---
- name: Test group
  hosts: ipaclients, ipaserver
  become: no
  gather_facts: no

  vars:
    ad_user: "{{ test_ad_user | default('AD\\aduser') }}"

  tasks:
  - name: Include FreeIPA facts.
    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
    ipagroup:
      ipaadmin_password: SomeADMINpassword
      ipaapi_context: server
      name: ThisShouldNotWork
    register: result
    failed_when: not (result.failed and result.msg is regex("No module named '*ipaserver'*"))
    when: ipa_host_is_client

  - name: Ensuref fail if externalmember is used in client context.
    ipagroup:
      ipaadmin_password: SomeADMINpassword
      ipaapi_context: client
      name: ThisShouldNotWork
      external_member: "{{ ad_user }}"
      external: true
    register: result
    failed_when: not (result.failed and result.msg == "Cannot use externalmember in client context.")

# Import basic module tests, and execute with ipa_context set to 'client'.
# If ipaclients is set, it will be executed using the client, if not,
# ipaserver will be used.
#
# With this setup, tests can be executed against an IPA client, against
# an IPA server using "client" context, and ensure that tests are executed
# in upstream CI.

- name: Test group using client context, in client host.
  ansible.builtin.import_playbook: test_group.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

- name: Test group using client context, in server host.
  ansible.builtin.import_playbook: test_group.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client

- name: Test groups using client context, in client host.
  ansible.builtin.import_playbook: test_groups.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

- name: Test groups using client context, in server host.
  ansible.builtin.import_playbook: test_groups.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client

- name: Test groups with mixed types using client context, in client host.
  ansible.builtin.import_playbook: test_groups_external_nonposix.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

- name: Test groups with mixed types using client context, in server host.
  ansible.builtin.import_playbook: test_groups_external_nonposix.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client