ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-02-04 07:51:50 +00:00
Code Activity

Reformat everything.

Browse source
This commit is contained in:
Felix Fontein 2025-11-01 12:08:41 +01:00
parent 3f2213791a
commit 340ff8586d
1008 changed files with 61301 additions and 58309 deletions
Download patch file Download diff file Expand all files Collapse all files

284
plugins/modules/gitlab_group_members.py
View file

@ -157,7 +157,10 @@ from ansible.module_utils.api import basic_auth_argument_spec
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.general.plugins.module_utils.gitlab import (
auth_argument_spec, gitlab_authentication, gitlab, list_all_kwargs
auth_argument_spec,
gitlab_authentication,
gitlab,
list_all_kwargs,
)
@ -168,19 +171,17 @@ class GitLabGroup:
# get user id if the user exists
def get_user_id(self, gitlab_user):
return next(
(u.id for u in self._gitlab.users.list(username=gitlab_user, **list_all_kwargs)),
None
)
return next((u.id for u in self._gitlab.users.list(username=gitlab_user, **list_all_kwargs)), None)
# get group id if group exists
def get_group_id(self, gitlab_group):
return next(
(
g.id for g in self._gitlab.groups.list(search=gitlab_group, **list_all_kwargs)
g.id
for g in self._gitlab.groups.list(search=gitlab_group, **list_all_kwargs)
if g.full_path == gitlab_group
),
None
None,
)
# get all members in a group
@ -209,8 +210,7 @@ class GitLabGroup:
# add user to a group
def add_member_to_group(self, gitlab_user_id, gitlab_group_id, access_level):
group = self._gitlab.groups.get(gitlab_group_id)
add_member = group.members.create(
{'user_id': gitlab_user_id, 'access_level': access_level})
add_member = group.members.create({"user_id": gitlab_user_id, "access_level": access_level})
# remove user from a group
def remove_user_from_group(self, gitlab_user_id, gitlab_group_id):
@ -234,43 +234,49 @@ class GitLabGroup:
def main():
argument_spec = basic_auth_argument_spec()
argument_spec.update(auth_argument_spec())
argument_spec.update(dict(
gitlab_group=dict(type='str', required=True),
gitlab_user=dict(type='list', elements='str'),
state=dict(type='str', default='present', choices=['present', 'absent']),
access_level=dict(type='str', choices=['guest', 'reporter', 'developer', 'maintainer', 'owner']),
purge_users=dict(type='list', elements='str', choices=['guest', 'reporter', 'developer', 'maintainer', 'owner']),
gitlab_users_access=dict(
type='list',
elements='dict',
options=dict(
name=dict(type='str', required=True),
access_level=dict(type='str', choices=['guest', 'reporter', 'developer', 'maintainer', 'owner'], required=True),
)
),
))
argument_spec.update(
dict(
gitlab_group=dict(type="str", required=True),
gitlab_user=dict(type="list", elements="str"),
state=dict(type="str", default="present", choices=["present", "absent"]),
access_level=dict(type="str", choices=["guest", "reporter", "developer", "maintainer", "owner"]),
purge_users=dict(
type="list", elements="str", choices=["guest", "reporter", "developer", "maintainer", "owner"]
),
gitlab_users_access=dict(
type="list",
elements="dict",
options=dict(
name=dict(type="str", required=True),
access_level=dict(
type="str", choices=["guest", "reporter", "developer", "maintainer", "owner"], required=True
),
),
),
)
)
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[
['api_username', 'api_token'],
['gitlab_user', 'gitlab_users_access'],
['access_level', 'gitlab_users_access'],
['api_username', 'api_oauth_token'],
['api_username', 'api_job_token'],
['api_token', 'api_oauth_token'],
['api_token', 'api_job_token'],
["api_username", "api_token"],
["gitlab_user", "gitlab_users_access"],
["access_level", "gitlab_users_access"],
["api_username", "api_oauth_token"],
["api_username", "api_job_token"],
["api_token", "api_oauth_token"],
["api_token", "api_job_token"],
],
required_together=[
['api_username', 'api_password'],
['gitlab_user', 'access_level'],
["api_username", "api_password"],
["gitlab_user", "access_level"],
],
required_one_of=[
['api_username', 'api_token', 'api_oauth_token', 'api_job_token'],
['gitlab_user', 'gitlab_users_access'],
["api_username", "api_token", "api_oauth_token", "api_job_token"],
["gitlab_user", "gitlab_users_access"],
],
required_if=[
['state', 'present', ['access_level', 'gitlab_users_access'], True],
["state", "present", ["access_level", "gitlab_users_access"], True],
],
supports_check_mode=True,
)
@ -279,17 +285,17 @@ def main():
gl = gitlab_authentication(module)
access_level_int = {
'guest': gitlab.const.GUEST_ACCESS,
'reporter': gitlab.const.REPORTER_ACCESS,
'developer': gitlab.const.DEVELOPER_ACCESS,
'maintainer': gitlab.const.MAINTAINER_ACCESS,
'owner': gitlab.const.OWNER_ACCESS,
"guest": gitlab.const.GUEST_ACCESS,
"reporter": gitlab.const.REPORTER_ACCESS,
"developer": gitlab.const.DEVELOPER_ACCESS,
"maintainer": gitlab.const.MAINTAINER_ACCESS,
"owner": gitlab.const.OWNER_ACCESS,
}
gitlab_group = module.params['gitlab_group']
state = module.params['state']
access_level = module.params['access_level']
purge_users = module.params['purge_users']
gitlab_group = module.params["gitlab_group"]
state = module.params["state"]
access_level = module.params["access_level"]
purge_users = module.params["purge_users"]
if purge_users:
purge_users = [access_level_int[level] for level in purge_users]
@ -303,27 +309,30 @@ def main():
module.fail_json(msg=f"group '{gitlab_group}' not found.")
members = []
if module.params['gitlab_user'] is not None:
if module.params["gitlab_user"] is not None:
gitlab_users_access = []
gitlab_users = module.params['gitlab_user']
gitlab_users = module.params["gitlab_user"]
for gl_user in gitlab_users:
gitlab_users_access.append({'name': gl_user, 'access_level': access_level_int[access_level] if access_level else None})
elif module.params['gitlab_users_access'] is not None:
gitlab_users_access = module.params['gitlab_users_access']
gitlab_users_access.append(
{"name": gl_user, "access_level": access_level_int[access_level] if access_level else None}
)
elif module.params["gitlab_users_access"] is not None:
gitlab_users_access = module.params["gitlab_users_access"]
for user_level in gitlab_users_access:
user_level['access_level'] = access_level_int[user_level['access_level']]
user_level["access_level"] = access_level_int[user_level["access_level"]]
if len(gitlab_users_access) == 1 and not purge_users:
# only single user given
members = [group.get_member_in_a_group(gitlab_group_id, group.get_user_id(gitlab_users_access[0]['name']))]
members = [group.get_member_in_a_group(gitlab_group_id, group.get_user_id(gitlab_users_access[0]["name"]))]
if members[0] is None:
members = []
elif len(gitlab_users_access) > 1 or purge_users:
# list of users given
members = group.get_members_in_a_group(gitlab_group_id)
else:
module.exit_json(changed='OK', result="Nothing to do, please give at least one user or set purge_users true.",
result_data=[])
module.exit_json(
changed="OK", result="Nothing to do, please give at least one user or set purge_users true.", result_data=[]
)
changed = False
error = False
@ -331,67 +340,115 @@ def main():
changed_data = []
for gitlab_user in gitlab_users_access:
gitlab_user_id = group.get_user_id(gitlab_user['name'])
gitlab_user_id = group.get_user_id(gitlab_user["name"])
# user doesn't exist
if not gitlab_user_id:
if state == 'absent':
if state == "absent":
changed_users.append(f"user '{gitlab_user['name']}' not found, and thus also not part of the group")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'OK',
'msg': f"user '{gitlab_user['name']}' not found, and thus also not part of the group"})
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "OK",
"msg": f"user '{gitlab_user['name']}' not found, and thus also not part of the group",
}
)
else:
error = True
changed_users.append(f"user '{gitlab_user['name']}' not found.")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'FAILED',
'msg': f"user '{gitlab_user['name']}' not found."})
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "FAILED",
"msg": f"user '{gitlab_user['name']}' not found.",
}
)
continue
is_user_a_member = group.is_user_a_member(members, gitlab_user_id)
# check if the user is a member in the group
if not is_user_a_member:
if state == 'present':
if state == "present":
# add user to the group
try:
if not module.check_mode:
group.add_member_to_group(gitlab_user_id, gitlab_group_id, gitlab_user['access_level'])
group.add_member_to_group(gitlab_user_id, gitlab_group_id, gitlab_user["access_level"])
changed = True
changed_users.append(f"Successfully added user '{gitlab_user['name']}' to group")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'CHANGED',
'msg': f"Successfully added user '{gitlab_user['name']}' to group"})
except (gitlab.exceptions.GitlabCreateError) as e:
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "CHANGED",
"msg": f"Successfully added user '{gitlab_user['name']}' to group",
}
)
except gitlab.exceptions.GitlabCreateError as e:
error = True
changed_users.append(f"Failed to updated the access level for the user, '{gitlab_user['name']}'")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'FAILED',
'msg': f"Not allowed to add the access level for the member, {gitlab_user['name']}: {e}"})
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "FAILED",
"msg": f"Not allowed to add the access level for the member, {gitlab_user['name']}: {e}",
}
)
# state as absent
else:
changed_users.append(f"User, '{gitlab_user['name']}', is not a member in the group. No change to report")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'OK',
'msg': f"User, '{gitlab_user['name']}', is not a member in the group. No change to report"})
changed_users.append(
f"User, '{gitlab_user['name']}', is not a member in the group. No change to report"
)
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "OK",
"msg": f"User, '{gitlab_user['name']}', is not a member in the group. No change to report",
}
)
# in case that a user is a member
else:
if state == 'present':
if state == "present":
# compare the access level
user_access_level = group.get_user_access_level(members, gitlab_user_id)
if user_access_level == gitlab_user['access_level']:
changed_users.append(f"User, '{gitlab_user['name']}', is already a member in the group. No change to report")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'OK',
'msg': f"User, '{gitlab_user['name']}', is already a member in the group. No change to report"})
if user_access_level == gitlab_user["access_level"]:
changed_users.append(
f"User, '{gitlab_user['name']}', is already a member in the group. No change to report"
)
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "OK",
"msg": f"User, '{gitlab_user['name']}', is already a member in the group. No change to report",
}
)
else:
# update the access level for the user
try:
if not module.check_mode:
group.update_user_access_level(members, gitlab_user_id, gitlab_user['access_level'])
group.update_user_access_level(members, gitlab_user_id, gitlab_user["access_level"])
changed = True
changed_users.append(f"Successfully updated the access level for the user, '{gitlab_user['name']}'")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'CHANGED',
'msg': f"Successfully updated the access level for the user, '{gitlab_user['name']}'"})
except (gitlab.exceptions.GitlabUpdateError) as e:
changed_users.append(
f"Successfully updated the access level for the user, '{gitlab_user['name']}'"
)
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "CHANGED",
"msg": f"Successfully updated the access level for the user, '{gitlab_user['name']}'",
}
)
except gitlab.exceptions.GitlabUpdateError as e:
error = True
changed_users.append(f"Failed to updated the access level for the user, '{gitlab_user['name']}'")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'FAILED',
'msg': f"Not allowed to update the access level for the member, {gitlab_user['name']}: {e}"})
changed_users.append(
f"Failed to updated the access level for the user, '{gitlab_user['name']}'"
)
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "FAILED",
"msg": f"Not allowed to update the access level for the member, {gitlab_user['name']}: {e}",
}
)
else:
# remove the user from the group
try:
@ -399,43 +456,70 @@ def main():
group.remove_user_from_group(gitlab_user_id, gitlab_group_id)
changed = True
changed_users.append(f"Successfully removed user, '{gitlab_user['name']}', from the group")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'CHANGED',
'msg': f"Successfully removed user, '{gitlab_user['name']}', from the group"})
except (gitlab.exceptions.GitlabDeleteError) as e:
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "CHANGED",
"msg": f"Successfully removed user, '{gitlab_user['name']}', from the group",
}
)
except gitlab.exceptions.GitlabDeleteError as e:
error = True
changed_users.append(f"Failed to removed user, '{gitlab_user['name']}', from the group")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'FAILED',
'msg': f"Failed to remove user, '{gitlab_user['name']}' from the group: {e}"})
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "FAILED",
"msg": f"Failed to remove user, '{gitlab_user['name']}' from the group: {e}",
}
)
# if state = present and purge_users set delete users which are in members having give access level but not in gitlab_users
if state == 'present' and purge_users:
if state == "present" and purge_users:
uppercase_names_in_gitlab_users_access = []
for name in gitlab_users_access:
uppercase_names_in_gitlab_users_access.append(name['name'].upper())
uppercase_names_in_gitlab_users_access.append(name["name"].upper())
for member in members:
if member.access_level in purge_users and member.username.upper() not in uppercase_names_in_gitlab_users_access:
if (
member.access_level in purge_users
and member.username.upper() not in uppercase_names_in_gitlab_users_access
):
try:
if not module.check_mode:
group.remove_user_from_group(member.id, gitlab_group_id)
changed = True
changed_users.append(f"Successfully removed user '{member.username}', from group. Was not in given list")
changed_data.append({'gitlab_user': member.username, 'result': 'CHANGED',
'msg': f"Successfully removed user '{member.username}', from group. Was not in given list"})
except (gitlab.exceptions.GitlabDeleteError) as e:
changed_users.append(
f"Successfully removed user '{member.username}', from group. Was not in given list"
)
changed_data.append(
{
"gitlab_user": member.username,
"result": "CHANGED",
"msg": f"Successfully removed user '{member.username}', from group. Was not in given list",
}
)
except gitlab.exceptions.GitlabDeleteError as e:
error = True
changed_users.append(f"Failed to removed user, '{gitlab_user['name']}', from the group")
changed_data.append({'gitlab_user': gitlab_user['name'], 'result': 'FAILED',
'msg': f"Failed to remove user, '{gitlab_user['name']}' from the group: {e}"})
changed_data.append(
{
"gitlab_user": gitlab_user["name"],
"result": "FAILED",
"msg": f"Failed to remove user, '{gitlab_user['name']}' from the group: {e}",
}
)
if len(gitlab_users_access) == 1 and error:
# if single user given and an error occurred return error for list errors will be per user
module.fail_json(msg=f"FAILED: '{changed_users[0]} '", result_data=changed_data)
elif error:
module.fail_json(msg='FAILED: At least one given user/permission could not be set', result_data=changed_data)
module.fail_json(msg="FAILED: At least one given user/permission could not be set", result_data=changed_data)
module.exit_json(changed=changed, msg='Successfully set memberships', result="\n".join(changed_users), result_data=changed_data)
module.exit_json(
changed=changed, msg="Successfully set memberships", result="\n".join(changed_users), result_data=changed_data
)
if __name__ == '__main__':
if __name__ == "__main__":
main()