Add --diff support for ldap_attrs module

changelogs/fragments/8073-ldap-attrs-diff.yml

@@ -0,0 +1,2 @@
+minor_changes:
+  - ldap_attrs - module now supports diff mode, showing which attributes are changed within an operation (https://github.com/ansible-collections/community.general/pull/8073)

plugins/modules/ldap_attrs.py

@@ -44,7 +44,8 @@
   check_mode:
     support: full
   diff_mode:
-    support: none
+    support: full
+    version_added: 8.5.0
 options:
   state:
     required: false
@@ -235,26 +236,38 @@ def _normalize_values(self, values):
 
     def add(self):
         modlist = []
+        new_attrs = {}
         for name, values in self.module.params['attributes'].items():
             norm_values = self._normalize_values(values)
+            added_values = []
             for value in norm_values:
                 if self._is_value_absent(name, value):
                     modlist.append((ldap.MOD_ADD, name, value))
-
-        return modlist
+                    added_values.append(value)
+            if added_values:
+                new_attrs[name] = norm_values
+        return modlist, {}, new_attrs
 
     def delete(self):
         modlist = []
+        old_attrs = {}
+        new_attrs = {}
         for name, values in self.module.params['attributes'].items():
             norm_values = self._normalize_values(values)
+            removed_values = []
             for value in norm_values:
                 if self._is_value_present(name, value):
+                    removed_values.append(value)
                     modlist.append((ldap.MOD_DELETE, name, value))
-
-        return modlist
+            if removed_values:
+                old_attrs[name] = norm_values
+                new_attrs[name] = [value for value in norm_values if value not in removed_values]
+        return modlist, old_attrs, new_attrs
 
     def exact(self):
         modlist = []
+        old_attrs = {}
+        new_attrs = {}
         for name, values in self.module.params['attributes'].items():
             norm_values = self._normalize_values(values)
             try:
@@ -272,8 +285,13 @@ def exact(self):
                     modlist.append((ldap.MOD_DELETE, name, None))
                 else:
                     modlist.append((ldap.MOD_REPLACE, name, norm_values))
+                old_attrs[name] = current
+                new_attrs[name] = norm_values
+                if len(current) == 1 and len(norm_values) == 1:
+                    old_attrs[name] = current[0]
+                    new_attrs[name] = norm_values[0]
 
-        return modlist
+        return modlist, old_attrs, new_attrs
 
     def _is_value_present(self, name, value):
         """ True if the target attribute has the given value. """
@@ -309,16 +327,18 @@ def main():
 
     # Instantiate the LdapAttr object
     ldap = LdapAttrs(module)
+    old_attrs = None
+    new_attrs = None
 
     state = module.params['state']
 
     # Perform action
     if state == 'present':
-        modlist = ldap.add()
+        modlist, old_attrs, new_attrs = ldap.add()
     elif state == 'absent':
-        modlist = ldap.delete()
+        modlist, old_attrs, new_attrs = ldap.delete()
     elif state == 'exact':
-        modlist = ldap.exact()
+        modlist, old_attrs, new_attrs = ldap.exact()
 
     changed = False
 
@@ -331,7 +351,7 @@ def main():
             except Exception as e:
                 module.fail_json(msg="Attribute action failed.", details=to_native(e))
 
-    module.exit_json(changed=changed, modlist=modlist)
+    module.exit_json(changed=changed, modlist=modlist, diff={"before": old_attrs, "after": new_attrs})
 
 
 if __name__ == '__main__':