def _handle_existing_policy(name, new_rules, existing_rules):
ret = { 'name': name }
if new_rules == existing_rules:
ret['result'] = True
ret['changes'] = None
ret['comment'] = 'Policy exists, and has the correct content'
return ret
change = ''.join(difflib.unified_diff(existing_rules.splitlines(True), new_rules.splitlines(True)))
if __opts__['test']:
ret['result'] = None
ret['changes'] = { name: { 'change': change } }
ret['comment'] = 'Policy would be changed'
return ret
payload = { 'rules': new_rules }
url = "v1/sys/policy/{0}".format(name)
response = __utils__['vault.make_request']('PUT', url, json=payload)
if response.status_code != 204:
return {
'name': name,
'changes': None,
'result': False,
'comment': 'Failed to change policy: {0}'.format(response.reason)
}
ret['result'] = True
ret['changes'] = { name: { 'change': change } }
ret['comment'] = 'Policy was updated'
return ret
评论列表
文章目录
