From b27e15f8f6ad8fd65a0d5aa35ec7468a4e1d5994 Mon Sep 17 00:00:00 2001
From: Gardouille <gardouille@gmail.com>
Date: Wed, 14 Jan 2015 19:23:45 +0100
Subject: [PATCH] * (#7) Add a new defined type to manage users for PVE WebGUI.

---
 CHANGELOG.md                 |  4 ++-
 manifests/hypervisor/user.pp | 57 ++++++++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 manifests/hypervisor/user.pp

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 27e4509..06b852c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,11 @@
 * Add a variable to choose to keep PVE enterprise repo for the subscribers.
 * (#4) Add an access control list for PveProxy.
 * (#4) Add a new class to manage Proxmox's service (proxmox::hypervisor::service).
-* (#6) Add a new defined class to manage groups for PVE WebGUI.
+* (#6) Add a new defined type to manage groups for PVE WebGUI.
+* (#7) Add a new defined type to manage users for PVE WebGUI.
 * Update the README.md file for (#6) group defined type.
 * Add a test for (#6) group defined type.
+
 ---------------------------------------
 
 ### 0.0.2 - 2014/01/08
diff --git a/manifests/hypervisor/user.pp b/manifests/hypervisor/user.pp
new file mode 100644
index 0000000..4fb3655
--- /dev/null
+++ b/manifests/hypervisor/user.pp
@@ -0,0 +1,57 @@
+# == Define: proxmox::hypervisor::user
+#
+# Manage users allowed to WebGUI
+#
+# === Parameters
+#
+# [*user*]
+#   _default_: +$title+, the title/name of the ressource
+#
+#   Is the username.
+#
+# [*group*]
+#   _default_: +undef+
+#
+#   The group list for the user.
+#
+# [*permission_file*]
+#   _default_: +/etc/pve/user.cfg+
+#
+#   The file where group's informations are stored.
+#
+define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file = '/etc/pve/user.cfg' ) {
+
+  # Manage user only if Proxmox is available
+  if $::is_proxmox == 'true' {
+
+    ## Work with an if/else test because the user must be create before adding
+    # it to a group ...
+
+    # If a group was set
+    if empty($group) == false {
+      # Create the user in Proxmox
+      exec { "add_${user}_user":
+        path    => ['/bin','/sbin','/usr/bin','/usr/sbin'],
+        command => "pveum useradd ${user}",
+        unless  => "grep '^user:${user}' ${permission_file}",
+      }
+      ->
+      # Then add this user to a group
+      exec { "add_${user}_to_${group}":
+        path    => ['/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
+        command => "pveum usermod ${user} -group ${group}",
+        # The grep command should return 2 lines (minium) that match the pattern
+        unless  => "test `grep '${user}' -c ${permission_file}` -ge 2",
+      }
+    }
+    else {
+      # Create the user in Proxmox
+      exec { "add_${user}_user":
+        path    => ['/bin','/sbin','/usr/bin','/usr/sbin'],
+        command => "pveum useradd ${user}",
+        unless  => "grep '^user:${user}' ${permission_file}",
+      }
+    }
+  }
+
+} # Public ressource: proxmox::hypervisor::user