From 8361efec8031916d0f4092681e62e8bd2822627b Mon Sep 17 00:00:00 2001
From: Anna Khmelnitsky <akhmelnitsky@vmware.com>
Date: Tue, 2 Nov 2021 20:07:15 +0000
Subject: [PATCH] Use schema Set for attributes in ids profiles

This is following platform changes that reorders items in response.

Signed-off-by: Anna Khmelnitsky <akhmelnitsky@vmware.com>
---
 ...e_nsxt_policy_intrusion_service_profile.go | 20 ++++++++---------
 ...t_policy_intrusion_service_profile_test.go | 22 +++++++++----------
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/nsxt/resource_nsxt_policy_intrusion_service_profile.go b/nsxt/resource_nsxt_policy_intrusion_service_profile.go
index 8629c6114..fcf3b6292 100644
--- a/nsxt/resource_nsxt_policy_intrusion_service_profile.go
+++ b/nsxt/resource_nsxt_policy_intrusion_service_profile.go
@@ -62,7 +62,7 @@ func resourceNsxtPolicyIntrusionServiceProfile() *schema.Resource {
 				MaxItems:    1,
 			},
 			"overridden_signature": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "Signatures that has been overridden for this Profile",
 				Optional:    true,
 				Elem:        getIdsProfileSignatureSchema(),
@@ -84,7 +84,7 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
 	return &schema.Resource{
 		Schema: map[string]*schema.Schema{
 			"attack_types": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "List of attack type criteria",
 				Optional:    true,
 				Elem: &schema.Schema{
@@ -92,7 +92,7 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
 				},
 			},
 			"attack_targets": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "List of attack target criteria",
 				Optional:    true,
 				Elem: &schema.Schema{
@@ -100,7 +100,7 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
 				},
 			},
 			"cvss": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "Common Vulnerability Scoring System Ranges",
 				Optional:    true,
 				Elem: &schema.Schema{
@@ -109,7 +109,7 @@ func getIdsProfileCriteriaSchema() *schema.Resource {
 				},
 			},
 			"products_affected": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "List of products affected",
 				Optional:    true,
 				Elem: &schema.Schema{
@@ -186,10 +186,10 @@ func getIdsProfileCriteriaFromSchema(d *schema.ResourceData) ([]*data.StructValu
 	}
 
 	data := criteria[0].(map[string]interface{})
-	attackTypes := interfaceListToStringList(data["attack_types"].([]interface{}))
-	attackTargets := interfaceListToStringList(data["attack_targets"].([]interface{}))
-	cvss := interfaceListToStringList(data["cvss"].([]interface{}))
-	productsAffected := interfaceListToStringList(data["products_affected"].([]interface{}))
+	attackTypes := interfaceListToStringList(data["attack_types"].(*schema.Set).List())
+	attackTargets := interfaceListToStringList(data["attack_targets"].(*schema.Set).List())
+	cvss := interfaceListToStringList(data["cvss"].(*schema.Set).List())
+	productsAffected := interfaceListToStringList(data["products_affected"].(*schema.Set).List())
 
 	if len(attackTypes) > 0 {
 		item, err := buildIdsProfileCriteriaFilter(model.IdsProfileFilterCriteria_FILTER_NAME_ATTACK_TYPE, attackTypes)
@@ -291,7 +291,7 @@ func setIdsProfileCriteriaInSchema(criteriaList []*data.StructValue, d *schema.R
 func getIdsProfileSignaturesFromSchema(d *schema.ResourceData) []model.IdsProfileLocalSignature {
 	var result []model.IdsProfileLocalSignature
 
-	signatures := d.Get("overridden_signature").([]interface{})
+	signatures := d.Get("overridden_signature").(*schema.Set).List()
 	if len(signatures) == 0 {
 		return result
 	}
diff --git a/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go b/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go
index 27499df53..3ea57cb5f 100644
--- a/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go
+++ b/nsxt/resource_nsxt_policy_intrusion_service_profile_test.go
@@ -31,8 +31,8 @@ func TestAccResourceNsxtPolicyIntrusionServiceProfile_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"),
 					resource.TestCheckResourceAttr(testResourceName, "severities.#", "2"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.#", "1"),
-					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "2"),
-					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "1"),
+					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "3"),
+					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "2"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.0.cvss.#", "0"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "0"),
 					resource.TestCheckResourceAttr(testResourceName, "overridden_signature.#", "1"),
@@ -50,10 +50,10 @@ func TestAccResourceNsxtPolicyIntrusionServiceProfile_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(testResourceName, "description", "Acceptance Test"),
 					resource.TestCheckResourceAttr(testResourceName, "severities.#", "3"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.#", "1"),
-					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "2"),
+					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_types.#", "3"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.0.attack_targets.#", "0"),
 					resource.TestCheckResourceAttr(testResourceName, "criteria.0.cvss.#", "4"),
-					resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "1"),
+					resource.TestCheckResourceAttr(testResourceName, "criteria.0.products_affected.#", "2"),
 					resource.TestCheckResourceAttr(testResourceName, "overridden_signature.#", "2"),
 					resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"),
 				),
@@ -154,12 +154,12 @@ resource "nsxt_policy_intrusion_service_profile" "test" {
   severities   = ["HIGH", "CRITICAL"]
 
   criteria {
-    attack_types   = ["trojan-activity", "successful-admin"]
-    attack_targets = ["SERVER"]
+    attack_types   = ["trojan-activity", "policy-violation", "attempted-admin"]
+    attack_targets = ["SERVER", "SMTP Server"]
   }
 
   overridden_signature {
-    signature_id = "2026323"
+    signature_id = "2030240"
     action       = "REJECT"
     enabled      = true
   }
@@ -179,19 +179,19 @@ resource "nsxt_policy_intrusion_service_profile" "test" {
   severities   = ["HIGH", "CRITICAL", "LOW"]
 
   criteria {
-    attack_types      = ["trojan-activity", "successful-admin"]
+    attack_types      = ["trojan-activity", "policy-violation", "attempted-admin"]
     cvss              = ["NONE", "MEDIUM", "HIGH", "CRITICAL"]
-    products_affected = ["Linux"]
+    products_affected = ["Linux", "VMware"]
   }
 
   overridden_signature {
-    signature_id = "2026323"
+    signature_id = "2030240"
     action       = "REJECT"
     enabled      = true
   }
 
   overridden_signature {
-    signature_id = "2026325"
+    signature_id = "2030241"
     action       = "REJECT"
     enabled      = true
   }