|
|
|
|
@ -71,7 +71,7 @@ options:
|
|
|
|
|
object_type:
|
|
|
|
|
description:
|
|
|
|
|
- "The object where the permissions should be managed."
|
|
|
|
|
default: 'virtual_machine'
|
|
|
|
|
default: 'vm'
|
|
|
|
|
choices: [
|
|
|
|
|
'data_center',
|
|
|
|
|
'cluster',
|
|
|
|
|
@ -82,13 +82,22 @@ options:
|
|
|
|
|
'vm',
|
|
|
|
|
'vm_pool',
|
|
|
|
|
'template',
|
|
|
|
|
'cpu_profile',
|
|
|
|
|
'disk_profile',
|
|
|
|
|
'vnic_profile',
|
|
|
|
|
'system',
|
|
|
|
|
]
|
|
|
|
|
user_name:
|
|
|
|
|
description:
|
|
|
|
|
- "Username of the the user to manage. In most LDAPs it's I(uid) of the user, but in Active Directory you must specify I(UPN) of the user."
|
|
|
|
|
- "Username of the the user to manage. In most LDAPs it's I(uid) of the user,
|
|
|
|
|
but in Active Directory you must specify I(UPN) of the user."
|
|
|
|
|
- "Note that if user don't exist in the system this module will fail,
|
|
|
|
|
you should ensure the user exists by using M(ovirt_users) module."
|
|
|
|
|
group_name:
|
|
|
|
|
description:
|
|
|
|
|
- "Name of the the group to manage."
|
|
|
|
|
- "Note that if group don't exist in the system this module will fail,
|
|
|
|
|
you should ensure the group exists by using M(ovirt_groups) module."
|
|
|
|
|
authz_name:
|
|
|
|
|
description:
|
|
|
|
|
- "Authorization provider of the user/group. In previous versions of oVirt known as domain."
|
|
|
|
|
@ -137,6 +146,9 @@ permission:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _objects_service(connection, object_type):
|
|
|
|
|
if object_type == 'system':
|
|
|
|
|
return connection.system_service()
|
|
|
|
|
|
|
|
|
|
return getattr(
|
|
|
|
|
connection.system_service(),
|
|
|
|
|
'%ss_service' % object_type,
|
|
|
|
|
@ -147,6 +159,8 @@ def _objects_service(connection, object_type):
|
|
|
|
|
def _object_service(connection, module):
|
|
|
|
|
object_type = module.params['object_type']
|
|
|
|
|
objects_service = _objects_service(connection, object_type)
|
|
|
|
|
if object_type == 'system':
|
|
|
|
|
return objects_service
|
|
|
|
|
|
|
|
|
|
object_id = module.params['object_id']
|
|
|
|
|
if object_id is None:
|
|
|
|
|
@ -232,7 +246,7 @@ def main():
|
|
|
|
|
),
|
|
|
|
|
role=dict(default='UserRole'),
|
|
|
|
|
object_type=dict(
|
|
|
|
|
default='virtual_machine',
|
|
|
|
|
default='vm',
|
|
|
|
|
choices=[
|
|
|
|
|
'data_center',
|
|
|
|
|
'cluster',
|
|
|
|
|
@ -243,6 +257,10 @@ def main():
|
|
|
|
|
'vm',
|
|
|
|
|
'vm_pool',
|
|
|
|
|
'template',
|
|
|
|
|
'cpu_profile',
|
|
|
|
|
'disk_profile',
|
|
|
|
|
'vnic_profile',
|
|
|
|
|
'system',
|
|
|
|
|
]
|
|
|
|
|
),
|
|
|
|
|
authz_name=dict(required=True, aliases=['domain']),
|
|
|
|
|
@ -258,7 +276,10 @@ def main():
|
|
|
|
|
)
|
|
|
|
|
check_sdk(module)
|
|
|
|
|
|
|
|
|
|
if module.params['object_name'] is None and module.params['object_id'] is None:
|
|
|
|
|
if (
|
|
|
|
|
(module.params['object_name'] is None and module.params['object_id'] is None)
|
|
|
|
|
and module.params['object_type'] != 'system'
|
|
|
|
|
):
|
|
|
|
|
module.fail_json(msg='"object_name" or "object_id" is required')
|
|
|
|
|
|
|
|
|
|
if module.params['user_name'] is None and module.params['group_name'] is None:
|
|
|
|
|
|
Ondra Machacek
8 years ago
committed by