def __init__(self, url, key_file=None, cert_file=None, debug=False):
"""LXD Client.
:param url: The URL of the LXD server. (e.g. unix:/var/lib/lxd/unix.socket or https://127.0.0.1)
:type url: ``str``
:param key_file: The path of the client certificate key file.
:type key_file: ``str``
:param cert_file: The path of the client certificate file.
:type cert_file: ``str``
:param debug: The debug flag. The request and response are stored in logs when debug is true.
:type debug: ``bool``
"""
self.url = url
self.debug = debug
self.logs = []
if url.startswith('https:'):
self.cert_file = cert_file
self.key_file = key_file
parts = generic_urlparse(urlparse(self.url))
ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
ctx.load_cert_chain(cert_file, keyfile=key_file)
self.connection = HTTPSConnection(parts.get('netloc'), context=ctx)
elif url.startswith('unix:'):
unix_socket_path = url[len('unix:'):]
self.connection = UnixHTTPConnection(unix_socket_path)
else:
raise LXDClientException('URL scheme must be unix: or https:')
def __init__(self, url, key_file=None, cert_file=None, debug=False):
"""LXD Client.
:param url: The URL of the LXD server. (e.g. unix:/var/lib/lxd/unix.socket or https://127.0.0.1)
:type url: ``str``
:param key_file: The path of the client certificate key file.
:type key_file: ``str``
:param cert_file: The path of the client certificate file.
:type cert_file: ``str``
:param debug: The debug flag. The request and response are stored in logs when debug is true.
:type debug: ``bool``
"""
self.url = url
self.debug = debug
self.logs = []
if url.startswith('https:'):
self.cert_file = cert_file
self.key_file = key_file
parts = generic_urlparse(urlparse(self.url))
ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
ctx.load_cert_chain(cert_file, keyfile=key_file)
self.connection = HTTPSConnection(parts.get('netloc'), context=ctx)
elif url.startswith('unix:'):
unix_socket_path = url[len('unix:'):]
self.connection = UnixHTTPConnection(unix_socket_path)
else:
raise LXDClientException('URL scheme must be unix: or https:')
def test_generic_urlparse():
url = 'https://ansible.com/blog'
parts = urlparse(url)
generic_parts = generic_urlparse(parts)
assert generic_parts.as_list() == list(parts)
assert urlunparse(generic_parts.as_list()) == url
def test_generic_urlparse_no_netloc_no_host():
url = '/blog'
parts = list(urlparse(url))
generic_parts = generic_urlparse(parts)
assert generic_parts.username is None
assert generic_parts.password is None
assert generic_parts.port is None
assert generic_parts.hostname == ''
def test_generic_urlparse_netloc():
url = 'https://ansible.com:443/blog'
parts = urlparse(url)
generic_parts = generic_urlparse(parts)
assert generic_parts.hostname == parts.hostname
assert generic_parts.hostname == 'ansible.com'
assert generic_parts.port == 443
assert urlunparse(generic_parts.as_list()) == url
def test_generic_urlparse_no_netloc():
url = 'https://*****:*****@ansible.com:443/blog'
parts = list(urlparse(url))
generic_parts = generic_urlparse(parts)
assert generic_parts.hostname == 'ansible.com'
assert generic_parts.port == 443
assert generic_parts.username == 'user'
assert generic_parts.password == 'passwd'
assert urlunparse(generic_parts.as_list()) == url
def __del__(self):
if self.last_url is None:
return
token = self.request.headers.get('X-F5-Auth-Token', None)
if not token:
return
p = generic_urlparse(urlparse(self.last_url))
uri = "https://{0}:{1}/mgmt/shared/authz/tokens/{2}".format(
p['hostname'], p['port'], token)
self.delete(uri)
def _normalize_url(self, url):
'''
The hostname in URLs from vmware may be ``*`` update it accordingly
'''
url_parts = generic_urlparse(urlparse(url))
if url_parts.hostname == '*':
if url_parts.port:
url_parts.netloc = '%s:%d' % (self.params['hostname'], url_parts.port)
else:
url_parts.netloc = self.params['hostname']
return urlunparse(url_parts.as_list())
def __del__(self):
if self.last_url is None:
return
token = self.request.headers.get('X-F5-Auth-Token', None)
if not token:
return
try:
p = generic_urlparse(urlparse(self.last_url))
uri = "https://{0}:{1}{2}{3}".format(p['hostname'], p['port'],
LOGOUT, token)
self.delete(uri)
except ValueError:
pass
def _normalize_url(self, url):
"""
The hostname in URLs from vmware may be ``*`` update it accordingly
"""
url_parts = generic_urlparse(urlparse(url))
if url_parts.hostname == "*":
if url_parts.port:
url_parts.netloc = "%s:%d" % (
self.params["hostname"],
url_parts.port,
)
else:
url_parts.netloc = self.params["hostname"]
return urlunparse(url_parts.as_list())
def run_module():
# define available arguments/parameters a user can pass to the module
module_args = dict(
admin_url=dict(type='str', required=False, deafult='https://localhost:6082'),
ranger_user=dict(type='str', required=True),
ranger_user_password=dict(type='str', required=True),
policy_type=dict(choices=['hbase', 'hdfs', 'hive', 'kafka', 'knox', 'yarn'], required=True, default=None),
service_name=dict(type='str', required=True),
policy_name=dict(type='str', required=True),
state=dict(type='str', required=False, default='present'),
description=dict(type='str', required=False),
resources=dict(type='list', required=False),
accesses=dict(type='str', required=False),
users=dict(type='list', required=False),
groups=dict(type='list', required=False),
delegate_admin=dict(type='bool', required=False, default=False),
is_recursive=dict(type='bool', required=False, default=False),
is_enabled=dict(type='bool', required=False, default=True),
is_audit_enabled=dict(type='bool', required=False, default=True),
)
# seed the result dict in the object
# we primarily care about changed and state
# change is if this module effectively modified the target
# state will include any data that you want your module to pass back
# for consumption, for example, in a subsequent task
result = dict(
changed=False,
original_message='',
message=''
)
# the AnsibleModule object will be our abstraction working with Ansible
# this includes instantiation, a couple of common attr would be the
# args/params passed to the execution, as well as if the module
# supports check mode
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True
)
# if the user is working with this module in only check mode we do not
# want to make any changes to the environment, just return the current
# state with no modifications
if module.check_mode:
return result
# manipulate or modify the state as needed (this is going to be the
# part where your module will do what it needs to do)
urlParts = generic_urlparse(urlparse(module.params['admin_url']))
rangerApi = RangerApi(urlParts['scheme'], urlParts['hostname'], str(urlParts['port']), "basic")
rangerApi.setCredentialsBasic(module.params['ranger_user'], module.params['ranger_user_password'])
if(module.params['state'] == "present"):
rangerApi.postApplyPolicy(policyTemplateType = module.params['policy_type'],
serviceName = module.params['service_name'],
policyName = module.params['policy_name'],
description = module.params['description'],
resources = module.params['resources'],
isRecursive = module.params['is_recursive'],
users = module.params['users'],
groups = module.params['groups'],
accesses = module.params['accesses'])
if(module.params['state'] == "absent"):
rangerApi.deleteDeletePolicyByServiceAndPolicyName(module.params['service_name'], module.params['policy_name'])
# use whatever logic you need to determine whether or not this module
# made any modifications to your target
# TODO
# if module.params['new']:
# result['changed'] = True
# during the execution of the module, if there is an exception or a
# conditional state that effectively causes a failure, run
# AnsibleModule.fail_json() to pass in the message and the result
# TODO
# if module.params['name'] == 'fail me':
# module.fail_json(msg='You requested this to fail', **result)
# in the event of a successful module execution, you will want to
# simple AnsibleModule.exit_json(), passing the key/value results
module.exit_json(**result)
def test_generic_urlparse_no_netloc_no_auth():
url = 'https://ansible.com:443/blog'
parts = list(urlparse(url))
generic_parts = generic_urlparse(parts)
assert generic_parts.username is None
assert generic_parts.password is None
