From 212719496ca4dc45a8a249532b73e6cba75ed119 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 16 Oct 2023 11:11:20 +0200
Subject: [PATCH] ipaidview: Fail to apply unknown (invalid) hosts

The task to apply an unknown (invalid) host to an idview was not failing
as expected and only reported no change.

A new host verification step has been added to fail before trying to
apply invalid hosts. unapplying an invalid host is not failing as the
invalid host is indeed not applied.
---
 plugins/modules/ipaidview.py | 13 ++++++++++++-
 tests/idview/test_idview.yml | 22 ++++++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/plugins/modules/ipaidview.py b/plugins/modules/ipaidview.py
index b7065155..9a10eef9 100644
--- a/plugins/modules/ipaidview.py
+++ b/plugins/modules/ipaidview.py
@@ -127,7 +127,7 @@ RETURN = """
 
 from ansible.module_utils.ansible_freeipa_module import \
     IPAAnsibleModule, compare_args_ipa, gen_add_del_lists, gen_add_list, \
-    gen_intersection_list
+    gen_intersection_list, ipalib_errors
 from ansible.module_utils import six
 
 if six.PY3:
@@ -144,6 +144,14 @@ def find_idview(module, name):
     return _result["result"]
 
 
+def valid_host(module, name):
+    try:
+        module.ipa_command("host_show", name, {})
+    except ipalib_errors.NotFound:
+        return False
+    return True
+
+
 def gen_args(description, domain_resolution_order):
     _args = {}
     if description is not None:
@@ -327,6 +335,9 @@ def main():
 
             # Add members
             if host_add:
+                for host in host_add:
+                    if not valid_host(ansible_module, host):
+                        ansible_module.fail_json("Invalid host '%s'" % host)
                 commands.append([name, "idview_apply", {"host": host_add}])
 
             # Remove members
diff --git a/tests/idview/test_idview.yml b/tests/idview/test_idview.yml
index 8e70dc6a..8ef75e09 100644
--- a/tests/idview/test_idview.yml
+++ b/tests/idview/test_idview.yml
@@ -25,6 +25,7 @@
     ansible.builtin.set_fact:
       host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
       host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
+      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
 
   # CLEANUP TEST ITEMS
 
@@ -182,6 +183,27 @@
     register: result
     failed_when: result.changed or result.failed
 
+  - name: Ensure invalid host "{{ host3_fqdn }}" fails to applied to idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+    register: result
+    failed_when: result.changed or not result.failed or
+                 "Invalid host" not in result.msg or
+                 host3_fqdn not in result.msg
+
+  - name: Ensure invalid host "{{ host3_fqdn }}" does not fail to unapply from idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+      state: absent
+    register: result
+    failed_when: result.changed or result.failed
+
   - name: Ensure host "{{ host2_fqdn }}" is applied to idview test1_idview
     ipaidview:
       name: test1_idview
-- 
GitLab