-
-
Notifications
You must be signed in to change notification settings - Fork 4
/
resource_role_v1.go
102 lines (85 loc) · 2.43 KB
/
resource_role_v1.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package main
import (
"fmt"
"log"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/pactflow/terraform/broker"
"github.com/pactflow/terraform/client"
)
const (
administratorRole = "administrator"
userRole = "user"
)
var allowedRoles = map[string]string{
administratorRole: "cf75d7c2-416b-11ea-af5e-53c3b1a4efd8",
}
func validateRoles(val interface{}, key string) (warns []string, errs []error) {
v := val.(string)
if _, ok := allowedRoles[v]; !ok {
errs = append(errs, fmt.Errorf("%q must be one of the allowed pre-existing roles %v, got %v", key, allowedRoles, v))
}
return
}
// TODO: update to use new API? Or just remove this entirely in favour of the new role assignment resource?
func roleV1() *schema.Resource {
return &schema.Resource{
DeprecationMessage: "This resource is deprecated. Please update to the newer 'pact_role' resource",
Create: roleV1Create,
Read: roleV1Read,
Delete: roleV1Delete,
Schema: map[string]*schema.Schema{
"role": {
Type: schema.TypeString,
Description: "Role to apply to the user",
ValidateFunc: validateRoles,
Required: true,
ForceNew: true,
},
"user": {
Type: schema.TypeString,
Description: "UUID of the user of which to apply the role",
Required: true,
ForceNew: true,
},
"name": {
Type: schema.TypeString,
Computed: true,
Description: "Name of the Role",
},
"uuid": {
Type: schema.TypeString,
Computed: true,
Description: "The UUID of API token",
},
},
}
}
func roleV1Create(d *schema.ResourceData, meta interface{}) error {
client := meta.(*client.Client)
userUUID := d.Get("user").(string)
// NOTE: we only support the admin role at this time
log.Println("[DEBUG] creating role for user with UUID:", userUUID)
_, err := client.AddAdminRoleToUser(broker.User{
UUID: userUUID,
})
if err == nil {
d.SetId(allowedRoles["administrator"])
d.Set("name", "Administrator")
}
return err
}
func roleV1Read(d *schema.ResourceData, meta interface{}) error {
return nil
}
func roleV1Delete(d *schema.ResourceData, meta interface{}) error {
client := meta.(*client.Client)
userUUID := d.Get("user").(string)
log.Println("[DEBUG] deleting role for user with UUID:", userUUID)
_, err := client.RemoveAdminRoleFromUser(broker.User{
UUID: userUUID,
})
if err != nil {
d.SetId("")
}
return err
}