1#!/usr/local/bin/python3.8 2from __future__ import (absolute_import, division, print_function) 3# Copyright 2019-2020 Fortinet, Inc. 4# 5# This program is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with this program. If not, see <https://www.gnu.org/licenses/>. 17 18__metaclass__ = type 19 20ANSIBLE_METADATA = {'status': ['preview'], 21 'supported_by': 'community', 22 'metadata_version': '1.1'} 23 24DOCUMENTATION = ''' 25--- 26module: fortios_system_sso_admin 27short_description: Configure SSO admin users in Fortinet's FortiOS and FortiGate. 28description: 29 - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the 30 user to set and modify system feature and sso_admin category. 31 Examples include all parameters and values need to be adjusted to datasources before usage. 32 Tested with FOS v6.0.0 33version_added: "2.10" 34author: 35 - Link Zheng (@chillancezen) 36 - Jie Xue (@JieX19) 37 - Hongbin Lu (@fgtdev-hblu) 38 - Frank Shen (@frankshen01) 39 - Miguel Angel Munoz (@mamunozgonzalez) 40 - Nicolas Thomas (@thomnico) 41notes: 42 - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks 43 44requirements: 45 - ansible>=2.9.0 46options: 47 access_token: 48 description: 49 - Token-based authentication. 50 Generated from GUI of Fortigate. 51 type: str 52 required: false 53 enable_log: 54 description: 55 - Enable/Disable logging for task. 56 type: bool 57 required: false 58 default: false 59 vdom: 60 description: 61 - Virtual domain, among those defined previously. A vdom is a 62 virtual instance of the FortiGate that can be configured and 63 used as a different unit. 64 type: str 65 default: root 66 67 state: 68 description: 69 - Indicates whether to create or remove the object. 70 type: str 71 required: true 72 choices: 73 - present 74 - absent 75 system_sso_admin: 76 description: 77 - Configure SSO admin users. 78 default: null 79 type: dict 80 suboptions: 81 accprofile: 82 description: 83 - SSO admin user access profile. Source system.accprofile.name. 84 type: str 85 gui_dashboard: 86 description: 87 - GUI dashboards. 88 type: list 89 suboptions: 90 columns: 91 description: 92 - Number of columns. 93 type: int 94 id: 95 description: 96 - Dashboard ID. 97 required: true 98 type: int 99 layout_type: 100 description: 101 - Layout type. 102 type: str 103 choices: 104 - responsive 105 - fixed 106 name: 107 description: 108 - Dashboard name. 109 type: str 110 permanent: 111 description: 112 - Permanent dashboard (can"t be removed via the GUI). 113 type: str 114 choices: 115 - disable 116 - enable 117 vdom: 118 description: 119 - Virtual domain. Source system.vdom.name. 120 type: str 121 widget: 122 description: 123 - Dashboard widgets. 124 type: list 125 suboptions: 126 fabric_device: 127 description: 128 - Fabric device to monitor. 129 type: str 130 fabric_device_widget_name: 131 description: 132 - Fabric device widget name. 133 type: str 134 fabric_device_widget_visualization_type: 135 description: 136 - Visualization type for fabric device widget. 137 type: str 138 fortiview_device: 139 description: 140 - FortiView device. 141 type: str 142 fortiview_filters: 143 description: 144 - FortiView filters. 145 type: list 146 suboptions: 147 id: 148 description: 149 - FortiView Filter ID. 150 required: true 151 type: int 152 key: 153 description: 154 - Filter key. 155 type: str 156 value: 157 description: 158 - Filter value. 159 type: str 160 fortiview_sort_by: 161 description: 162 - FortiView sort by. 163 type: str 164 fortiview_timeframe: 165 description: 166 - FortiView timeframe. 167 type: str 168 fortiview_type: 169 description: 170 - FortiView type. 171 type: str 172 fortiview_visualization: 173 description: 174 - FortiView visualization. 175 type: str 176 height: 177 description: 178 - Height. 179 type: int 180 id: 181 description: 182 - Widget ID. 183 required: true 184 type: int 185 industry: 186 description: 187 - Security Audit Rating industry. 188 type: str 189 choices: 190 - default 191 - custom 192 interface: 193 description: 194 - Interface to monitor. Source system.interface.name. 195 type: str 196 region: 197 description: 198 - Security Audit Rating region. 199 type: str 200 choices: 201 - default 202 - custom 203 title: 204 description: 205 - Widget title. 206 type: str 207 type: 208 description: 209 - Widget type. 210 type: str 211 choices: 212 - sysinfo 213 - licinfo 214 - forticloud 215 - cpu-usage 216 - memory-usage 217 - disk-usage 218 - log-rate 219 - sessions 220 - session-rate 221 - tr-history 222 - analytics 223 - usb-modem 224 - admins 225 - security-fabric 226 - security-fabric-ranking 227 - sensor-info 228 - ha-status 229 - vulnerability-summary 230 - host-scan-summary 231 - fortiview 232 - botnet-activity 233 - fabric-device 234 width: 235 description: 236 - Width. 237 type: int 238 x_pos: 239 description: 240 - X position. 241 type: int 242 y_pos: 243 description: 244 - Y position. 245 type: int 246 gui_global_menu_favorites: 247 description: 248 - Favorite GUI menu IDs for the global VDOM. 249 type: list 250 suboptions: 251 id: 252 description: 253 - Select menu ID. 254 required: true 255 type: str 256 gui_ignore_release_overview_version: 257 description: 258 - The FortiOS version to ignore release overview prompt for. 259 type: str 260 gui_new_feature_acknowledge: 261 description: 262 - Acknowledgement of new features. 263 type: list 264 suboptions: 265 id: 266 description: 267 - Select menu ID. 268 required: true 269 type: str 270 gui_vdom_menu_favorites: 271 description: 272 - Favorite GUI menu IDs for VDOMs. 273 type: list 274 suboptions: 275 id: 276 description: 277 - Select menu ID. 278 required: true 279 type: str 280 name: 281 description: 282 - SSO admin name. 283 required: true 284 type: str 285 vdom: 286 description: 287 - Virtual domain(s) that the administrator can access. 288 type: list 289 suboptions: 290 name: 291 description: 292 - Virtual domain name. Source system.vdom.name. 293 required: true 294 type: str 295''' 296 297EXAMPLES = ''' 298- hosts: fortigates 299 collections: 300 - fortinet.fortios 301 connection: httpapi 302 vars: 303 vdom: "root" 304 ansible_httpapi_use_ssl: yes 305 ansible_httpapi_validate_certs: no 306 ansible_httpapi_port: 443 307 tasks: 308 - name: Configure SSO admin users. 309 fortios_system_sso_admin: 310 vdom: "{{ vdom }}" 311 state: "present" 312 access_token: "<your_own_value>" 313 system_sso_admin: 314 accprofile: "<your_own_value> (source system.accprofile.name)" 315 gui_dashboard: 316 - 317 columns: "5" 318 id: "6" 319 layout_type: "responsive" 320 name: "default_name_8" 321 permanent: "disable" 322 vdom: "<your_own_value> (source system.vdom.name)" 323 widget: 324 - 325 fabric_device: "<your_own_value>" 326 fabric_device_widget_name: "<your_own_value>" 327 fabric_device_widget_visualization_type: "<your_own_value>" 328 fortiview_device: "<your_own_value>" 329 fortiview_filters: 330 - 331 id: "17" 332 key: "<your_own_value>" 333 value: "<your_own_value>" 334 fortiview_sort_by: "<your_own_value>" 335 fortiview_timeframe: "<your_own_value>" 336 fortiview_type: "<your_own_value>" 337 fortiview_visualization: "<your_own_value>" 338 height: "24" 339 id: "25" 340 industry: "default" 341 interface: "<your_own_value> (source system.interface.name)" 342 region: "default" 343 title: "<your_own_value>" 344 type: "sysinfo" 345 width: "31" 346 x_pos: "32" 347 y_pos: "33" 348 gui_global_menu_favorites: 349 - 350 id: "35" 351 gui_ignore_release_overview_version: "<your_own_value>" 352 gui_new_feature_acknowledge: 353 - 354 id: "38" 355 gui_vdom_menu_favorites: 356 - 357 id: "40" 358 name: "default_name_41" 359 vdom: 360 - 361 name: "default_name_43 (source system.vdom.name)" 362 363''' 364 365RETURN = ''' 366build: 367 description: Build number of the fortigate image 368 returned: always 369 type: str 370 sample: '1547' 371http_method: 372 description: Last method used to provision the content into FortiGate 373 returned: always 374 type: str 375 sample: 'PUT' 376http_status: 377 description: Last result given by FortiGate on last operation applied 378 returned: always 379 type: str 380 sample: "200" 381mkey: 382 description: Master key (id) used in the last call to FortiGate 383 returned: success 384 type: str 385 sample: "id" 386name: 387 description: Name of the table used to fulfill the request 388 returned: always 389 type: str 390 sample: "urlfilter" 391path: 392 description: Path of the table used to fulfill the request 393 returned: always 394 type: str 395 sample: "webfilter" 396revision: 397 description: Internal revision number 398 returned: always 399 type: str 400 sample: "17.0.2.10658" 401serial: 402 description: Serial number of the unit 403 returned: always 404 type: str 405 sample: "FGVMEVYYQT3AB5352" 406status: 407 description: Indication of the operation's result 408 returned: always 409 type: str 410 sample: "success" 411vdom: 412 description: Virtual domain used 413 returned: always 414 type: str 415 sample: "root" 416version: 417 description: Version of the FortiGate 418 returned: always 419 type: str 420 sample: "v5.6.3" 421 422''' 423from ansible.module_utils.basic import AnsibleModule 424from ansible.module_utils.connection import Connection 425from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import FortiOSHandler 426from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_legacy_fortiosapi 427from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import schema_to_module_spec 428from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_schema_versioning 429from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import FAIL_SOCKET_MSG 430from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import is_same_comparison 431from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import serialize 432 433 434def filter_system_sso_admin_data(json): 435 option_list = ['accprofile', 'gui_dashboard', 'gui_global_menu_favorites', 436 'gui_ignore_release_overview_version', 'gui_new_feature_acknowledge', 'gui_vdom_menu_favorites', 437 'name', 'vdom'] 438 dictionary = {} 439 440 for attribute in option_list: 441 if attribute in json and json[attribute] is not None: 442 dictionary[attribute] = json[attribute] 443 444 return dictionary 445 446 447def underscore_to_hyphen(data): 448 if isinstance(data, list): 449 for i, elem in enumerate(data): 450 data[i] = underscore_to_hyphen(elem) 451 elif isinstance(data, dict): 452 new_data = {} 453 for k, v in data.items(): 454 new_data[k.replace('_', '-')] = underscore_to_hyphen(v) 455 data = new_data 456 457 return data 458 459 460def system_sso_admin(data, fos, check_mode=False): 461 462 vdom = data['vdom'] 463 464 state = data['state'] 465 466 system_sso_admin_data = data['system_sso_admin'] 467 filtered_data = underscore_to_hyphen(filter_system_sso_admin_data(system_sso_admin_data)) 468 469 # check_mode starts from here 470 if check_mode: 471 mkey = fos.get_mkey('system', 'interface', filtered_data, vdom=vdom) 472 current_data = fos.get('system', 'interface', vdom=vdom, mkey=mkey) 473 is_existed = current_data and current_data.get('http_status') == 200 \ 474 and isinstance(current_data.get('results'), list) \ 475 and len(current_data['results']) > 0 476 477 # 2. if it exists and the state is 'present' then compare current settings with desired 478 if state == 'present' or state is True: 479 if mkey is None: 480 return False, True, filtered_data 481 482 # if mkey exists then compare each other 483 # record exits and they're matched or not 484 if is_existed: 485 is_same = is_same_comparison( 486 serialize(current_data['results'][0]), serialize(filtered_data)) 487 return False, not is_same, filtered_data 488 489 # record does not exist 490 return False, True, filtered_data 491 492 if state == 'absent': 493 if mkey is None: 494 return False, False, filtered_data 495 496 if is_existed: 497 return False, True, filtered_data 498 return False, False, filtered_data 499 500 return True, False, {'reason: ': 'Must provide state parameter'} 501 502 if state == "present" or state is True: 503 return fos.set('system', 504 'sso-admin', 505 data=filtered_data, 506 vdom=vdom) 507 508 elif state == "absent": 509 return fos.delete('system', 510 'sso-admin', 511 mkey=filtered_data['name'], 512 vdom=vdom) 513 else: 514 fos._module.fail_json(msg='state must be present or absent!') 515 516 517def is_successful_status(status): 518 return status['status'] == "success" or \ 519 status['http_method'] == "DELETE" and status['http_status'] == 404 520 521 522def fortios_system(data, fos, check_mode): 523 524 if data['system_sso_admin']: 525 resp = system_sso_admin(data, fos, check_mode) 526 else: 527 fos._module.fail_json(msg='missing task body: %s' % ('system_sso_admin')) 528 if check_mode: 529 return resp 530 return not is_successful_status(resp), \ 531 resp['status'] == "success" and \ 532 (resp['revision_changed'] if 'revision_changed' in resp else True), \ 533 resp 534 535 536versioned_schema = { 537 "type": "list", 538 "children": { 539 "gui_vdom_menu_favorites": { 540 "type": "list", 541 "children": { 542 "id": { 543 "type": "string", 544 "revisions": { 545 "v6.2.3": True 546 } 547 } 548 }, 549 "revisions": { 550 "v7.0.0": False, 551 "v6.4.4": False, 552 "v6.4.0": False, 553 "v6.4.1": False, 554 "v6.2.3": True, 555 "v6.2.5": False, 556 "v6.2.7": False 557 } 558 }, 559 "name": { 560 "type": "string", 561 "revisions": { 562 "v7.0.0": True, 563 "v6.4.4": True, 564 "v6.4.0": True, 565 "v6.4.1": True, 566 "v6.2.0": True, 567 "v6.2.3": True, 568 "v6.2.5": True, 569 "v6.2.7": True 570 } 571 }, 572 "gui_new_feature_acknowledge": { 573 "type": "list", 574 "children": { 575 "id": { 576 "type": "string", 577 "revisions": { 578 "v6.2.3": True 579 } 580 } 581 }, 582 "revisions": { 583 "v7.0.0": False, 584 "v6.4.4": False, 585 "v6.4.0": False, 586 "v6.4.1": False, 587 "v6.2.3": True, 588 "v6.2.5": False, 589 "v6.2.7": False 590 } 591 }, 592 "gui_ignore_release_overview_version": { 593 "type": "string", 594 "revisions": { 595 "v6.4.4": False, 596 "v7.0.0": False, 597 "v6.4.1": True 598 } 599 }, 600 "accprofile": { 601 "type": "string", 602 "revisions": { 603 "v7.0.0": True, 604 "v6.4.4": True, 605 "v6.4.0": True, 606 "v6.4.1": True, 607 "v6.2.0": True, 608 "v6.2.3": True, 609 "v6.2.5": True, 610 "v6.2.7": True 611 } 612 }, 613 "gui_global_menu_favorites": { 614 "type": "list", 615 "children": { 616 "id": { 617 "type": "string", 618 "revisions": { 619 "v6.2.3": True 620 } 621 } 622 }, 623 "revisions": { 624 "v7.0.0": False, 625 "v6.4.4": False, 626 "v6.4.0": False, 627 "v6.4.1": False, 628 "v6.2.3": True, 629 "v6.2.5": False, 630 "v6.2.7": False 631 } 632 }, 633 "gui_dashboard": { 634 "type": "list", 635 "children": { 636 "widget": { 637 "type": "list", 638 "children": { 639 "x_pos": { 640 "type": "integer", 641 "revisions": { 642 "v6.2.3": True 643 } 644 }, 645 "title": { 646 "type": "string", 647 "revisions": { 648 "v6.2.3": True 649 } 650 }, 651 "fortiview_type": { 652 "type": "string", 653 "revisions": { 654 "v6.2.3": True 655 } 656 }, 657 "industry": { 658 "type": "string", 659 "options": [ 660 { 661 "value": "default", 662 "revisions": { 663 "v6.2.3": True 664 } 665 }, 666 { 667 "value": "custom", 668 "revisions": { 669 "v6.2.3": True 670 } 671 } 672 ], 673 "revisions": { 674 "v6.2.3": True 675 } 676 }, 677 "region": { 678 "type": "string", 679 "options": [ 680 { 681 "value": "default", 682 "revisions": { 683 "v6.2.3": True 684 } 685 }, 686 { 687 "value": "custom", 688 "revisions": { 689 "v6.2.3": True 690 } 691 } 692 ], 693 "revisions": { 694 "v6.2.3": True 695 } 696 }, 697 "fortiview_sort_by": { 698 "type": "string", 699 "revisions": { 700 "v6.2.3": True 701 } 702 }, 703 "fortiview_device": { 704 "type": "string", 705 "revisions": { 706 "v6.2.3": True 707 } 708 }, 709 "fortiview_filters": { 710 "type": "list", 711 "children": { 712 "value": { 713 "type": "string", 714 "revisions": { 715 "v6.2.3": True 716 } 717 }, 718 "id": { 719 "type": "integer", 720 "revisions": { 721 "v6.2.3": True 722 } 723 }, 724 "key": { 725 "type": "string", 726 "revisions": { 727 "v6.2.3": True 728 } 729 } 730 }, 731 "revisions": { 732 "v6.2.3": True 733 } 734 }, 735 "height": { 736 "type": "integer", 737 "revisions": { 738 "v6.2.3": True 739 } 740 }, 741 "fabric_device": { 742 "type": "string", 743 "revisions": { 744 "v6.2.3": True 745 } 746 }, 747 "interface": { 748 "type": "string", 749 "revisions": { 750 "v6.2.3": True 751 } 752 }, 753 "fortiview_visualization": { 754 "type": "string", 755 "revisions": { 756 "v6.2.3": True 757 } 758 }, 759 "fabric_device_widget_visualization_type": { 760 "type": "string", 761 "revisions": { 762 "v6.2.3": True 763 } 764 }, 765 "y_pos": { 766 "type": "integer", 767 "revisions": { 768 "v6.2.3": True 769 } 770 }, 771 "id": { 772 "type": "integer", 773 "revisions": { 774 "v6.2.3": True 775 } 776 }, 777 "fabric_device_widget_name": { 778 "type": "string", 779 "revisions": { 780 "v6.2.3": True 781 } 782 }, 783 "fortiview_timeframe": { 784 "type": "string", 785 "revisions": { 786 "v6.2.3": True 787 } 788 }, 789 "type": { 790 "type": "string", 791 "options": [ 792 { 793 "value": "sysinfo", 794 "revisions": { 795 "v6.2.3": True 796 } 797 }, 798 { 799 "value": "licinfo", 800 "revisions": { 801 "v6.2.3": True 802 } 803 }, 804 { 805 "value": "forticloud", 806 "revisions": { 807 "v6.2.3": True 808 } 809 }, 810 { 811 "value": "cpu-usage", 812 "revisions": { 813 "v6.2.3": True 814 } 815 }, 816 { 817 "value": "memory-usage", 818 "revisions": { 819 "v6.2.3": True 820 } 821 }, 822 { 823 "value": "disk-usage", 824 "revisions": { 825 "v6.2.3": True 826 } 827 }, 828 { 829 "value": "log-rate", 830 "revisions": { 831 "v6.2.3": True 832 } 833 }, 834 { 835 "value": "sessions", 836 "revisions": { 837 "v6.2.3": True 838 } 839 }, 840 { 841 "value": "session-rate", 842 "revisions": { 843 "v6.2.3": True 844 } 845 }, 846 { 847 "value": "tr-history", 848 "revisions": { 849 "v6.2.3": True 850 } 851 }, 852 { 853 "value": "analytics", 854 "revisions": { 855 "v6.2.3": True 856 } 857 }, 858 { 859 "value": "usb-modem", 860 "revisions": { 861 "v6.2.3": True 862 } 863 }, 864 { 865 "value": "admins", 866 "revisions": { 867 "v6.2.3": True 868 } 869 }, 870 { 871 "value": "security-fabric", 872 "revisions": { 873 "v6.2.3": True 874 } 875 }, 876 { 877 "value": "security-fabric-ranking", 878 "revisions": { 879 "v6.2.3": True 880 } 881 }, 882 { 883 "value": "sensor-info", 884 "revisions": { 885 "v6.2.3": True 886 } 887 }, 888 { 889 "value": "ha-status", 890 "revisions": { 891 "v6.2.3": True 892 } 893 }, 894 { 895 "value": "vulnerability-summary", 896 "revisions": { 897 "v6.2.3": True 898 } 899 }, 900 { 901 "value": "host-scan-summary", 902 "revisions": { 903 "v6.2.3": True 904 } 905 }, 906 { 907 "value": "fortiview", 908 "revisions": { 909 "v6.2.3": True 910 } 911 }, 912 { 913 "value": "botnet-activity", 914 "revisions": { 915 "v6.2.3": True 916 } 917 }, 918 { 919 "value": "fabric-device", 920 "revisions": { 921 "v6.2.3": True 922 } 923 } 924 ], 925 "revisions": { 926 "v6.2.3": True 927 } 928 }, 929 "width": { 930 "type": "integer", 931 "revisions": { 932 "v6.2.3": True 933 } 934 } 935 }, 936 "revisions": { 937 "v6.2.3": True 938 } 939 }, 940 "name": { 941 "type": "string", 942 "revisions": { 943 "v6.2.3": True 944 } 945 }, 946 "permanent": { 947 "type": "string", 948 "options": [ 949 { 950 "value": "disable", 951 "revisions": { 952 "v6.2.3": True 953 } 954 }, 955 { 956 "value": "enable", 957 "revisions": { 958 "v6.2.3": True 959 } 960 } 961 ], 962 "revisions": { 963 "v6.2.3": True 964 } 965 }, 966 "vdom": { 967 "type": "string", 968 "revisions": { 969 "v6.2.3": True 970 } 971 }, 972 "layout_type": { 973 "type": "string", 974 "options": [ 975 { 976 "value": "responsive", 977 "revisions": { 978 "v6.2.3": True 979 } 980 }, 981 { 982 "value": "fixed", 983 "revisions": { 984 "v6.2.3": True 985 } 986 } 987 ], 988 "revisions": { 989 "v6.2.3": True 990 } 991 }, 992 "id": { 993 "type": "integer", 994 "revisions": { 995 "v6.2.3": True 996 } 997 }, 998 "columns": { 999 "type": "integer", 1000 "revisions": { 1001 "v6.2.3": True 1002 } 1003 } 1004 }, 1005 "revisions": { 1006 "v7.0.0": False, 1007 "v6.4.4": False, 1008 "v6.4.0": False, 1009 "v6.4.1": False, 1010 "v6.2.3": True, 1011 "v6.2.5": False, 1012 "v6.2.7": False 1013 } 1014 }, 1015 "vdom": { 1016 "type": "list", 1017 "children": { 1018 "name": { 1019 "type": "string", 1020 "revisions": { 1021 "v7.0.0": True, 1022 "v6.4.4": True, 1023 "v6.4.0": True, 1024 "v6.4.1": True, 1025 "v6.2.0": True, 1026 "v6.2.3": True, 1027 "v6.2.5": True, 1028 "v6.2.7": True 1029 } 1030 } 1031 }, 1032 "revisions": { 1033 "v7.0.0": True, 1034 "v6.4.4": True, 1035 "v6.4.0": True, 1036 "v6.4.1": True, 1037 "v6.2.0": True, 1038 "v6.2.3": True, 1039 "v6.2.5": True, 1040 "v6.2.7": True 1041 } 1042 } 1043 }, 1044 "revisions": { 1045 "v7.0.0": True, 1046 "v6.4.4": True, 1047 "v6.4.0": True, 1048 "v6.4.1": True, 1049 "v6.2.0": True, 1050 "v6.2.3": True, 1051 "v6.2.5": True, 1052 "v6.2.7": True 1053 } 1054} 1055 1056 1057def main(): 1058 module_spec = schema_to_module_spec(versioned_schema) 1059 mkeyname = 'name' 1060 fields = { 1061 "access_token": {"required": False, "type": "str", "no_log": True}, 1062 "enable_log": {"required": False, "type": bool}, 1063 "vdom": {"required": False, "type": "str", "default": "root"}, 1064 "state": {"required": True, "type": "str", 1065 "choices": ["present", "absent"]}, 1066 "system_sso_admin": { 1067 "required": False, "type": "dict", "default": None, 1068 "options": { 1069 } 1070 } 1071 } 1072 for attribute_name in module_spec['options']: 1073 fields["system_sso_admin"]['options'][attribute_name] = module_spec['options'][attribute_name] 1074 if mkeyname and mkeyname == attribute_name: 1075 fields["system_sso_admin"]['options'][attribute_name]['required'] = True 1076 1077 check_legacy_fortiosapi() 1078 module = AnsibleModule(argument_spec=fields, 1079 supports_check_mode=True) 1080 1081 versions_check_result = None 1082 if module._socket_path: 1083 connection = Connection(module._socket_path) 1084 if 'access_token' in module.params: 1085 connection.set_option('access_token', module.params['access_token']) 1086 1087 if 'enable_log' in module.params: 1088 connection.set_option('enable_log', module.params['enable_log']) 1089 else: 1090 connection.set_option('enable_log', False) 1091 fos = FortiOSHandler(connection, module, mkeyname) 1092 versions_check_result = check_schema_versioning(fos, versioned_schema, "system_sso_admin") 1093 1094 is_error, has_changed, result = fortios_system(module.params, fos, module.check_mode) 1095 1096 else: 1097 module.fail_json(**FAIL_SOCKET_MSG) 1098 1099 if versions_check_result and versions_check_result['matched'] is False: 1100 module.warn("Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv") 1101 1102 if not is_error: 1103 if versions_check_result and versions_check_result['matched'] is False: 1104 module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result) 1105 else: 1106 module.exit_json(changed=has_changed, meta=result) 1107 else: 1108 if versions_check_result and versions_check_result['matched'] is False: 1109 module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result) 1110 else: 1111 module.fail_json(msg="Error in repo", meta=result) 1112 1113 1114if __name__ == '__main__': 1115 main() 1116