[FEATURE]: Allow removal of share permissions (in addition to allowing/denying)

[mophahr]

Describe the solution you'd like
I'd like to be able to delete old permissions using the ansible module dellemc.powerscale.smb. At the moment I can only chose between allow or deny as vaues for the premission_type parameter in entries in the permissions dictionary

Describe alternatives you've considered
An alternative is to use the ansible.builtin.uri module to talk to OneFS, but that comes at a higher cost (i.e. the login needs to be perfomed explicitely within the playbook, tasks which otherwise would be taken care of by the dellemc.powerscale module.

[anupamaloke]

@mophahr, thank you for submitting this feature request. It has been added to the backlog and will be triaged accordingly.

[anupamaloke]

@mophahr, just wanted to provide an update on this. It seems that the OneFS SMB Share API does not have support for removal of share permissions at present. So, we will relook at this feature request once that support is added in APIs. As of now, I don't have any ETA on when that will be added.

Meanwhile, you can use the Isilon CLI command with Ansible to delete the smb share permissions:

vpi2151-1% isi smb shares permission delete --help
Description:
    Delete permissions for an SMB share.

Required Privileges:
    ISI_PRIV_SMB

Usage:
    isi smb shares permission delete <share> { <user> | --group <name> | --gid <id> | --uid <id> | --sid <sid> | --wellknown <name> }
        [--zone <string>]
        [{--force | -f}]
        [{--verbose | -v}]
        [{--help | -h}]

Options:
    <share>
        An SMB share name.

  Persona:
    <user>
        A user name.
    --group <name>
        A group name.
    --gid <id>
        A numeric group identifier.
    --uid <id>
        A numeric user identifier.
    --sid <sid>
        A security identifier.
    --wellknown <name>
        A well-known user, group, machine or account name.
    --zone <string>
        Access zone.

  Display Options:
    --force | -f
        Do not ask confirmation.
    --verbose | -v
        Display more detailed information.
    --help | -h
        Display help for this command.

Argument Formats:
    <gid>
      The numeric identifier of an object

    <user>
      A string used to identify an object.

    <sid>
      A string security identifier; e.g. S-1-5-21-13.

[bugmanch]

Note that although documentation doesn't state it, I am able to remove some SMB shares permissions, like the default "Everyone: read-only", with the following:

dellemc.powerscale.smb:
...
    permissions:
      - wellknown: "Everyone"
        permission: "read"
        permission_type: "allow"
        state: "absent"