ansible-collections-openstack/plugins/modules/identity_user_info.py

#!/usr/bin/python
# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

DOCUMENTATION = '''
---
module: identity_user_info
short_description: Retrieve information about one or more OpenStack users
author: OpenStack Ansible SIG
description:
    - Retrieve information about a one or more OpenStack users
options:
   name:
     description:
        - Name or ID of the user
     type: str
   domain:
     description:
        - Name or ID of the domain containing the user if the cloud supports domains
     type: str
   filters:
     description:
        - A dictionary of meta data to use for further filtering.  Elements of
          this dictionary may be additional dictionaries.
     type: dict
     default: {}
requirements:
    - "python >= 3.6"
    - "openstacksdk"

extends_documentation_fragment:
- openstack.cloud.openstack
'''

EXAMPLES = '''
# Gather information about previously created users
- openstack.cloud.identity_user_info:
    cloud: awesomecloud
  register: result
- debug:
    msg: "{{ result.users }}"

# Gather information about a previously created user by name
- openstack.cloud.identity_user_info:
    cloud: awesomecloud
    name: demouser
  register: result
- debug:
    msg: "{{ result.users }}"

# Gather information about a previously created user in a specific domain
- openstack.cloud.identity_user_info:
    cloud: awesomecloud
    name: demouser
    domain: admindomain
  register: result
- debug:
    msg: "{{ result.users }}"

# Gather information about a previously created user in a specific domain with filter
- openstack.cloud.identity_user_info:
    cloud: awesomecloud
    name: demouser
    domain: admindomain
    filters:
      enabled: False
  register: result
- debug:
    msg: "{{ result.users }}"
'''


RETURN = '''
users:
    description: has all the OpenStack information about users
    returned: always
    type: list
    elements: dict
    contains:
        id:
            description: Unique UUID.
            returned: success
            type: str
        name:
            description: Username of the user.
            returned: success
            type: str
        default_project_id:
            description: Default project ID of the user
            returned: success
            type: str
        description:
            description: The description of this user
            returned: success
            type: str
        domain_id:
            description: Domain ID containing the user
            returned: success
            type: str
        email:
            description: Email of the user
            returned: success
            type: str
        is_enabled:
            description: Flag to indicate if the user is enabled
            returned: success
            type: bool
        links:
            description: The links for the user resource
            returned: success
            type: complex
            contains:
                self:
                    description: Link to this user resource
                    returned: success
                    type: str
        password:
            description: The default form of credential used during authentication.
            returned: success
            type: str
        password_expires_at:
            description: The date and time when the password expires. The time zone is UTC. A Null value means the password never expires.
            returned: success
            type: str
        username:
            description: Username with Identity API v2 (OpenStack Pike or earlier) else Null
            returned: success
            type: str
'''

from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule


class IdentityUserInfoModule(OpenStackModule):
    argument_spec = dict(
        name=dict(required=False, default=None),
        domain=dict(required=False, default=None),
        filters=dict(required=False, type='dict', default={}),
    )
    module_kwargs = dict(
        supports_check_mode=True
    )

    def run(self):
        name = self.params['name']
        domain = self.params['domain']
        filters = self.params['filters']

        args = {}
        if domain:
            dom_obj = self.conn.identity.find_domain(domain)
            if dom_obj is None:
                self.fail_json(
                    msg="Domain name or ID '{0}' does not exist".format(domain))
            args['domain_id'] = dom_obj.id

        users = [user.to_dict(computed=False) for user in self.conn.search_users(name, filters, **args)]
        self.exit_json(changed=False, users=users)


def main():
    module = IdentityUserInfoModule()
    module()


if __name__ == '__main__':
    main()
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`#!/usr/bin/python`
			`# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation`
			`# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)`

			`DOCUMENTATION = '''`
			`---`
			`module: identity_user_info`
			`short_description: Retrieve information about one or more OpenStack users`
Update author lines We don't use github, so having @ mentions of specific humans is not valuable. Also, we are a team and own the modules as a team, so calling out individual authors is philosophically contrary. We landed a patch upstream to special-case this author string. Change-Id: I38b4e68f14bbba6e13e8a50e2b202874ab74e3bc 2020-06-17 12:35:09 -05:00			`author: OpenStack Ansible SIG`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`description:`
			`- Retrieve information about a one or more OpenStack users`
			`options:`
			`name:`
			`description:`
			`- Name or ID of the user`
			`type: str`
			`domain:`
			`description:`
			`- Name or ID of the domain containing the user if the cloud supports domains`
			`type: str`
			`filters:`
			`description:`
			`- A dictionary of meta data to use for further filtering. Elements of`
			`this dictionary may be additional dictionaries.`
			`type: dict`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`default: {}`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`requirements:`
			`- "python >= 3.6"`
			`- "openstacksdk"`

			`extends_documentation_fragment:`
			`- openstack.cloud.openstack`
			`'''`

			`EXAMPLES = '''`
			`# Gather information about previously created users`
			`- openstack.cloud.identity_user_info:`
			`cloud: awesomecloud`
			`register: result`
			`- debug:`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`msg: "{{ result.users }}"`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
			`# Gather information about a previously created user by name`
			`- openstack.cloud.identity_user_info:`
			`cloud: awesomecloud`
			`name: demouser`
			`register: result`
			`- debug:`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`msg: "{{ result.users }}"`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
			`# Gather information about a previously created user in a specific domain`
			`- openstack.cloud.identity_user_info:`
			`cloud: awesomecloud`
			`name: demouser`
			`domain: admindomain`
			`register: result`
			`- debug:`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`msg: "{{ result.users }}"`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
			`# Gather information about a previously created user in a specific domain with filter`
			`- openstack.cloud.identity_user_info:`
			`cloud: awesomecloud`
			`name: demouser`
			`domain: admindomain`
			`filters:`
			`enabled: False`
			`register: result`
			`- debug:`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`msg: "{{ result.users }}"`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`'''`


			`RETURN = '''`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`users:`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`description: has all the OpenStack information about users`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`returned: always`
			`type: list`
			`elements: dict`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`contains:`
			`id:`
			`description: Unique UUID.`
			`returned: success`
			`type: str`
			`name:`
Drop username from return values of identity_user_info Users would have a non-null username only with Identity API v2 which was available in Keystone of OpenStack Pike. Identity API v2 has been removed since OpenStack Queens [1]. Function search_users() from OpenStack SDK still returns the username attribute because of [2][3] but it will always be None since Keystone's API does not return username since OpenStack Pike. [1] https://docs.openstack.org/releasenotes/keystone/queens.html [2] https://github.com/openstack/openstacksdk/blob/975cabbdd84baa8e05dc5b107b673607e7c0af1a/openstack/cloud/_utils.py#L246 [3] https://github.com/openstack/openstacksdk/commit/76b081efe45f1f2ab8e09a1fd5a23d9fc54361bc Change-Id: I2054dd55662698dabd0f2b3565c31dcd3bf24e5a 2022-04-12 21:50:41 +02:00			`description: Username of the user.`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`returned: success`
			`type: str`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`default_project_id:`
			`description: Default project ID of the user`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`returned: success`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`type: str`
Added description to RETURN doc of identity_user_info module Signed-off-by: Jakob Meng <code@jakobmeng.de> Change-Id: I000a12df18c66816b2b2de177530ffc46f9dc9ae 2022-05-05 11:05:57 +02:00			`description:`
			`description: The description of this user`
			`returned: success`
			`type: str`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`domain_id:`
			`description: Domain ID containing the user`
			`returned: success`
			`type: str`
			`email:`
			`description: Email of the user`
			`returned: success`
			`type: str`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`is_enabled:`
			`description: Flag to indicate if the user is enabled`
			`returned: success`
			`type: bool`
			`links:`
			`description: The links for the user resource`
			`returned: success`
			`type: complex`
			`contains:`
			`self:`
			`description: Link to this user resource`
			`returned: success`
			`type: str`
			`password:`
			`description: The default form of credential used during authentication.`
			`returned: success`
			`type: str`
			`password_expires_at:`
			`description: The date and time when the password expires. The time zone is UTC. A Null value means the password never expires.`
			`returned: success`
			`type: str`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`username:`
Drop username from return values of identity_user_info Users would have a non-null username only with Identity API v2 which was available in Keystone of OpenStack Pike. Identity API v2 has been removed since OpenStack Queens [1]. Function search_users() from OpenStack SDK still returns the username attribute because of [2][3] but it will always be None since Keystone's API does not return username since OpenStack Pike. [1] https://docs.openstack.org/releasenotes/keystone/queens.html [2] https://github.com/openstack/openstacksdk/blob/975cabbdd84baa8e05dc5b107b673607e7c0af1a/openstack/cloud/_utils.py#L246 [3] https://github.com/openstack/openstacksdk/commit/76b081efe45f1f2ab8e09a1fd5a23d9fc54361bc Change-Id: I2054dd55662698dabd0f2b3565c31dcd3bf24e5a 2022-04-12 21:50:41 +02:00			`description: Username with Identity API v2 (OpenStack Pike or earlier) else Null`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`returned: success`
			`type: str`
			`'''`

Switch user_info module to OpenStackModule Drop deprecated block to keep simplicity. Change-Id: I9e64913cd157f2985ef720ddecfbeb9ad996fa2c 2021-05-20 16:08:38 +02:00			`from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00

Switch user_info module to OpenStackModule Drop deprecated block to keep simplicity. Change-Id: I9e64913cd157f2985ef720ddecfbeb9ad996fa2c 2021-05-20 16:08:38 +02:00			`class IdentityUserInfoModule(OpenStackModule):`
			`argument_spec = dict(`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`name=dict(required=False, default=None),`
			`domain=dict(required=False, default=None),`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`filters=dict(required=False, type='dict', default={}),`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`)`
Add support check mode for all info modules As it's required by new ansible-test rules. See https://github.com/ansible-collections/overview/issues/45#issuecomment-893543025 Change-Id: Ib6b73e810b972997b8de2b4a9eb8e07e246823d5 2021-08-16 13:21:27 +03:00			`module_kwargs = dict(`
			`supports_check_mode=True`
			`)`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
Switch user_info module to OpenStackModule Drop deprecated block to keep simplicity. Change-Id: I9e64913cd157f2985ef720ddecfbeb9ad996fa2c 2021-05-20 16:08:38 +02:00			`def run(self):`
			`name = self.params['name']`
			`domain = self.params['domain']`
			`filters = self.params['filters']`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
Reverted identity_user_info from identity.users() to search_users() Commit 2df07f3523 changed module identity_user_info to use function identity.users() instead of search_users(). The first does not allow to search for id with parameter name while the previous and current search_users() function has a name_or_id parameter which allows to search by name and id. Ref.: https://opendev.org/openstack/ansible-collections-openstack/commit/2df07f3523ba3281d84c93083bc3b5d1791afb4b Change-Id: I71226e578a234d24e068a256cf4a5533ccd4c201 2022-05-09 10:13:06 +02:00			`args = {}`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00			`if domain:`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`dom_obj = self.conn.identity.find_domain(domain)`
			`if dom_obj is None:`
			`self.fail_json(`
			`msg="Domain name or ID '{0}' does not exist".format(domain))`
Reverted identity_user_info from identity.users() to search_users() Commit 2df07f3523 changed module identity_user_info to use function identity.users() instead of search_users(). The first does not allow to search for id with parameter name while the previous and current search_users() function has a name_or_id parameter which allows to search by name and id. Ref.: https://opendev.org/openstack/ansible-collections-openstack/commit/2df07f3523ba3281d84c93083bc3b5d1791afb4b Change-Id: I71226e578a234d24e068a256cf4a5533ccd4c201 2022-05-09 10:13:06 +02:00			`args['domain_id'] = dom_obj.id`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00
Reverted identity_user_info from identity.users() to search_users() Commit 2df07f3523 changed module identity_user_info to use function identity.users() instead of search_users(). The first does not allow to search for id with parameter name while the previous and current search_users() function has a name_or_id parameter which allows to search by name and id. Ref.: https://opendev.org/openstack/ansible-collections-openstack/commit/2df07f3523ba3281d84c93083bc3b5d1791afb4b Change-Id: I71226e578a234d24e068a256cf4a5533ccd4c201 2022-05-09 10:13:06 +02:00			`users = [user.to_dict(computed=False) for user in self.conn.search_users(name, filters, **args)]`
Use proxy layer in identity_user_info - Changes the module to get user through proxy layer - Adds a role to test the module - Renames the return value to drop openstack_ prefix Change-Id: I99e98a529ce74ff2ca77a67d09f188228e6a0e37 2022-02-09 07:03:22 -07:00			`self.exit_json(changed=False, users=users)`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00
Switch user_info module to OpenStackModule Drop deprecated block to keep simplicity. Change-Id: I9e64913cd157f2985ef720ddecfbeb9ad996fa2c 2021-05-20 16:08:38 +02:00
			`def main():`
			`module = IdentityUserInfoModule()`
			`module()`
Rename all of the modules This is separate from the previous patch - it's just the results of running the script so we can review the two a little independently. We should probably squash them. Change-Id: I838f15cf4a32455a5be20033c8ddc27db6ca15c0 2020-05-12 10:20:09 -05:00

			`if __name__ == '__main__':`
			`main()`