我正在嘗試遍歷包含權限型別的團隊字典,并遍歷第二個字典以檢索該權限型別的值
與團隊一起列出:
teams:
- name: "A"
permission_type: admin_permissions
- name: "B"
permission_type: user_permissions
- name: "C"
permission_type: user_permissions
具有權限的字典:
permission_list:
- admin_permissions:
- Scope: permission1
Rights: write
- Scope: permission2
Rights: write
- user_permissions:
- Scope: permission1
Rights: read
- Scope: permission2
Rights: read
具有以下角色 ansible 任務:
- name: Define role permissions
command:
chdir: "{{ bin_dir }}"
cmd: |
./myscript.sh -modify_role -name "{{ item.name }}-access-role" -add_permission
{% for permissions in permission_list if item.permission_type == permissions %} -auth_resource "{{ permissions.Scope }}" -operation "{{ permissions.Rights }}" {% endfor %}
loop: "{{ teams }}"
我得到的錯誤是 if 陳述句不匹配,這意味著之后的所有內容-add_permission都是空的
結果應該是:
./myscript.sh -modify_role -name "A-access-role" -add_permission -auth_resource permission1 -operation write -auth_resource permission2 -operation write
./myscript.sh -modify_role -name "B-access-role" -add_permission -auth_resource permission1 -operation read -auth_resource permission2 -operation read
./myscript.sh -modify_role -name "C-access-role" -add_permission -auth_resource permission1 -operation read -auth_resource permission2 -operation read
我怎樣才能做到這一點?
編輯:感謝 matt_s 為我指明了正確的方向,這些是我必須做出的調整:
- 使用字典而不是串列(基本上洗掉
-admin_permissions 和 user_permissions 的破折號“” - 洗掉 for 回圈 (
"{{ permissions.Scope }}")中的參考
uj5u.com熱心網友回復:
您可以更改您的權限串列,以便您可以查找每種型別的權限。因此,不要使用串列,而是使用型別為鍵的字典:
permission_list:
admin_permissions:
- Scope: permission1
Rights: write
- Scope: permission2
Rights: write
user_permissions:
- Scope: permission1
Rights: read
- Scope: permission2
Rights: read
然后用于with_items檢查您的團隊:
- name: Test
debug:
msg: "{% for p in permission_list[item.permission_type]%} scope: {{ p.Scope }} rights: {{ p.Rights }} {% endfor %}"
with_items: "{{ teams }}"
結果是:
TASK [stack_overflow_1 : Test] *************************************************************************************************************************************************************************************************************************************************
ok: [localhost] => (item={u'name': u'A', u'permission_type': u'admin_permissions'}) => {
"msg": " scope: permission1 rights: write scope: permission2 rights: write "
}
ok: [localhost] => (item={u'name': u'B', u'permission_type': u'user_permissions'}) => {
"msg": " scope: permission1 rights: read scope: permission2 rights: read "
}
ok: [localhost] => (item={u'name': u'C', u'permission_type': u'user_permissions'}) => {
"msg": " scope: permission1 rights: read scope: permission2 rights: read "
}
uj5u.com熱心網友回復:
首先將串列轉換為字典。例如
- set_fact:
permission_dict: "{{ permission_dict|d({})|
combine({permission_type: auth_resource}) }}"
loop: "{{ permission_list }}"
vars:
permission_type: "{{ item.keys()|first }}"
auth_resource: |-
{% for p in item|json_query('*')|flatten %}
-auth_resource {{ p.Scope }} -operation {{ p.Rights }}
{%- endfor %}
給
permission_dict:
admin_permissions: " -auth_resource permission1 -operation write -auth_resource permission2 -operation write"
user_permissions: " -auth_resource permission1 -operation read -auth_resource permission2 -operation read"
使用此字典創建命令
- debug:
var: cmd
loop: "{{ teams }}"
vars:
cmd: >-
./myscript.sh -modify_role -name {{ item.name }}-access-role
-add_permission{{ permission_dict[item.permission_type] }}
給出(刪節)
cmd: ./myscript.sh -modify_role -name A-access-role -add_permission -auth_resource permission1 -operation write -auth_resource permission2 -operation write
cmd: ./myscript.sh -modify_role -name B-access-role -add_permission -auth_resource permission1 -operation read -auth_resource permission2 -operation read
cmd: ./myscript.sh -modify_role -name C-access-role -add_permission -auth_resource permission1 -operation read -auth_resource permission2 -operation read
轉載請註明出處,本文鏈接:https://www.uj5u.com/net/441362.html
下一篇:從資料框創建字典值鍵