ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-03-29 16:37:42 +00:00
Code Activity

Reformat everything.

Browse source
This commit is contained in:
Felix Fontein 2025-11-01 12:08:41 +01:00
parent 3f2213791a
commit 340ff8586d
1008 changed files with 61301 additions and 58309 deletions
Download patch file Download diff file Expand all files Collapse all files

364
plugins/modules/gitlab_user.py
View file

@ -221,7 +221,11 @@ from ansible.module_utils.api import basic_auth_argument_spec
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.community.general.plugins.module_utils.gitlab import (
auth_argument_spec, find_group, gitlab_authentication, gitlab, list_all_kwargs
auth_argument_spec,
find_group,
gitlab_authentication,
gitlab,
list_all_kwargs,
)
@ -231,63 +235,64 @@ class GitLabUser:
self._gitlab = gitlab_instance
self.user_object = None
self.ACCESS_LEVEL = {
'guest': gitlab.const.GUEST_ACCESS,
'reporter': gitlab.const.REPORTER_ACCESS,
'developer': gitlab.const.DEVELOPER_ACCESS,
'master': gitlab.const.MAINTAINER_ACCESS,
'maintainer': gitlab.const.MAINTAINER_ACCESS,
'owner': gitlab.const.OWNER_ACCESS,
"guest": gitlab.const.GUEST_ACCESS,
"reporter": gitlab.const.REPORTER_ACCESS,
"developer": gitlab.const.DEVELOPER_ACCESS,
"master": gitlab.const.MAINTAINER_ACCESS,
"maintainer": gitlab.const.MAINTAINER_ACCESS,
"owner": gitlab.const.OWNER_ACCESS,
}
'''
"""
@param username Username of the user
@param options User options
'''
"""
def create_or_update_user(self, username, options):
changed = False
potentionally_changed = False
# Because we have already call userExists in main()
if self.user_object is None:
user = self.create_user({
'name': options['name'],
'username': username,
'password': options['password'],
'reset_password': options['reset_password'],
'email': options['email'],
'skip_confirmation': not options['confirm'],
'admin': options['isadmin'],
'external': options['external'],
'identities': options['identities'],
})
user = self.create_user(
{
"name": options["name"],
"username": username,
"password": options["password"],
"reset_password": options["reset_password"],
"email": options["email"],
"skip_confirmation": not options["confirm"],
"admin": options["isadmin"],
"external": options["external"],
"identities": options["identities"],
}
)
changed = True
else:
changed, user = self.update_user(
self.user_object, {
self.user_object,
{
# add "normal" parameters here, put uncheckable
# params in the dict below
'name': {'value': options['name']},
'email': {'value': options['email']},
"name": {"value": options["name"]},
"email": {"value": options["email"]},
# note: for some attributes like this one the key
# from reading back from server is unfortunately
# different to the one needed for pushing/writing,
# in that case use the optional setter key
'is_admin': {
'value': options['isadmin'], 'setter': 'admin'
},
'external': {'value': options['external']},
'identities': {'value': options['identities']},
"is_admin": {"value": options["isadmin"], "setter": "admin"},
"external": {"value": options["external"]},
"identities": {"value": options["identities"]},
},
{
# put "uncheckable" params here, this means params
# which the gitlab does accept for setting but does
# not return any information about it
'skip_reconfirmation': {'value': not options['confirm']},
'password': {'value': options['password']},
'reset_password': {'value': options['reset_password']},
'overwrite_identities': {'value': options['overwrite_identities']},
}
"skip_reconfirmation": {"value": not options["confirm"]},
"password": {"value": options["password"]},
"reset_password": {"value": options["reset_password"]},
"overwrite_identities": {"value": options["overwrite_identities"]},
},
)
# note: as we unfortunately have some uncheckable parameters
@ -297,16 +302,20 @@ class GitLabUser:
potentionally_changed = True
# Assign ssh keys
if options['sshkey_name'] and options['sshkey_file']:
key_changed = self.add_ssh_key_to_user(user, {
'name': options['sshkey_name'],
'file': options['sshkey_file'],
'expires_at': options['sshkey_expires_at']})
if options["sshkey_name"] and options["sshkey_file"]:
key_changed = self.add_ssh_key_to_user(
user,
{
"name": options["sshkey_name"],
"file": options["sshkey_file"],
"expires_at": options["sshkey_expires_at"],
},
)
changed = changed or key_changed
# Assign group
if options['group_path']:
group_changed = self.assign_user_to_group(user, options['group_path'], options['access_level'])
if options["group_path"]:
group_changed = self.assign_user_to_group(user, options["group_path"], options["access_level"])
changed = changed or group_changed
self.user_object = user
@ -323,50 +332,51 @@ class GitLabUser:
else:
return False
'''
"""
@param group User object
'''
"""
def get_user_id(self, user):
if user is not None:
return user.id
return None
'''
"""
@param user User object
@param sshkey_name Name of the ssh key
'''
def ssh_key_exists(self, user, sshkey_name):
return any(
k.title == sshkey_name
for k in user.keys.list(**list_all_kwargs)
)
"""
'''
def ssh_key_exists(self, user, sshkey_name):
return any(k.title == sshkey_name for k in user.keys.list(**list_all_kwargs))
"""
@param user User object
@param sshkey Dict containing sshkey infos {"name": "", "file": "", "expires_at": ""}
'''
"""
def add_ssh_key_to_user(self, user, sshkey):
if not self.ssh_key_exists(user, sshkey['name']):
if not self.ssh_key_exists(user, sshkey["name"]):
if self._module.check_mode:
return True
try:
parameter = {
'title': sshkey['name'],
'key': sshkey['file'],
"title": sshkey["name"],
"key": sshkey["file"],
}
if sshkey['expires_at'] is not None:
parameter['expires_at'] = sshkey['expires_at']
if sshkey["expires_at"] is not None:
parameter["expires_at"] = sshkey["expires_at"]
user.keys.create(parameter)
except gitlab.exceptions.GitlabCreateError as e:
self._module.fail_json(msg=f"Failed to assign sshkey to user: {e}")
return True
return False
'''
"""
@param group Group object
@param user_id Id of the user to find
'''
"""
def find_member(self, group, user_id):
try:
member = group.members.get(user_id)
@ -374,30 +384,33 @@ class GitLabUser:
return None
return member
'''
"""
@param group Group object
@param user_id Id of the user to check
'''
"""
def member_exists(self, group, user_id):
member = self.find_member(group, user_id)
return member is not None
'''
"""
@param group Group object
@param user_id Id of the user to check
@param access_level GitLab access_level to check
'''
"""
def member_as_good_access_level(self, group, user_id, access_level):
member = self.find_member(group, user_id)
return member.access_level == access_level
'''
"""
@param user User object
@param group_path Complete path of the Group including parent group path. <parent_path>/<group_path>
@param access_level GitLab access_level to assign
'''
"""
def assign_user_to_group(self, user, group_identifier, access_level):
group = find_group(self._gitlab, group_identifier)
@ -415,67 +428,70 @@ class GitLabUser:
return True
else:
try:
group.members.create({
'user_id': self.get_user_id(user),
'access_level': self.ACCESS_LEVEL[access_level]})
group.members.create(
{"user_id": self.get_user_id(user), "access_level": self.ACCESS_LEVEL[access_level]}
)
except gitlab.exceptions.GitlabCreateError as e:
self._module.fail_json(msg=f"Failed to assign user to group: {e}")
return True
return False
'''
"""
@param user User object
@param arguments User attributes
'''
"""
def update_user(self, user, arguments, uncheckable_args):
changed = False
for arg_key, arg_value in arguments.items():
av = arg_value['value']
av = arg_value["value"]
if av is not None:
if arg_key == "identities":
changed = self.add_identities(user, av, uncheckable_args['overwrite_identities']['value'])
changed = self.add_identities(user, av, uncheckable_args["overwrite_identities"]["value"])
elif getattr(user, arg_key) != av:
setattr(user, arg_value.get('setter', arg_key), av)
setattr(user, arg_value.get("setter", arg_key), av)
changed = True
for arg_key, arg_value in uncheckable_args.items():
av = arg_value['value']
av = arg_value["value"]
if av is not None:
setattr(user, arg_value.get('setter', arg_key), av)
setattr(user, arg_value.get("setter", arg_key), av)
return (changed, user)
'''
"""
@param arguments User attributes
'''
"""
def create_user(self, arguments):
if self._module.check_mode:
return True
identities = None
if 'identities' in arguments:
identities = arguments['identities']
del arguments['identities']
if "identities" in arguments:
identities = arguments["identities"]
del arguments["identities"]
try:
user = self._gitlab.users.create(arguments)
if identities:
self.add_identities(user, identities)
except (gitlab.exceptions.GitlabCreateError) as e:
except gitlab.exceptions.GitlabCreateError as e:
self._module.fail_json(msg=f"Failed to create user: {e}")
return user
'''
"""
@param user User object
@param identities List of identities to be added/updated
@param overwrite_identities Overwrite user identities with identities passed to this module
'''
"""
def add_identities(self, user, identities, overwrite_identities=False):
changed = False
if overwrite_identities:
@ -483,41 +499,41 @@ class GitLabUser:
for identity in identities:
if identity not in user.identities:
setattr(user, 'provider', identity['provider'])
setattr(user, 'extern_uid', identity['extern_uid'])
setattr(user, "provider", identity["provider"])
setattr(user, "extern_uid", identity["extern_uid"])
if not self._module.check_mode:
user.save()
changed = True
return changed
'''
"""
@param user User object
@param identities List of identities to be added/updated
'''
"""
def delete_identities(self, user, identities):
changed = False
for identity in user.identities:
if identity not in identities:
if not self._module.check_mode:
user.identityproviders.delete(identity['provider'])
user.identityproviders.delete(identity["provider"])
changed = True
return changed
'''
"""
@param username Username of the user
'''
"""
def find_user(self, username):
return next(
(
user for user in self._gitlab.users.list(search=username, **list_all_kwargs)
if user.username == username
),
None
(user for user in self._gitlab.users.list(search=username, **list_all_kwargs) if user.username == username),
None,
)
'''
"""
@param username Username of the user
'''
"""
def exists_user(self, username):
# When user exists, object will be stored in self.user_object.
user = self.find_user(username)
@ -526,12 +542,13 @@ class GitLabUser:
return True
return False
'''
"""
@param username Username of the user
'''
"""
def is_active(self, username):
user = self.find_user(username)
return user.attributes['state'] == 'active'
return user.attributes["state"] == "active"
def delete_user(self):
if self._module.check_mode:
@ -568,65 +585,65 @@ def sanitize_arguments(arguments):
def main():
argument_spec = basic_auth_argument_spec()
argument_spec.update(auth_argument_spec())
argument_spec.update(dict(
name=dict(type='str'),
state=dict(type='str', default="present", choices=["absent", "present", "blocked", "unblocked"]),
username=dict(type='str', required=True),
password=dict(type='str', no_log=True),
reset_password=dict(type='bool', default=False, no_log=False),
email=dict(type='str'),
sshkey_name=dict(type='str'),
sshkey_file=dict(type='str', no_log=False),
sshkey_expires_at=dict(type='str', no_log=False),
group=dict(type='str'),
access_level=dict(type='str', default="guest", choices=["developer", "guest", "maintainer", "master", "owner", "reporter"]),
confirm=dict(type='bool', default=True),
isadmin=dict(type='bool', default=False),
external=dict(type='bool', default=False),
identities=dict(type='list', elements='dict'),
overwrite_identities=dict(type='bool', default=False),
))
argument_spec.update(
dict(
name=dict(type="str"),
state=dict(type="str", default="present", choices=["absent", "present", "blocked", "unblocked"]),
username=dict(type="str", required=True),
password=dict(type="str", no_log=True),
reset_password=dict(type="bool", default=False, no_log=False),
email=dict(type="str"),
sshkey_name=dict(type="str"),
sshkey_file=dict(type="str", no_log=False),
sshkey_expires_at=dict(type="str", no_log=False),
group=dict(type="str"),
access_level=dict(
type="str", default="guest", choices=["developer", "guest", "maintainer", "master", "owner", "reporter"]
),
confirm=dict(type="bool", default=True),
isadmin=dict(type="bool", default=False),
external=dict(type="bool", default=False),
identities=dict(type="list", elements="dict"),
overwrite_identities=dict(type="bool", default=False),
)
)
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[
['api_username', 'api_token'],
['api_username', 'api_oauth_token'],
['api_username', 'api_job_token'],
['api_token', 'api_oauth_token'],
['api_token', 'api_job_token'],
["api_username", "api_token"],
["api_username", "api_oauth_token"],
["api_username", "api_job_token"],
["api_token", "api_oauth_token"],
["api_token", "api_job_token"],
],
required_together=[
['api_username', 'api_password'],
],
required_one_of=[
['api_username', 'api_token', 'api_oauth_token', 'api_job_token']
["api_username", "api_password"],
],
required_one_of=[["api_username", "api_token", "api_oauth_token", "api_job_token"]],
supports_check_mode=True,
required_if=(
('state', 'present', ['name', 'email']),
)
required_if=(("state", "present", ["name", "email"]),),
)
# check prerequisites and connect to gitlab server
gitlab_instance = gitlab_authentication(module)
user_name = module.params['name']
state = module.params['state']
user_username = module.params['username'].lower()
user_password = module.params['password']
user_reset_password = module.params['reset_password']
user_email = module.params['email']
user_sshkey_name = module.params['sshkey_name']
user_sshkey_file = module.params['sshkey_file']
user_sshkey_expires_at = module.params['sshkey_expires_at']
group_path = module.params['group']
access_level = module.params['access_level']
confirm = module.params['confirm']
user_isadmin = module.params['isadmin']
user_external = module.params['external']
user_identities = module.params['identities']
overwrite_identities = module.params['overwrite_identities']
user_name = module.params["name"]
state = module.params["state"]
user_username = module.params["username"].lower()
user_password = module.params["password"]
user_reset_password = module.params["reset_password"]
user_email = module.params["email"]
user_sshkey_name = module.params["sshkey_name"]
user_sshkey_file = module.params["sshkey_file"]
user_sshkey_expires_at = module.params["sshkey_expires_at"]
group_path = module.params["group"]
access_level = module.params["access_level"]
confirm = module.params["confirm"]
user_isadmin = module.params["isadmin"]
user_external = module.params["external"]
user_identities = module.params["identities"]
overwrite_identities = module.params["overwrite_identities"]
gitlab_user = GitLabUser(module, gitlab_instance)
user_exists = gitlab_user.exists_user(user_username)
@ -635,48 +652,57 @@ def main():
else:
user_is_active = False
if state == 'absent':
if state == "absent":
if user_exists:
gitlab_user.delete_user()
module.exit_json(changed=True, msg=f"Successfully deleted user {user_username}")
else:
module.exit_json(changed=False, msg="User deleted or does not exists")
if state == 'blocked':
if state == "blocked":
if user_exists and user_is_active:
gitlab_user.block_user()
module.exit_json(changed=True, msg=f"Successfully blocked user {user_username}")
else:
module.exit_json(changed=False, msg="User already blocked or does not exists")
if state == 'unblocked':
if state == "unblocked":
if user_exists and not user_is_active:
gitlab_user.unblock_user()
module.exit_json(changed=True, msg=f"Successfully unblocked user {user_username}")
else:
module.exit_json(changed=False, msg="User is not blocked or does not exists")
if state == 'present':
if gitlab_user.create_or_update_user(user_username, {
"name": user_name,
"password": user_password,
"reset_password": user_reset_password,
"email": user_email,
"sshkey_name": user_sshkey_name,
"sshkey_file": user_sshkey_file,
"sshkey_expires_at": user_sshkey_expires_at,
"group_path": group_path,
"access_level": access_level,
"confirm": confirm,
"isadmin": user_isadmin,
"external": user_external,
"identities": user_identities,
"overwrite_identities": overwrite_identities,
}):
module.exit_json(changed=True, msg=f"Successfully created or updated the user {user_username}", user=gitlab_user.user_object._attrs)
if state == "present":
if gitlab_user.create_or_update_user(
user_username,
{
"name": user_name,
"password": user_password,
"reset_password": user_reset_password,
"email": user_email,
"sshkey_name": user_sshkey_name,
"sshkey_file": user_sshkey_file,
"sshkey_expires_at": user_sshkey_expires_at,
"group_path": group_path,
"access_level": access_level,
"confirm": confirm,
"isadmin": user_isadmin,
"external": user_external,
"identities": user_identities,
"overwrite_identities": overwrite_identities,
},
):
module.exit_json(
changed=True,
msg=f"Successfully created or updated the user {user_username}",
user=gitlab_user.user_object._attrs,
)
else:
module.exit_json(changed=False, msg=f"No need to update the user {user_username}", user=gitlab_user.user_object._attrs)
module.exit_json(
changed=False, msg=f"No need to update the user {user_username}", user=gitlab_user.user_object._attrs
)
if __name__ == '__main__':
if __name__ == "__main__":
main()