internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
869eb2fbdc76bc0f7e61a67aebfcab05ac8874e0
ansible-freeipa/tests/user/test_users.yml
Thomas Woerner 1d7fb31b8b ipa[user,host]: Fail on duplucate names in the users and hosts lists 
It was possible to have several entries for names with the hosts and users
lists. This resulted sometimes in errors but also unexpected changes. A new
check has been added to make sure that the names in the users and hosts
lists are unique.

New tests have been added to verify this in the existing files:
- tests/host/test_hosts.yml
- tests/user/test_users.yml
2020-06-29 14:50:56 +02:00

396 lines
10 KiB
YAML
Raw Blame History

---
- name: Test users
hosts: ipaserver
become: true
gather_facts: false
tasks:
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: user1,user2,user3,user4,user5,user6,user7,user8,user9,user10
state: absent
- name: Users user1..10 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: user1
givenname: user1
last: Last
- name: user2
first: user2
last: Last
- name: user3
first: user3
last: Last
- name: user4
first: user4
last: Last
- name: user5
first: user5
last: Last
- name: user6
first: user6
last: Last
- name: user7
first: user7
last: Last
- name: user8
first: user8
last: Last
- name: user9
first: user9
last: Last
- name: user10
first: user10
last: Last
register: result
failed_when: not result.changed
- name: Users user1..10 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: user1
givenname: user1
sn: Last
- name: user2
first: user2
last: Last
- name: user3
first: user3
last: Last
- name: user4
first: user4
last: Last
- name: user5
first: user5
last: Last
- name: user6
first: user6
last: Last
- name: user7
first: user7
last: Last
- name: user8
first: user8
last: Last
- name: user9
first: user9
last: Last
- name: user10
first: user10
last: Last
register: result
failed_when: result.changed
- name: Duplicate names in users failure test
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: user1
givenname: user1
last: Last
- name: user2
first: user2
last: Last
- name: user3
first: user3
last: Last
- name: user3
first: user3
last: Last
register: result
failed_when: result.changed or "is used more than once" not in result.msg
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: user1,user2,user3,user4,user5,user6,user7,user8,user9,user10
state: absent
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: manager1,manager2,manager3,pinky,pinky2
state: absent
- name: User manager1 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: manager1
first: Manager1
last: One1
- name: manager2
first: Manager2
last: One2
- name: manager3
first: Manager3
last: One3
register: result
failed_when: not result.changed
- name: User pinky present
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
uid: 10001
gid: 100
phone: "+555123457"
email: pinky@acme.com
principalexpiration: "20220119235959"
#passwordexpiration: "2022-01-19 23:59:59"
first: pinky
last: Acme
initials: pa
#password: foo2
principal: pa
random: yes
city: PinkyCity
userstate: PinkyState
postalcode: PinkyZip
mobile: "+555123458,+555123459"
pager: "+555123450,+555123451"
fax: "+555123452,+555123453"
orgunit: PinkyOrgUnit
manager: manager1,manager2
update_password: on_create
carlicense: PinkyCarLicense1,PinkyCarLicense2
# sshpubkey
userauthtype: password,radius,otp
userclass: PinkyUserClass
#radius: "http://some.link/"
#radiususer: PinkyRadiusUser
departmentnumber: "1234"
employeenumber: "0815"
employeetype: "PinkyExmployeeType"
preferredlanguage: "en"
# certificate
noprivate: yes
nomembers: false
#issuer: PinkyIssuer
#subject: PinkySubject
register: result
failed_when: not result.changed
- name: Same user pinky present again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
uid: 10001
gid: 100
phone: "+555123457"
email: pinky@acme.com
principalexpiration: "20220119235959"
#passwordexpiration: "2022-01-19 23:59:59"
first: pinky
last: Acme
initials: pa
#password: foo2
principal: pa
random: yes
city: PinkyCity
userstate: PinkyState
postalcode: PinkyZip
mobile: "+555123458,+555123459"
pager: "+555123450,+555123451"
fax: "+555123452,+555123453"
orgunit: PinkyOrgUnit
manager: manager1,manager2
update_password: on_create
carlicense: PinkyCarLicense1,PinkyCarLicense2
# sshpubkey
userauthtype: password,radius,otp
userclass: PinkyUserClass
#radius: "http://some.link/"
#radiususer: PinkyRadiusUser
departmentnumber: "1234"
employeenumber: "0815"
employeetype: "PinkyExmployeeType"
preferredlanguage: "en"
# certificate
noprivate: yes
nomembers: false
#issuer: PinkyIssuer
#subject: PinkySubject
register: result
failed_when: result.changed
- name: User pinky present with changed settings
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
first: pinky
last: Acme
manager: []
principal: []
sshpubkey:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqmVDpEX5gnSjKuv97AyzOhaUMMKz8ahOA3GY77tVC4o68KNgMCmDSEG1/kOIaElngNLaCha3p/2iAcU9Bi1tLKUlm2bbO5NHNwHfRxY/3cJtq+/7D1vxJzqThYwI4F9vr1WxyY2+mMTv3pXbfAJoR8Mu06XaEY5PDetlDKjHLuNWF+/O7ZU8PsULTa1dJZFrtXeFpmUoLoGxQBvlrlcPI1zDciCSU24t27Zan5Py2l5QchyI7yhCyMM77KDtj5+AFVpmkb9+zq50rYJAyFVeyUvwjzErvQrKJzYpA0NyBp7vskWbt36M16/M/LxEK7HA6mkcakO3ESWx5MT1LAjvdlnxbWG3787MxweHXuB8CZU+9bZPFBaJ+VQtOfJ7I8eH0S16moPC4ak8FlcFvOH8ERDPWLFDqfy09yaZ7bVIF0//5ZI7Nf3YDe3S7GrBX5ieYuECyP6UNkTx9BRsAQeVvXEc6otzB7iCSnYBMGUGzCqeigoAWaVQUONsSR3Uatks= pinky@ipaserver.el81.local
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDc8MIjaSrxLYHvu+hduoF4m6NUFSlXZWzYbd3BK4L47/U4eiXoOS6dcfuZJDjmLfOipc7XVp7NADwAgA1yBOAjbeVpXr2tC8w8saZibl75WBOEjDfNroiOh/f/ojrwwHg05QTVSZHs27sU1HBPyCQM/FHVM6EnRfmyiBkEBA/3ca0PJ9UJhWb2XisCaz6y6QcTh4gQnvHzgmEmK31GwiKnmBSEQuj8P5NGCO8RlN3cq3zpRpMDEoBRCjQYicllf/5P43r5OGvS1LhTiAMfyqE37URezNQa7aozBpH1GhIwAmjAtm84jXQjxUgZPYC0aSLuADYErScOP4792r6koH9t/DM5/M+jG2c4PNWynDczUw6Eaxl5E3hU0Ee9UN0Oee7iBnVenS/QMeZNyo5lMA/HXT5lrYiJGTYM0shRjGXXYBbJZhWerguSWDAdUd1gvuGP1nb7/+/Cvb46+HX7zYouS5Ojo0yPzMZ07X142jnKAfx9LnKdMUCwBJzbtoJ91Zc= pinky@ipaserver.el81.local
register: result
failed_when: not result.changed
- name: User pinky add manager manager1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
register: result
failed_when: not result.changed
- name: User pinky add manager manager1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
register: result
failed_when: result.changed
- name: User pinky add manager manager2, manager3
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager2,manager3
action: member
register: result
failed_when: not result.changed
- name: User pinky add manager manager2, manager3 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager2,manager3
action: member
register: result
failed_when: result.changed
- name: User pinky remove manager manager1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove manager manager1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky add principal pa
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
register: result
failed_when: not result.changed
- name: User pinky add principal pa again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
register: result
failed_when: result.changed
- name: User pinky add principal pa1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
register: result
failed_when: not result.changed
- name: User pinky remove principal pa1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove principal pa1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky remove principal pa
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove principal non-existing pa2
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa2
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky absent and preserved
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
preserve: yes
state: absent
register: result
failed_when: not result.changed
- name: User pinky undeleted (preserved before)
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: undeleted
register: result
failed_when: not result.changed
- name: Users pinky disabled
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: disabled
register: result
failed_when: not result.changed
- name: User pinky enabled
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: enabled
register: result
failed_when: not result.changed
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: manager1,manager2,manager3,pinky,pinky2
state: absent
Reference in New Issue View Git Blame Copy Permalink