New idoverrideuser management module.

There is a new idoverrideuser management module placed in the plugins folder: plugins/modules/ipaidoverrideuser.py The idoverrideuser module allows to ensure presence and absence of idoverrides for users and certificate members. Here is the documentation for the module: README-idoverrideuser.md New example playbooks have been added: playbooks/idoverrideuser/idoverrideuser-absent.yml playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml playbooks/idoverrideuser/idoverrideuser-certificate-present.yml playbooks/idoverrideuser/idoverrideuser-present.yml New tests for the module can be found at: tests/idoverrideuser/test_idoverrideuser.yml tests/idoverrideuser/test_idoverrideuser_client_context.yml
freeipa · Sep 15, 2023 · c0692e1 · c0692e1
1 parent de38e8f
commit c0692e1
Show file tree

Hide file tree

Showing 10 changed files with 1,736 additions and 0 deletions.
diff --git a/README-idoverrideuser.md b/README-idoverrideuser.md
diff --git a/README.md b/README.md
@@ -30,6 +30,7 @@ Features
 * Modules for hbacsvcgroup management
 * Modules for host management
 * Modules for hostgroup management
+* Modules for idoverrideuser management
 * Modules for idrange management
 * Modules for idview management
 * Modules for location management
@@ -441,6 +442,7 @@ Modules in plugin/modules
 * [ipahbacsvcgroup](README-hbacsvcgroup.md)
 * [ipahost](README-host.md)
 * [ipahostgroup](README-hostgroup.md)
+* [idoverrideuser](README-idoverrideuser.md)
 * [idrange](README-idrange.md)
 * [idview](README-idview.md)
 * [ipalocation](README-location.md)

diff --git a/playbooks/idoverrideuser/idoverrideuser-absent.yml b/playbooks/idoverrideuser/idoverrideuser-absent.yml
@@ -0,0 +1,13 @@
+---
+- name: Playbook to manage idoverrideuser
+  hosts: ipaserver
+  become: false
+
+  tasks:
+  - name: Ensure test user test_user is absent in idview test_idview
+    ipaidoverrideuser:
+      ipaadmin_password: SomeADMINpassword
+      idview: test_idview
+      anchor: test_user
+      continue: true
+      state: absent
diff --git a/playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml b/playbooks/idoverrideuser/idoverrideuser-certificate-absent.yml
@@ -0,0 +1,15 @@
+---
+- name: Playbook to manage idoverrideuser
+  hosts: ipaserver
+  become: false
+
+  tasks:
+  - name: Ensure test user test_user certificate member is absent in idview test_idview
+    ipaidoverrideuser:
+      ipaadmin_password: SomeADMINpassword
+      idview: test_idview
+      anchor: test_user
+      certificate:
+      - "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
+      action: member
+      state: absent
diff --git a/playbooks/idoverrideuser/idoverrideuser-certificate-present.yml b/playbooks/idoverrideuser/idoverrideuser-certificate-present.yml
@@ -0,0 +1,14 @@
+---
+- name: Playbook to manage idoverrideuser
+  hosts: ipaserver
+  become: false
+
+  tasks:
+  - name: Ensure test user test_user certificate member is present in idview test_idview
+    ipaidoverrideuser:
+      ipaadmin_password: SomeADMINpassword
+      idview: test_idview
+      anchor: test_user
+      certificate:
+      - "{{ lookup('file', 'cert1.b64', rstrip=False) }}"
+      action: member
diff --git a/playbooks/idoverrideuser/idoverrideuser-present.yml b/playbooks/idoverrideuser/idoverrideuser-present.yml
@@ -0,0 +1,11 @@
+---
+- name: Playbook to manage idoverrideuser
+  hosts: ipaserver
+  become: false
+
+  tasks:
+  - name: Ensure test user test_user is present in idview test_idview.
+    ipaidoverrideuser:
+      ipaadmin_password: SomeADMINpassword
+      idview: test_idview
+      anchor: test_user