From 0a604fca78c246d105f95c7e5beefd32bf76db40 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Tue, 25 May 2021 18:35:54 +0200
Subject: [PATCH] group: Reduce addition and deletion of members to changed
only
Use gen_add_list and gen_intersection_list for user, group, service,
externalmember, membermanager_user and membermanager_group member
handling.
The functions are used to reduce the add lists to the new entries
only and the delete lists to the entries that are in the user and
the show list result.
This enables to remove the ignores for "already a member" and
"not a member" errors..
---
plugins/modules/ipagroup.py | 66 ++++++++++++++++++++++++++++++++++---
1 file changed, 61 insertions(+), 5 deletions(-)
diff --git a/plugins/modules/ipagroup.py b/plugins/modules/ipagroup.py
index e7072f08..b44fb65d 100644
--- a/plugins/modules/ipagroup.py
+++ b/plugins/modules/ipagroup.py
@@ -185,7 +185,8 @@ RETURN = """
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.ansible_freeipa_module import temp_kinit, \
temp_kdestroy, valid_creds, api_connect, api_command, compare_args_ipa, \
- api_check_param, module_params_get, gen_add_del_lists, api_check_command
+ api_check_param, module_params_get, gen_add_del_lists, api_check_command, \
+ gen_add_list, gen_intersection_list
def find_group(module, name):
@@ -556,12 +557,43 @@ def main():
"non-external group."
)
+ # Reduce add lists for member_user, member_group,
+ # member_service and member_external to new entries
+ # only that are not in res_find.
+ if user is not None and "member_user" in res_find:
+ user = gen_add_list(
+ user, res_find["member_user"])
+ if group is not None and "member_group" in res_find:
+ group = gen_add_list(
+ group, res_find["member_group"])
+ if service is not None and "member_service" in res_find:
+ service = gen_add_list(
+ service, res_find["member_service"])
+ if externalmember is not None \
+ and "member_external" in res_find:
+ externalmember = gen_add_list(
+ externalmember, res_find["member_external"])
+
if any([user, group, service, externalmember]):
commands.append(
[name, "group_add_member", add_member_args]
)
if has_add_membermanager:
+ # Reduce add list for membermanager_user and
+ # membermanager_group to new entries only that are
+ # not in res_find.
+ if membermanager_user is not None \
+ and "membermanager_user" in res_find:
+ membermanager_user = gen_add_list(
+ membermanager_user,
+ res_find["membermanager_user"])
+ if membermanager_group is not None \
+ and "membermanager_group" in res_find:
+ membermanager_group = gen_add_list(
+ membermanager_group,
+ res_find["membermanager_group"])
+
# Add membermanager users and groups
if membermanager_user is not None or \
membermanager_group is not None:
@@ -596,12 +628,40 @@ def main():
"non-external group."
)
+ # Reduce del lists of member_user, member_group,
+ # member_service and member_external to the entries only
+ # that are in res_find.
+ if user is not None:
+ user = gen_intersection_list(
+ user, res_find.get("member_user"))
+ if group is not None:
+ group = gen_intersection_list(
+ group, res_find.get("member_group"))
+ if service is not None:
+ service = gen_intersection_list(
+ service, res_find.get("member_service"))
+ if externalmember is not None:
+ externalmember = gen_intersection_list(
+ externalmember, res_find.get("member_external"))
+
if any([user, group, service, externalmember]):
commands.append(
[name, "group_remove_member", del_member_args]
)
if has_add_membermanager:
+ # Reduce del lists of membermanager_user and
+ # membermanager_group to the entries only that are
+ # in res_find.
+ if membermanager_user is not None:
+ membermanager_user = gen_intersection_list(
+ membermanager_user,
+ res_find.get("membermanager_user"))
+ if membermanager_group is not None:
+ membermanager_group = gen_intersection_list(
+ membermanager_group,
+ res_find.get("membermanager_group"))
+
# Remove membermanager users and groups
if membermanager_user is not None or \
membermanager_group is not None:
@@ -635,16 +695,12 @@ def main():
ansible_module.fail_json(msg="%s: %s: %s" % (command, name,
str(e)))
# Get all errors
- # All "already a member" and "not a member" failures in the
# result are ignored. All others are reported.
errors = []
for failed_item in result.get("failed", []):
failed = result["failed"][failed_item]
for member_type in failed:
for member, failure in failed[member_type]:
- if "already a member" in failure \
- or "not a member" in failure:
- continue
errors.append("%s: %s %s: %s" % (
command, member_type, member, failure))
if len(errors) > 0:
--
GitLab