vhosts: give full permissions to default guest administrator

diff --git a/tasks/rabbitmq_vhosts.yml b/tasks/rabbitmq_vhosts.yml
index 790ac18d1c18c062ed4a2f5babda973ea7102c12..a02af62b3500e37dad7096d0eb523dffc24b2d83 100644 (file)
--- a/tasks/rabbitmq_vhosts.yml
+++ b/tasks/rabbitmq_vhosts.yml
@@ -1,7 +1,25 @@
 ---
-- name: Create vhosts
+- name: rabbitmq_extra_vhosts | Create vhosts
   rabbitmq_vhost:
     name: "{{ item['name'] }}"
     state: "{{ item['state'] }}"
   with_items: "{{ rabbitmq_extra_vhosts }}"
   run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}"
+  register: rabbitmq_created_vhosts
+
+- name: rabbitmq_extra_vhosts | Check guest administrator is present
+  command: rabbitmqctl -q list_users
+  become: true
+  run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}"
+  when: rabbitmq_created_vhosts.changed
+  changed_when: false
+  register: rabbitmq_existing_users
+
+- name: rabbitmq_extra_vhosts | Give access to new vhosts to guest administrator
+  command: "rabbitmqctl -q set_permissions -p {{ item['name'] }} guest '.*' '.*' '.*'"
+  become: true
+  run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}"
+  with_items: "{{ rabbitmq_created_vhosts.results|selectattr('changed')|list }}"
+  when:
+    - item['state'] == 'present'
+    - rabbitmq_existing_users.stdout_lines | map('regex_search', '^guest\\s\\[.*administrator.*\\]$') | list | difference([None]) | length > 0