proxmox/plugins/modules/role_info.py

#!/usr/bin/python
# coding: utf-8

# (c) 2022, Johanna Dorothea Reichmann <transcaffeine@finally.coffee>

__metaclass__ = type

import dataclasses
import traceback

from ansible.module_utils.basic import AnsibleModule

from ansible_collections.finallycoffee.proxmox.plugins.module_utils.common import *
from ansible_collections.finallycoffee.proxmox.plugins.module_utils.proxmox_datacenter_role import *


DOCUMENTATION = r'''
---
module: role_info
author:
- Johanna Dorothea Reichmann (transcaffeine@finally.coffee)
requirements:
    - python >= 3.9
short_description: Get configured and builtin roles of a proxmox node
description:
    - "Lists all configured roles in a proxmox instance"
options:
    proxmox_instance:
        description: Location of the proxmox API with scheme, domain name/ip and port, e.g. https://localhost:8006
        type: str
        required: true
    proxmox_api_token_id:
        description: The token ID containing username, realm and token name (format: user@realm!name)
        type: str
        required: true
    proxmox_api_secret:
        description: The secret
        type: str
        required: true
    proxmox_api_verify_cert:
        description: If the certificate presented for `proxmox_instance_url` should be verified
        type: bool
        required: false
        default: true
    role:
        description: Role to retrieve information about. If left omitted, return all roles
        type: str
        required: false
'''

EXAMPLES = r'''
- name: Retrieve all roles
  finallycoffee.proxmox.role_info:
    proxmox_instance: https://my.proxmox-node.local:8006
    promox_api_token_id: root@pam!token
    proxmox_api_secret: supersecuretokencontent
- name: Retrieve role information for 'PVEAdmin'
  finallycoffee.proxmox.role_info:
    proxmox_instance: https://my.proxmox-node.local:8006
    promox_api_token_id: root@pam!token
    proxmox_api_secret: supersecuretokencontent
    role: PVEAdmin
'''

RETURN = r'''
roles:
    description: The retrieved roles
    returned: When roles were found (matching the filter)
    type: list
    elements: dict[str, dict[str], bool]
role:
    description: The role's name (`.name`) and privileges (`.privileges`)
    returned: When a single role was queried
    type: dict[str, list[str]]

'''


def main():
    _ = dict
    module = AnsibleModule(
        argument_spec=_(
            proxmox_instance=_(required=True, type='str'),
            proxmox_api_token_id=_(required=True, type='str'),
            proxmox_api_secret=_(type='str', required=True, no_log=True),
            proxmox_api_verify_cert=_(type='bool', required=False, default=True),
            role=_(required=False, type='str'),
        ),
        supports_check_mode=True
    )

    result = _(
        changed=False,
        diff={},
        message=''
    )

    roles = []
    try:
        roles = get_roles(ProxmoxAuthInfo(
            module.params['proxmox_instance'],
            module.params['proxmox_api_token_id'],
            module.params['proxmox_api_secret'],
            module.params['proxmox_api_verify_cert'],
        ))
    except IOError as owie:
        result['msg'] = owie
        module.exit_json(**result)

    result['roles'] = list(
        map(lambda r: dataclasses.asdict(r),
            filter(lambda r: r.name == module.params['role']
                    if module.params['role'] is not None
                    else True,
               roles)
            )
    )
    if module.params['role'] is not None:
        result['role'] = dataclasses.asdict(
            list(filter(lambda r: r.name == module.params['role'], roles))[0]
        )

    module.exit_json(**result)


if __name__ == '__main__':
    main()
feat(role): add plugin for listing available roles and their privileges 2022-08-14 14:40:26 +00:00			`#!/usr/bin/python`
			`# coding: utf-8`

			`# (c) 2022, Johanna Dorothea Reichmann <transcaffeine@finally.coffee>`

			`__metaclass__ = type`

			`import dataclasses`
			`import traceback`

			`from ansible.module_utils.basic import AnsibleModule`

			`from ansible_collections.finallycoffee.proxmox.plugins.module_utils.common import *`
			`from ansible_collections.finallycoffee.proxmox.plugins.module_utils.proxmox_datacenter_role import *`


			`DOCUMENTATION = r'''`
			`---`
			`module: role_info`
			`author:`
			`- Johanna Dorothea Reichmann (transcaffeine@finally.coffee)`
			`requirements:`
			`- python >= 3.9`
			`short_description: Get configured and builtin roles of a proxmox node`
			`description:`
			`- "Lists all configured roles in a proxmox instance"`
			`options:`
			`proxmox_instance:`
			`description: Location of the proxmox API with scheme, domain name/ip and port, e.g. https://localhost:8006`
			`type: str`
			`required: true`
			`proxmox_api_token_id:`
			`description: The token ID containing username, realm and token name (format: user@realm!name)`
			`type: str`
			`required: true`
			`proxmox_api_secret:`
			`description: The secret`
			`type: str`
			`required: true`
			`proxmox_api_verify_cert:`
			description: If the certificate presented for `proxmox_instance_url` should be verified
			`type: bool`
			`required: false`
			`default: true`
			`role:`
			`description: Role to retrieve information about. If left omitted, return all roles`
			`type: str`
			`required: false`
			`'''`

			`EXAMPLES = r'''`
			`- name: Retrieve all roles`
			`finallycoffee.proxmox.role_info:`
			`proxmox_instance: https://my.proxmox-node.local:8006`
			`promox_api_token_id: root@pam!token`
			`proxmox_api_secret: supersecuretokencontent`
			`- name: Retrieve role information for 'PVEAdmin'`
			`finallycoffee.proxmox.role_info:`
			`proxmox_instance: https://my.proxmox-node.local:8006`
			`promox_api_token_id: root@pam!token`
			`proxmox_api_secret: supersecuretokencontent`
			`role: PVEAdmin`
			`'''`

			`RETURN = r'''`
			`roles:`
			`description: The retrieved roles`
			`returned: When roles were found (matching the filter)`
			`type: list`
			`elements: dict[str, dict[str], bool]`
			`role:`
			description: The role's name (`.name`) and privileges (`.privileges`)
			`returned: When a single role was queried`
			`type: dict[str, list[str]]`

			`'''`


			`def main():`
			`_ = dict`
			`module = AnsibleModule(`
			`argument_spec=_(`
			`proxmox_instance=_(required=True, type='str'),`
			`proxmox_api_token_id=_(required=True, type='str'),`
			`proxmox_api_secret=_(type='str', required=True, no_log=True),`
			`proxmox_api_verify_cert=_(type='bool', required=False, default=True),`
			`role=_(required=False, type='str'),`
			`),`
			`supports_check_mode=True`
			`)`

			`result = _(`
			`changed=False,`
			`diff={},`
			`message=''`
			`)`

			`roles = []`
			`try:`
			`roles = get_roles(ProxmoxAuthInfo(`
			`module.params['proxmox_instance'],`
			`module.params['proxmox_api_token_id'],`
			`module.params['proxmox_api_secret'],`
			`module.params['proxmox_api_verify_cert'],`
			`))`
			`except IOError as owie:`
			`result['msg'] = owie`
			`module.exit_json(**result)`

			`result['roles'] = list(`
			`map(lambda r: dataclasses.asdict(r),`
			`filter(lambda r: r.name == module.params['role']`
			`if module.params['role'] is not None`
			`else True,`
			`roles)`
			`)`
			`)`
			`if module.params['role'] is not None:`
			`result['role'] = dataclasses.asdict(`
			`list(filter(lambda r: r.name == module.params['role'], roles))[0]`
			`)`

			`module.exit_json(**result)`


			`if __name__ == '__main__':`
			`main()`