Update README-automember.md

Missing variable "action" added in the automember module documentation.

README-automember.md

@@ -127,6 +127,7 @@ Variable | Description | Required
 `automember_type` | Grouping to which the rule applies. It can be one of `group`, `hostgroup`. | yes
 `inclusive` | List of dictionaries in the format of `{'key': attribute, 'expression': inclusive_regex}` | no
 `exclusive` | List of dictionaries in the format of `{'key': attribute, 'expression': exclusive_regex}` | no
+`action` | Work on automember or member level. It can be one of `member` or `automember` and defaults to `automember`. | no
 `state` | The state to ensure. It can be one of `present`, `absent`, default: `present`. | no
 
 

plugins/modules/ipaautomember.py

@@ -185,15 +185,6 @@ def transform_conditions(conditions):
     return transformed
 
 
-def check_condition_keys(ansible_module, conditions, aciattrs):
-    if conditions is None:
-        return
-    for condition in conditions:
-        if condition["key"] not in aciattrs:
-            ansible_module.fail_json(
-                msg="Invalid automember condition key '%s'" % condition["key"])
-
-
 def main():
     ansible_module = AnsibleModule(
         argument_spec=dict(
@@ -283,28 +274,6 @@ def main():
             # Make sure automember rule exists
             res_find = find_automember(ansible_module, name, automember_type)
 
-            # Check inclusive and exclusive conditions
-            if inclusive is not None or exclusive is not None:
-                # automember_type is either "group" or "hostgorup"
-                if automember_type == "group":
-                    _type = "user"
-                elif automember_type == "hostgroup":
-                    _type = "host"
-                else:
-                    ansible_module.fail_json(
-                        msg="Bad automember type '%s'" % automember_type)
-
-                try:
-                    aciattrs = api_command(
-                        ansible_module, "json_metadata", to_text(_type), {}
-                    )['objects'][_type]['aciattrs']
-                except Exception as ex:
-                    ansible_module.fail_json(
-                        msg="%s: %s: %s" % ("json_metadata", _type, str(ex)))
-
-                check_condition_keys(ansible_module, inclusive, aciattrs)
-                check_condition_keys(ansible_module, exclusive, aciattrs)
-
             # Create command
             if state == 'present':
                 args = gen_args(description, automember_type)

tests/automember/test_automember.yml

@@ -164,34 +164,6 @@
     register: result
     failed_when: result.changed or result.failed
 
-  - name: Ensure testgroup group automember conditions fails on invalid inclusive key
-    ipaautomember:
-      ipaadmin_principal: admin
-      ipaadmin_password: SomeADMINpassword
-      name: testgroup
-      automember_type: group
-      inclusive:
-        - key: cns
-          expression: 'foo'
-      action: member
-    register: result
-    failed_when: result.changed or not result.failed or
-                 "Invalid automember condition key 'cns'" not in result.msg
-
-  - name: Ensure testgroup group automember conditions fails on invalid exlusive key
-    ipaautomember:
-      ipaadmin_principal: admin
-      ipaadmin_password: SomeADMINpassword
-      name: testgroup
-      automember_type: group
-      exclusive:
-        - key: cns
-          expression: 'foo'
-      action: member
-    register: result
-    failed_when: result.changed or not result.failed or
-                 "Invalid automember condition key 'cns'" not in result.msg
-
   - name: Ensure testhostgroup hostgroup automember rule is present
     ipaautomember:
       ipaadmin_password: SomeADMINpassword
@@ -310,35 +282,6 @@
     register: result
     failed_when: result.changed or result.failed
 
-
-  - name: Ensure testhostgroup hostgroup automember conditions fails on invalid inclusive key
-    ipaautomember:
-      ipaadmin_principal: admin
-      ipaadmin_password: SomeADMINpassword
-      name: testhostgroup
-      automember_type: hostgroup
-      inclusive:
-        - key: cns
-          expression: 'foo'
-      action: member
-    register: result
-    failed_when: result.changed or not result.failed or
-                 "Invalid automember condition key 'cns'" not in result.msg
-
-  - name: Ensure testhostgroup hostgroup automember conditions fails on invalid exlusive key
-    ipaautomember:
-      ipaadmin_principal: admin
-      ipaadmin_password: SomeADMINpassword
-      name: testhostgroup
-      automember_type: hostgroup
-      exclusive:
-        - key: cns
-          expression: 'foo'
-      action: member
-    register: result
-    failed_when: result.changed or not result.failed or
-                 "Invalid automember condition key 'cns'" not in result.msg
-
   # CLEANUP TEST ITEMS
 
   - name: Ensure group testgroup is absent