From 50a1d066a38752017d86585ed3a1c6e70ec874c1 Mon Sep 17 00:00:00 2001
From: Timo Furrer <tuxtimo@gmail.com>
Date: Sat, 26 Mar 2022 18:15:36 +0100
Subject: [PATCH] Use single `GET` endpoints to retrieve GAT and PAT

---
 .../resource_gitlab_group_access_token.go     | 59 +++++++------------
 .../resource_gitlab_project_access_token.go   | 54 ++++-------------
 2 files changed, 31 insertions(+), 82 deletions(-)

diff --git a/internal/provider/resource_gitlab_group_access_token.go b/internal/provider/resource_gitlab_group_access_token.go
index d2e93d440..6e01e163c 100644
--- a/internal/provider/resource_gitlab_group_access_token.go
+++ b/internal/provider/resource_gitlab_group_access_token.go
@@ -166,50 +166,31 @@ func resourceGitlabGroupAccessTokenRead(ctx context.Context, d *schema.ResourceD
 	}
 
 	log.Printf("[DEBUG] read gitlab GroupAccessToken %d, group ID %s", groupAccessTokenId, group)
-
-	//there is a slight possibility to not find an existing item, for example
-	// 1. item is #101 (ie, in the 2nd page)
-	// 2. I load first page (ie. I don't find my target item)
-	// 3. A concurrent operation remove item 99 (ie, my target item shift to 1st page)
-	// 4. a concurrent operation add an item
-	// 5: I load 2nd page  (ie. I don't find my target item)
-	// 6. Total pages and total items properties are unchanged (from the perspective of the reader)
-
-	page := 1
-	for page != 0 {
-		groupAccessTokens, response, err := client.GroupAccessTokens.ListGroupAccessTokens(group, &gitlab.ListGroupAccessTokensOptions{Page: page, PerPage: 100}, gitlab.WithContext(ctx))
-		if err != nil {
-			return diag.FromErr(err)
+	groupAccessToken, _, err := client.GroupAccessTokens.GetGroupAccessToken(group, groupAccessTokenId, gitlab.WithContext(ctx))
+	if err != nil {
+		if is404(err) {
+			log.Printf("[DEBUG] GitLab GroupAccessToken %d, group ID %s not found, removing from state", groupAccessTokenId, group)
+			d.SetId("")
+			return nil
 		}
+		return diag.FromErr(err)
+	}
 
-		for _, groupAccessToken := range groupAccessTokens {
-			if groupAccessToken.ID == groupAccessTokenId {
-
-				d.Set("group", group)
-				d.Set("name", groupAccessToken.Name)
-				if groupAccessToken.ExpiresAt != nil {
-					d.Set("expires_at", groupAccessToken.ExpiresAt.String())
-				}
-				d.Set("active", groupAccessToken.Active)
-				d.Set("created_at", groupAccessToken.CreatedAt.Format(time.RFC3339))
-				d.Set("access_level", accessLevelValueToName[groupAccessToken.AccessLevel])
-				d.Set("revoked", groupAccessToken.Revoked)
-				d.Set("user_id", groupAccessToken.UserID)
-
-				err = d.Set("scopes", groupAccessToken.Scopes)
-				if err != nil {
-					return diag.FromErr(err)
-				}
-
-				return nil
-			}
-		}
+	d.Set("group", group)
+	d.Set("name", groupAccessToken.Name)
+	if groupAccessToken.ExpiresAt != nil {
+		d.Set("expires_at", groupAccessToken.ExpiresAt.String())
+	}
+	d.Set("active", groupAccessToken.Active)
+	d.Set("created_at", groupAccessToken.CreatedAt.Format(time.RFC3339))
+	d.Set("access_level", accessLevelValueToName[groupAccessToken.AccessLevel])
+	d.Set("revoked", groupAccessToken.Revoked)
+	d.Set("user_id", groupAccessToken.UserID)
 
-		page = response.NextPage
+	if err = d.Set("scopes", groupAccessToken.Scopes); err != nil {
+		return diag.FromErr(err)
 	}
 
-	log.Printf("[DEBUG] failed to read gitlab GroupAccessToken %d, group ID %s", groupAccessTokenId, group)
-	d.SetId("")
 	return nil
 }
 
diff --git a/internal/provider/resource_gitlab_project_access_token.go b/internal/provider/resource_gitlab_project_access_token.go
index a226acc29..086d94633 100644
--- a/internal/provider/resource_gitlab_project_access_token.go
+++ b/internal/provider/resource_gitlab_project_access_token.go
@@ -145,12 +145,13 @@ func resourceGitlabProjectAccessTokenRead(ctx context.Context, d *schema.Resourc
 
 	log.Printf("[DEBUG] read gitlab ProjectAccessToken %d, project ID %s", projectAccessTokenID, project)
 
-	projectAccessToken, err := resourceGitlabProjectAccessTokenFind(ctx, client, project, projectAccessTokenID)
-	if errors.Is(err, errResourceGitlabProjectAccessTokenNotFound) {
-		log.Printf("[DEBUG] failed to read gitlab ProjectAccessToken %d, project ID %s", projectAccessTokenID, project)
-		d.SetId("")
-	}
+	projectAccessToken, _, err := client.ProjectAccessTokens.GetProjectAccessToken(project, projectAccessTokenID, gitlab.WithContext(ctx))
 	if err != nil {
+		if is404(err) {
+			log.Printf("[DEBUG] GitLab ProjectAccessToken %d, project ID %s not found, removing from state", projectAccessTokenID, project)
+			d.SetId("")
+			return nil
+		}
 		return diag.FromErr(err)
 	}
 
@@ -164,8 +165,7 @@ func resourceGitlabProjectAccessTokenRead(ctx context.Context, d *schema.Resourc
 	d.Set("revoked", projectAccessToken.Revoked)
 	d.Set("user_id", projectAccessToken.UserID)
 	d.Set("access_level", accessLevelValueToName[projectAccessToken.AccessLevel])
-	err = d.Set("scopes", projectAccessToken.Scopes)
-	if err != nil {
+	if err = d.Set("scopes", projectAccessToken.Scopes); err != nil {
 		return diag.FromErr(err)
 	}
 
@@ -194,11 +194,11 @@ func resourceGitlabProjectAccessTokenDelete(ctx context.Context, d *schema.Resou
 	log.Printf("[DEBUG] Waiting for ProjectAccessToken %s to finish deleting", d.Id())
 
 	err = resource.RetryContext(ctx, 5*time.Minute, func() *resource.RetryError {
-		_, err := resourceGitlabProjectAccessTokenFind(ctx, client, project, projectAccessTokenID)
-		if errors.Is(err, errResourceGitlabProjectAccessTokenNotFound) {
-			return nil
-		}
+		_, _, err := client.ProjectAccessTokens.GetProjectAccessToken(project, projectAccessTokenID, gitlab.WithContext(ctx))
 		if err != nil {
+			if is404(err) {
+				return nil
+			}
 			return resource.NonRetryableError(err)
 		}
 		return resource.RetryableError(errors.New("project access token was not deleted"))
@@ -206,35 +206,3 @@ func resourceGitlabProjectAccessTokenDelete(ctx context.Context, d *schema.Resou
 
 	return diag.FromErr(err)
 }
-
-var errResourceGitlabProjectAccessTokenNotFound = errors.New("project access token not found")
-
-// resourceGitlabProjectAccessTokenFind finds the project access token with the specified tokenID.
-// It returns a errResourceGitlabProjectAccessTokenNotFound error if the token is not found.
-func resourceGitlabProjectAccessTokenFind(ctx context.Context, client *gitlab.Client, project interface{}, projectAccessTokenID int) (*gitlab.ProjectAccessToken, error) {
-	//there is a slight possibility to not find an existing item, for example
-	// 1. item is #101 (ie, in the 2nd page)
-	// 2. I load first page (ie. I don't find my target item)
-	// 3. A concurrent operation remove item 99 (ie, my target item shift to 1st page)
-	// 4. a concurrent operation add an item
-	// 5: I load 2nd page  (ie. I don't find my target item)
-	// 6. Total pages and total items properties are unchanged (from the perspective of the reader)
-
-	page := 1
-	for page != 0 {
-		projectAccessTokens, response, err := client.ProjectAccessTokens.ListProjectAccessTokens(project, &gitlab.ListProjectAccessTokensOptions{Page: page, PerPage: 100}, gitlab.WithContext(ctx))
-		if err != nil {
-			return nil, err
-		}
-
-		for _, projectAccessToken := range projectAccessTokens {
-			if projectAccessToken.ID == projectAccessTokenID {
-				return projectAccessToken, nil
-			}
-		}
-
-		page = response.NextPage
-	}
-
-	return nil, errResourceGitlabProjectAccessTokenNotFound
-}