commit 7ae6b240dffcd44f183b8c26efae72003faaeff7
author Jakub Josef <jakub.josef@gmail.com> Wed Dec 14 14:41:44 2016 +0100
committer Jakub Josef <jakub.josef@gmail.com> Wed Dec 14 14:41:44 2016 +0100
tree c2eb40af2a0874cac0f5e48ebe7b9781850909e8
parent 98123aba83c4409dcb294799ba53d3585a658dfb

Implemented existence checking in user state.

_modules/jenkins_common.py

diff --git a/_modules/jenkins_common.py b/_modules/jenkins_common.py
index e4ae5d8..493aebe 100644
--- a/_modules/jenkins_common.py
+++ b/_modules/jenkins_common.py
@@ -6,12 +6,18 @@
 logger = logging.getLogger(__name__)
 
 
-def call_groovy_script(script, props):
+def call_groovy_script(script, props, username=None, password=None, success_status_codes=[200]):
     """
     Common method for call Jenkins groovy script API
 
-    :param script groovy script template
-    :param props groovy script properties
+    :param script: groovy script template
+    :param props: groovy script properties
+    :param username: jenkins username (optional,
+            if missing creds from sall will be used)
+    :param password: jenkins password (optional,
+            if missing creds from sall will be used)
+    :param success_status_codes: success response status code
+            (optional) in some cases we want to declare error call as success
     :returns: HTTP dict {status,code,msg}
     """
     ret = {
@@ -20,6 +26,11 @@
         "msg": ""
     }
     jenkins_url, jenkins_user, jenkins_password = get_jenkins_auth()
+    if username:
+        jenkins_user = username
+    if password:
+        jenkins_password = password
+
     if not jenkins_url:
         raise SaltInvocationError('No Jenkins URL found.')
 
@@ -33,7 +44,7 @@
                         auth=(jenkins_user, jenkins_password),
                         data=req_data)
     ret["code"] = req.status_code
-    if req.status_code == 200:
+    if req.status_code in success_status_codes:
         ret["status"] = "SUCCESS"
         ret["msg"] = req.text
         logger.debug("Jenkins script API call success: %s", ret)
@@ -72,15 +83,15 @@
                             auth=(jenkins_user, jenkins_password) if jenkins_user else None)
     if tokenReq.status_code == 200:
         return tokenReq.json()
-    elif tokenReq.status_code == 404:
-        # 404 means CSRF security is disabled, so api crumb is not necessary
+    elif tokenReq.status_code in [404, 401]:
+        # 404 means CSRF security is disabled, so api crumb is not necessary,
+        # 401 means unauthorized
         return None
     else:
         raise Exception("Cannot obtain Jenkins API crumb. Status code: %s. Text: %s" %
                         (tokenReq.status_code, tokenReq.text))
 
 
-
 def get_jenkins_auth():
     """
     Get jenkins params from salt

_states/jenkins_user.py

diff --git a/_states/jenkins_user.py b/_states/jenkins_user.py
index 29a2f64..6f37ec3 100644
--- a/_states/jenkins_user.py
+++ b/_states/jenkins_user.py
@@ -13,7 +13,7 @@
 instance.setAuthorizationStrategy(strategy)
 instance.save()
 print(result)
-"""  #noqa
+"""  # noqa
 
 
 create_user_groovy = u"""\
@@ -21,7 +21,6 @@
 print(result)
 """  # noqa
 
-
 def present(name, username, password, admin=False):
     """
     Main jenkins users state method
@@ -45,15 +44,29 @@
         ret['changes'][username] = status
         ret['comment'] = 'User %s %s' % (username, status.lower())
     else:
-        call_result = __salt__['jenkins_common.call_groovy_script'](create_admin_groovy if admin else create_user_groovy, {"username": username, "password":password})
-        if call_result["code"] == 200 and call_result["msg"].count(username) == 1:
-            status = "CREATED" if not admin else "ADMIN CREATED"
-            ret['changes'][username] = status
+        # try to call jenkins script api with given user and password to prove
+        # his existence
+        user_exists_result = __salt__['jenkins_common.call_groovy_script'](
+            "print(\"TEST\")", {"username": username}, username, password,[200, 401])
+        user_exists = user_exists_result and user_exists_result[
+            "code"] == 200 and user_exists_result["msg"].count("TEST") == 1
+        if not user_exists:
+            call_result = __salt__['jenkins_common.call_groovy_script'](
+                create_admin_groovy if admin else create_user_groovy, {"username": username, "password": password})
+            if call_result["code"] == 200 and call_result["msg"].count(username) == 1:
+                status = "CREATED" if not admin else "ADMIN CREATED"
+                ret['changes'][username] = status
+                ret['comment'] = 'User %s %s' % (username, status.lower())
+                result = True
+            else:
+                status = 'FAILED'
+                logger.error("Jenkins user API call failure: %s",
+                             call_result["msg"])
+                ret['comment'] = 'Jenkins user API call failure: %s' % (call_result[
+                                                                        "msg"])
+        else:
+            status = "EXISTS"
             ret['comment'] = 'User %s %s' % (username, status.lower())
             result = True
-        else:
-            status = 'FAILED'
-            logger.error("Jenkins user API call failure: %s", call_result["msg"])
-            ret['comment'] = 'Jenkins user API call failure: %s' % (call_result["msg"])
     ret['result'] = None if test else result
     return ret