diff --git a/playbooks/edx-east/manage_edxapp_users_and_groups.yml b/playbooks/edx-east/manage_edxapp_users_and_groups.yml index eba6797..98c7a64 100644 --- a/playbooks/edx-east/manage_edxapp_users_and_groups.yml +++ b/playbooks/edx-east/manage_edxapp_users_and_groups.yml @@ -10,7 +10,7 @@ # # Overview: # This playbook ensures that the specified users and groups exist in the targeted -# edxapp cluster. +# edxapp cluster. # # Users have the following properties: # - username (required, str) @@ -72,7 +72,6 @@ # for perm in Permission.objects.all(): # print '{}:{}:{}'.format(perm.content_type.app_label, perm.content_type.model, perm.codename) # - - hosts: all vars: python_path: /edx/bin/python.edxapp diff --git a/playbooks/roles/common_vars/defaults/main.yml b/playbooks/roles/common_vars/defaults/main.yml index 9d63da3..739967f 100644 --- a/playbooks/roles/common_vars/defaults/main.yml +++ b/playbooks/roles/common_vars/defaults/main.yml @@ -220,3 +220,6 @@ COMMON_OIDC_ISSUER: '{{ COMMON_OAUTH_URL_ROOT }}' COMMON_JWT_AUDIENCE: 'SET-ME-PLEASE' COMMON_JWT_ISSUER: '{{ COMMON_OIDC_ISSUER }}' COMMON_JWT_SECRET_KEY: 'SET-ME-PLEASE' + +# Set sandbox admin default +SANDBOX_CREATE_ADMIN_USER: True diff --git a/playbooks/roles/demo/defaults/main.yml b/playbooks/roles/demo/defaults/main.yml index 31e3627..b0e3fef 100644 --- a/playbooks/roles/demo/defaults/main.yml +++ b/playbooks/roles/demo/defaults/main.yml @@ -24,19 +24,23 @@ demo_test_users: username: honor hashed_password: "{{ demo_hashed_password }}" is_staff: false + is_superuser: false - email: 'audit@example.com' username: audit hashed_password: "{{ demo_hashed_password }}" is_staff: false + is_superuser: false - email: 'verified@example.com' username: verified hashed_password: "{{ demo_hashed_password }}" is_staff: false + is_superuser: false demo_staff_user: email: 'staff@example.com' username: staff hashed_password: "{{ demo_hashed_password }}" is_staff: true + is_superuser: false demo_edxapp_user: 'edxapp' demo_edxapp_settings: '{{ COMMON_EDXAPP_SETTINGS }}' demo_edxapp_venv_bin: '{{ COMMON_APP_DIR }}/{{ demo_edxapp_user }}/venvs/{{demo_edxapp_user}}/bin' diff --git a/playbooks/roles/demo/tasks/deploy.yml b/playbooks/roles/demo/tasks/deploy.yml index 0ca1c99..4b525bd 100644 --- a/playbooks/roles/demo/tasks/deploy.yml +++ b/playbooks/roles/demo/tasks/deploy.yml @@ -26,12 +26,22 @@ demo_test_and_staff_users: "{{ demo_test_users }}" when: not DEMO_CREATE_STAFF_USER +- name: build staff, admin, and test user list + set_fact: + demo_test_admin_and_staff_users: "{{ demo_test_and_staff_users + [SANDBOX_EDXAPP_USERS] }}" + when: SANDBOX_CREATE_ADMIN_USER + +- name: build staff, admin, and test user list + set_fact: + demo_test_admin_and_staff_users: "{{ demo_test_and_staff_users }}" + when: not SANDBOX_CREATE_ADMIN_USER + - name: create some test users - shell: "{{ demo_edxapp_venv_bin }}/python ./manage.py lms --settings={{ demo_edxapp_settings }} --service-variant lms manage_user {{ item.username}} {{ item.email }} --initial-password-hash {{ item.hashed_password | quote }}{% if item.is_staff %} --staff{% endif %}" + shell: "{{ demo_edxapp_venv_bin }}/python ./manage.py lms --settings={{ demo_edxapp_settings }} --service-variant lms manage_user {{ item.username}} {{ item.email }} --initial-password-hash {{ item.hashed_password | quote }}{% if item.is_staff %} --staff{% endif %}{% if item.is_superuser %} --superuser{% endif %}" args: chdir: "{{ demo_edxapp_code_dir }}" become_user: "{{ common_web_user }}" - with_items: "{{ demo_test_and_staff_users }}" + with_items: "{{ demo_test_admin_and_staff_users }}" when: demo_checkout.changed - name: enroll test users in the demo course