forked from cloudflare/terraform-provider-cloudflare
-
Notifications
You must be signed in to change notification settings - Fork 0
/
resource_cloudflare_account_member.go
163 lines (129 loc) · 4.43 KB
/
resource_cloudflare_account_member.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
package cloudflare
import (
"fmt"
"log"
"strings"
cloudflare "github.com/cloudflare/cloudflare-go"
"github.com/hashicorp/terraform/helper/schema"
)
func resourceCloudflareAccountMember() *schema.Resource {
return &schema.Resource{
Create: resourceCloudflareAccountMemberCreate,
Read: resourceCloudflareAccountMemberRead,
Update: resourceCloudflareAccountMemberUpdate,
Delete: resourceCloudflareAccountMemberDelete,
Importer: &schema.ResourceImporter{
State: resourceCloudflareAccountMemberImport,
},
SchemaVersion: 0,
Schema: map[string]*schema.Schema{
"email_address": {
Type: schema.TypeString,
Required: true,
},
"role_ids": {
Type: schema.TypeList,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
roleIDs := d.Get("role_ids").([]interface{})
if arrayContains(old, roleIDs) && arrayContains(new, roleIDs) {
return true
}
return false
},
},
},
}
}
func resourceCloudflareAccountMemberRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*cloudflare.API)
_, err := client.AccountMember(client.OrganizationID, d.Id())
if err != nil {
if strings.Contains(err.Error(), "Member not found") ||
strings.Contains(err.Error(), "HTTP status 404") {
log.Printf("[WARN] Removing account member from state because it's not present in API")
d.SetId("")
return nil
}
return err
}
d.SetId(d.Id())
return nil
}
func resourceCloudflareAccountMemberDelete(d *schema.ResourceData, meta interface{}) error {
client := meta.(*cloudflare.API)
log.Printf("[INFO] Deleting Cloudflare account member ID: %s", d.Id())
err := client.DeleteAccountMember(client.OrganizationID, d.Id())
if err != nil {
return fmt.Errorf("error deleting Cloudflare account member: %s", err)
}
return nil
}
func resourceCloudflareAccountMemberCreate(d *schema.ResourceData, meta interface{}) error {
memberEmailAddress := d.Get("email_address").(string)
requestedMemberRoles := d.Get("role_ids").([]interface{})
client := meta.(*cloudflare.API)
var accountMemberRoleIDs []string
for _, roleID := range requestedMemberRoles {
accountMemberRoleIDs = append(accountMemberRoleIDs, roleID.(string))
}
r, err := client.CreateAccountMember(client.OrganizationID, memberEmailAddress, accountMemberRoleIDs)
if err != nil {
return fmt.Errorf("error creating Cloudflare account member: %s", err)
}
if r.ID == "" {
return fmt.Errorf("failed to find ID in create response; resource was empty")
}
d.SetId(r.ID)
return resourceCloudflareAccountMemberRead(d, meta)
}
func resourceCloudflareAccountMemberUpdate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*cloudflare.API)
accountRoles := []cloudflare.AccountRole{}
memberRoles := d.Get("role_ids").([]interface{})
for _, r := range memberRoles {
accountRole, _ := client.AccountRole(client.OrganizationID, r.(string))
accountRoles = append(accountRoles, accountRole)
}
updatedAccountMember := cloudflare.AccountMember{Roles: accountRoles}
_, err := client.UpdateAccountMember(client.OrganizationID, d.Id(), updatedAccountMember)
if err != nil {
return fmt.Errorf("failed to update Cloudflare account member: %s", err)
}
return resourceCloudflareAccountMemberRead(d, meta)
}
func resourceCloudflareAccountMemberImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
client := meta.(*cloudflare.API)
// split the id so we can lookup the account member
idAttr := strings.SplitN(d.Id(), "/", 2)
var accountID string
var accountMemberID string
if len(idAttr) == 2 {
accountID = idAttr[0]
accountMemberID = idAttr[1]
} else {
return nil, fmt.Errorf("invalid id %q specified, should be in format \"accountID/accountMemberID\" for import", d.Id())
}
member, err := client.AccountMember(accountID, accountMemberID)
if err != nil {
return nil, fmt.Errorf("unable to find account member with ID %q: %q", accountMemberID, err)
}
log.Printf("[INFO] Found account member: %s", member.User.Email)
var memberIDs []string
for _, role := range member.Roles {
memberIDs = append(memberIDs, role.ID)
}
d.Set("email_address", member.User.Email)
d.Set("role_ids", memberIDs)
d.SetId(accountMemberID)
return []*schema.ResourceData{d}, nil
}
func arrayContains(a string, list []interface{}) bool {
for _, b := range list {
if b == a {
return true
}
}
return false
}