Added opportunity to set extra user options.
Change-Id: I191eca8806f92c84896e776ddc8b9263f00947ae
Related-PROD: PROD-28027
diff --git a/_states/keystoneng.py b/_states/keystoneng.py
index 82ce494..36a0d52 100644
--- a/_states/keystoneng.py
+++ b/_states/keystoneng.py
@@ -105,6 +105,7 @@
profile=None,
password_reset=True,
project=None,
+ options=None,
**connection_args):
'''
Ensure that the keystone user is present with the specified properties.
@@ -138,6 +139,9 @@
enabled
Availability state for this user
+ options
+ Dictionary of extra user options.
+
roles
The roles the user should have under given tenants.
Passed as a dictionary mapping tenant names to a list
@@ -182,6 +186,7 @@
change_enabled = False
change_tenant = False
change_password = False
+ change_options = False
if user[name].get('email', None) != email:
change_email = True
@@ -200,7 +205,15 @@
**connection_args)):
change_password = True
- if __opts__.get('test') and (change_email or change_enabled or change_tenant or change_password):
+ if options:
+ options_to_update = {option: options[option] for option in options
+ if (option not in user[name]['options'])
+ or (options[option] != user[name]['options'][option])}
+
+ if len(options_to_update):
+ change_options = True
+
+ if __opts__.get('test') and (change_email or change_enabled or change_tenant or change_password or change_options):
ret['result'] = None
ret['comment'] = 'User "{0}" will be updated'.format(name)
if change_email is True:
@@ -211,6 +224,8 @@
ret['changes']['Tenant'] = 'Will be added to "{0}" tenant'.format(tenant)
if change_password is True:
ret['changes']['Password'] = 'Will be updated'
+ if change_options is True:
+ ret['changes']['Options'] = 'Will be updated'
return ret
ret['comment'] = 'User "{0}" is already present'.format(name)
@@ -236,6 +251,11 @@
ret['comment'] = 'User "{0}" has been updated'.format(name)
ret['changes']['Password'] = 'Updated'
+ if change_options:
+ __salt__['keystoneng.user_update'](name=name, options=options_to_update, profile=profile, **connection_args)
+ ret['comment'] = 'Options has been updated'
+ ret['changes']['Options'] = options_to_update
+
if roles:
for tenant in roles:
args = dict({'user_name': name, 'tenant_name':
@@ -283,6 +303,7 @@
email=email,
tenant_id=tenant_id,
enabled=enabled,
+ options=options,
profile=profile,
**connection_args)
if roles:
diff --git a/_states/keystonev3.py b/_states/keystonev3.py
index a9a2ccd..6962290 100644
--- a/_states/keystonev3.py
+++ b/_states/keystonev3.py
@@ -256,15 +256,23 @@
exact_user = users[0]
user_id = exact_user['id']
changable = (
- 'default_project_id', 'domain_id', 'enabled', 'email'
+ 'default_project_id', 'domain_id', 'enabled', 'email', 'options'
)
if password_reset:
changable += ('password',)
to_update = {}
for key in kwargs:
- if (key in changable and (key not in exact_user or
- kwargs[key] != exact_user[key])):
+ if key in changable:
+ if key == 'options':
+ to_update['options'] = {option: value for option, value in kwargs['options'].items()
+ if (option not in exact_user['options'])
+ or (value != exact_user['options'][option])}
+
+ if not len(to_update['options']):
+ del to_update['options']
+
+ elif key not in exact_user or kwargs[key] != exact_user[key]:
to_update[key] = kwargs[key]
if to_update: