mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-24 05:40:23 -07:00
VMware: update vmware_local_role_manager with action (#44566)
With this fix user can add, remove and set privileges to an existing role with privileges. Fixes: #44391 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
parent
46856b0747
commit
e653a93044
2 changed files with 243 additions and 57 deletions
|
@ -1,5 +1,5 @@
|
|||
# Test code for the vmware_local_role_manager module
|
||||
# Copyright: (c) 2017, Abhijeet Kasurde <akasurde@redhat.com>
|
||||
# Copyright: (c) 2017-2018, Abhijeet Kasurde <akasurde@redhat.com>
|
||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
|
||||
- name: store the vcenter container ip
|
||||
|
@ -30,7 +30,7 @@
|
|||
|
||||
- debug: var=vcsim_instance
|
||||
|
||||
- name: Role creation
|
||||
- name: Create a role without privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
|
@ -40,14 +40,14 @@
|
|||
state: present
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is created
|
||||
- name: Verify if role is created
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.local_role_name is defined }}"
|
||||
|
||||
- name: Create role again
|
||||
- name: Again create a role without privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
|
@ -62,7 +62,7 @@
|
|||
that:
|
||||
- "{{ role_creation_0001.changed == false }}"
|
||||
|
||||
- name: delete role
|
||||
- name: Delete a role
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
|
@ -72,12 +72,12 @@
|
|||
state: absent
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is not present
|
||||
- name: Verify if role is not present
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
|
||||
- name: delete role again
|
||||
- name: Delete role again
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
|
@ -87,12 +87,12 @@
|
|||
state: absent
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is not present again
|
||||
- name: Verify if role is absent again
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == false }}"
|
||||
|
||||
- name: Create role with privileges
|
||||
- name: Create a role with privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
|
@ -103,27 +103,139 @@
|
|||
state: present
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is created with privileges
|
||||
- name: Verify if role is created with privileges
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
|
||||
- name: Create role with privileges additional privileges
|
||||
- name: Add a privilege to existing privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['VirtualMachine.State.RenameSnapshot', 'Folder.Create']
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: add
|
||||
state: present
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is created with updated privileges
|
||||
- name: Verify if role is updated with updated privileges
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.old_privileges is defined }}"
|
||||
- "{{ role_creation_0001.new_privileges is defined }}"
|
||||
|
||||
- name: Again add a privilege to existing privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: add
|
||||
state: present
|
||||
register: role_creation_0001
|
||||
|
||||
- name: Verify if role is not updated
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == false }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.old_privileges is defined }}"
|
||||
- "{{ role_creation_0001.new_privileges is defined }}"
|
||||
|
||||
- name: Remove a privilege from existing privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: remove
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is updated with privileges
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.old_privileges is defined }}"
|
||||
- "{{ role_creation_0001.new_privileges is defined }}"
|
||||
- "{{ 'Folder.Create' not in role_creation_0001.new_privileges }}"
|
||||
|
||||
- name: Again remove a privilege from existing privileges
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: remove
|
||||
register: role_creation_0001
|
||||
|
||||
- name: Verify if role is not updated
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == false }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.old_privileges is defined }}"
|
||||
- "{{ role_creation_0001.new_privileges is defined }}"
|
||||
- "{{ 'Folder.Create' not in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'Folder.Create' not in role_creation_0001.old_privileges }}"
|
||||
|
||||
- name: Set a privilege to an existing role
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: set
|
||||
register: role_creation_0001
|
||||
|
||||
- name: Verify if role is updated with privileges
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == true }}"
|
||||
- "{{ role_creation_0001.role_id is defined }}"
|
||||
- "{{ role_creation_0001.old_privileges is defined }}"
|
||||
- "{{ role_creation_0001.new_privileges is defined }}"
|
||||
- "{{ 'Folder.Create' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.Anonymous' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.Read' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.View' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.Anonymous' in role_creation_0001.old_privileges }}"
|
||||
- "{{ 'System.Read' in role_creation_0001.old_privileges }}"
|
||||
- "{{ 'System.View' in role_creation_0001.old_privileges }}"
|
||||
|
||||
- name: Again set a privilege to an existing role
|
||||
vmware_local_role_manager:
|
||||
hostname: "{{ vcsim }}"
|
||||
username: "{{ vcsim_instance['json']['username'] }}"
|
||||
password: "{{ vcsim_instance['json']['password'] }}"
|
||||
local_role_name: SampleRole_0001
|
||||
validate_certs: no
|
||||
local_privilege_ids: ['Folder.Create']
|
||||
action: set
|
||||
register: role_creation_0001
|
||||
|
||||
- name: verify if role is not updated
|
||||
assert:
|
||||
that:
|
||||
- "{{ role_creation_0001.changed == false }}"
|
||||
- "{{ 'Folder.Create' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.Anonymous' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.Read' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'System.View' in role_creation_0001.new_privileges }}"
|
||||
- "{{ 'Folder.Create' in role_creation_0001.old_privileges }}"
|
||||
- "{{ 'System.Anonymous' in role_creation_0001.old_privileges }}"
|
||||
- "{{ 'System.Read' in role_creation_0001.old_privileges }}"
|
||||
- "{{ 'System.View' in role_creation_0001.old_privileges }}"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue