__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
# -*- coding: utf-8 -*-
#
# Copyright (c) 2015, René Moser <mail@renemoser.net>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
module: cs_user
short_description: Manages users on Apache CloudStack based clouds.
description:
- Create, update, disable, lock, enable and remove users.
author: René Moser (@resmo)
version_added: 0.1.0
options:
username:
description:
- Username of the user.
type: str
required: true
account:
description:
- Account the user will be created under.
- Required on I(state=present).
type: str
password:
description:
- Password of the user to be created.
- Required on I(state=present).
- Only considered on creation and will not be updated if user exists.
type: str
first_name:
description:
- First name of the user.
- Required on I(state=present).
type: str
last_name:
description:
- Last name of the user.
- Required on I(state=present).
type: str
email:
description:
- Email of the user.
- Required on I(state=present).
type: str
timezone:
description:
- Timezone of the user.
type: str
keys_registered:
description:
- If API keys of the user should be generated.
- "Note: Keys can not be removed by the API again."
type: bool
default: no
domain:
description:
- Domain the user is related to.
type: str
default: ROOT
state:
description:
- State of the user.
- C(unlocked) is an alias for C(enabled).
type: str
default: present
choices: [ present, absent, enabled, disabled, locked, unlocked ]
poll_async:
description:
- Poll async jobs until job has finished.
type: bool
default: yes
extends_documentation_fragment:
- ngine_io.cloudstack.cloudstack
'''
EXAMPLES = '''
- name: Create an user in domain 'CUSTOMERS'
ngine_io.cloudstack.cs_user:
account: developers
username: johndoe
password: S3Cur3
last_name: Doe
first_name: John
email: john.doe@example.com
domain: CUSTOMERS
- name: Lock an existing user in domain 'CUSTOMERS'
ngine_io.cloudstack.cs_user:
username: johndoe
domain: CUSTOMERS
state: locked
- name: Disable an existing user in domain 'CUSTOMERS'
ngine_io.cloudstack.cs_user:
username: johndoe
domain: CUSTOMERS
state: disabled
- name: Enable/unlock an existing user in domain 'CUSTOMERS'
ngine_io.cloudstack.cs_user:
username: johndoe
domain: CUSTOMERS
state: enabled
- name: Remove an user in domain 'CUSTOMERS'
ngine_io.cloudstack.cs_user:
name: customer_xy
domain: CUSTOMERS
state: absent
'''
RETURN = '''
---
id:
description: UUID of the user.
returned: success
type: str
sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8
username:
description: Username of the user.
returned: success
type: str
sample: johndoe
fist_name:
description: First name of the user.
returned: success
type: str
sample: John
last_name:
description: Last name of the user.
returned: success
type: str
sample: Doe
email:
description: Emailof the user.
returned: success
type: str
sample: john.doe@example.com
user_api_key:
description: API key of the user.
returned: success
type: str
sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg
user_api_secret:
description: API secret of the user.
returned: success
type: str
sample: FUELo3LB9fa1UopjTLPdqLv_6OXQMJZv9g9N4B_Ao3HFz8d6IGFCV9MbPFNM8mwz00wbMevja1DoUNDvI8C9-g
account:
description: Account name of the user.
returned: success
type: str
sample: developers
account_type:
description: Type of the account.
returned: success
type: str
sample: user
timezone:
description: Timezone of the user.
returned: success
type: str
sample: enabled
created:
description: Date the user was created.
returned: success
type: str
sample: Doe
state:
description: State of the user.
returned: success
type: str
sample: enabled
domain:
description: Domain the user is related.
returned: success
type: str
sample: ROOT
'''
from ansible.module_utils.basic import AnsibleModule
from ..module_utils.cloudstack import (AnsibleCloudStack, cs_argument_spec,
cs_required_together)
class AnsibleCloudStackUser(AnsibleCloudStack):
def __init__(self, module):
super(AnsibleCloudStackUser, self).__init__(module)
self.returns = {
'username': 'username',
'firstname': 'first_name',
'lastname': 'last_name',
'email': 'email',
'secretkey': 'user_api_secret',
'apikey': 'user_api_key',
'timezone': 'timezone',
}
self.account_types = {
'user': 0,
'root_admin': 1,
'domain_admin': 2,
}
self.user = None
def get_account_type(self):
account_type = self.module.params.get('account_type')
return self.account_types[account_type]
def get_user(self):
if not self.user:
args = {
'domainid': self.get_domain('id'),
'fetch_list': True,
}
users = self.query_api('listUsers', **args)
if users:
user_name = self.module.params.get('username')
for u in users:
if user_name.lower() == u['username'].lower():
self.user = u
break
return self.user
def enable_user(self):
user = self.get_user()
if not user:
user = self.present_user()
if user['state'].lower() != 'enabled':
self.result['changed'] = True
args = {
'id': user['id'],
}
if not self.module.check_mode:
res = self.query_api('enableUser', **args)
user = res['user']
return user
def lock_user(self):
user = self.get_user()
if not user:
user = self.present_user()
# we need to enable the user to lock it.
if user['state'].lower() == 'disabled':
user = self.enable_user()
if user['state'].lower() != 'locked':
self.result['changed'] = True
args = {
'id': user['id'],
}
if not self.module.check_mode:
res = self.query_api('lockUser', **args)
user = res['user']
return user
def disable_user(self):
user = self.get_user()
if not user:
user = self.present_user()
if user['state'].lower() != 'disabled':
self.result['changed'] = True
args = {
'id': user['id'],
}
if not self.module.check_mode:
user = self.query_api('disableUser', **args)
poll_async = self.module.params.get('poll_async')
if poll_async:
user = self.poll_job(user, 'user')
return user
def present_user(self):
required_params = [
'account',
'email',
'password',
'first_name',
'last_name',
]
self.module.fail_on_missing_params(required_params=required_params)
user = self.get_user()
if user:
user = self._update_user(user)
else:
user = self._create_user(user)
return user
def _get_common_args(self):
return {
'firstname': self.module.params.get('first_name'),
'lastname': self.module.params.get('last_name'),
'email': self.module.params.get('email'),
'timezone': self.module.params.get('timezone'),
}
def _create_user(self, user):
self.result['changed'] = True
args = self._get_common_args()
args.update({
'account': self.get_account(key='name'),
'domainid': self.get_domain('id'),
'username': self.module.params.get('username'),
'password': self.module.params.get('password'),
})
if not self.module.check_mode:
res = self.query_api('createUser', **args)
user = res['user']
# register user api keys
if self.module.params.get('keys_registered'):
res = self.query_api('registerUserKeys', id=user['id'])
user.update(res['userkeys'])
return user
def _update_user(self, user):
args = self._get_common_args()
args.update({
'id': user['id'],
})
if self.has_changed(args, user):
self.result['changed'] = True
if not self.module.check_mode:
res = self.query_api('updateUser', **args)
user = res['user']
# register user api keys
if 'apikey' not in user and self.module.params.get('keys_registered'):
self.result['changed'] = True
if not self.module.check_mode:
res = self.query_api('registerUserKeys', id=user['id'])
user.update(res['userkeys'])
return user
def absent_user(self):
user = self.get_user()
if user:
self.result['changed'] = True
if not self.module.check_mode:
self.query_api('deleteUser', id=user['id'])
return user
def get_result(self, resource):
super(AnsibleCloudStackUser, self).get_result(resource)
if resource:
if 'accounttype' in resource:
for key, value in self.account_types.items():
if value == resource['accounttype']:
self.result['account_type'] = key
break
# secretkey has been removed since CloudStack 4.10 from listUsers API
if self.module.params.get('keys_registered') and 'apikey' in resource and 'secretkey' not in resource:
user_keys = self.query_api('getUserKeys', id=resource['id'])
if user_keys:
self.result['user_api_secret'] = user_keys['userkeys'].get('secretkey')
return self.result
def main():
argument_spec = cs_argument_spec()
argument_spec.update(dict(
username=dict(required=True),
account=dict(),
state=dict(choices=['present', 'absent', 'enabled', 'disabled', 'locked', 'unlocked'], default='present'),
domain=dict(default='ROOT'),
email=dict(),
first_name=dict(),
last_name=dict(),
password=dict(no_log=True),
timezone=dict(),
keys_registered=dict(type='bool', default=False),
poll_async=dict(type='bool', default=True),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_together=cs_required_together(),
supports_check_mode=True
)
acs_acc = AnsibleCloudStackUser(module)
state = module.params.get('state')
if state == 'absent':
user = acs_acc.absent_user()
elif state in ['enabled', 'unlocked']:
user = acs_acc.enable_user()
elif state == 'disabled':
user = acs_acc.disable_user()
elif state == 'locked':
user = acs_acc.lock_user()
else:
user = acs_acc.present_user()
result = acs_acc.get_result(user)
module.exit_json(**result)
if __name__ == '__main__':
main()
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| __pycache__ | Folder | 0755 |
|
|
| __init__.py | File | 0 B | 0644 |
|
| cs_account.py | File | 13.02 KB | 0644 |
|
| cs_affinitygroup.py | File | 6.37 KB | 0644 |
|
| cs_cluster.py | File | 10.71 KB | 0644 |
|
| cs_configuration.py | File | 7.77 KB | 0644 |
|
| cs_disk_offering.py | File | 11.04 KB | 0644 |
|
| cs_domain.py | File | 6.39 KB | 0644 |
|
| cs_facts.py | File | 7.48 KB | 0644 |
|
| cs_firewall.py | File | 13.35 KB | 0644 |
|
| cs_host.py | File | 17.08 KB | 0644 |
|
| cs_image_store.py | File | 6.87 KB | 0644 |
|
| cs_instance.py | File | 40.2 KB | 0644 |
|
| cs_instance_info.py | File | 11.64 KB | 0644 |
|
| cs_instance_nic.py | File | 7.33 KB | 0644 |
|
| cs_instance_nic_secondaryip.py | File | 7.41 KB | 0644 |
|
| cs_instance_password_reset.py | File | 3.87 KB | 0644 |
|
| cs_instancegroup.py | File | 4.66 KB | 0644 |
|
| cs_ip_address.py | File | 8.3 KB | 0644 |
|
| cs_iso.py | File | 12.65 KB | 0644 |
|
| cs_loadbalancer_rule.py | File | 10.25 KB | 0644 |
|
| cs_loadbalancer_rule_member.py | File | 9.1 KB | 0644 |
|
| cs_network.py | File | 18.44 KB | 0644 |
|
| cs_network_acl.py | File | 5.01 KB | 0644 |
|
| cs_network_acl_rule.py | File | 13.9 KB | 0644 |
|
| cs_network_offering.py | File | 15.52 KB | 0644 |
|
| cs_physical_network.py | File | 14.51 KB | 0644 |
|
| cs_pod.py | File | 7.1 KB | 0644 |
|
| cs_portforward.py | File | 12.46 KB | 0644 |
|
| cs_project.py | File | 7.3 KB | 0644 |
|
| cs_region.py | File | 4.65 KB | 0644 |
|
| cs_resourcelimit.py | File | 5.31 KB | 0644 |
|
| cs_role.py | File | 5.11 KB | 0644 |
|
| cs_role_permission.py | File | 9.53 KB | 0644 |
|
| cs_router.py | File | 9.76 KB | 0644 |
|
| cs_securitygroup.py | File | 5.1 KB | 0644 |
|
| cs_securitygroup_rule.py | File | 12.48 KB | 0644 |
|
| cs_service_offering.py | File | 17.56 KB | 0644 |
|
| cs_snapshot_policy.py | File | 10.31 KB | 0644 |
|
| cs_sshkeypair.py | File | 8.17 KB | 0644 |
|
| cs_staticnat.py | File | 6.65 KB | 0644 |
|
| cs_storage_pool.py | File | 14.88 KB | 0644 |
|
| cs_template.py | File | 23.38 KB | 0644 |
|
| cs_traffic_type.py | File | 9.89 KB | 0644 |
|
| cs_user.py | File | 11.46 KB | 0644 |
|
| cs_vlan_ip_range.py | File | 10.81 KB | 0644 |
|
| cs_vmsnapshot.py | File | 7.6 KB | 0644 |
|
| cs_volume.py | File | 16.71 KB | 0644 |
|
| cs_vpc.py | File | 11.02 KB | 0644 |
|
| cs_vpc_offering.py | File | 9.69 KB | 0644 |
|
| cs_vpn_connection.py | File | 10.14 KB | 0644 |
|
| cs_vpn_customer_gateway.py | File | 10.54 KB | 0644 |
|
| cs_vpn_gateway.py | File | 5.33 KB | 0644 |
|
| cs_zone.py | File | 9.64 KB | 0644 |
|
| cs_zone_info.py | File | 5.27 KB | 0644 |
|