diff --git a/plugins/modules/clickhouse_user.py b/plugins/modules/clickhouse_user.py index 4fb7fcb..380b443 100644 --- a/plugins/modules/clickhouse_user.py +++ b/plugins/modules/clickhouse_user.py @@ -82,10 +82,11 @@ type: list elements: str version_added: '0.5.0' - default_role: + default_roles: description: - - Grants and sets the role as default for the user. - type: str + - Grants and sets the role(s) as default for the user. + type: list + elements: str version_added: '0.6.0' ''' @@ -99,7 +100,9 @@ name: test_user password: qwerty type_password: sha256_password - default_role: accountant + default_roles: + - accountant + - manager - name: If user exists, update password community.clickhouse.clickhouse_user: @@ -213,19 +216,20 @@ def create(self): if not self.module.check_mode: execute_query(self.module, self.client, query) - if self.module.params['default_role']: - self.__grant_role(self.module.params['default_role']) - self.__set_default_role(self.module.params['default_role']) + if self.module.params['default_roles']: + self.__grant_role(self.module.params['default_roles']) + self.__set_default_roles(self.module.params['default_roles']) return True def update(self, update_password): - if self.module.params['default_role']: - default_role = self.module.params['default_role'] + if self.module.params['default_roles']: + default_roles = self.module.params['default_roles'] - if default_role not in self.default_roles_list: - self.__grant_role(default_role) - self.__set_default_role(default_role) + for role in default_roles: + if role not in self.default_roles_list: + self.__grant_role(role) + self.__set_default_roles(role) if update_password == 'on_create': return False or self.changed @@ -264,7 +268,7 @@ def __grant_role(self, role): self.changed = True - def __set_default_role(self, role): + def __set_default_roles(self, role): query = "SET DEFAULT ROLE %s TO %s" % (role, self.name) executed_statements.append(query) @@ -287,7 +291,7 @@ def main(): default='on_create', no_log=False ), settings=dict(type='list', elements='str'), - default_role=dict(type='str', default=None), + default_roles=dict(type='list', elements='str', default=None), ) # Instantiate an object of module class diff --git a/tests/integration/targets/clickhouse_user/tasks/initial.yml b/tests/integration/targets/clickhouse_user/tasks/initial.yml index a5ff9b7..b4d1751 100644 --- a/tests/integration/targets/clickhouse_user/tasks/initial.yml +++ b/tests/integration/targets/clickhouse_user/tasks/initial.yml @@ -130,7 +130,7 @@ - result is changed - result.executed_statements != [] -# Test default_role argument +# Test default_roles argument - name: Create test roles loop: - accountant @@ -144,7 +144,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: accountant + default_roles: + - accountant - name: Check ret values ansible.builtin.assert: @@ -168,7 +169,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: accountant + default_roles: + - accountant - name: Check ret values ansible.builtin.assert: @@ -193,7 +195,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: sales + default_roles: + - sales - name: Check ret values ansible.builtin.assert: @@ -217,7 +220,7 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: sales + default_roles: sales - name: Check ret values ansible.builtin.assert: @@ -241,7 +244,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: sales + default_roles: + - sales - name: Check ret values ansible.builtin.assert: @@ -255,7 +259,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: sales + default_roles: + - sales - name: Check ret values ansible.builtin.assert: @@ -268,7 +273,8 @@ community.clickhouse.clickhouse_user: state: present name: test_user - default_role: accountant + default_roles: + - accountant - name: Check ret values ansible.builtin.assert: