diff --git a/database/mongodb_user b/database/mongodb_user index 0b74a48c443..b69b0d2bb0e 100644 --- a/database/mongodb_user +++ b/database/mongodb_user @@ -64,7 +64,7 @@ options: version_added: "1.3" description: - The database user roles valid values are one or more of the following: "read", "readWrite", "dbAdmin", "userAdmin", "clusterAdmin", "readAnyDatabase", "readWriteAnyDatabase", "userAdminAnyDatabase", "dbAdminAnyDatabase" - - This param requires mongodb 2.4+ + - This param requires mongodb 2.4+ and pymongo 2.5+ required: false default: "readWrite" state: @@ -88,7 +88,7 @@ EXAMPLES = ''' # Delete 'burgers' database user with name 'bob'. - mongodb_user: database=burgers name=bob state=absent -# Define more users with various specific roles (default is 'readWrite') +# Define more users with various specific roles (if not defined, no roles is assigned, and the user will be added via pre mongo 2.2 style) - mongodb_user: database=burgers name=ben password=12345 roles='read' state=present - mongodb_user: database=burgers name=jim password=12345 roles='readWrite,dbAdmin,userAdmin' state=present - mongodb_user: database=burgers name=joe password=12345 roles='readWriteAnyDatabase' state=present @@ -113,12 +113,18 @@ else: # MongoDB module specific support methods. # -def user_add(client, db_name, user, password, roles): +def user_add(module, client, db_name, user, password, roles): try: - db = client[db_name] - db.add_user(user, password, None, roles=roles) + db = client[db_name] + if roles is None: + db.add_user(user, password, False) + else: + try: + db.add_user(user, password, None, roles=roles) + except: + module.fail_json(msg='"problem adding user; you must be on mongodb 2.4+ and pymongo 2.5+ to use the roles param"') except OperationFailure: - return False + return False return True @@ -162,7 +168,7 @@ def main(): database=dict(required=True, aliases=['db']), user=dict(required=True, aliases=['name']), password=dict(aliases=['pass']), - roles=dict(default=['readWrite'], type='list'), + roles=dict(default=None, type='list'), state=dict(default='present', choices=['absent', 'present']), ) ) @@ -199,7 +205,7 @@ def main(): if state == 'present': if password is None: module.fail_json(msg='password parameter required when adding a user') - if user_add(client, db_name, user, password, roles) is not True: + if user_add(module, client, db_name, user, password, roles) is not True: module.fail_json(msg='Unable to add or update user, check login_user and login_password are correct and that this user has access to the admin collection') elif state == 'absent': if user_remove(client, db_name, user) is not True: