Merge pull request freeipa#1158 from t-woerner/idview_fail_to_apply_i…

…nvalid_hosts ipaidview: Fail to apply unknown (invalid) hosts
rjeffman · Oct 23, 2023 · f1a6f44 · f1a6f44
2 parents 1dbe19c + 2127194
commit f1a6f44
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/plugins/modules/ipaidview.py b/plugins/modules/ipaidview.py
@@ -127,7 +127,7 @@
 
 from ansible.module_utils.ansible_freeipa_module import \
     IPAAnsibleModule, compare_args_ipa, gen_add_del_lists, gen_add_list, \
-    gen_intersection_list
+    gen_intersection_list, ipalib_errors
 from ansible.module_utils import six
 
 if six.PY3:
@@ -144,6 +144,14 @@ def find_idview(module, name):
     return _result["result"]
 
 
+def valid_host(module, name):
+    try:
+        module.ipa_command("host_show", name, {})
+    except ipalib_errors.NotFound:
+        return False
+    return True
+
+
 def gen_args(description, domain_resolution_order):
     _args = {}
     if description is not None:
@@ -327,6 +335,9 @@ def main():
 
             # Add members
             if host_add:
+                for host in host_add:
+                    if not valid_host(ansible_module, host):
+                        ansible_module.fail_json("Invalid host '%s'" % host)
                 commands.append([name, "idview_apply", {"host": host_add}])
 
             # Remove members

diff --git a/tests/idview/test_idview.yml b/tests/idview/test_idview.yml
@@ -25,6 +25,7 @@
     ansible.builtin.set_fact:
       host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
       host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
+      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
 
   # CLEANUP TEST ITEMS
 
@@ -182,6 +183,27 @@
     register: result
     failed_when: result.changed or result.failed
 
+  - name: Ensure invalid host "{{ host3_fqdn }}" fails to applied to idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+    register: result
+    failed_when: result.changed or not result.failed or
+                 "Invalid host" not in result.msg or
+                 host3_fqdn not in result.msg
+
+  - name: Ensure invalid host "{{ host3_fqdn }}" does not fail to unapply from idview test1_idview
+    ipaidview:
+      name: test1_idview
+      host:
+      - "{{ host3_fqdn }}"
+      action: member
+      state: absent
+    register: result
+    failed_when: result.changed or result.failed
+
   - name: Ensure host "{{ host2_fqdn }}" is applied to idview test1_idview
     ipaidview:
       name: test1_idview