From 47af64513f164f3cadd7497800b1419c33abfffa Mon Sep 17 00:00:00 2001 From: teowa <104055472+teowa@users.noreply.github.com> Date: Thu, 28 Sep 2023 06:16:23 +0000 Subject: [PATCH] fix customdiff --- ...eb_application_firewall_policy_resource.go | 25 ++++--------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/internal/services/network/web_application_firewall_policy_resource.go b/internal/services/network/web_application_firewall_policy_resource.go index 16e2e0ce25b5..d5a15168ee58 100644 --- a/internal/services/network/web_application_firewall_policy_resource.go +++ b/internal/services/network/web_application_firewall_policy_resource.go @@ -4,7 +4,6 @@ package network import ( - "context" "fmt" "log" "time" @@ -473,25 +472,6 @@ func resourceWebApplicationFirewallPolicy() *pluginsdk.Resource { "tags": commonschema.Tags(), }, - - CustomizeDiff: pluginsdk.CustomizeDiffShim(func(ctx context.Context, diff *pluginsdk.ResourceDiff, v interface{}) error { - if !features.FourPointOhBeta() { - // Since ConflictsWith cannot be used on these properties and the properties are optional and computed, diff.GetOK may still return value even the property is not configured. Have to check the configuration with GetRawConfig - managedRuleSetList := diff.GetRawConfig().AsValueMap()["managed_rules"].AsValueSlice()[0].AsValueMap()["managed_rule_set"].AsValueSlice() - for _, managedRuleSetVal := range managedRuleSetList { - ruleGroupOverrideList := managedRuleSetVal.AsValueMap()["rule_group_override"].AsValueSlice() - for _, ruleGroupOverrideVal := range ruleGroupOverrideList { - disabledRules := ruleGroupOverrideVal.AsValueMap()["disabled_rules"] - ruleList := ruleGroupOverrideVal.AsValueMap()["rule"].AsValueSlice() - if !disabledRules.IsNull() && len(ruleList) != 0 { - return fmt.Errorf("`disabled_rules` cannot be set when `rule` is set under `rule_group_override`") - } - } - } - } - - return nil - }), } if !features.FourPointOhBeta() { @@ -893,6 +873,11 @@ func expandWebApplicationFirewallPolicyRuleGroupOverrides(input []interface{}, d return nil, fmt.Errorf("rule group override index %d exceeds raw config length %d", i, len(ruleGroupOverrideList)) } + // Since ConflictsWith cannot be used on these properties and the properties are optional and computed, Have to check the configuration with GetRawConfig + if !ruleGroupOverrideList[i].AsValueMap()["rule"].IsNull() && len(ruleGroupOverrideList[i].AsValueMap()["rule"].AsValueSlice()) > 0 && !ruleGroupOverrideList[i].AsValueMap()["disabled_rules"].IsNull() { + return nil, fmt.Errorf("`disabled_rules` cannot be set when `rule` is set under `rule_group_override`") + } + if disabledRules := v["disabled_rules"].([]interface{}); !ruleGroupOverrideList[i].AsValueMap()["disabled_rules"].IsNull() { result.Rules = expandWebApplicationFirewallPolicyRules(disabledRules) }