration tool.
ansible download page.
  Fossies Dox: ansible-2.9.27.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

mso_role.py
Go to the documentation of this file.
1#!/usr/bin/python
2# -*- coding: utf-8 -*-
3
4# Copyright: (c) 2018, Dag Wieers (@dagwieers) <dag@wieers.com>
5# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
6
7from __future__ import absolute_import, division, print_function
8__metaclass__ = type
9
10ANSIBLE_METADATA = {'metadata_version': '1.1',
11 'status': ['preview'],
12 'supported_by': 'community'}
13
14DOCUMENTATION = r'''
15---
16module: mso_role
17short_description: Manage roles
18description:
19- Manage roles on Cisco ACI Multi-Site.
20author:
21- Dag Wieers (@dagwieers)
22version_added: '2.8'
23options:
24 role:
25 description:
26 - The name of the role.
27 type: str
28 required: yes
29 aliases: [ name ]
30 display_name:
31 description:
32 - The name of the role to be displayed in the web UI.
33 type: str
34 description:
35 description:
36 - The description of the role.
37 type: str
38 permissions:
39 description:
40 - A list of permissions tied to this role.
41 type: list
42 choices:
43 - backup-db
44 - manage-audit-records
45 - manage-labels
46 - manage-roles
47 - manage-schemas
48 - manage-sites
49 - manage-tenants
50 - manage-tenant-schemas
51 - manage-users
52 - platform-logs
53 - view-all-audit-records
54 - view-labels
55 - view-roles
56 - view-schemas
57 - view-sites
58 - view-tenants
59 - view-tenant-schemas
60 - view-users
61 state:
62 description:
63 - Use C(present) or C(absent) for adding or removing.
64 - Use C(query) for listing an object or multiple objects.
65 type: str
66 choices: [ absent, present, query ]
67 default: present
68extends_documentation_fragment: mso
69'''
70
71EXAMPLES = r'''
72- name: Add a new role
73 mso_role:
74 host: mso_host
75 username: admin
76 password: SomeSecretPassword
77 role: readOnly
78 display_name: Read Only
79 description: Read-only access for troubleshooting
80 permissions:
81 - view-roles
82 - view-schemas
83 - view-sites
84 - view-tenants
85 - view-tenant-schemas
86 - view-users
87 state: present
88 delegate_to: localhost
89
90- name: Remove a role
91 mso_role:
92 host: mso_host
93 username: admin
94 password: SomeSecretPassword
95 role: readOnly
96 state: absent
97 delegate_to: localhost
98
99- name: Query a role
100 mso_role:
101 host: mso_host
102 username: admin
103 password: SomeSecretPassword
104 role: readOnly
105 state: query
106 delegate_to: localhost
107 register: query_result
108
109- name: Query all roles
110 mso_role:
111 host: mso_host
112 username: admin
113 password: SomeSecretPassword
114 state: query
115 delegate_to: localhost
116 register: query_result
117'''
118
119RETURN = r'''
120'''
121
122from ansible.module_utils.basic import AnsibleModule
123from ansible.module_utils.network.aci.mso import MSOModule, mso_argument_spec, issubset
124
125
126def main():
127 argument_spec = mso_argument_spec()
128 argument_spec.update(
129 role=dict(type='str', aliases=['name']),
130 display_name=dict(type='str'),
131 description=dict(type='str'),
132 permissions=dict(type='list', choices=[
133 'backup-db',
134 'manage-audit-records',
135 'manage-labels',
136 'manage-roles',
137 'manage-schemas',
138 'manage-sites',
139 'manage-tenants',
140 'manage-tenant-schemas',
141 'manage-users',
142 'platform-logs',
143 'view-all-audit-records',
144 'view-labels',
145 'view-roles',
146 'view-schemas',
147 'view-sites',
148 'view-tenants',
149 'view-tenant-schemas',
150 'view-users',
151 ]),
152 state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
153 )
154
155 module = AnsibleModule(
156 argument_spec=argument_spec,
157 supports_check_mode=True,
158 required_if=[
159 ['state', 'absent', ['role']],
160 ['state', 'present', ['role']],
161 ],
162 )
163
164 role = module.params['role']
165 description = module.params['description']
166 permissions = module.params['permissions']
167 state = module.params['state']
168
169 mso = MSOModule(module)
170
171 role_id = None
172 path = 'roles'
173
174 # Query for existing object(s)
175 if role:
176 mso.existing = mso.get_obj(path, name=role)
177 if mso.existing:
178 role_id = mso.existing['id']
179 # If we found an existing object, continue with it
180 path = 'roles/{id}'.format(id=role_id)
181 else:
182 mso.existing = mso.query_objs(path)
183
184 if state == 'query':
185 pass
186
187 elif state == 'absent':
188 mso.previous = mso.existing
189 if mso.existing:
190 if module.check_mode:
191 mso.existing = {}
192 else:
193 mso.existing = mso.request(path, method='DELETE')
194
195 elif state == 'present':
196 mso.previous = mso.existing
197
198 payload = dict(
199 id=role_id,
200 name=role,
201 displayName=role,
202 description=description,
203 permissions=permissions,
204 )
205
206 mso.sanitize(payload, collate=True)
207
208 if mso.existing:
209 if not issubset(mso.sent, mso.existing):
210 if module.check_mode:
211 mso.existing = mso.proposed
212 else:
213 mso.existing = mso.request(path, method='PUT', data=mso.sent)
214 else:
215 if module.check_mode:
216 mso.existing = mso.proposed
217 else:
218 mso.existing = mso.request(path, method='POST', data=mso.sent)
219
220 mso.exit_json()
221
222
223if __name__ == "__main__":
224 main()
def issubset(subset, superset)
Definition: mso.py:19