From 3d13e7b6c0094bb444db3c60914bf2a3d4200ad8 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Tue, 7 Sep 2021 16:14:29 +0200
Subject: [PATCH] user: Use execute_ipa_commands
execute_ipa_commands replces the check mode exit, the loop over the
generated commands and also in the member failure handling for modules
with member support.
---
plugins/modules/ipauser.py | 93 ++++++++++++++++++--------------------
1 file changed, 43 insertions(+), 50 deletions(-)
diff --git a/plugins/modules/ipauser.py b/plugins/modules/ipauser.py
index 7e44a3f3..1ffee448 100644
--- a/plugins/modules/ipauser.py
+++ b/plugins/modules/ipauser.py
@@ -716,6 +716,46 @@ def gen_certmapdata_args(certmapdata):
return {"ipacertmapdata": to_text(certmapdata)}
+# pylint: disable=unused-argument
+def result_handler(module, result, command, name, args, errors, exit_args,
+ one_name):
+
+ if "random" in args and command in ["user_add", "user_mod"] \
+ and "randompassword" in result["result"]:
+ if one_name:
+ exit_args["randompassword"] = \
+ result["result"]["randompassword"]
+ else:
+ exit_args.setdefault(name, {})["randompassword"] = \
+ result["result"]["randompassword"]
+
+ # Get all errors
+ # All "already a member" and "not a member" failures in the
+ # result are ignored. All others are reported.
+ if "failed" in result and len(result["failed"]) > 0:
+ for item in result["failed"]:
+ failed_item = result["failed"][item]
+ for member_type in failed_item:
+ for member, failure in failed_item[member_type]:
+ if "already a member" in failure \
+ or "not a member" in failure:
+ continue
+ errors.append("%s: %s %s: %s" % (
+ command, member_type, member, failure))
+
+
+# pylint: disable=unused-argument
+def exception_handler(module, ex, errors, exit_args, one_name):
+ msg = str(ex)
+ if "already contains" in msg \
+ or "does not contain" in msg:
+ return True
+ # The canonical principal name may not be removed
+ if "equal to the canonical principal name must" in msg:
+ return True
+ return False
+
+
def main():
user_spec = dict(
# present
@@ -1359,58 +1399,11 @@ def main():
del user_set
- # Check mode exit
- if ansible_module.check_mode:
- ansible_module.exit_json(changed=len(commands) > 0, **exit_args)
-
# Execute commands
- errors = []
- for name, command, args in commands:
- try:
- result = ansible_module.ipa_command(command, name, args)
- if "completed" in result:
- if result["completed"] > 0:
- changed = True
- else:
- changed = True
-
- if "random" in args and command in ["user_add", "user_mod"] \
- and "randompassword" in result["result"]:
- if len(names) == 1:
- exit_args["randompassword"] = \
- result["result"]["randompassword"]
- else:
- exit_args.setdefault(name, {})["randompassword"] = \
- result["result"]["randompassword"]
-
- except Exception as e:
- msg = str(e)
- if "already contains" in msg \
- or "does not contain" in msg:
- continue
- # The canonical principal name may not be removed
- if "equal to the canonical principal name must" in msg:
- continue
- ansible_module.fail_json(msg="%s: %s: %s" % (command, name,
- msg))
-
- # Get all errors
- # All "already a member" and "not a member" failures in the
- # result are ignored. All others are reported.
- if "failed" in result and len(result["failed"]) > 0:
- for item in result["failed"]:
- failed_item = result["failed"][item]
- for member_type in failed_item:
- for member, failure in failed_item[member_type]:
- if "already a member" in failure \
- or "not a member" in failure:
- continue
- errors.append("%s: %s %s: %s" % (
- command, member_type, member, failure))
-
- if len(errors) > 0:
- ansible_module.fail_json(msg=", ".join(errors))
+ changed = ansible_module.execute_ipa_commands(
+ commands, result_handler, exception_handler,
+ exit_args=exit_args, one_name=len(names) == 1)
# Done
ansible_module.exit_json(changed=changed, user=exit_args)
--
GitLab