mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-07 05:43:26 +00:00
Merge pull request #779 from t-woerner/module_params_get_fail_empty_str_in_list
module_params_get*: Fail on empty string in string list parameters
This commit is contained in:
Varun Mylaraiah
GitHub
@@ -346,11 +346,13 @@ def main():
|
||||
"ca_renewal_master_server": "ca_renewal_master_server",
|
||||
"domain_resolution_order": "ipadomainresolutionorder"
|
||||
}
|
||||
allow_empty_string = ["pac_type", "user_auth_type", "configstring"]
|
||||
reverse_field_map = {v: k for k, v in field_map.items()}
|
||||
|
||||
params = {}
|
||||
for x in field_map:
|
||||
val = ansible_module.params_get(x)
|
||||
val = ansible_module.params_get(
|
||||
x, allow_empty_string=(x in allow_empty_string))
|
||||
|
||||
if val is not None:
|
||||
params[field_map.get(x, x)] = val
|
||||
@@ -401,6 +403,10 @@ def main():
|
||||
k: v for k, v in params.items()
|
||||
if k not in result or result[k] != v
|
||||
}
|
||||
# Remove empty string args from params if result arg is not set
|
||||
for k in ["ipakrbauthzdata", "ipauserauthtype", "ipaconfigstring"]:
|
||||
if k not in result and k in params and params[k] == [""]:
|
||||
del params[k]
|
||||
if params \
|
||||
and not compare_args_ipa(ansible_module, params, result):
|
||||
changed = True
|
||||
@@ -441,6 +447,13 @@ def main():
|
||||
raise ValueError(
|
||||
"Unexpected attribute type: %s" % arg_type)
|
||||
exit_args[k] = type_map[arg_type](value)
|
||||
# Add empty pac_type and user_auth_type if they are not set
|
||||
for key in ["pac_type", "user_auth_type"]:
|
||||
if key not in exit_args:
|
||||
exit_args[key] = ""
|
||||
# Add empty domain_resolution_order if it is not set
|
||||
if "domain_resolution_order" not in exit_args:
|
||||
exit_args["domain_resolution_order"] = []
|
||||
|
||||
# Done
|
||||
ansible_module.exit_json(changed=changed, config=exit_args)
|
||||
|
||||
@@ -764,7 +764,7 @@ def main():
|
||||
mac_address = ansible_module.params_get("mac_address")
|
||||
sshpubkey = ansible_module.params_get("sshpubkey")
|
||||
userclass = ansible_module.params_get("userclass")
|
||||
auth_ind = ansible_module.params_get("auth_ind")
|
||||
auth_ind = ansible_module.params_get("auth_ind", allow_empty_string=True)
|
||||
requires_pre_auth = ansible_module.params_get("requires_pre_auth")
|
||||
ok_as_delegate = ansible_module.params_get("ok_as_delegate")
|
||||
ok_to_auth_as_delegate = ansible_module.params_get(
|
||||
|
||||
@@ -50,13 +50,13 @@ options:
|
||||
pac_type:
|
||||
description: Supported PAC type.
|
||||
required: false
|
||||
choices: ["MS-PAC", "PAD", "NONE"]
|
||||
choices: ["MS-PAC", "PAD", "NONE", ""]
|
||||
type: list
|
||||
aliases: ["pac_type", "ipakrbauthzdata"]
|
||||
auth_ind:
|
||||
description: Defines a whitelist for Authentication Indicators.
|
||||
required: false
|
||||
choices: ["otp", "radius", "pkinit", "hardened"]
|
||||
choices: ["otp", "radius", "pkinit", "hardened", ""]
|
||||
aliases: ["krbprincipalauthind"]
|
||||
skip_host_check:
|
||||
description: Skip checking if host object exists.
|
||||
@@ -356,7 +356,7 @@ def init_ansible_module():
|
||||
smb=dict(type="bool", required=False),
|
||||
netbiosname=dict(type="str", required=False),
|
||||
pac_type=dict(type="list", aliases=["ipakrbauthzdata"],
|
||||
choices=["MS-PAC", "PAD", "NONE"]),
|
||||
choices=["MS-PAC", "PAD", "NONE", ""]),
|
||||
auth_ind=dict(type="list",
|
||||
aliases=["krbprincipalauthind"],
|
||||
choices=["otp", "radius", "pkinit", "hardened", ""]),
|
||||
@@ -420,8 +420,8 @@ def main():
|
||||
# service attributes
|
||||
principal = ansible_module.params_get("principal")
|
||||
certificate = ansible_module.params_get("certificate")
|
||||
pac_type = ansible_module.params_get("pac_type")
|
||||
auth_ind = ansible_module.params_get("auth_ind")
|
||||
pac_type = ansible_module.params_get("pac_type", allow_empty_string=True)
|
||||
auth_ind = ansible_module.params_get("auth_ind", allow_empty_string=True)
|
||||
skip_host_check = ansible_module.params_get("skip_host_check")
|
||||
force = ansible_module.params_get("force")
|
||||
requires_pre_auth = ansible_module.params_get("requires_pre_auth")
|
||||
@@ -537,6 +537,15 @@ def main():
|
||||
if remove in args:
|
||||
del args[remove]
|
||||
|
||||
if (
|
||||
"ipakrbauthzdata" in args
|
||||
and (
|
||||
args.get("ipakrbauthzdata", [""]) ==
|
||||
res_find.get("ipakrbauthzdata", [""])
|
||||
)
|
||||
):
|
||||
del args["ipakrbauthzdata"]
|
||||
|
||||
if (
|
||||
"krbprincipalauthind" in args
|
||||
and (
|
||||
|
||||
@@ -892,8 +892,10 @@ def main():
|
||||
title = ansible_module.params_get("title")
|
||||
manager = ansible_module.params_get("manager")
|
||||
carlicense = ansible_module.params_get("carlicense")
|
||||
sshpubkey = ansible_module.params_get("sshpubkey")
|
||||
userauthtype = ansible_module.params_get("userauthtype")
|
||||
sshpubkey = ansible_module.params_get("sshpubkey",
|
||||
allow_empty_string=True)
|
||||
userauthtype = ansible_module.params_get("userauthtype",
|
||||
allow_empty_string=True)
|
||||
userclass = ansible_module.params_get("userclass")
|
||||
radius = ansible_module.params_get("radius")
|
||||
radiususer = ansible_module.params_get("radiususer")
|
||||
@@ -1101,6 +1103,13 @@ def main():
|
||||
if "noprivate" in args:
|
||||
del args["noprivate"]
|
||||
|
||||
# Ignore sshpubkey if it is empty (for resetting)
|
||||
# and not set in for the user
|
||||
if "ipasshpubkey" not in res_find and \
|
||||
"ipasshpubkey" in args and \
|
||||
args["ipasshpubkey"] == ['']:
|
||||
del args["ipasshpubkey"]
|
||||
|
||||
# Ignore userauthtype if it is empty (for resetting)
|
||||
# and not set in for the user
|
||||
if "ipauserauthtype" not in res_find and \
|
||||
|
||||
Reference in New Issue
Block a user