From 34bd2562e3f052eb4847b499b497db733bef2341 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Thu, 20 May 2021 17:27:37 +0200
Subject: [PATCH] ipasudorule: Fix category reset for idempotency
A repeated category reset of usercategory, hostcategory, cmdcaterory,
runasusercategory and hostcategory is resulting in the error
"no modifications to be performed".
The empty categories are now removed from the args if the category is
not set in the sudorule.
---
plugins/modules/ipasudorule.py | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/plugins/modules/ipasudorule.py b/plugins/modules/ipasudorule.py
index 49b9a86c..47735480 100644
--- a/plugins/modules/ipasudorule.py
+++ b/plugins/modules/ipasudorule.py
@@ -416,6 +416,32 @@ def main():
if action == "sudorule":
# Found the sudorule
if res_find is not None:
+ # Remove empty usercategory, hostcategory,
+ # cmdcaterory, runasusercategory and hostcategory
+ # from args if "" and if the category is not in the
+ # sudorule. The empty string is used to reset the
+ # category.
+ if "usercategory" in args \
+ and args["usercategory"] == "" \
+ and "usercategory" not in res_find:
+ del args["usercategory"]
+ if "hostcategory" in args \
+ and args["hostcategory"] == "" \
+ and "hostcategory" not in res_find:
+ del args["hostcategory"]
+ if "cmdcategory" in args \
+ and args["cmdcategory"] == "" \
+ and "cmdcategory" not in res_find:
+ del args["cmdcategory"]
+ if "ipasudorunasusercategory" in args \
+ and args["ipasudorunasusercategory"] == "" \
+ and "ipasudorunasusercategory" not in res_find:
+ del args["ipasudorunasusercategory"]
+ if "ipasudorunasgroupcategory" in args \
+ and args["ipasudorunasgroupcategory"] == "" \
+ and "ipasudorunasgroupcategory" not in res_find:
+ del args["ipasudorunasgroupcategory"]
+
# For all settings is args, check if there are
# different settings in the find result.
# If yes: modify
--
GitLab