summaryrefslogtreecommitdiffstats
path: root/test/integration/targets/aci_aaa_user/tasks/main.yml
blob: 87408cf96832de7767267258a69842353ef4af75 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# Test code for the ACI modules
# Copyright: (c) 2017, Dag Wieers (dagwieers) <dag@wieers.com>
#
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

- name: Test that we have an ACI APIC host, ACI username and ACI password
  fail:
    msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.'
  when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined


# CLEAN ENVIRONMENT
- name: Remove any pre-existing user
  aci_aaa_user: &user_absent
    host: '{{ aci_hostname }}'
    username: '{{ aci_username }}'
    password: '{{ aci_password }}'
    validate_certs: '{{ aci_validate_certs | default(false) }}'
    use_ssl: '{{ aci_use_ssl | default(true) }}'
    use_proxy: '{{ aci_use_proxy | default(true) }}'
    output_level: '{{ aci_output_level | default("info") }}'
    aaa_user: ansible
    state: absent


# ADD USER
- name: Add user (check_mode)
  aci_aaa_user: &user_present
    host: '{{ aci_hostname }}'
    username: '{{ aci_username }}'
    password: '{{ aci_password }}'
    validate_certs: '{{ aci_validate_certs | default(false) }}'
    use_ssl: '{{ aci_use_ssl | default(true) }}'
    use_proxy: '{{ aci_use_proxy | default(true) }}'
    output_level: '{{ aci_output_level | default("info") }}'
    aaa_user: ansible
    description: Ansible test user
    email: ansible@ansible.lan
    enabled: yes
    expiration: never
    expires: no
    first_name: Test
    last_name: User
    phone: 1-234-555-678
  check_mode: yes
  register: cm_add_user

# NOTE: Setting password is not idempotent, see #35544
- name: Add user (normal mode)
  aci_aaa_user:
    <<: *user_present
    aaa_password: 12!Ab:cD!34
  register: nm_add_user

- name: Add user again (check mode)
  aci_aaa_user: *user_present
  check_mode: yes
  register: cm_add_user_again

- name: Add user again (normal mode)
  aci_aaa_user: *user_present
  register: nm_add_user_again

- name: Verify add user
  assert:
    that:
    - cm_add_user.changed == nm_add_user.changed == true
    - cm_add_user_again.changed == nm_add_user_again.changed == false


# MODIFY USER
- name: Modify user (check_mode)
  aci_aaa_user: &user_changed
    host: '{{ aci_hostname }}'
    username: '{{ aci_username }}'
    password: '{{ aci_password }}'
    validate_certs: '{{ aci_validate_certs | default(false) }}'
    use_ssl: '{{ aci_use_ssl | default(true) }}'
    use_proxy: '{{ aci_use_proxy | default(true) }}'
    output_level: '{{ aci_output_level | default("info") }}'
    aaa_user: ansible
    description: Ansible test user for integration tests
    email: aci-ansible@ansible.lan
    expiration: '2123-12-12'
    expires: yes
    phone: 2-345-555-678
  check_mode: yes
  register: cm_modify_user

- name: Modify user (normal mode)
  aci_aaa_user: *user_changed
  register: nm_modify_user

- name: Modify user again (check mode)
  aci_aaa_user: *user_changed
  check_mode: yes
  register: cm_modify_user_again

- name: Modify user again (normal mode)
  aci_aaa_user: *user_changed
  register: nm_modify_user_again

- name: Verify modify user
  assert:
    that:
    - cm_modify_user.changed == nm_modify_user.changed == true
    - cm_modify_user_again.changed == nm_modify_user_again.changed == false


# QUERY ALL USERS
- name: Query all users (check_mode)
  aci_aaa_user: &user_query
    host: '{{ aci_hostname }}'
    username: '{{ aci_username }}'
    password: '{{ aci_password }}'
    validate_certs: '{{ aci_validate_certs | default(false) }}'
    use_ssl: '{{ aci_use_ssl | default(true) }}'
    use_proxy: '{{ aci_use_proxy | default(true) }}'
    output_level: '{{ aci_output_level | default("info") }}'
    aaa_user: ansible
    state: query
  check_mode: yes
  register: cm_query_all_users

- name: Query all users (normal mode)
  aci_aaa_user: *user_query
  register: nm_query_all_users

- name: Verify query_all_users
  assert:
    that:
    - cm_query_all_users.changed == nm_query_all_users.changed == false
    # NOTE: Order of users is not stable between calls
    #- cm_query_all_users == nm_query_all_users


# QUERY OUR USER
- name: Query our user (check_mode)
  aci_aaa_user:
    <<: *user_query
  check_mode: yes
  register: cm_query_user

- name: Query our user (normal mode)
  aci_aaa_user:
    <<: *user_query
  register: nm_query_user

- name: Verify query_user
  assert:
    that:
    - cm_query_user.changed == nm_query_user.changed == false
    - cm_query_user == nm_query_user


# REMOVE USER
- name: Remove user (check_mode)
  aci_aaa_user: *user_absent
  check_mode: yes
  register: cm_remove_user

- name: Remove user (normal mode)
  aci_aaa_user: *user_absent
  register: nm_remove_user

- name: Remove user again (check_mode)
  aci_aaa_user: *user_absent
  check_mode: yes
  register: cm_remove_user_again

- name: Remove user again (normal mode)
  aci_aaa_user: *user_absent
  register: nm_remove_user_again

- name: Verify remove_user
  assert:
    that:
    - cm_remove_user.changed == nm_remove_user.changed == true
    - cm_remove_user_again.changed == nm_remove_user_again.changed == false