From f44e33c6b31168091e17c33fa379a258acca44e9 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Mon, 1 Jun 2020 14:40:53 -0300
Subject: [PATCH] Allow the use of multiple values with auth_ind variable.

This patch changes auth_ind variable to receive a list of values
instead of a single one, so that more than one value can be set
at once.

Tests have been updated to reflect the change.
---
 plugins/modules/ipaservice.py  |  2 +-
 tests/service/test_service.yml | 22 +++++++++++++++++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/plugins/modules/ipaservice.py b/plugins/modules/ipaservice.py
index 9468e9dd..f5cf5ddc 100644
--- a/plugins/modules/ipaservice.py
+++ b/plugins/modules/ipaservice.py
@@ -324,7 +324,7 @@ def init_ansible_module():
                            default=None),
             pac_type=dict(type="list", aliases=["ipakrbauthzdata"],
                           choices=["MS-PAC", "PAD", "NONE"]),
-            auth_ind=dict(type="str",
+            auth_ind=dict(type="list",
                           aliases=["krbprincipalauthind"],
                           choices=["otp", "radius", "pkinit", "hardened"]),
             skip_host_check=dict(type="bool"),
diff --git a/tests/service/test_service.yml b/tests/service/test_service.yml
index 10d1285a..3c518055 100644
--- a/tests/service/test_service.yml
+++ b/tests/service/test_service.yml
@@ -113,7 +113,7 @@
         - PAD
       auth_ind: otp
       skip_host_check: no
-      force: no
+      force: yes
       requires_pre_auth: yes
       ok_as_delegate: no
       ok_to_auth_as_delegate: no
@@ -475,6 +475,26 @@
     register: result
     failed_when: result.changed
 
+  - name: Ensure service is present, with multiple auth_ind values.
+    ipaservice:
+      ipaadmin_password: SomeADMINpassword
+      name: "HTTP/{{ svc_fqdn }}"
+      auth_ind: otp,radius
+      skip_host_check: no
+      force: yes
+    register: result
+    failed_when: not result.changed
+
+  - name: Ensure service is present, with multiple auth_ind values, again.
+    ipaservice:
+      ipaadmin_password: SomeADMINpassword
+      name: "HTTP/{{ svc_fqdn }}"
+      auth_ind: otp,radius
+      skip_host_check: no
+      force: yes
+    register: result
+    failed_when: result.changed
+
   # cleanup
 
   - name: Ensure services are absent.
-- 
GitLab