Option to add roles rather than fully redefine the list #739
Description
SUMMARY
When roles attribute is defined, roles are redefined from scratch, not added to existing roles. One should have the choice to update or strict redefine.
ISSUE TYPE
- Feature Idea
COMPONENT NAME
plugin mongodb_user
ADDITIONAL INFORMATION
Idea is to add another attribute (e.g. roles_update, boolean) to toggle the behavior between strict definition or update. Default is set to false, which would reproduce the current behavior.
I suppose the critical parts are in plugins/modules/mongodb_user.py:
- line 310 : the check would not be a strict set equality but an inclusion test
- line 380-390: roles should be updated if needed
- line 380-390: uinfo queried also when in 'always' mode
I can have a crack at it if no maintainer has time, just let me know if I m on the right path/ if I m not missing anything
- name: Roles as a dictionary
community.mongodb.mongodb_user:
login_user: root
login_password: root_password
database: admin
user: oplog_reader
password: oplog_reader_password
state: present
replica_set: belcher
roles_update: true
roles:
- db: local
role: read