From 5d786ef01233eec6c6110a17b906e313a92ad30f Mon Sep 17 00:00:00 2001 From: Dan Mick Date: Tue, 12 Jan 2016 21:17:32 -0800 Subject: [PATCH] users: filter userlists against 'users' later Filter the user lists after the other list-modifying operations. This way, the user-requested 'users' variable filter has final say over which users are considered. Signed-off-by: Dan Mick --- roles/users/tasks/main.yml | 40 +++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index b9c4a5bc..04edc6bb 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -1,24 +1,4 @@ --- -- name: Filter the managed_users list - set_fact: - managed_users: - "[{% for user in managed_users %} - {% if user.name in users %}{{ user }},{%endif%} - {%endfor%}]" - when: users|length > 0 - tags: - - always - -- name: Filter the managed_admin_users list - set_fact: - managed_admin_users: - "[{% for user in managed_admin_users %} - {% if user.name in users %}{{ user }},{%endif%} - {%endfor%}]" - when: users|length > 0 - tags: - - always - - name: Merge extra_admin_users into managed_admin_users set_fact: # The following adds items from extra_admin_users to managed_admin_users, while @@ -46,6 +26,26 @@ tags: - always +- name: Filter the managed_users list + set_fact: + managed_users: + "[{% for user in managed_users %} + {% if user.name in users %}{{ user }},{%endif%} + {%endfor%}]" + when: users|length > 0 + tags: + - always + +- name: Filter the managed_admin_users list + set_fact: + managed_admin_users: + "[{% for user in managed_admin_users %} + {% if user.name in users %}{{ user }},{%endif%} + {%endfor%}]" + when: users|length > 0 + tags: + - always + - name: Create all admin users with sudo access. user: name: "{{ item.name }}" -- 2.47.3