From f756a49fc228a64bd8258bc68158a7645e55820d Mon Sep 17 00:00:00 2001 From: Alex Stephen Date: Mon, 18 Jun 2018 17:31:53 +0000 Subject: [PATCH] Magic Modules changes. --- plugins/modules/gcp_compute_route.py | 8 +- .../modules/gcp_storage_default_object_acl.py | 357 ------------------ .../gcp_storage_object_access_control.py | 357 ------------------ 3 files changed, 4 insertions(+), 718 deletions(-) delete mode 100644 plugins/modules/gcp_storage_default_object_acl.py delete mode 100644 plugins/modules/gcp_storage_object_access_control.py diff --git a/plugins/modules/gcp_compute_route.py b/plugins/modules/gcp_compute_route.py index baa2b74..f15b990 100644 --- a/plugins/modules/gcp_compute_route.py +++ b/plugins/modules/gcp_compute_route.py @@ -287,10 +287,10 @@ def main(): if fetch: if state == 'present': if is_different(module, fetch): - fetch = update(module, self_link(module), kind, fetch) + fetch = update(module, self_link(module), kind) changed = True else: - delete(module, self_link(module), kind, fetch) + delete(module, self_link(module), kind) fetch = {} changed = True else: @@ -310,12 +310,12 @@ def create(module, link, kind): return wait_for_operation(module, auth.post(link, resource_to_request(module))) -def update(module, link, kind, fetch): +def update(module, link, kind): auth = GcpSession(module, 'compute') return wait_for_operation(module, auth.put(link, resource_to_request(module))) -def delete(module, link, kind, fetch): +def delete(module, link, kind): auth = GcpSession(module, 'compute') return wait_for_operation(module, auth.delete(link)) diff --git a/plugins/modules/gcp_storage_default_object_acl.py b/plugins/modules/gcp_storage_default_object_acl.py deleted file mode 100644 index f73715a..0000000 --- a/plugins/modules/gcp_storage_default_object_acl.py +++ /dev/null @@ -1,357 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Copyright (C) 2017 Google -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file at -# https://www.github.com/GoogleCloudPlatform/magic-modules -# -# ---------------------------------------------------------------------------- - -from __future__ import absolute_import, division, print_function -__metaclass__ = type - -################################################################################ -# Documentation -################################################################################ - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ["preview"], - 'supported_by': 'community'} - -DOCUMENTATION = ''' ---- -module: gcp_storage_default_object_acl -description: - - The ObjectAccessControls resources represent the Access Control Lists (ACLs) for - objects within Google Cloud Storage. ACLs let you specify who has access to your - data and to what extent. - - 'There are two roles that can be assigned to an entity: READERs can get an object, - though the acl property will not be revealed.' - - OWNERs are READERs, and they can get the acl property, update an object, and call - all objectAccessControls methods on the object. The owner of an object is always - an OWNER. - - For more information, see Access Control, with the caveat that this API uses READER - and OWNER instead of READ and FULL_CONTROL. -short_description: Creates a GCP DefaultObjectACL -version_added: 2.6 -author: Google Inc. (@googlecloudplatform) -requirements: - - python >= 2.6 - - requests >= 2.18.4 - - google-auth >= 1.3.0 -options: - state: - description: - - Whether the given object should exist in GCP - choices: ['present', 'absent'] - default: 'present' - bucket: - description: - - The name of the bucket. - required: true - entity: - description: - - 'The entity holding the permission, in one of the following - forms: user-userId user-email group-groupId group-email - domain-domain project-team-projectId allUsers - allAuthenticatedUsers Examples: The user liz@example.com would be - user-liz@example.com.' - - The group example@googlegroups.com would be group-example@googlegroups.com. - - To refer to all members of the Google Apps for Business domain example.com, the - entity would be domain-example.com. - required: true - entity_id: - description: - - The ID for the entity. - required: false - object: - description: - - The name of the object, if applied to an object. - required: false - project_team: - description: - - The project team associated with the entity. - required: false - suboptions: - project_number: - description: - - The project team associated with the entity. - required: false - team: - description: - - The team. - required: false - choices: ['editors', 'owners', 'viewers'] - role: - description: - - The access permission for the entity. - required: false - choices: ['OWNER', 'READER'] -extends_documentation_fragment: gcp -''' - - -RETURN = ''' - bucket: - description: - - The name of the bucket. - returned: success - type: dict - domain: - description: - - The domain associated with the entity. - returned: success - type: str - email: - description: - - The email address associated with the entity. - returned: success - type: str - entity: - description: - - 'The entity holding the permission, in one of the following - forms: user-userId user-email group-groupId group-email - domain-domain project-team-projectId allUsers - allAuthenticatedUsers Examples: The user liz@example.com would be - user-liz@example.com.' - - The group example@googlegroups.com would be group-example@googlegroups.com. - - To refer to all members of the Google Apps for Business domain example.com, the - entity would be domain-example.com. - returned: success - type: str - entity_id: - description: - - The ID for the entity. - returned: success - type: str - generation: - description: - - The content generation of the object, if applied to an object. - returned: success - type: int - id: - description: - - The ID of the access-control entry. - returned: success - type: str - object: - description: - - The name of the object, if applied to an object. - returned: success - type: str - project_team: - description: - - The project team associated with the entity. - returned: success - type: complex - contains: - project_number: - description: - - The project team associated with the entity. - returned: success - type: str - team: - description: - - The team. - returned: success - type: str - role: - description: - - The access permission for the entity. - returned: success - type: str -''' - -################################################################################ -# Imports -################################################################################ - -from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict -import json - -################################################################################ -# Main -################################################################################ - - -def main(): - """Main function""" - - module = GcpModule( - argument_spec=dict( - state=dict(default='present', choices=['present', 'absent'], type='str'), - bucket=dict(required=True, type='dict'), - entity=dict(required=True, type='str'), - entity_id=dict(type='str'), - object=dict(type='str'), - project_team=dict(type='dict', options=dict( - project_number=dict(type='str'), - team=dict(type='str', choices=['editors', 'owners', 'viewers']) - )), - role=dict(type='str', choices=['OWNER', 'READER']) - ) - ) - - state = module.params['state'] - kind = 'storage#objectAccessControl' - - fetch = fetch_resource(module, self_link(module), kind) - changed = False - - if fetch: - if state == 'present': - if is_different(module, fetch): - fetch = update(module, self_link(module), kind) - changed = True - else: - delete(module, self_link(module), kind) - fetch = {} - changed = True - else: - if state == 'present': - fetch = create(module, collection(module), kind) - changed = True - else: - fetch = {} - - fetch.update({'changed': changed}) - - module.exit_json(**fetch) - - -def create(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.post(link, resource_to_request(module)), kind) - - -def update(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.put(link, resource_to_request(module)), kind) - - -def delete(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.delete(link), kind) - - -def resource_to_request(module): - request = { - u'kind': 'storage#objectAccessControl', - u'bucket': replace_resource_dict(module.params.get(u'bucket', {}), 'name'), - u'entity': module.params.get('entity'), - u'entityId': module.params.get('entity_id'), - u'object': module.params.get('object'), - u'projectTeam': DefaObjeAclProjTeam(module.params.get('project_team', {}), module).to_request(), - u'role': module.params.get('role') - } - return_vals = {} - for k, v in request.items(): - if v: - return_vals[k] = v - - return return_vals - - -def fetch_resource(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.get(link), kind) - - -def self_link(module): - return "https://www.googleapis.com/storage/v1/b/{bucket}/defaultObjectAcl/{entity}".format(**module.params) - - -def collection(module): - return "https://www.googleapis.com/storage/v1/b/{bucket}/defaultObjectAcl".format(**module.params) - - -def return_if_object(module, response, kind): - # If not found, return nothing. - if response.status_code == 404: - return None - - # If no content, return nothing. - if response.status_code == 204: - return None - - try: - module.raise_for_status(response) - result = response.json() - except getattr(json.decoder, 'JSONDecodeError', ValueError) as inst: - module.fail_json(msg="Invalid JSON response with error: %s" % inst) - - if navigate_hash(result, ['error', 'errors']): - module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) - if result['kind'] != kind: - module.fail_json(msg="Incorrect result: {kind}".format(**result)) - - return result - - -def is_different(module, response): - request = resource_to_request(module) - response = response_to_hash(module, response) - - # Remove all output-only from response. - response_vals = {} - for k, v in response.items(): - if k in request: - response_vals[k] = v - - request_vals = {} - for k, v in request.items(): - if k in response: - request_vals[k] = v - - return GcpRequest(request_vals) != GcpRequest(response_vals) - - -# Remove unnecessary properties from the response. -# This is for doing comparisons with Ansible's current parameters. -def response_to_hash(module, response): - return { - u'bucket': response.get(u'bucket'), - u'domain': response.get(u'domain'), - u'email': response.get(u'email'), - u'entity': response.get(u'entity'), - u'entityId': response.get(u'entityId'), - u'generation': response.get(u'generation'), - u'id': response.get(u'id'), - u'object': response.get(u'object'), - u'projectTeam': DefaObjeAclProjTeam(response.get(u'projectTeam', {}), module).from_response(), - u'role': response.get(u'role') - } - - -class DefaObjeAclProjTeam(object): - def __init__(self, request, module): - self.module = module - if request: - self.request = request - else: - self.request = {} - - def to_request(self): - return remove_nones_from_dict({ - u'projectNumber': self.request.get('project_number'), - u'team': self.request.get('team') - }) - - def from_response(self): - return remove_nones_from_dict({ - u'projectNumber': self.request.get(u'projectNumber'), - u'team': self.request.get(u'team') - }) - -if __name__ == '__main__': - main() diff --git a/plugins/modules/gcp_storage_object_access_control.py b/plugins/modules/gcp_storage_object_access_control.py deleted file mode 100644 index 3b27d6e..0000000 --- a/plugins/modules/gcp_storage_object_access_control.py +++ /dev/null @@ -1,357 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Copyright (C) 2017 Google -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file at -# https://www.github.com/GoogleCloudPlatform/magic-modules -# -# ---------------------------------------------------------------------------- - -from __future__ import absolute_import, division, print_function -__metaclass__ = type - -################################################################################ -# Documentation -################################################################################ - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ["preview"], - 'supported_by': 'community'} - -DOCUMENTATION = ''' ---- -module: gcp_storage_object_access_control -description: - - The ObjectAccessControls resources represent the Access Control Lists (ACLs) for - objects within Google Cloud Storage. ACLs let you specify who has access to your - data and to what extent. - - 'There are two roles that can be assigned to an entity: READERs can get an object, - though the acl property will not be revealed.' - - OWNERs are READERs, and they can get the acl property, update an object, and call - all objectAccessControls methods on the object. The owner of an object is always - an OWNER. - - For more information, see Access Control, with the caveat that this API uses READER - and OWNER instead of READ and FULL_CONTROL. -short_description: Creates a GCP ObjectAccessControl -version_added: 2.6 -author: Google Inc. (@googlecloudplatform) -requirements: - - python >= 2.6 - - requests >= 2.18.4 - - google-auth >= 1.3.0 -options: - state: - description: - - Whether the given object should exist in GCP - choices: ['present', 'absent'] - default: 'present' - bucket: - description: - - The name of the bucket. - required: true - entity: - description: - - 'The entity holding the permission, in one of the following - forms: user-userId user-email group-groupId group-email - domain-domain project-team-projectId allUsers - allAuthenticatedUsers Examples: The user liz@example.com would be - user-liz@example.com.' - - The group example@googlegroups.com would be group-example@googlegroups.com. - - To refer to all members of the Google Apps for Business domain example.com, the - entity would be domain-example.com. - required: true - entity_id: - description: - - The ID for the entity. - required: false - object: - description: - - The name of the object, if applied to an object. - required: true - project_team: - description: - - The project team associated with the entity. - required: false - suboptions: - project_number: - description: - - The project team associated with the entity. - required: false - team: - description: - - The team. - required: false - choices: ['editors', 'owners', 'viewers'] - role: - description: - - The access permission for the entity. - required: false - choices: ['OWNER', 'READER'] -extends_documentation_fragment: gcp -''' - - -RETURN = ''' - bucket: - description: - - The name of the bucket. - returned: success - type: dict - domain: - description: - - The domain associated with the entity. - returned: success - type: str - email: - description: - - The email address associated with the entity. - returned: success - type: str - entity: - description: - - 'The entity holding the permission, in one of the following - forms: user-userId user-email group-groupId group-email - domain-domain project-team-projectId allUsers - allAuthenticatedUsers Examples: The user liz@example.com would be - user-liz@example.com.' - - The group example@googlegroups.com would be group-example@googlegroups.com. - - To refer to all members of the Google Apps for Business domain example.com, the - entity would be domain-example.com. - returned: success - type: str - entity_id: - description: - - The ID for the entity. - returned: success - type: str - generation: - description: - - The content generation of the object, if applied to an object. - returned: success - type: int - id: - description: - - The ID of the access-control entry. - returned: success - type: str - object: - description: - - The name of the object, if applied to an object. - returned: success - type: str - project_team: - description: - - The project team associated with the entity. - returned: success - type: complex - contains: - project_number: - description: - - The project team associated with the entity. - returned: success - type: str - team: - description: - - The team. - returned: success - type: str - role: - description: - - The access permission for the entity. - returned: success - type: str -''' - -################################################################################ -# Imports -################################################################################ - -from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest, remove_nones_from_dict, replace_resource_dict -import json - -################################################################################ -# Main -################################################################################ - - -def main(): - """Main function""" - - module = GcpModule( - argument_spec=dict( - state=dict(default='present', choices=['present', 'absent'], type='str'), - bucket=dict(required=True, type='dict'), - entity=dict(required=True, type='str'), - entity_id=dict(type='str'), - object=dict(required=True, type='str'), - project_team=dict(type='dict', options=dict( - project_number=dict(type='str'), - team=dict(type='str', choices=['editors', 'owners', 'viewers']) - )), - role=dict(type='str', choices=['OWNER', 'READER']) - ) - ) - - state = module.params['state'] - kind = 'storage#objectAccessControl' - - fetch = fetch_resource(module, self_link(module), kind) - changed = False - - if fetch: - if state == 'present': - if is_different(module, fetch): - fetch = update(module, self_link(module), kind) - changed = True - else: - delete(module, self_link(module), kind) - fetch = {} - changed = True - else: - if state == 'present': - fetch = create(module, collection(module), kind) - changed = True - else: - fetch = {} - - fetch.update({'changed': changed}) - - module.exit_json(**fetch) - - -def create(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.post(link, resource_to_request(module)), kind) - - -def update(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.put(link, resource_to_request(module)), kind) - - -def delete(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.delete(link), kind) - - -def resource_to_request(module): - request = { - u'kind': 'storage#objectAccessControl', - u'bucket': replace_resource_dict(module.params.get(u'bucket', {}), 'name'), - u'entity': module.params.get('entity'), - u'entityId': module.params.get('entity_id'), - u'object': module.params.get('object'), - u'projectTeam': ObjeAcceContProjTeam(module.params.get('project_team', {}), module).to_request(), - u'role': module.params.get('role') - } - return_vals = {} - for k, v in request.items(): - if v: - return_vals[k] = v - - return return_vals - - -def fetch_resource(module, link, kind): - auth = GcpSession(module, 'storage') - return return_if_object(module, auth.get(link), kind) - - -def self_link(module): - return "https://www.googleapis.com/storage/v1/b/{bucket}/o/{object}/acl/{entity}".format(**module.params) - - -def collection(module): - return "https://www.googleapis.com/storage/v1/b/{bucket}/o/{object}/acl".format(**module.params) - - -def return_if_object(module, response, kind): - # If not found, return nothing. - if response.status_code == 404: - return None - - # If no content, return nothing. - if response.status_code == 204: - return None - - try: - module.raise_for_status(response) - result = response.json() - except getattr(json.decoder, 'JSONDecodeError', ValueError) as inst: - module.fail_json(msg="Invalid JSON response with error: %s" % inst) - - if navigate_hash(result, ['error', 'errors']): - module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) - if result['kind'] != kind: - module.fail_json(msg="Incorrect result: {kind}".format(**result)) - - return result - - -def is_different(module, response): - request = resource_to_request(module) - response = response_to_hash(module, response) - - # Remove all output-only from response. - response_vals = {} - for k, v in response.items(): - if k in request: - response_vals[k] = v - - request_vals = {} - for k, v in request.items(): - if k in response: - request_vals[k] = v - - return GcpRequest(request_vals) != GcpRequest(response_vals) - - -# Remove unnecessary properties from the response. -# This is for doing comparisons with Ansible's current parameters. -def response_to_hash(module, response): - return { - u'bucket': response.get(u'bucket'), - u'domain': response.get(u'domain'), - u'email': response.get(u'email'), - u'entity': response.get(u'entity'), - u'entityId': response.get(u'entityId'), - u'generation': response.get(u'generation'), - u'id': response.get(u'id'), - u'object': response.get(u'object'), - u'projectTeam': ObjeAcceContProjTeam(response.get(u'projectTeam', {}), module).from_response(), - u'role': response.get(u'role') - } - - -class ObjeAcceContProjTeam(object): - def __init__(self, request, module): - self.module = module - if request: - self.request = request - else: - self.request = {} - - def to_request(self): - return remove_nones_from_dict({ - u'projectNumber': self.request.get('project_number'), - u'team': self.request.get('team') - }) - - def from_response(self): - return remove_nones_from_dict({ - u'projectNumber': self.request.get(u'projectNumber'), - u'team': self.request.get(u'team') - }) - -if __name__ == '__main__': - main()