Anons79 Mini Shell

Directory : /lib/python2.7/site-packages/ansible/modules/network/f5/
Current File : //lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyc
�
�Udac@`soddlmZmZmZeZidd6dgd6dd6ZdZd	Zd
Z	ddl
Z
ddlZddlm
Z
ydd
lmZWn!ek
r�dd
lmZnXddlmZddlmZddlmZddlmZydddlmZddlmZddlmZddlmZddlmZddlm Z Wnqek
r�ddl!mZddl"mZddl"mZddl"mZddl#mZddl#m Z nXyJddl$m%Z%ddl&m'Z'ddl(m)Z)ddl&m*Z*e+Z,Wnek
r-e-Z,nXdefd��YZ.de.fd��YZ/d e.fd!��YZ0d"e.fd#��YZ1d$e1fd%��YZ2d&e1fd'��YZ3d(e4fd)��YZ5d*e4fd+��YZ6d,e4fd-��YZ7d.e7fd/��YZ8d0e7fd1��YZ9d2e7fd3��YZ:d4e4fd5��YZ;d6�Z<e=d7krke<�ndS(8i(tabsolute_importtdivisiontprint_functions1.1tmetadata_versiontpreviewtstatust	certifiedtsupported_bysn

---
module: bigip_user
short_description: Manage user accounts and user attributes on a BIG-IP
description:
  - Manage user accounts and user attributes on a BIG-IP. Typically this
    module operates only on the REST API users and not the CLI users.
    When specifying C(root), you may only change the password.
    Your other parameters will be ignored in this case. Changing the C(root)
    password is not an idempotent operation. Therefore, it will change it
    every time this module attempts to change it.
version_added: 2.4
options:
  full_name:
    description:
      - Full name of the user.
    type: str
  username_credential:
    description:
      - Name of the user to create, remove or modify.
      - The C(root) user may not be removed.
    type: str
    required: True
    aliases:
      - name
  password_credential:
    description:
      - Set the users password to this unencrypted value.
        C(password_credential) is required when creating a new account.
    type: str
  shell:
    description:
      - Optionally set the users shell.
    type: str
    choices:
      - bash
      - none
      - tmsh
  partition_access:
    description:
      - Specifies the administrative partition to which the user has access.
        C(partition_access) is required when creating a new account.
        Should be in the form "partition:role".
      - Valid roles include C(acceleration-policy-editor), C(admin), C(application-editor),
        C(auditor), C(certificate-manager), C(guest), C(irule-manager), C(manager), C(no-access),
        C(operator), C(resource-admin), C(user-manager), C(web-application-security-administrator),
        and C(web-application-security-editor).
      - Partition portion of tuple should be an existing partition or the value 'all'.
    type: list
  state:
    description:
      - Whether the account should exist or not, taking action if the state is
        different from what is stated.
    type: str
    choices:
      - present
      - absent
    default: present
  update_password:
    description:
      - C(always) will allow to update passwords if the user chooses to do so.
        C(on_create) will only set the password for newly created users.
      - When C(username_credential) is C(root), this value will be forced to C(always).
    type: str
    choices:
      - always
      - on_create
    default: always
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
    version_added: 2.5
notes:
   - Requires BIG-IP versions >= 12.0.0
extends_documentation_fragment: f5
author:
  - Tim Rupp (@caphrim007)
  - Wojciech Wypior (@wojtek0806)
sG
- name: Add the user 'johnd' as an admin
  bigip_user:
    username_credential: johnd
    password_credential: password
    full_name: John Doe
    partition_access: all:admin
    update_password: on_create
    state: present
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

- name: Change the user "johnd's" role and shell
  bigip_user:
    username_credential: johnd
    partition_access: NewPartition:manager
    shell: tmsh
    state: present
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

- name: Make the user 'johnd' an admin and set to advanced shell
  bigip_user:
    name: johnd
    partition_access: all:admin
    shell: bash
    state: present
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

- name: Remove the user 'johnd'
  bigip_user:
    name: johnd
    state: absent
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

- name: Update password
  bigip_user:
    state: present
    username_credential: johnd
    password_credential: newsupersecretpassword
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

# Note that the second time this task runs, it would fail because
# The password has been changed. Therefore, it is recommended that
# you either,
#
#   * Put this in its own playbook that you run when you need to
#   * Put this task in a `block`
#   * Include `ignore_errors` on this task
- name: Change the Admin password
  bigip_user:
    state: present
    username_credential: admin
    password_credential: NewSecretPassword
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost

- name: Change the root user's password
  bigip_user:
    username_credential: root
    password_credential: secret
    state: present
    provider:
      server: lb.mydomain.com
      user: admin
      password: secret
  delegate_to: localhost
s�
full_name:
  description: Full name of the user
  returned: changed and success
  type: str
  sample: John Doe
partition_access:
  description:
    - List of strings containing the user's roles and which partitions they
      are applied to. They are specified in the form "partition:role".
  returned: changed and success
  type: list
  sample: ['all:admin']
shell:
  description: The shell assigned to the user account
  returned: changed and success
  type: str
  sample: tmsh
N(tto_bytes(tBytesIO(t
AnsibleModule(tenv_fallback(tstring_types(tLooseVersion(tF5RestClient(t
F5ModuleError(tAnsibleF5Parameters(tf5_argument_spec(ttmos_version(tupload_file(tdefault_backend(t
serialization(tpadding(thashest
ParameterscB`sveZidd6dd6ZddddgZdddddgZdddddgZed	��Zed
��ZRS(tpartition_accesstpartitionAccesst	full_nametdescriptiontshelltpassword_credentialtusername_credentialtnametpasswordcC`s�|jddkrdSg}|jd}x�|D]�}t|t�ryd|kri|d=|j|�qy|j|�nt|t�r1|jd�}|dj�dkr�d|d<ntd|dd	|d
�}|j|�q1q1W|S(sPartition access values will require some transformation.

        This operates on both user and device returned values.
        Check if the element is a string from user input in the format of
        name:role, if it is split  it and create dictionary out of it.

        If the access value is a dictionary (returned from device,
        or already processed) and contains nameReference
        key, delete it and append the remaining dictionary element into
        a list.

        If the nameReference key is removed just append the dictionary
        into the list.

        Returns:
            List of dictionaries. Each item in the list is a dictionary
            which contains the ``name`` of the partition and the ``role`` to
            allow on that partition.
        RNt
nameReferencet:itallsall-partitionsR trolei(t_valuestNonet
isinstancetdicttappendRtsplittlower(tselftresulttpart_accesstaccesstacltvalue((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR(s&




cC`sO|jddkrDtj�}tjj|j�}||jd<n|jdS(Nttemp_upload_file(R&R'ttempfiletNamedTemporaryFiletostpathtbasenameR (R-tfR ((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR3Us
(	t__name__t
__module__tapi_mapt
updatablestreturnablestapi_attributestpropertyRR3(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRs&
			-t
ApiParameterscB`seZed��ZRS(cC`s"|jddkrdS|jdS(NRtnone(NRB(R&R'(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR_s(R:R;R@R(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRA^stModuleParameterscB`seZed��ZRS(cC`s"|jddkrdS|jdS(NRRB(Nsnone(R&R'(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRgs(R:R;R@R(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRCfstChangescB`seZd�ZRS(cC`sXi}xK|jD]@}yt||�||<Wntk
r@nX|j|�}qW|S(N(R>tgetattrt	Exceptiont_filter_params(R-R.t
returnable((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt	to_returnos
(R:R;RI(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRDnst
UsableChangescB`seZed��ZRS(cC`s"|jddkrdS|jdS(NR(R&R'(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR!{s(R:R;R@R!(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRJzstReportableChangescB`seZRS((R:R;(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRK�st
DifferencecB`sMeZdd�Zd�Zd�Zed��Zed��Zd�Z	RS(cC`s||_||_dS(N(twantthave(R-RMRN((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt__init__�s	cC`s9yt||�}|SWntk
r4|j|�SXdS(N(REtAttributeErrort_Difference__default(R-tparamR.((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pytcompare�s

cC`sQt|j|�}y&t|j|�}||kr7|SWntk
rL|SXdS(N(RERMRNRP(R-RRtattr1tattr2((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt	__default�s
cC`s6|jjdkrdS|jjdkr2|jjSdS(Ntalways(salways(RMRR'tupdate_password(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�s

cC`s�|jjdkr/|jjdk	r(dSdSn|jjdkrt|j�|jj|jjkrgdS|jjSn|jj|jjkr�|jjSdS(NRBtbash(RMRR'RNt_validate_shell_parameter(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�s

c`s�d}ddg�|jj}t�fd�|D��sIt|��n|jjdk	r�|jj}t�fd�|D��s�t|��q�ndS(s�Method to validate shell parameters.

        Raise when shell attribute is set to 'bash' with roles set to
        either 'admin' or 'resource-admin'.

        NOTE: Admin and Resource-Admin roles automatically enable access to
        all partitions, removing any other roles that the user might have
        had. There are few other roles which do that but those roles,
        do not allow bash.
        sDShell access is only available to 'admin' or 'resource-admin' roles.tadminsresource-adminc3`s)|]}|d�kr|dVqdS(R%N((t.0tr(tpermit(sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pys	<genexpr>�sc3`s)|]}|d�kr|dVqdS(R%N((R\R](R^(sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pys	<genexpr>�sN(RNRtanyRRMR'(R-terrRNRM((R^sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRZ�sN(
R:R;R'RORSRQR@RRRZ(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRL�s			t
ModuleManagercB`s5eZd�Zd�Zd�Zd�Zd�ZRS(cO`s7|jdd�|_t|jj�|_||_dS(Ntmodule(tgetR'RbRtparamstclienttkwargs(R-targsRf((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRO�scC`sU|j�r|jd�}n-|j�r<|jd�}n|jd�}|j�S(Ntroottv1tv2(tis_root_username_credentialtget_managertis_version_less_than_13texec_module(R-tmanager((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRn�scC`sO|dkrt|j�S|dkr2t|j�S|dkrKt|j�SdS(NRhRiRj(tRootUserManagerRftUnpartitionedManagertPartitionedManager(R-ttype((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRl�s

cC`s3t|j�}t|�td�kr+tStSdS(s�Checks to see if the TMOS version is less than 13

        Anything less than BIG-IP 13.x does not support users
        on different partitions.

        :return: Bool
        s13.0.0N(RReR
tTruetFalse(R-tversion((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRm�scC`s,|jjjdd�}|dkr(tStS(NRRh(RbRdRcR'RtRu(R-tuser((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRk�s(R:R;RORnRlRmRk(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRa�s
					tBaseManagercB`s}eZd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�ZRS(
cO`s^|jdd�|_t|jj�|_td|jj�|_t�|_	t
�|_dS(NRbRd(RcR'RbRRdReRCRMRARNRJtchanges(R-RgRf((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRO�s
cC`sH|jdg�}x/|D]'}|jjd|dd|d�qWdS(Nt
__warningstmsgRv(tpopRbt	deprecate(R-R.twarningstwarning((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt_announce_deprecationss


cC`sji}xBtjD]7}t|j|�dk	rt|j|�||<qqW|rftd|�|_ndS(NRd(RR>RERMR'RJRy(R-tchangedtkey((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt_set_changed_options	scC`s�t|j|j�}tj}t�}xX|D]P}|j|�}|dkrUq.q.t|t�rt|j	|�q.|||<q.W|r�t
d|�|_tSt
S(NRd(RLRMRNRR=R)RSR'R(tupdateRJRyRtRu(R-tdiffR=R�tktchange((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt_update_changed_optionss		
cC`s�t}t�}|jj}|dkr6|j�}n|dkrQ|j�}ntd|jj��}|j�}|j	|�|j	td|��|j
|�|S(NtpresenttabsentRdR�(RuR)RMtstateR�R�RKRyRIR�R�(R-R�R.R�t
reportableRy((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRn#s	

cC`s$|j�r|j�S|j�SdS(N(texistsR�tcreate(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�4s
cC`s|j�r|j�StS(N(R�tremoveRu(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�:s
cC`s|j�}|rtStS(N(R�RtRu(R-R.((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt
should_update?scC`s=|j�|_|j�stS|jjr/tS|j�tS(N(tread_current_from_deviceRNR�RuRbt
check_modeRttupdate_on_device(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�Es
cC`s9|jjrtS|j�|j�r5td��ntS(NsFailed to delete the user.(RbR�Rttremove_from_deviceR�R(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�Ns
cC`sQ|j�|jjdkr)|j�n|j�|jjrCtS|j�tS(NRY(	tvalidate_create_parametersRMRtvalidate_shell_parameterR�RbR�Rttcreate_on_device(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�Vs


c`sbd}ddg�|jjdk	r^|jj}t�fd�|D��s^t|��q^ndS(s�Method to validate shell parameters.

        Raise when shell attribute is set to 'bash' with roles set to
        either 'admin' or 'resource-admin'.

        NOTE: Admin and Resource-Admin roles automatically enable access to
        all partitions, removing any other roles that the user might have
        had. There are few other roles which do that but those roles,
        do not allow bash.
        sDShell access is only available to 'admin' or 'resource-admin' roles.R[sresource-adminc3`s)|]}|d�kr|dVqdS(R%N((R\R](R^(sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pys	<genexpr>rsN(RMRR'R_R(R-R`RM((R^sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�`scC`s+|jjdkr'd}t|��ndS(NsCThe 'partition_access' option is required when creating a resource.(RMRR'R(R-R`((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�us(R:R;ROR�R�R�RnR�R�R�R�R�R�R�R�(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRx�s												
	RqcB`s5eZd�Zd�Zd�Zd�Zd�ZRS(cC`s�dj|jjd|jjd|jj�}|jjj|�}y|j�}Wntk
rht	SX|j
dks�d|kr�|ddkr�t	StS(Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}tservertserver_porti�tcode(tformatRetproviderRMRtapiRctjsont
ValueErrorRuRRt(R-turitresptresponse((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�}s


+cC`s�|jj�}|jj|d<dj|jjd|jjd�}|jjj|d|�}y|j	�}Wn%t
k
r�}tt|���nXd|kr�|ddkr�d	|kr�t|d	��q�t|j
��n|d
S(NR s"https://{0}:{1}/mgmt/tm/auth/user/R�R�R�R�i�i�tmessagetselfLink(i�i�(Ryt
api_paramsRMRR�ReR�R�tpostR�R�Rtstrtcontent(R-RdR�R�R�tex((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s
cC`s�|jj�}dj|jjd|jjd|jj�}|jjj|d|�}y|j	�}Wn%t
k
r�}tt|���nXd|kr�|ddkr�d|kr�t|d��q�t|j
��ndS(Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}R�R�R�R�i�R�(RyR�R�ReR�RMRR�tpatchR�R�RR�R�(R-RdR�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s

cC`sjdj|jjd|jjd|jj�}|jjj|�}|jdkrWtSt	|j
��dS(Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}R�R�i�(R�ReR�RMRR�tdeleteRRtRR�(R-R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s

cC`s�dj|jjd|jjd|jj�}|jjj|�}y|j�}Wn%tk
r{}t	t
|���nXd|kr�|ddkr�d|kr�t	|d��q�t	|j��ntd|�S(Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}R�R�R�i�R�Rd(
R�ReR�RMRR�RcR�R�RR�R�RA(R-R�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s

(R:R;R�R�R�R�R�(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRq|s
				RrcB`s>eZd�Zd�Zd�Zd�Zd�Zd�ZRS(cC`s�|j�}d|kr�g|dD]"}|d|jjkr#|^q#}t|�dkratSt|�dkrwtStd��ntS(NtitemsR iis1Multiple users with the provided name were found!(tlist_users_on_deviceRMRtlenRtRuR(R-R�txt
collection((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s3cC`s�|jj�}|jj|d<|jj|d<dj|jjd|jjd�}|jjj	|d|�}y|j
�}Wn%tk
r�}tt
|���nXd|kr�|dd
kr�d|kr�t|d��q�t|j��ntS(NR t	partitions"https://{0}:{1}/mgmt/tm/auth/user/R�R�R�R�i�i�i�i�R�(i�i�i�i�(RyR�RMRR�R�ReR�R�R�R�R�RR�R�Rt(R-RdR�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s 
cC`s�|j�}g|dD]"}|d|jjkr|^q}t|�dkrj|j�}td|�St|�dkr�td��ntd��dS(NR�R iRdis.No accounts with the provided name were found.s1Multiple users with the provided name were found!(R�RMRR�R|RAR(R-R�R�R�Rw((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s3
cC`s�|jj�}dj|jjd|jjd|jj�}|jjj|d|�}y|j	�}Wn%t
k
r�}tt|���nXd|kr�|ddkr�d
|kr�d|d
kr�t|d
��q�q�t|j
��ndS(
Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}R�R�R�R�i�i�i�i�R�supdated successfully(i�i�i�i�(RyR�R�ReR�RMRR�R�R�R�RR�R�(R-RdR�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�s

cC`sjdj|jjd|jjd|jj�}|jjj|�}|jdkrWtSt	|j
��dS(Ns%https://{0}:{1}/mgmt/tm/auth/user/{2}R�R�i�(R�ReR�RMRR�R�RRtRR�(R-R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�s

cC`s�dj|jjd|jjd�}dj|jj�}|jjj||�}y|j�}Wn%tk
r�}t	t
|���nXd|kr�|ddkr�d|kr�t	|d��q�t	|j��n|S(Ns"https://{0}:{1}/mgmt/tm/auth/user/R�R�s?$filter=partition+eq+'{0}'R�i�R�(R�ReR�RMR�R�RcR�R�RR�R�(R-R�tqueryR�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�#s
(R:R;R�R�R�R�R�R�(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRr�s					RpcB`sYeZd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
RS(	cC`s�tstd��nt}t�}|jj}|dkrK|j�}n|dkrftd��ntd|jj	��}|j	�}|j
|�|j
td|��|j|�|S(NsdAn installed and up-to-date python 'cryptography' package is required to change the 'root' password.R�R�s!You may not remove the root user.RdR�(t
HAS_CRYPTORRuR)RMR�R�RKRyRIR�R�(R-R�R.R�R�Ry((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRn8s"	

cC`stS(N(Rt(R-((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�QscC`sl|j�}|j|�}|j||jj�}|j||jj�|j�}|j|jj�|S(N(	tget_public_key_from_devicetextract_keytencrypt_password_change_fileRMRtupload_to_deviceR3R�t remove_uploaded_file_from_device(R-t
public_keyt	encryptedR.((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�TscC`sUtjt|�dt��}tdj|��}|j|tj��}t|�S(Ntbackends{0}
{0}
(	Rtload_pem_public_keyRRR�tencryptRtPKCS1v15R	(R-R�R!tpubR�t
ciphertext((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�_s cC`sK|jd�}|jd�}|jd�}dj|||d!�}|S(s�Extracts the public key from the openssl command output over REST

        The REST output includes some extra output that is not relevant to the
        public key. This function attempts to only return the valid public key
        data from the openssl output

        Args:
            content: The output from the REST API command to view the public key.

        Returns:
            string: The discovered public key
        s
s-----BEGIN PUBLIC KEY-----s-----END PUBLIC KEY-----i(R+tindextjoin(R-R�tlineststarttendR.((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s
c`sndddg}ddddj|jj�dd	d
g}djdj|��}td
dd|�}dj|jjd|jjd�}|jjj|d|�}yN|j	��d�kr�t
�fd�|D��r�t�d��q�nWn%tk
r}tt
|���nXd�krj�ddkrjd�krXt�d��qjt|j��ntS(NsBad passwordspassword change canceledsbased on a dictionary wordtopenssltpkeyutls-ins/var/config/rest/downloads/{0}s-decrypts-inkeys/config/ssl/ssl.key/default.keys)-c "{0} | tmsh modify auth password root"t tcommandtruntutilCmdArgss!https://{0}:{1}/mgmt/tm/util/bashR�R�R�t
commandResultc3`s%|]}|�dkr|VqdS(R�N((R\R�(R�(sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pys	<genexpr>�sR�i�i�R�(i�i�(R�RMR3R�R)ReR�R�R�R�R_RR�R�R�Rt(R-terrorsR�tcmdRdR�R�R�((R�sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s.$	
cC`sddj|jjd|jjd�}yt|j|||�Wntk
r_td��nXdS(s[Uploads a file-like object via the REST API to a given filename

        Args:
            content: The file-like object whose content to upload
            name: The remote name of the file to store the content in. The
                  final location of the file will be in /var/config/rest/downloads.

        Returns:
            void
        s1https://{0}:{1}/mgmt/shared/file-transfer/uploadsR�R�sFailed to upload the file.N(R�ReR�RR(R-R�R turl((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s

cC`s�dj|�}idd6|d6}dj|jjd|jjd�}|jjj|d|�}y|j�}Wn%tk
r�}tt|���nXd	|kr�|d	d
kr�d|kr�t|d��q�t|j	��ndS(Ns/var/config/rest/downloads/{0}R�R�R�s$https://{0}:{1}/mgmt/tm/util/unix-rmR�R�R�R�i�i�R�(i�i�(
R�ReR�R�R�R�R�RR�R�(R-R tfilepathRdR�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR��s 

cC`s�d}tddd|�}dj|jjd|jjd�}|jjj|d|�}y|j�}Wn%tk
r�}tt	|���nXd	|kr�|d	dkr�d|kr�t|d��q�t|j
��nd
|kr�|d
SdS(Ns<-c "openssl rsa -in /config/ssl/ssl.key/default.key -pubout"R�R�R�s!https://{0}:{1}/mgmt/tm/util/bashR�R�R�R�i�i�R�R�(i�i�(R)R�ReR�R�R�R�R�RR�R�R'(R-R�RdR�R�R�R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�s&	
(R:R;RnR�R�R�R�R�R�R�R�(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRp7s				1		A		tArgumentSpeccB`seZd�ZRS(cC`s�t|_tdtdtddg�dtdt�dtdd	�d
t�dtdd
ddg�dtdddddg�dtdddddg�dtdddtdgf��}i|_|jjt�|jj|�dS(NRtrequiredtaliasesR Rtno_logRRstlistRRtchoicesRBRYttmshRXtdefaultRWt	on_createR�R�R�R�tCommontfallbacktF5_PARTITION(Rttsupports_check_modeR)Rt
argument_specR�R(R-R�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyRO+s,					(R:R;RO(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyR�*scC`s�t�}td|jd|j�}y,td|�}|j�}|j|�Wn)tk
r{}|jdt	|��nXdS(NR�R�RbR{(
R�R
R�R�RaRnt	exit_jsonRt	fail_jsonR�(tspecRbtmmtresultsR�((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pytmainKs		t__main__(>t
__future__RRRRst
__metaclass__tANSIBLE_METADATAt
DOCUMENTATIONtEXAMPLEStRETURNR6R4tansible.module_utils._textRR	tImportErrortiotansible.module_utils.basicR
Rtansible.module_utils.sixRtdistutils.versionR
t%library.module_utils.network.f5.bigipRt&library.module_utils.network.f5.commonRRRt(library.module_utils.network.f5.icontrolRRt%ansible.module_utils.network.f5.bigipt&ansible.module_utils.network.f5.commont(ansible.module_utils.network.f5.icontroltcryptography.hazmat.backendsRtcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricRRRtR�RuRRARCRDRJRKtobjectRLRaRxRqRrRpR�R�R:(((sI/usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_user.pyt<module>sp


RZ



SG,�Ve�!
Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]