Added normalization for users in roles

This means that people can specify a list of user names that should be
in a role, they will be converted to UUIDs before being enforced

Author: Dylan Ratcliffe

lib/puppet/provider/rbac_role/ruby.rb

@@ -43,7 +43,7 @@ def create
       'description'  => resource[:description],
       'display_name' => resource[:name],
       'permissions'  => resource[:permissions],
-      'user_ids'     => resource[:user_ids],
+      'user_ids'     => normalize_users(resource[:user_ids]),
       'group_ids'    => resource[:group_ids],
     }
     Puppet::Provider::Rbac_api::post_response('/roles', role)
@@ -64,6 +64,22 @@ def destroy
     fail "The id parameter is read-only."
   end
 
+  def normalize_users(list)
+    users = nil
+    list.collect! do |item|
+      next item if item.to_i != 0
+
+      # lazy load the available users. Avoid the API call unless needed
+      users ||= Puppet::Provider::Rbac_api::get_response('/users')
+
+      begin
+        users.find {|r| r['display_name'].downcase == item.downcase }['id']
+      rescue NoMethodError => e
+        fail "User #{item} does not exist"
+      end
+    end
+  end
+
   def flush
     # so, flush gets called, even on create() and delete()
     return if @property_hash[:id].nil?
@@ -74,7 +90,7 @@ def flush
       'description'  => @property_hash[:description],
       'display_name' => @property_hash[:name],
       'permissions'  => @property_hash[:permissions],
-      'user_ids'     => @property_hash[:user_ids],
+      'user_ids'     => normalize_users(@property_hash[:user_ids]),
       'group_ids'    => @property_hash[:group_ids],
     }
 

lib/puppet/type/rbac_role.rb

@@ -38,7 +38,7 @@ def insync?(is)
       # The current value may be nil and we don't
       # want to call sort on it so make sure we have arrays
       if is.is_a?(Array) and @should.is_a?(Array)
-        is.sort == @should.sort
+        is.sort == provider.normalize_users(@should).sort
       else
         is == @should
       end