#!/usr/bin/ansible-playbook
---
- hosts: "{{ cli_master_test }}"
  gather_facts: no
  user: root

  vars:

  post_tasks:
  - name: delete test group (so future tests work)
    oc_group:
      state: absent
      name: jgroup

  - name: delete 2nd test group (so future tests work)
    oc_group:
      state: absent
      name: jgroup2

  - name: delete test user (so future tests work)
    oc_user:
      state: absent
      username: jdiaz@redhat.com

  - name: get group list
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert group 'jgroup' (test group) does not exist
    assert:
      that: group_out['results'][0] == {}

  - name: get group list
    oc_group:
      state: list
      name: jgroup2
    register: group_out
  #- debug: var=group_out
  - name: assert group 'jgroup2' (test group) does not exist
    assert:
      that: group_out['results'][0] == {}

  - name: get user list
    oc_user:
      state: list
      username: 'jdiaz@redhat.com'
    register: group_out
  #- debug: var=group_out
  - name: assert user 'jdiaz@redhat.com' (test user) does not exist
    assert:
      that: group_out['results'][0] == {}

  - name: create group
    oc_group:
      state: present
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert creating group marked changed
    assert:
      that: group_out['changed'] == True

  - name: list group
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert group actually created
    assert:
      that: group_out['results'][0]['metadata']['name'] == 'jgroup'

  - name: re-add group
    oc_group:
      state: present
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert re-adding group marked not changed
    assert:
      that: group_out['changed'] == False


  - name: add user with group membership
    oc_user:
      state: present
      username: jdiaz@redhat.com
      full_name: Joel Diaz
      groups:
      - jgroup
    register: group_out
  #- debug: var=group_out

  - name: get group
    oc_group:
      state: list
      name: jgroup
    register: group_out
  - name: assert user in group
    assert:
      that: group_out['results'][0]['users'][0] == 'jdiaz@redhat.com'

  - name: add 2nd group
    oc_group:
      state: present
      name: jgroup2

  - name: change group membership
    oc_user:
      state: present
      username: jdiaz@redhat.com
      full_name: Joel Diaz
      groups:
      - jgroup2
    register: group_out
  - name: assert result changed
    assert:
      that: group_out['changed'] == True

  - name: check jgroup user membership
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert user not present in previous group
    assert:
      that: group_out['results'][0]['users'] == []

  - name: check jgroup2 user membership
    oc_group:
      state: list
      name: jgroup2
    register: group_out
  #- debug: var=group_out
  - name: assert user present in new group
    assert:
      that: group_out['results'][0]['users'][0] == 'jdiaz@redhat.com'

  - name: multi-group membership
    oc_user:
      state: present
      username: jdiaz@redhat.com
      full_name: Joel Diaz
      groups:
      - jgroup
      - jgroup2
    register: group_out
  - name: assert result changed
    assert:
      that: group_out['changed'] == True

  - name: check jgroup user membership
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert user present in group
    assert:
      that: group_out['results'][0]['users'][0] == 'jdiaz@redhat.com'

  - name: check jgroup2 user membership
    oc_group:
      state: list
      name: jgroup2
    register: group_out
  #- debug: var=group_out
  - name: assert user still present in group
    assert:
      that: group_out['results'][0]['users'][0] == 'jdiaz@redhat.com'

  - name: user delete (group cleanup)
    oc_user:
      state: absent
      username: jdiaz@redhat.com
    register: group_out

  - name: get user list for jgroup
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert that group jgroup has no members
    assert:
      that: group_out['results'][0]['users'] == []

  - name: get user list for jgroup2
    oc_group:
      state: list
      name: jgroup2
    register: group_out
  #- debug: var=group_out
  - name: assert that group jgroup2 has no members
    assert:
      that: group_out['results'][0]['users'] == []

  - name: user without groups defined
    oc_user:
      state: present
      username: jdiaz@redhat.com
      full_name: Joel Diaz
    register: group_out
  - name: assert result changed
    assert:
      that: group_out['changed'] == True

  - name: check jgroup user membership
    oc_group:
      state: list
      name: jgroup
    register: group_out
  #- debug: var=group_out
  - name: assert user not present in group
    assert:
      that: group_out['results'][0]['users'] == []

  - name: check jgroup2 user membership
    oc_group:
      state: list
      name: jgroup2
    register: group_out
  #- debug: var=group_out
  - name: assert user not present in group
    assert:
      that: group_out['results'][0]['users'] == []