Source code for saltext.influxdb.states.influxdb_user

"""
Manage InfluxDB 0.9-1.x users statefully.

.. important::
    You can optionally specify default connection parameters via the general :ref:`influxdb setup <influxdb-setup>`.
"""


def __virtual__():
    if "influxdb.db_exists" in __salt__:
        return "influxdb_user"
    return (False, "influxdb module could not be loaded")




[docs]
def present(name, passwd, admin=False, grants=None, **client_args):
    """
    Ensure that given user is present.

    name
        Name of the user to manage

    passwd
        Password of the user

    admin : False
        Whether the user should have cluster administration
        privileges or not.

    grants
        Optional - Dict of database:privilege items associated with
        the user. Example:

        grants:
          foo_db: read
          bar_db: all

    **Example:**

    .. code-block:: yaml

        example user present in influxdb:
          influxdb_user.present:
            - name: example
            - passwd: somepassword
            - admin: False
            - grants:
                foo_db: read
                bar_db: all
    """
    create = False
    ret = {
        "name": name,
        "changes": {},
        "result": True,
        "comment": f"User {name} is present and up to date",
    }

    if not __salt__["influxdb.user_exists"](name, **client_args):
        create = True
        if __opts__["test"]:
            ret["comment"] = f"User {name} will be created"
            ret["result"] = None
            return ret
        else:
            if not __salt__["influxdb.create_user"](name, passwd, admin=admin, **client_args):
                ret["comment"] = f"Failed to create user {name}"
                ret["result"] = False
                return ret
    else:
        user = __salt__["influxdb.user_info"](name, **client_args)

        if user["admin"] != admin:
            if not __opts__["test"]:
                if admin:
                    __salt__["influxdb.grant_admin_privileges"](name, **client_args)
                else:
                    __salt__["influxdb.revoke_admin_privileges"](name, **client_args)

                if admin != __salt__["influxdb.user_info"](name, **client_args)["admin"]:
                    ret["comment"] = f"Failed to set admin privilege to user {name}"
                    ret["result"] = False
                    return ret
            ret["changes"]["Admin privileges"] = admin

    if grants:
        db_privileges = __salt__["influxdb.list_privileges"](name, **client_args)
        for database, privilege in grants.items():
            privilege = privilege.lower()
            if privilege != db_privileges.get(database, privilege):
                if not __opts__["test"]:
                    __salt__["influxdb.revoke_privilege"](database, "all", name, **client_args)
                del db_privileges[database]
            if database not in db_privileges:
                ret["changes"][f"Grant on database {database} to user {name}"] = privilege
                if not __opts__["test"]:
                    __salt__["influxdb.grant_privilege"](database, privilege, name, **client_args)

    if ret["changes"]:
        if create:
            ret["comment"] = f"Created user {name}"
            ret["changes"][name] = "User created"
        else:
            if __opts__["test"]:
                ret["result"] = None
                ret["comment"] = f"User {name} will be updated with the following changes:"
                for k, v in ret["changes"].items():
                    ret["comment"] += f"\n{k} => {v}"
                ret["changes"] = {}
            else:
                ret["comment"] = f"Updated user {name}"

    return ret






[docs]
def absent(name, **client_args):
    """
    Ensure that given user is absent.

    name
        The name of the user to manage
    """
    ret = {
        "name": name,
        "changes": {},
        "result": True,
        "comment": f"User {name} is not present",
    }

    if __salt__["influxdb.user_exists"](name, **client_args):
        if __opts__["test"]:
            ret["result"] = None
            ret["comment"] = f"User {name} will be removed"
            return ret
        else:
            if __salt__["influxdb.remove_user"](name, **client_args):
                ret["comment"] = f"Removed user {name}"
                ret["changes"][name] = "removed"
                return ret
            else:
                ret["comment"] = f"Failed to remove user {name}"
                ret["result"] = False
                return ret
    return ret