---
- hosts: localhost
  gather_facts: false
  name: Create/Delete FlexVol With Cifs Share
  vars:
    #set present/absent flag for netapp modules from create/delete values in the perform parameter
    state: "{{ 'present' if perform == 'create' else ( 'absent' if perform == 'delete' else 'placeholder') }}"
  vars_files:
    vars/main.yml

  tasks:

  - name: Convert cif_ad_object to list # use where playbook invoked on command line with single string variables, rather than json input that accepts lists
    vars:
      cifs_ad_object: ["cifs_ad_object"]
    register: cifs_ad_object
    when: cifs_ad_object is string
    debug: msg="cifs_ad_object {{ cifs_ad_object }} is not a list of users, converting to list"

  - name: Convert cifs_administrator_object to list # use where playbook invoked on command line with single string variables, rather than json input that accepts lists
    vars:
      cifs_administrator_object: ["cifs_administrator_object"]
    register: cifs_administrator_object
    when: cifs_administrator_object is string
    debug: msg="cifs_administrator_object {{ cifs_administrator_object }} is not a list of users, converting to list"

  - name: Fail Where Requisite Vars Not Set
    fail:
      msg: "Parameter {{item.key}} has value {{item.value}}, {{item.key}} is required to be passed from Cloudforms"
    when: item.value == 'placeholder'
    loop: "{{ lookup('dict', vars ) }}" #vars is a special variable of a list containng all varibales in the playbook

  - name: Get Aggregate Available Space
    na_ontap_command:
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
      command: ['set -showseparator "," -units GB;aggr show -aggregate netapp_sim_01_FC_1 -fields availsize']
    register: aggavail

  - name: Get Aggregate Size
    na_ontap_command:
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
      command: ['set -showseparator "," -units GB;aggr show -aggregate netapp_sim_01_FC_1 -fields size']
    register: aggtotal

  - name: Get Aggregate Used Space
    na_ontap_command:
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
      command: ['set -showseparator "," -units GB;aggr show -aggregate netapp_sim_01_FC_1 -fields physical-used']
    register: aggused

  - name: Get Aggregate Space
    vars:
      #remove newline, remove \", get command line output (was dirty with newlines), get first item of list (output in list format), split result by comma and grab 6th field, remove GB (this might be a different size unit)
      availsizeclean: "{{ aggavail.msg | regex_replace('\n','') | regex_replace('\"','') | regex_findall('(?<=<cli-output>)(.*)(?=</cli-output>)') }}"
      avail: "{{ availsizeclean[0].split(',')[5] | lower | regex_replace('gb','')}}"
      totalclean: "{{ aggtotal.msg | regex_replace('\n','') | regex_replace('\"','') | regex_findall('(?<=<cli-output>)(.*)(?=</cli-output>)') }}"
      total: "{{ totalclean[0].split(',')[5] | lower | regex_replace('gb','')}}"
      usedclean: "{{ aggused.msg | regex_replace('\n','') | regex_replace('\"','') | regex_findall('(?<=<cli-output>)(.*)(?=</cli-output>)') }}"
      used: "{{ usedclean[0].split(',')[5] | lower | regex_replace('gb','')}}"
      #aggstats: ["{{ avail }}", "{{ total }}", "{{ used }}"]
    #debug: msg="available space {{ avail }}, total space {{ total }},  used space {{ used }}, stats {{ aggstats }}"
    set_fact:
      aggstats: ["{{ avail }}", "{{ total }}", "{{ used }}"]

  - name: Test Available Aggregate Disk Space
   # designed to work with thin provisioned aggregates
   # should stop creation of volume where aggregate + requested volume size exceed a %utilisation threshold
   # should set hard limit for size of volume, as a backstop
   # should stop creation of a volume that exceeds the real size of the aggregate (all you see in this scenario is free space remaining on the volume)
    vars:
      threshold: "{{ aggstats[1] | float / 100 * 70 }}"
      toprovision: "{{ aggstats[2] | float + size | float }}"
      thicktotal: "{{  aggstats[1] | float }}"
    #debug: msg="max disk to use {{ threshold }}GB @ 70% utilisation of total disk {{ thicktotal }}GB, disk requested to provision {{ size }}GB, total disk used if share provisioned {{ toprovision }}GB"
    fail:
      msg: "provioning new {{ size }}GB volume exceeds 70% threshold capacity of aggregate {{ threshold }}GB, total disk required {{ toprovision }}GB"
    when: toprovision | float > threshold | float

  - name: Create/Delete FlexVol
    na_ontap_volume:
      state: "{{ state }}"
      #state: absent # now interpolated from the value of perform parameter
      name: "{{ prefix }}_{{ unique_identifier }}"
      is_infinite: False
      aggregate_name: netapp_sim_01_FC_1
      # module parameter size only accepts integers, we use float to validate space provisioning so we convert here
      size: "{{ size | int }}"
      size_unit: gb
      junction_path: /{{ prefix }}_{{ unique_identifier }}
      volume_security_style: mixed # in use should nfs shares be required, probably not required for just cifs
      unix_permissions: 777 # when using mixed security style unix permissions must be set, as this is insecure likely qtrees and allowed hosts would be set for nfs
      space_guarantee: none # thin provisioning
      #efficiency_policy: # would need to create a policy to include dedupe and compression
      vserver: "{{ netapp_vserver }}"
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"

  - name: Create Cifs Share
    na_ontap_cifs:
      state: "{{ state }}"
      share_name: "{{ prefix }}_{{ unique_identifier }}"
      path: /{{ prefix }}_{{ unique_identifier }}
      vserver: "{{ netapp_vserver }}"
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
    notify:
      - Remove Everyone User From Cifs Share
      - Add AD user/group To Cifs Share
      - Add administrator To Cifs Share

  handlers:

  - name: Remove Everyone User From Cifs Share
    na_ontap_cifs_acl:
      state: "absent"
      share_name: "{{ prefix }}_{{ unique_identifier }}"
      user_or_group: Everyone
      vserver: "{{ netapp_vserver }}"
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"

  - name: Add AD user/group To Cifs Share
    when: state == 'present'
    na_ontap_cifs_acl:
      state: "{{ state }}"
      share_name: "{{ prefix }}_{{ unique_identifier }}"
      #user_or_group: "{{ cifs_ad_object }}"
      user_or_group: "{{ item }}"
      permission: full_control
      vserver: "{{ netapp_vserver }}"
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
    loop: "{{ cifs_ad_object }}"

  - name: Add administrator To Cifs Share
    when: state == 'present'
    na_ontap_cifs_acl:
      state: "{{ state }}"
      share_name: "{{ prefix }}_{{ unique_identifier }}"
      #user_or_group: "{{ cifs_administrator_object }}"
      user_or_group: "{{ item }}"
      permission: full_control
      vserver: "{{ netapp_vserver }}"
      hostname: "{{ netapp_hostname }}"
      username: "{{ netapp_username }}"
      password: "{{ netapp_password }}"
    loop: "{{ cifs_administrator_object }}"