def add(isamAppliance, realm, subsection, check_mode=False, force=False):
"""
Add kerberos realm's subsection
:param isamAppliance:
:return:
"""
check_realm = realms.search(isamAppliance, realm)
if check_realm == {}:
return isamAppliance.create_return_object(warnings=["Kerberos realm: {0} not found".format(realm)])
check_subsection = _check(isamAppliance, realm, subsection)
if check_subsection is True and force is False:
return isamAppliance.create_return_object(
warnings=["Kerberos subsection {1} in realm: {0} already exists".format(realm, subsection)])
if force is True or check_subsection is False:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
return isamAppliance.invoke_post("Add kerberos realm's subsection", "{0}/{1}".format(uri, realm),
{
"subsection": subsection
},
requires_modules=requires_modules, requires_version=requires_version)
return isamAppliance.create_return_object()
def delete(isamAppliance, realm, propname, subsection=None, check_mode=False, force=False):
"""
Remove kerberos realms property
:param isamAppliance:
:return:
"""
if realms.search(isamAppliance, realm) == {}:
return isamAppliance.create_return_object(warnings=["Realm: {0} does not exists: ".format(realm)])
if subsection is None:
uriprop = realm
else:
uriprop = "{0}/{1}".format(realm, subsection)
logger.debug(" Remove param uri = {0}/{1}/{2}".format(uri, uriprop, propname))
ret_obj = search(isamAppliance, realm, propname, subsection)
if ret_obj['data'] == {} and force is False:
return isamAppliance.create_return_object(
warnings=["property: {0} not found or force is: {1}".format(propname, force)])
else:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
return isamAppliance.invoke_delete(description="Delete kerberos realm prop ",
uri="{0}/{1}/{2}".format(uri, uriprop, propname),
requires_modules=requires_modules, requires_version=requires_version)
def add(isamAppliance, realm, propname, propvalue, subsection=None, check_mode=False, force=False):
"""
Add kerberos realm's property
realm and subsection if passed needs to exist
:param isamAppliance:
:return:
"""
if subsection is None:
uriprop = realm
else:
uriprop = "{0}/{1}".format(realm, subsection)
if realms.search(isamAppliance, realm) == {}:
return isamAppliance.create_return_object(warnings=["Realm: {0} does not exists: ".format(realm)])
if subsection is not None and subsections._check(isamAppliance, realm, subsection) is False:
return isamAppliance.create_return_object(
warnings=["Subsection: {0}/{1} does not exists.".format(realm, subsection)])
if _check(isamAppliance, realm, propname, propvalue, subsection) is True and force is False:
return isamAppliance.create_return_object(
warnings=["Property: {0} with value: {1} already exists: ".format(uriprop, propvalue)])
if force is True or _check(isamAppliance, realm, propname, propvalue, subsection) is False:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
return isamAppliance.invoke_post("Add kerberos real property", "{0}/{1}".format(uri, uriprop),
{
"name": propname,
"value": propvalue
},
requires_modules=requires_modules, requires_version=requires_version)
return isamAppliance.create_return_object()
def update(isamAppliance, realm, propname, propvalue, subsection=None, check_mode=False, force=False):
"""
Set kerberos realm property
:param isamAppliance:
:return:
"""
if subsection is None:
uriprop = realm
else:
uriprop = "{0}/{1}".format(realm, subsection)
if realms.search(isamAppliance, realm) == {}:
return isamAppliance.create_return_object(warnings=["Realm: {0} does not exists: ".format(realm)])
if subsection is not None and subsections._check(isamAppliance, realm, subsection) is False:
return isamAppliance.create_return_object(
warnings=["Subsection: {0}/{1} does not exists.".format(realm, subsection)])
ret_obj = search(isamAppliance, realm, propname, subsection)
warnings = ret_obj["warnings"]
if ret_obj["data"] == {}:
warnings.append("Property {0} not found, skipping update.".format(propname))
return isamAppliance.create_return_object(warnings=warnings)
needs_update = False
json_data = {
"name": "{0} = {1}".format(propname, propvalue)
}
if force is not True:
import ibmsecurity.utilities.tools
if ibmsecurity.utilities.tools.json_sort(ret_obj['data']) != ibmsecurity.utilities.tools.json_sort(
json_data):
needs_update = True
if force is True or needs_update is True:
if check_mode is True:
return isamAppliance.create_return_object(changed=True, warnings=warnings)
else:
idval = "/{0}/{1}".format(uriprop, propname)
return isamAppliance.invoke_put(description="Add kerberos param value",
uri="{0}/{1}/{2}".format(uri, uriprop, propname),
data={
"id": idval,
"value": propvalue
},
requires_modules=requires_modules, requires_version=requires_version,
warnings=warnings)
return isamAppliance.create_return_object(warnings=warnings)
def delete(isamAppliance, realm, subsection, check_mode=False, force=False):
"""
Remove kerberos realms subsection
:param isamAppliance:
:return:
"""
logger.debug(" Remove param uri = {0}/{1}/{2}".format(uri, realm, subsection))
if realms.search(isamAppliance, realm) == {} and force is False:
return isamAppliance.create_return_object(warnings=["Realm: {0} does not exists: ".format(realm)])
if _check(isamAppliance, realm, subsection) is False and force is False:
return isamAppliance.create_return_object(warnings=["subsection: {0} not found".format(subsection)])
else:
if check_mode is True:
return isamAppliance.create_return_object(changed=True)
else:
return isamAppliance.invoke_delete(description="Delete kerberos realm subsection ",
uri="{0}/{1}/{2}".format(uri, realm, subsection),
requires_modules=requires_modules, requires_version=requires_version)
def set(isamAppliance, realm, propname, propvalue, subsection=None, check_mode=False, force=False):
"""
Set kerberos realm property
:param isamAppliance:
:return:
"""
if realms.search(isamAppliance, realm) == {}:
return isamAppliance.create_return_object(warnings=["Realm: {0} does not exists: ".format(realm)])
if subsection is not None and subsections._check(isamAppliance, realm, subsection) is False:
return isamAppliance.create_return_object(
warnings=["Subsection: {0}/{1} does not exists.".format(realm, subsection)])
ret_obj = search(isamAppliance, realm, propname, subsection)
if ret_obj["data"] == {}:
return add(isamAppliance, realm, propname, propvalue, subsection, check_mode, force=True)
return update(isamAppliance, realm, propname, propvalue, subsection, check_mode, force)
