ipapwpolicy: Updated module documentation.

Most of ipapwpolicy parameters can be set to an empty string ("") so that the policy is not applied to pwpolicy. This was not refelected on the documentation. This change adds 'or ""' to all the fields that can be disabled by setting it to an empty string. Also, `data types were reviewed and fixed.

ipapwpolicy: Updated module documentation.
7b2701b9 · Rafael Guterres Jeffman · 694c7178 · 7b2701b9 · 7b2701b9
Commit 7b2701b9 authored 2 years ago by Rafael Guterres Jeffman
--- a/README-pwpolicy.md
+++ b/README-pwpolicy.md
@@ -128,20 +128,20 @@ Variable | Description | Required
 `ipaapi_context` | The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are `server` and `client`. | no
 `ipaapi_ldap_cache` | Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no
 `name` \| `cn` | The list of pwpolicy name strings. If name is not given, `global_policy` will be used automatically. | no
-`maxlife` \| `krbmaxpwdlife` | Maximum password lifetime in days. (int) | no
+`maxlife` \| `krbmaxpwdlife` | Maximum password lifetime in days. (int or "") | no
-`minlife` \| `krbminpwdlife` | Minimum password lifetime in hours. (int) | no
+`minlife` \| `krbminpwdlife` | Minimum password lifetime in hours. (int or "") | no
-`history` \| `krbpwdhistorylength` | Password history size. (int) | no
+`history` \| `krbpwdhistorylength` | Password history size. (int or "") | no
-`minclasses` \| `krbpwdmindiffchars` | Minimum number of character classes. (int) | no
+`minclasses` \| `krbpwdmindiffchars` | Minimum number of character classes. (int or "") | no
-`minlength` \| `krbpwdminlength` | Minimum length of password. (int) | no
+`minlength` \| `krbpwdminlength` | Minimum length of password. (int or "") | no
-`priority` \| `cospriority` | Priority of the policy, higher number means lower priority. (int) | no
+`priority` \| `cospriority` | Priority of the policy, higher number means lower priority. (int or "") | no
-`maxfail` \| `krbpwdmaxfailure` | Consecutive failures before lockout. (int) | no
+`maxfail` \| `krbpwdmaxfailure` | Consecutive failures before lockout. (int or "") | no
-`failinterval` \| `krbpwdfailurecountinterval` | Period after which failure count will be reset in seconds. (int) | no
+`failinterval` \| `krbpwdfailurecountinterval` | Period after which failure count will be reset in seconds. (int or "") | no
-`lockouttime` \| `krbpwdlockoutduration` | Period for which lockout is enforced in seconds. (int) | no
+`lockouttime` \| `krbpwdlockoutduration` | Period for which lockout is enforced in seconds. (int or "") | no
-`maxrepeat` \| `ipapwdmaxrepeat` | Maximum number of same consecutive characters. Requires IPA 4.9+ (int) | no
+`maxrepeat` \| `ipapwdmaxrepeat` | Maximum number of same consecutive characters. Requires IPA 4.9+ (int or "") | no
-`maxsequence` \| `ipapwdmaxsequence` |  The maximum length of monotonic character sequences (abcd). Requires IPA 4.9+ (int) | no
+`maxsequence` \| `ipapwdmaxsequence` |  The maximum length of monotonic character sequences (abcd). Requires IPA 4.9+ (int or "") | no
-`dictcheck` \| `ipapwdictcheck` | Check if the password is a dictionary word. Requires IPA 4.9+ (int) | no
+`dictcheck` \| `ipapwdictcheck` | Check if the password is a dictionary word. Requires IPA 4.9+. (bool or "") | no
-`usercheck` \| `ipapwdusercheck` | Check if the password contains the username. Requires IPA 4.9+ (int) | no
+`usercheck` \| `ipapwdusercheck` | Check if the password contains the username. Requires IPA 4.9+. (bool or "") | no
-`gracelimit` \| `passwordgracelimit` |  Number of LDAP authentications allowed after expiration. Requires IPA 4.9.10 (int) | no
+`gracelimit` \| `passwordgracelimit` |  Number of LDAP authentications allowed after expiration. Requires IPA 4.9.10 (int or "") | no
 `state` | The state to ensure. It can be one of `present` or `absent`, default: `present`. | yes

--- a/plugins/modules/ipapwpolicy.py
+++ b/plugins/modules/ipapwpolicy.py
@@ -45,82 +45,84 @@ options:
    required: false
    aliases: ["cn"]
  maxlife:
-    description: Maximum password lifetime (in days)
+    description: Maximum password lifetime (in days). (int or "")
    type: str
    required: false
    aliases: ["krbmaxpwdlife"]
  minlife:
-    description: Minimum password lifetime (in hours)
+    description: Minimum password lifetime (in hours). (int or "")
    type: str
    required: false
    aliases: ["krbminpwdlife"]
  history:
-    description: Password history size
+    description: Password history size. (int or "")
    type: str
    required: false
    aliases: ["krbpwdhistorylength"]
  minclasses:
-    description: Minimum number of character classes
+    description: Minimum number of character classes. (int or "")
    type: str
    required: false
    aliases: ["krbpwdmindiffchars"]
  minlength:
-    description: Minimum length of password
+    description: Minimum length of password. (int or "")
    type: str
    required: false
    aliases: ["krbpwdminlength"]
  priority:
-    description: Priority of the policy (higher number means lower priority)
+    description: >
+      Priority of the policy (higher number means lower priority). (int or "")
    type: str
    required: false
    aliases: ["cospriority"]
  maxfail:
-    description: Consecutive failures before lockout
+    description: Consecutive failures before lockout. (int or "")
    type: str
    required: false
    aliases: ["krbpwdmaxfailure"]
  failinterval:
-    description: Period after which failure count will be reset (seconds)
+    description: >
+      Period after which failure count will be reset (seconds). (int or "")
    type: str
    required: false
    aliases: ["krbpwdfailurecountinterval"]
  lockouttime:
-    description: Period for which lockout is enforced (seconds)
+    description: Period for which lockout is enforced (seconds). (int or "")
    type: str
    required: false
    aliases: ["krbpwdlockoutduration"]
  maxrepeat:
    description: >
      Maximum number of same consecutive characters.
-      Requires IPA 4.9+
+      Requires IPA 4.9+. (int or "")
    type: str
    required: false
    aliases: ["ipapwdmaxrepeat"]
  maxsequence:
    description: >
      The maximum length of monotonic character sequences (abcd).
-      Requires IPA 4.9+
+      Requires IPA 4.9+. (int or "")
    type: str
    required: false
    aliases: ["ipapwdmaxsequence"]
  dictcheck:
    description: >
      Check if the password is a dictionary word.
-      Requires IPA 4.9+
+      Requires IPA 4.9+. (bool or "")
    type: str
    required: false
    aliases: ["ipapwdictcheck"]
  usercheck:
    description: >
      Check if the password contains the username.
-      Requires IPA 4.9+
+      Requires IPA 4.9+. (bool or "")
    type: str
    required: false
    aliases: ["ipapwdusercheck"]
  gracelimit:
    description: >
      Number of LDAP authentications allowed after expiration.
-      Requires IPA 4.10.1+
+      Requires IPA 4.10.1+. (int or "")
    type: str
    required: false
    aliases: ["passwordgracelimit"]