Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update new role entity if old role does not match new role #3199

Merged
merged 1 commit into from
Apr 27, 2021
Merged

update new role entity if old role does not match new role #3199

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/4735.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
storage: fixed bug where `role_entity` user wouldn't update if the role changed.
```
4 changes: 2 additions & 2 deletions google-beta/resource_storage_bucket_acl.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -299,8 +299,8 @@ func resourceStorageBucketAclUpdate(d *schema.ResourceData, meta interface{}) er
Entity: pair.Entity,
}

// If the old state is missing this entity, it needs to be inserted
if _, ok := old_re_map[pair.Entity]; !ok {
// If the old state entity's role doesn't match the new one, it needs to be inserted
if old_re_map[pair.Entity] != bucketAccessControl.Role {
_, err = config.NewStorageClient(userAgent).BucketAccessControls.Insert(
bucket, bucketAccessControl).Do()
}
Expand Down
52 changes: 52 additions & 0 deletions google-beta/resource_storage_bucket_acl_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

var (
roleEntityBasic1 = "OWNER:user-paddy@hashicorp.com"
roleEntityBasic1_reader = "READER:user-paddy@hashicorp.com"
roleEntityBasic2 = "READER:user-paddy@carvers.co"
roleEntityBasic3_owner = "OWNER:user-paddy@paddy.io"
roleEntityBasic3_reader = "READER:user-foran.paddy@gmail.com"
Expand Down Expand Up @@ -79,6 +80,44 @@ func TestAccStorageBucketAcl_upgrade(t *testing.T) {
})
}

func TestAccStorageBucketAcl_upgradeSingleUser(t *testing.T) {
t.Parallel()

bucketName := testBucketName(t)
skipIfEnvNotSet(t, "GOOGLE_PROJECT_NUMBER")
vcrTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccStorageBucketAclDestroyProducer(t),
Steps: []resource.TestStep{
{
Config: testGoogleStorageBucketsAclBasic1_reader(bucketName),
Check: resource.ComposeTestCheckFunc(
testAccCheckGoogleStorageBucketAcl(t, bucketName, roleEntityBasic1_reader),
testAccCheckGoogleStorageBucketAcl(t, bucketName, roleEntityBasic2),
),
},

{
Config: testGoogleStorageBucketsAclBasic1(bucketName),
Check: resource.ComposeTestCheckFunc(
testAccCheckGoogleStorageBucketAcl(t, bucketName, roleEntityBasic1),
testAccCheckGoogleStorageBucketAcl(t, bucketName, roleEntityBasic2),
),
},

{
Config: testGoogleStorageBucketsAclBasicDelete(bucketName),
Check: resource.ComposeTestCheckFunc(
testAccCheckGoogleStorageBucketAclDelete(t, bucketName, roleEntityBasic1),
testAccCheckGoogleStorageBucketAclDelete(t, bucketName, roleEntityBasic2),
testAccCheckGoogleStorageBucketAclDelete(t, bucketName, roleEntityBasic1_reader),
),
},
},
})
}

func TestAccStorageBucketAcl_downgrade(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -224,6 +263,19 @@ func testAccStorageBucketAclDestroyProducer(t *testing.T) func(s *terraform.Stat
}
}

func testGoogleStorageBucketsAclBasic1_reader(bucketName string) string {
return fmt.Sprintf(`
resource "google_storage_bucket" "bucket" {
name = "%s"
}

resource "google_storage_bucket_acl" "acl" {
bucket = google_storage_bucket.bucket.name
role_entity = ["%s", "%s", "%s", "%s", "%s"]
}
`, bucketName, roleEntityOwners, roleEntityEditors, roleEntityViewers, roleEntityBasic1_reader, roleEntityBasic2)
}

func testGoogleStorageBucketsAclBasic1(bucketName string) string {
return fmt.Sprintf(`
resource "google_storage_bucket" "bucket" {
Expand Down