VMware: update vmware_local_role_manager with action (#44566)

With this fix user can add, remove and set privileges to
an existing role with privileges.

Fixes: #44391

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde 2018-09-07 09:33:50 +05:30 committed by GitHub
commit e653a93044
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 243 additions and 57 deletions

View file

@ -1,5 +1,5 @@
# Test code for the vmware_local_role_manager module
# Copyright: (c) 2017, Abhijeet Kasurde <akasurde@redhat.com>
# Copyright: (c) 2017-2018, Abhijeet Kasurde <akasurde@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: store the vcenter container ip
@ -30,7 +30,7 @@
- debug: var=vcsim_instance
- name: Role creation
- name: Create a role without privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
@ -40,14 +40,14 @@
state: present
register: role_creation_0001
- name: verify if role is created
- name: Verify if role is created
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.local_role_name is defined }}"
- name: Create role again
- name: Again create a role without privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
@ -62,7 +62,7 @@
that:
- "{{ role_creation_0001.changed == false }}"
- name: delete role
- name: Delete a role
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
@ -72,12 +72,12 @@
state: absent
register: role_creation_0001
- name: verify if role is not present
- name: Verify if role is not present
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- name: delete role again
- name: Delete role again
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
@ -87,12 +87,12 @@
state: absent
register: role_creation_0001
- name: verify if role is not present again
- name: Verify if role is absent again
assert:
that:
- "{{ role_creation_0001.changed == false }}"
- name: Create role with privileges
- name: Create a role with privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
@ -103,27 +103,139 @@
state: present
register: role_creation_0001
- name: verify if role is created with privileges
- name: Verify if role is created with privileges
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- "{{ role_creation_0001.role_id is defined }}"
- name: Create role with privileges additional privileges
- name: Add a privilege to existing privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['VirtualMachine.State.RenameSnapshot', 'Folder.Create']
local_privilege_ids: ['Folder.Create']
action: add
state: present
register: role_creation_0001
- name: verify if role is created with updated privileges
- name: Verify if role is updated with updated privileges
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.old_privileges is defined }}"
- "{{ role_creation_0001.new_privileges is defined }}"
- name: Again add a privilege to existing privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['Folder.Create']
action: add
state: present
register: role_creation_0001
- name: Verify if role is not updated
assert:
that:
- "{{ role_creation_0001.changed == false }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.old_privileges is defined }}"
- "{{ role_creation_0001.new_privileges is defined }}"
- name: Remove a privilege from existing privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['Folder.Create']
action: remove
register: role_creation_0001
- name: verify if role is updated with privileges
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.old_privileges is defined }}"
- "{{ role_creation_0001.new_privileges is defined }}"
- "{{ 'Folder.Create' not in role_creation_0001.new_privileges }}"
- name: Again remove a privilege from existing privileges
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['Folder.Create']
action: remove
register: role_creation_0001
- name: Verify if role is not updated
assert:
that:
- "{{ role_creation_0001.changed == false }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.old_privileges is defined }}"
- "{{ role_creation_0001.new_privileges is defined }}"
- "{{ 'Folder.Create' not in role_creation_0001.new_privileges }}"
- "{{ 'Folder.Create' not in role_creation_0001.old_privileges }}"
- name: Set a privilege to an existing role
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['Folder.Create']
action: set
register: role_creation_0001
- name: Verify if role is updated with privileges
assert:
that:
- "{{ role_creation_0001.changed == true }}"
- "{{ role_creation_0001.role_id is defined }}"
- "{{ role_creation_0001.old_privileges is defined }}"
- "{{ role_creation_0001.new_privileges is defined }}"
- "{{ 'Folder.Create' in role_creation_0001.new_privileges }}"
- "{{ 'System.Anonymous' in role_creation_0001.new_privileges }}"
- "{{ 'System.Read' in role_creation_0001.new_privileges }}"
- "{{ 'System.View' in role_creation_0001.new_privileges }}"
- "{{ 'System.Anonymous' in role_creation_0001.old_privileges }}"
- "{{ 'System.Read' in role_creation_0001.old_privileges }}"
- "{{ 'System.View' in role_creation_0001.old_privileges }}"
- name: Again set a privilege to an existing role
vmware_local_role_manager:
hostname: "{{ vcsim }}"
username: "{{ vcsim_instance['json']['username'] }}"
password: "{{ vcsim_instance['json']['password'] }}"
local_role_name: SampleRole_0001
validate_certs: no
local_privilege_ids: ['Folder.Create']
action: set
register: role_creation_0001
- name: verify if role is not updated
assert:
that:
- "{{ role_creation_0001.changed == false }}"
- "{{ 'Folder.Create' in role_creation_0001.new_privileges }}"
- "{{ 'System.Anonymous' in role_creation_0001.new_privileges }}"
- "{{ 'System.Read' in role_creation_0001.new_privileges }}"
- "{{ 'System.View' in role_creation_0001.new_privileges }}"
- "{{ 'Folder.Create' in role_creation_0001.old_privileges }}"
- "{{ 'System.Anonymous' in role_creation_0001.old_privileges }}"
- "{{ 'System.Read' in role_creation_0001.old_privileges }}"
- "{{ 'System.View' in role_creation_0001.old_privileges }}"