Bug 1571600 - module ovirt_permissions_facts returns only object's name
Summary: module ovirt_permissions_facts returns only object's name
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ansible
Version: 4.2.3
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ovirt-4.3.0
: ---
Assignee: Ondra Machacek
QA Contact: Ivana Saranova
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-25 08:07 UTC by Lucie Leistnerova
Modified: 2019-05-22 12:10 UTC (History)
3 users (show)

Fixed In Version: ansible-2.6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-05-22 12:10:42 UTC
oVirt Team: Infra
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github ansible ansible pull 39721 None None None 2018-05-04 07:25:16 UTC

Description Lucie Leistnerova 2018-04-25 08:07:12 UTC
Description of problem:
Informations about user/group permissions contain only name of specific object (role, vm, template, disk...) and that could be not unique. It should return object at least with id and name.

Version-Release number of selected component (if applicable):
ansible-2.5.0-2.fc27.noarch
ovirt-engine-4.2.3.2-0.1.el7.noarch

How reproducible: always


Steps to Reproduce:
1. run ansible playbook with tasks:

    - name: test
      ovirt_permissions_facts:
        auth: "{{ ovirt_auth }}"
        authz_name: "internal-authz"
        user_name: "admin"
        fetch_nested: False
    - debug:
        var: ovirt_permissions

2. see the output

Actual results:
ok: [my_engine] => {
    "ovirt_permissions": [
        {
            "group": "Everyone", 
            "role": "UserTemplateBasedVm", 
            "template": "Blank"
        },
        {
            "disk": "vm3-01_Disk1", 
            "role": "DiskOperator", 
            "user": "admin"
        }, 
...

Expected results:
ok: [my_engine] => {
    "ovirt_permissions": [
        {
            "group": {
                "id": "eee00000-0000-0000-0000-123456789eee"
                "name" : "Everyone"
            },
            "role": {
                "id": "def00009-0000-0000-0000-def000000009"
                "name": "UserTemplateBasedVm"
            },
            "template": {
                "id": "00000000-0000-0000-0000-000000000000"
                "name": "Blank"
            }
        },
...


Additional info:
In the way how it works now is ansible parameter 'fetch_nested' without use. It makes no difference in output when 'fetch_nested: True' is set.

Comment 1 Ivana Saranova 2019-02-13 14:45:48 UTC
Version-Release number of selected component (if applicable):
ansible-2.7.7-1.el7ae.noarch
ovirt-engine-4.3.0-0.8.rc2.el7.noarch

Steps to Reproduce:
1. run ansible playbook with tasks:

    - name: test
      ovirt_permissions_facts:
        auth: "{{ ovirt_auth }}"
        authz_name: "internal-authz"
        user_name: "admin"
        fetch_nested: False
    - debug:
        var: ovirt_permissions

Result:
ok: [engine] => {
    "ovirt_permissions": [
        {
            "group": "Everyone", 
            "group_id": "eee00000-0000-0000-0000-123456789eee", 
            "role": "UserTemplateBasedVm", 
            "role_id": "def00009-0000-0000-0000-def000000009", 
            "template": "Blank", 
            "template_id": "00000000-0000-0000-0000-000000000000"
        },
         ...


Result objects have unique identification, so I take it as an expected behavior.
Feel free to reopen the bug, if you think this solution is not enough.

Comment 2 Martin Perina 2019-05-22 12:10:42 UTC
Included in Ansible 2.7 delivered by https://errata.devel.redhat.com/advisory/41019


Note You need to log in before you can comment on or make changes to this bug.