add role permission

resmo · resmo · commit 4e206918ee08 · 2024-11-24T17:32:33.000+01:00
diff --git a/tests/integration/targets/role_permission/aliases b/tests/integration/targets/role_permission/aliases
@@ -0,0 +1,3 @@
+cloud/cs
+cs/group2
+cs/group3
diff --git a/tests/integration/targets/role_permission/meta/main.yml b/tests/integration/targets/role_permission/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - cs_common
diff --git a/tests/integration/targets/role_permission/tasks/main.yml b/tests/integration/targets/role_permission/tasks/main.yml
@@ -0,0 +1,290 @@
+---
+- name: pre-setup
+  ngine_io.cloudstack.role:
+    name: "testRole"
+  register: testRole
+- name: verify pre-setup
+  assert:
+    that:
+      - testRole is successful
+
+- name: setup
+  ngine_io.cloudstack.role_permission:
+    name: "fakeRolePerm"
+    role: "{{ testRole.id }}"
+    state: absent
+  register: roleperm
+- name: verify setup
+  assert:
+    that:
+
+- name: setup2
+  ngine_io.cloudstack.role_permission:
+    name: "fakeRolePerm2"
+    role: "{{ testRole.id }}"
+    state: absent
+  register: roleperm2
+- name: verify setup2
+  assert:
+    that:
+      - roleperm2 is successful
+
+- name: test fail if missing name
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if missing name
+  assert:
+    that:
+      - roleperm is failed
+      - 'roleperm.msg == "missing required arguments: name"'
+
+- name: test fail if missing role
+  ngine_io.cloudstack.role_permission:
+    name: "fakeRolePerm"
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if missing role
+  assert:
+    that:
+      - roleperm is failed
+      - 'roleperm.msg == "missing required arguments: role"'
+
+- name: test fail if role does not exist
+  ngine_io.cloudstack.role_permission:
+    name: "fakeRolePerm"
+    role: "testtest"
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if role does not exist
+  assert:
+    that:
+      - roleperm is failed
+      - roleperm.msg == "Role 'testtest' not found"
+
+- name: test fail if state is incorrcect
+  ngine_io.cloudstack.role_permission:
+    state: badstate
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: allow
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if state is incorrcect
+  assert:
+    that:
+      - roleperm is failed
+      - 'roleperm.msg == "value of state must be one of: present, absent, got: badstate"'
+
+- name: test create role permission in check mode
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: allow
+    description: "fakeRolePerm description"
+  register: roleperm
+  check_mode: yes
+- name: verify results of role permission in check mode
+  assert:
+    that:
+      - roleperm is changed
+
+- name: test create role permission
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: allow
+    description: "fakeRolePerm description"
+  register: roleperm
+- name: verify results of role permission
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+      - roleperm.permission == "allow"
+      - roleperm.description == "fakeRolePerm description"
+
+- name: test create role permission idempotency
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: allow
+    description: "fakeRolePerm description"
+  register: roleperm
+- name: verify results of role permission idempotency
+  assert:
+    that:
+      - roleperm is not changed
+      - roleperm.name == "fakeRolePerm"
+      - roleperm.permission == "allow"
+      - roleperm.description == "fakeRolePerm description"
+
+- name: test update role permission in check_mode
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: deny
+    description: "fakeRolePerm description"
+  register: roleperm
+  check_mode: yes
+- name: verify results of update role permission in check mode
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+      - roleperm.permission == "allow"
+      - roleperm.description == "fakeRolePerm description"
+
+- name: test update role permission
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: deny
+    description: "fakeRolePerm description"
+  register: roleperm
+- name: verify results of update role permission
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+      - roleperm.permission == "deny"
+      - roleperm.description == "fakeRolePerm description"
+
+- name: test update role permission idempotency
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: deny
+    description: "fakeRolePerm description"
+  register: roleperm
+- name: verify results of update role permission idempotency
+  assert:
+    that:
+      - roleperm is not changed
+      - roleperm.name == "fakeRolePerm"
+      - roleperm.permission == "deny"
+      - roleperm.description == "fakeRolePerm description"
+
+- name: test create a second role permission
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm2"
+    permission: allow
+  register: roleperm2
+- name: verify results of create a second role permission
+  assert:
+    that:
+      - roleperm2 is successful
+      - roleperm2 is changed
+      - roleperm2.name == "fakeRolePerm2"
+
+- name: test update rules order in check_mode
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    parent: "{{ roleperm2.id }}"
+  register: roleperm
+  check_mode: true
+- name: verify results of update rule order check mode
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+
+- name: test update rules order
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    parent: "{{ roleperm2.id }}"
+  register: roleperm
+- name: verify results of update rule order
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+
+- name: test update rules order to the top of the list
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    parent: 0
+  register: roleperm
+- name: verify results of update rule order to the top of the list
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+
+- name: test update rules order with parent NAME
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    parent: "{{ roleperm2.name }}"
+  register: roleperm
+- name: verify results of update rule order with parent NAME
+  assert:
+    that:
+      - roleperm is changed
+      - roleperm.name == "fakeRolePerm"
+
+- name: test fail if permission AND parent args are present
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    permission: allow
+    parent: 0
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if permission AND parent args are present
+  assert:
+    that:
+      - roleperm is failed
+      - 'roleperm.msg == "parameters are mutually exclusive: permission|parent"'
+
+- name: test fail if parent does not exist
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    parent: "badParent"
+  register: roleperm
+  ignore_errors: true
+- name: verify results of fail if parent does not exist
+  assert:
+    that:
+      - roleperm is failed
+      - roleperm.msg == "Parent rule 'badParent' not found"
+
+- name: test remove role permission in check_mode
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    state: absent
+  register: roleperm
+  check_mode: true
+- name: verify results of rename role permission in check_mode
+  assert:
+    that:
+      - roleperm is changed
+
+- name: test remove role permission
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm"
+    state: absent
+  register: roleperm
+- name: verify results of remove role permission
+  assert:
+    that:
+      - roleperm is changed
+
+- name: remove second role permission
+  ngine_io.cloudstack.role_permission:
+    role: "{{ testRole.id }}"
+    name: "fakeRolePerm2"
+    state: absent
+  register: roleperm
+- name: verify results of remove second role permission
+  assert:
+    that:
+      - roleperm is changed

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+cloud/cs`
	`2`	`+cs/group2`
	`3`	`+cs/group3`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+---`
	`2`	`+dependencies:`
	`3`	`+ - cs_common`