lambda function changed to support non-existing keys (#611)

* lambda function changed to support non-existing keys * Checking the role creation with authenticationRestrictions * Update main.yml Include 610 test task file * authenticationRestrictions values are changed, it must be a list. --------- Co-authored-by: dorancemc <[email protected]> Co-authored-by: Rhys <[email protected]>
ansible-collections · Nov 6, 2023 · 0d2053f · 0d2053f
1 parent cc22eef
commit 0d2053f
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 3 deletions.
diff --git a/plugins/modules/mongodb_role.py b/plugins/modules/mongodb_role.py
@@ -303,8 +303,8 @@ def check_if_role_changed(client, role, db_name, privileges, authenticationRestr
                 'roles' not in role_dict and roles != []):
             changed = True
         elif ('authenticationRestrictions' in role_dict and
-                sorted(reformat_authenticationRestrictions, key=lambda x: (x['clientSource'], x['serverAddress'])) !=
-                sorted(authenticationRestrictions, key=lambda x: (x['clientSource'], x['serverAddress'])) or
+                sorted(reformat_authenticationRestrictions, key=lambda x: (x.get('clientSource', ''), x.get('serverAddress', ''))) !=
+                sorted(authenticationRestrictions, key=lambda x: (x.get('clientSource', ''), x.get('serverAddress', ''))) or
                 'authenticationRestrictions' not in role_dict and authenticationRestrictions != []):
             changed = True
     else:

diff --git a/tests/integration/targets/mongodb_role/tasks/610.yml b/tests/integration/targets/mongodb_role/tasks/610.yml
@@ -0,0 +1,37 @@
+---
+
+- name: Create new role with clientSource restriction
+  community.mongodb.mongodb_role:
+    login_user: '{{ mongodb_admin_user }}'
+    login_password: '{{ mongodb_admin_password }}'
+    login_database: admin
+    login_port: 3001
+    replica_set: '{{ current_replicaset }}'
+    state: present
+    database: admin
+    name: monitoring
+    roles:
+      - db: admin
+        role: clusterMonitor
+      - db: admin
+        role: readAnyDatabase
+    authenticationRestrictions:
+      - clientSource: 
+          - 172.22.4.219
+
+- name: Create new role with serverAddress restriction
+  community.mongodb.mongodb_role:
+    login_user: '{{ mongodb_admin_user }}'
+    login_password: '{{ mongodb_admin_password }}'
+    login_database: admin
+    login_port: 3001
+    replica_set: '{{ current_replicaset }}'
+    state: present
+    database: admin
+    name: querymanager
+    roles:
+      - db: admin
+        role: readAnyDatabase
+    authenticationRestrictions:
+      - serverAddress: 
+          - 10.1.21.75
diff --git a/tests/integration/targets/mongodb_role/tasks/main.yml b/tests/integration/targets/mongodb_role/tasks/main.yml
@@ -803,4 +803,7 @@
       - "'roles:' in cluster.transformed_output | string"
 
 - name: Import tasks for issue 564  # https://github.com/ansible-collections/community.mongodb/issues/564
-  import_tasks: 564.yml
+  import_tasks: 564.yml
+
+- name: Import tasks for issue 610  # https://github.com/ansible-collections/community.mongodb/issues/610
+  import_tasks: 610.yml