---
- name: Test selfservice
hosts: ipaserver
become: true
tasks:
# CLEANUP TEST ITEMS
- name: Ensure selfservice "Users can manage their own name details" is absent
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absent
# CREATE TEST ITEMS
# TESTS
- name: Ensure selfservice "Users can manage their own name details" is present
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: write
attribute:
- givenname
- displayname
- title
register: result
failed_when: not result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" is present again
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: write
attribute:
- givenname
- displayname
- title
register: result
failed_when: result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" is present with different attribute initials
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: write
attribute:
- initials
register: result
failed_when: not result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" is present with different attribute initials again
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: write
attribute:
- initials
register: result
failed_when: result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" member attributes givenname, displayname and title are present
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- givenname
- displayname
- title
action: member
register: result
failed_when: not result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" member attributes givenname, displayname and title are present again
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- givenname
- displayname
- title
action: member
register: result
failed_when: result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" member attribute title is absent
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- title
action: member
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" member attribute title is absent again
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- title
action: member
state: absent
register: result
failed_when: result.changed or result.failed
# TEST permission change
- name: Ensure selfservice "Users can manage their own name details" is present with different read,write permission
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read,write
register: result
failed_when: not result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" is present with different read,write permission again
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read,write
register: result
failed_when: result.changed or result.failed
- name: Ensure selfservice "Users can manage their own name details" fails with bad permission read,read
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read,read
register: result
failed_when: not result.failed or "Invalid permission" not in result.msg
- name: Ensure selfservice "Users can manage their own name details" fails with bad permission read,write,write
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read,write,write
register: result
failed_when: not result.failed or "Invalid permission" not in result.msg
- name: Ensure selfservice "Users can manage their own name details" fails with bad attribute title,title
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- title
- title
register: result
failed_when: not result.failed or "Invalid attribute" not in result.msg
# CLEANUP TEST ITEMS
- name: Ensure selfservice "Users can manage their own name details" is absent
ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absent