Improve modify_user function

CHANGELOG.md

@@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 ### Added
 * Adding parameters to `get_nvt command`, so it requests all details [#348](https://github.com/greenbone/python-gvm/pull/348)
+* Improved the `modify_user` function for gmpv7 and gmpv214. Added ability to change comment, groups and authentication method of user. Meaning of name parameter got changed for gmpv214 only. It is not intended for identifying a user anymore but for specifying the new name of the user [#347](https://github.com/greenbone/python-gvm/pull/347)
 * Adding `resume_audit`, `start_audit`, `stop_audit` to gmpv9 [#349](https://github.com/greenbone/python-gvm/pull/349)
 
 ### Changed

gvm/protocols/gmpv208/types.py

@@ -41,6 +41,7 @@
     SnmpPrivacyAlgorithm,
     TicketStatus,
     TimeUnit,
+    UserAuthType,
     get_alert_condition_from_string,
     get_alert_event_from_string,
     get_alert_method_from_string,
@@ -59,6 +60,7 @@
     get_snmp_privacy_algorithm_from_string,
     get_ticket_status_from_string,
     get_time_unit_from_string,
+    get_user_auth_type_from_string,
 )
 
 
@@ -84,6 +86,7 @@
     "SnmpPrivacyAlgorithm",
     "TicketStatus",
     "TimeUnit",
+    "UserAuthType",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
     "get_alert_method_from_string",
@@ -105,6 +108,7 @@
     "get_snmp_privacy_algorithm_from_string",
     "get_ticket_status_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]
 
 

gvm/protocols/gmpv214/gmpv214.py

@@ -31,7 +31,7 @@
 
 from gvm.utils import deprecation
 from gvm.xml import XmlCommand
-from gvm.protocols.gmpv7.gmpv7 import _to_comma_list
+from gvm.protocols.gmpv7.gmpv7 import _to_comma_list, _to_bool
 
 from gvm.connections import GvmConnection
 from gvm.errors import RequiredArgument
@@ -388,3 +388,97 @@ def modify_override(
             )
 
         return self._send_xml_command(cmd)
+
+    def modify_user(
+        self,
+        user_id: str = None,
+        *,
+        name: Optional[str] = None,
+        comment: Optional[str] = None,
+        password: Optional[str] = None,
+        auth_source: Optional[UserAuthType] = None,
+        role_ids: Optional[List[str]] = None,
+        hosts: Optional[List[str]] = None,
+        hosts_allow: Optional[bool] = False,
+        ifaces: Optional[List[str]] = None,
+        ifaces_allow: Optional[bool] = False,
+        group_ids: Optional[List[str]] = None
+    ) -> Any:
+
+        """Modifies an existing user. Most of the fields need to be supplied
+        for changing a single field even if no change is wanted for those.
+        Else empty values are inserted for the missing fields instead.
+
+        Arguments:
+            user_id: UUID of the user to be modified.
+            name: The new name for the user.
+            comment: Comment on the user.
+            password: The password for the user.
+            auth_source: Source allowed for authentication for this user.
+            roles_id: List of roles UUIDs for the user.
+            hosts: User access rules: List of hosts.
+            hosts_allow: Defines how the hosts list is to be interpreted.
+                If False (default) the list is treated as a deny list.
+                All hosts are allowed by default except those provided by
+                the hosts parameter. If True the list is treated as a
+                allow list. All hosts are denied by default except those
+                provided by the hosts parameter.
+            ifaces: User access rules: List of ifaces.
+            ifaces_allow: Defines how the ifaces list is to be interpreted.
+                If False (default) the list is treated as a deny list.
+                All ifaces are allowed by default except those provided by
+                the ifaces parameter. If True the list is treated as a
+                allow list. All ifaces are denied by default except those
+                provided by the ifaces parameter.
+            group_ids: List of group UUIDs for the user.
+
+        Returns:
+            The response. See :py:meth:`send_command` for details.
+        """
+        if not user_id:
+            raise RequiredArgument(
+                function=self.modify_user.__name__, argument='user_id'
+            )
+
+        cmd = XmlCommand("modify_user")
+
+        if user_id:
+            cmd.set_attribute("user_id", user_id)
+
+        if name:
+            cmd.add_element("new_name", name)
+
+        if role_ids:
+            for role in role_ids:
+                cmd.add_element("role", attrs={"id": role})
+
+        if hosts:
+            cmd.add_element(
+                "hosts",
+                _to_comma_list(hosts),
+                attrs={"allow": _to_bool(hosts_allow)},
+            )
+
+        if ifaces:
+            cmd.add_element(
+                "ifaces",
+                _to_comma_list(ifaces),
+                attrs={"allow": _to_bool(ifaces_allow)},
+            )
+
+        if comment:
+            cmd.add_element("comment", comment)
+
+        if password:
+            cmd.add_element("password", password)
+
+        if auth_source:
+            _xmlauthsrc = cmd.add_element("sources")
+            _xmlauthsrc.add_element("source", auth_source.value)
+
+        if group_ids:
+            _xmlgroups = cmd.add_element("groups")
+            for group_id in group_ids:
+                _xmlgroups.add_element("group", attrs={"id": group_id})
+
+        return self._send_xml_command(cmd)

gvm/protocols/gmpv214/types.py

@@ -42,6 +42,7 @@
     SnmpPrivacyAlgorithm,
     TicketStatus,
     TimeUnit,
+    UserAuthType,
     get_alert_condition_from_string,
     get_alert_event_from_string,
     get_alert_method_from_string,
@@ -61,6 +62,7 @@
     get_snmp_privacy_algorithm_from_string,
     get_ticket_status_from_string,
     get_time_unit_from_string,
+    get_user_auth_type_from_string,
 )
 
 
@@ -85,6 +87,7 @@
     "SnmpPrivacyAlgorithm",
     "TicketStatus",
     "TimeUnit",
+    "UserAuthType",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
     "get_alert_method_from_string",
@@ -105,6 +108,7 @@
     "get_snmp_privacy_algorithm_from_string",
     "get_ticket_status_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]
 
 

gvm/protocols/gmpv7/gmpv7.py

@@ -6070,27 +6070,45 @@ def modify_user(
         name: str = None,
         *,
         new_name: Optional[str] = None,
+        comment: Optional[str] = None,
         password: Optional[str] = None,
+        auth_source: Optional[UserAuthType] = None,
         role_ids: Optional[List[str]] = None,
         hosts: Optional[List[str]] = None,
         hosts_allow: Optional[bool] = False,
         ifaces: Optional[List[str]] = None,
-        ifaces_allow: Optional[bool] = False
+        ifaces_allow: Optional[bool] = False,
+        group_ids: Optional[List[str]] = None
     ) -> Any:
-        """Modifies an existing user.
+        """Modifies an existing user. Most of the fields need to be supplied
+        for changing a single field even if no change is wanted for those.
+        Else empty values are inserted for the missing fields instead.
 
         Arguments:
             user_id: UUID of the user to be modified. Overrides name element
                 argument.
             name: The name of the user to be modified. Either user_id or name
                 must be passed.
             new_name: The new name for the user.
+            comment: Comment on the user.
             password: The password for the user.
+            auth_source: Source allowed for authentication for this user.
             roles_id: List of roles UUIDs for the user.
             hosts: User access rules: List of hosts.
-            hosts_allow: If True, allow only listed, otherwise forbid listed.
+            hosts_allow: Defines how the hosts list is to be interpreted.
+                If False (default) the list is treated as a deny list.
+                All hosts are allowed by default except those provided by
+                the hosts parameter. If True the list is treated as a
+                allow list. All hosts are denied by default except those
+                provided by the hosts parameter.
             ifaces: User access rules: List of ifaces.
-            ifaces_allow: If True, allow only listed, otherwise forbid listed.
+            ifaces_allow: Defines how the ifaces list is to be interpreted.
+                If False (default) the list is treated as a deny list.
+                All ifaces are allowed by default except those provided by
+                the ifaces parameter. If True the list is treated as a
+                allow list. All ifaces are denied by default except those
+                provided by the ifaces parameter.
+            group_ids: List of group UUIDs for the user.
 
         Returns:
             The response. See :py:meth:`send_command` for details.
@@ -6110,9 +6128,6 @@ def modify_user(
         if new_name:
             cmd.add_element("new_name", new_name)
 
-        if password:
-            cmd.add_element("password", password)
-
         if role_ids:
             for role in role_ids:
                 cmd.add_element("role", attrs={"id": role})
@@ -6131,6 +6146,21 @@ def modify_user(
                 attrs={"allow": _to_bool(ifaces_allow)},
             )
 
+        if comment:
+            cmd.add_element("comment", comment)
+
+        if password:
+            cmd.add_element("password", password)
+
+        if auth_source:
+            _xmlauthsrc = cmd.add_element("sources")
+            _xmlauthsrc.add_element("source", auth_source.value)
+
+        if group_ids:
+            _xmlgroups = cmd.add_element("groups")
+            for group_id in group_ids:
+                _xmlgroups.add_element("group", attrs={"id": group_id})
+
         return self._send_xml_command(cmd)
 
     def move_task(self, task_id: str, *, slave_id: Optional[str] = None) -> Any:

gvm/protocols/gmpv7/types.py

@@ -43,6 +43,7 @@
     "SnmpAuthAlgorithm",
     "SnmpPrivacyAlgorithm",
     "TimeUnit",
+    "UserAuthType",
     "get_alive_test_from_string",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
@@ -63,6 +64,7 @@
     "get_snmp_auth_algorithm_from_string",
     "get_snmp_privacy_algorithm_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]
 
 
@@ -811,3 +813,27 @@ def get_time_unit_from_string(time_unit: Optional[str]) -> Optional[TimeUnit]:
             argument='severity_level',
             function=get_severity_level_from_string.__name__,
         ) from None
+
+
+class UserAuthType(Enum):
+    """Enum for Sources allowed for authentication for the user"""
+
+    FILE = 'file'
+    LDAP_CONNECT = 'ldap_connect'
+    RADIUS_CONNECT = 'radius_connect'
+
+
+def get_user_auth_type_from_string(
+    user_auth_type: Optional[str],
+) -> Optional[UserAuthType]:
+    """ Convert a user auth type string into a UserAuthType instance """
+    if not user_auth_type:
+        return None
+
+    try:
+        return UserAuthType[user_auth_type.upper()]
+    except KeyError:
+        raise InvalidArgument(
+            argument='user_auth_type',
+            function=get_user_auth_type_from_string.__name__,
+        ) from None

gvm/protocols/gmpv8/types.py

@@ -39,6 +39,7 @@
     SnmpAuthAlgorithm,
     SnmpPrivacyAlgorithm,
     TimeUnit,
+    UserAuthType,
     get_alert_condition_from_string,
     get_alert_event_from_string,
     get_alert_method_from_string,
@@ -56,6 +57,7 @@
     get_snmp_auth_algorithm_from_string,
     get_snmp_privacy_algorithm_from_string,
     get_time_unit_from_string,
+    get_user_auth_type_from_string,
 )
 
 
@@ -81,6 +83,7 @@
     "SnmpPrivacyAlgorithm",
     "TicketStatus",
     "TimeUnit",
+    "UserAuthType",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
     "get_alert_method_from_string",
@@ -102,6 +105,7 @@
     "get_snmp_privacy_algorithm_from_string",
     "get_ticket_status_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]
 
 

gvm/protocols/gmpv9/types.py

@@ -37,6 +37,7 @@
     SnmpPrivacyAlgorithm,
     TicketStatus,
     TimeUnit,
+    UserAuthType,
     get_alive_test_from_string,
     get_asset_type_from_string,
     get_credential_format_from_string,
@@ -52,6 +53,7 @@
     get_snmp_privacy_algorithm_from_string,
     get_ticket_status_from_string,
     get_time_unit_from_string,
+    get_user_auth_type_from_string,
 )
 
 
@@ -77,6 +79,7 @@
     "SnmpPrivacyAlgorithm",
     "TicketStatus",
     "TimeUnit",
+    "UserAuthType",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
     "get_alert_method_from_string",
@@ -98,6 +101,7 @@
     "get_snmp_privacy_algorithm_from_string",
     "get_ticket_status_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]
 
 

gvm/protocols/latest.py

@@ -56,6 +56,7 @@
     SnmpPrivacyAlgorithm,
     TicketStatus,
     TimeUnit,
+    UserAuthType,
     get_alert_condition_from_string,
     get_alert_event_from_string,
     get_alert_method_from_string,
@@ -76,6 +77,7 @@
     get_snmp_privacy_algorithm_from_string,
     get_ticket_status_from_string,
     get_time_unit_from_string,
+    get_user_auth_type_from_string,
 )
 from .ospv1 import Osp
 
@@ -102,6 +104,7 @@
     "SnmpPrivacyAlgorithm",
     "TicketStatus",
     "TimeUnit",
+    "UserAuthType",
     "get_alert_condition_from_string",
     "get_alert_event_from_string",
     "get_alert_method_from_string",
@@ -122,4 +125,5 @@
     "get_snmp_privacy_algorithm_from_string",
     "get_ticket_status_from_string",
     "get_time_unit_from_string",
+    "get_user_auth_type_from_string",
 ]