Add a state to control presence of user inside arbitrary htpasswd file

2024-11-06 08:35:21 +00:00 · 2014-02-27 16:04:42 +01:00 · 2014-02-27 16:04:42 +01:00 · 2d868bb29d
commit 2d868bb29d
parent 6b6fa4d3d8
3 changed files with 93 additions and 3 deletions
--- a/1
+++ b/1
@ -69,6 +69,7 @@ Mickey Malone <mickey.malone@gmail.com>
 Mike Place <mp@saltstack.com>
 Mitch Anderson <mitch@metauser.net>
 Nathaniel Whiteinge <seth@eseth.com>
+Nicolas Delaby <nicolas.delaby@ezeep.net>
 Nigel Owen <nigelowen2.gmail.com>
 Oleg Anashkin <oleg.anashkin@gmail.com>
 Pedro Algarvio <pedro@algarvio.me>
--- a/salt/modules/htpasswd.py
+++ b/salt/modules/htpasswd.py
@ -27,7 +27,7 @@ def __virtual__():
    return False


-def useradd(pwfile, user, password, opts=''):
+def useradd_all(pwfile, user, password, opts=''):
    '''
    Add an HTTP user using the htpasswd command. If the htpasswd file does not
    exist, it will be created. Valid options that can be passed are:
@ -49,8 +49,28 @@ def useradd(pwfile, user, password, opts=''):
        opts += 'c'

    cmd = ['htpasswd', '-b{0}'.format(opts), pwfile, user, password]
-    out = __salt__['cmd.run'](cmd, python_shell=False).splitlines()
-    return out
+    return __salt__['cmd.run_all'](cmd, python_shell=False)
+
+
+def useradd(pwfile, user, password, opts=''):
+    '''
+    Add an HTTP user using the htpasswd command. If the htpasswd file does not
+    exist, it will be created. Valid options that can be passed are:
+
+        n  Don't update file; display results on stdout.
+        m  Force MD5 encryption of the password (default).
+        d  Force CRYPT encryption of the password.
+        p  Do not encrypt the password (plaintext).
+        s  Force SHA encryption of the password.
+
+    CLI Examples:
+
+    .. code-block:: bash
+
+        salt '*' webutil.useradd /etc/httpd/htpasswd larry badpassword
+        salt '*' webutil.useradd /etc/httpd/htpasswd larry badpass opts=ns
+    '''
+    return useradd_all(pwfile, user, password, opts=opts)['out'].splitlines()


 def userdel(pwfile, user):
--- a/salt/states/htpasswd.py
+++ b/salt/states/htpasswd.py
@ -0,0 +1,69 @@
+# -*- coding: utf-8 -*-
+'''
+Support for htpasswd module
+
+.. code-block:: yaml
+
+    username:
+        webutil.user_exists:
+            - password: secr3t
+            - htpasswd_file: /etc/nginx/htpasswd
+            - options: d
+            - force: true
+
+'''
+import salt.utils
+
+
+__virtualname__ = 'webutil'
+
+
+def __virtual__():
+    '''
+    depends on webutil module
+    '''
+
+    return __virtualname__ if salt.utils.which('htpasswd') else False
+
+
+def user_exists(name, password=None, htpasswd_file=None, options='',
+                force=False, **kwargs):
+    '''
+    Make sure the user is inside the /etc/nginx/htpasswd
+
+    ``name``
+        username
+
+    ``password``
+        password of the user
+
+    ``htpasswd_file``
+        path to the file that htpasswd will handle
+
+    ``options``
+        see :mod:`salt.module.htpasswd.useradd`
+
+    ``force``
+        touch the file even if user already created
+    '''
+    ret = {'name': name,
+           'changes': {},
+           'comment': '',
+           'result': None}
+    useradd = __salt__['webutil.useradd_all']
+    grep = __salt__['file.grep']
+    grep_ret = grep(htpasswd_file, name)
+    if grep_ret['retcode'] != 0 or force:
+        useradd_ret = useradd(htpasswd_file, name, password, opts=options)
+        if useradd_ret['retcode'] == 0:
+            ret['result'] = True
+            ret['comment'] = useradd_ret['stderr']
+            ret['changes'] = {name: True}
+            return ret
+        else:
+            ret['result'] = False
+            ret['comment'] = useradd_ret['stderr']
+            return ret
+    ret['result'] = True
+    ret['comment'] = 'User already known'
+    return ret