New idoverrideuser management module.

There is a new idoverrideuser management module placed in the plugins folder: plugins/modules/ipaidoverrideuser.py The idoverrideuser module allows to ensure presence and absence of idoverrides for users and certificate members. Here is the documentation for the module: README-idoverrideuser.md New example playbooks have been added: playbooks/idoverrideuser/idoverrideuser-absent.yml playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml playbooks/idoverrideuser/idoverrideuser-certificate-present.yml playbooks/idoverrideuser/idoverrideuser-present.yml New tests for the module can be found at: tests/idoverrideuser/test_idoverrideuser.yml tests/idoverrideuser/test_idoverrideuser_client_context.yml
freeipa · Sep 13, 2023 · 8fb3815 · 8fb3815
1 parent de38e8f
commit 8fb3815
Show file tree

Hide file tree

Showing 10 changed files with 1,653 additions and 0 deletions.
diff --git a/README-idoverrideuser.md b/README-idoverrideuser.md
diff --git a/README.md b/README.md
@@ -30,6 +30,7 @@ Features
 * Modules for hbacsvcgroup management
 * Modules for host management
 * Modules for hostgroup management
+* Modules for idoverrideuser management
 * Modules for idrange management
 * Modules for idview management
 * Modules for location management
@@ -441,6 +442,7 @@ Modules in plugin/modules
 * [ipahbacsvcgroup](README-hbacsvcgroup.md)
 * [ipahost](README-host.md)
 * [ipahostgroup](README-hostgroup.md)
+* [idoverrideuser](README-idoverrideuser.md)
 * [idrange](README-idrange.md)
 * [idview](README-idview.md)
 * [ipalocation](README-location.md)

diff --git a/playbooks/idoverrideuser/idoverrideuser-absent.yml b/playbooks/idoverrideuser/idoverrideuser-absent.yml
@@ -0,0 +1,12 @@
+---
+- name: Playbook to make sure test user test_user is absent in idview test_idview
+ hosts: ipaserver
+ become: false
+
+ tasks:
+ - name: Ensure test user test_user is absent in idview test_idview
+ ipaidoverrideuser:
+ idview: test_idview
+ anchor: test_user
+ continue: true
+ state: absent
diff --git a/playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml b/playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml
@@ -0,0 +1,14 @@
+---
+- name: Playbook to make sure test user test_user certificate member is absent in idview test_idview
+ hosts: ipaserver
+ become: false
+
+ tasks:
+ - name: Ensure test user test_user certificate member is absent in idview test_idview
+ ipaidoverrideuser:
+ idview: test_idview
+ anchor: test_user
+ certificate:
+ - "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
+ action: member
+ state: absent
diff --git a/playbooks/idoverrideuser/idoverrideuser-certificate-present.yml b/playbooks/idoverrideuser/idoverrideuser-certificate-present.yml
@@ -0,0 +1,13 @@
+---
+- name: Playbook to make sure test user test_user certificate member is present in idview test_idview
+ hosts: ipaserver
+ become: false
+
+ tasks:
+ - name: Ensure test user test_user certificate member is present in idview test_idview
+ ipaidoverrideuser:
+ idview: test_idview
+ anchor: test_user
+ certificate:
+ - "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
+ action: member
diff --git a/playbooks/idoverrideuser/idoverrideuser-present.yml b/playbooks/idoverrideuser/idoverrideuser-present.yml
@@ -0,0 +1,10 @@
+---
+- name: Playbook to make sure test user test_user is present in idview test_idview.
+ hosts: ipaserver
+ become: false
+
+ tasks:
+ - name: Ensure test user test_user is present in idview test_idview.
+ ipaidoverrideuser:
+ idview: test_idview
+ anchor: test_user