From 519949b8053a108885d3a2bd4a62c477379c16fa Mon Sep 17 00:00:00 2001
From: Paul Tyng <paul@paultyng.net>
Date: Sat, 16 May 2020 22:46:39 -0400
Subject: [PATCH] Add support for wpaeap and radius profiles

Fixes #26
---
 go.mod                                   |  2 +-
 go.sum                                   |  4 +-
 internal/provider/data_radius_profile.go | 45 +++++++++++++++++++++++
 internal/provider/lazy_client.go         | 20 ++++++++++
 internal/provider/provider.go            | 11 +++++-
 internal/provider/resource_wlan.go       |  6 +++
 internal/provider/resource_wlan_test.go  | 47 ++++++++++++++++++++++++
 7 files changed, 130 insertions(+), 5 deletions(-)
 create mode 100644 internal/provider/data_radius_profile.go

diff --git a/go.mod b/go.mod
index 8e1ddcf4..748dc9be 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.0.0-rc.1.0.20200513175959-048e70e44356
 	github.com/hashicorp/yamux v0.0.0-20190923154419-df201c70410d // indirect
 	github.com/mattn/go-isatty v0.0.11 // indirect
-	github.com/paultyng/go-unifi v1.2.0
+	github.com/paultyng/go-unifi v1.3.0
 	github.com/stretchr/testify v1.4.0 // indirect
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	google.golang.org/appengine v1.6.5 // indirect
diff --git a/go.sum b/go.sum
index eb605f19..a8056d5a 100644
--- a/go.sum
+++ b/go.sum
@@ -159,8 +159,8 @@ github.com/mitchellh/reflectwalk v1.0.1 h1:FVzMWA5RllMAKIdUSC8mdWo3XtwoecrH79BY7
 github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/paultyng/go-unifi v1.2.0 h1:O9UqmwGSqr8GGycKZ4+3hpFUB7KEnACBhAjTp6P7qb0=
-github.com/paultyng/go-unifi v1.2.0/go.mod h1:L8VrStOsfwfMx4lk8vxlOJS0D6Pj4rkV4wHAj8yP0dc=
+github.com/paultyng/go-unifi v1.3.0 h1:/8MexC+M+zH99tk+E2oQnLACG+7nSR8Ou34ODc7zkGc=
+github.com/paultyng/go-unifi v1.3.0/go.mod h1:L8VrStOsfwfMx4lk8vxlOJS0D6Pj4rkV4wHAj8yP0dc=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
diff --git a/internal/provider/data_radius_profile.go b/internal/provider/data_radius_profile.go
new file mode 100644
index 00000000..d6299af9
--- /dev/null
+++ b/internal/provider/data_radius_profile.go
@@ -0,0 +1,45 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataRADIUSProfile() *schema.Resource {
+	return &schema.Resource{
+		Description: `
+unifi_radius_profile data source can be used to retrieve the ID for a RADIUS profile by name.
+`,
+
+		Read: dataRADIUSProfileRead,
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "Default",
+			},
+		},
+	}
+}
+
+func dataRADIUSProfileRead(d *schema.ResourceData, meta interface{}) error {
+	c := meta.(*client)
+
+	name := d.Get("name").(string)
+
+	profiles, err := c.c.ListRADIUSProfile(context.TODO(), c.site)
+	if err != nil {
+		return err
+	}
+	for _, g := range profiles {
+		if g.Name == name {
+			d.SetId(g.ID)
+			return nil
+		}
+	}
+
+	return fmt.Errorf("RADIUS profile not found with name %s", name)
+}
diff --git a/internal/provider/lazy_client.go b/internal/provider/lazy_client.go
index cdea4af0..799947c0 100644
--- a/internal/provider/lazy_client.go
+++ b/internal/provider/lazy_client.go
@@ -206,3 +206,23 @@ func (c *lazyClient) UpdatePortForward(ctx context.Context, site string, d *unif
 	c.init(ctx)
 	return c.inner.UpdatePortForward(ctx, site, d)
 }
+func (c *lazyClient) ListRADIUSProfile(ctx context.Context, site string) ([]unifi.RADIUSProfile, error) {
+	c.init(ctx)
+	return c.inner.ListRADIUSProfile(ctx, site)
+}
+func (c *lazyClient) GetRADIUSProfile(ctx context.Context, site, id string) (*unifi.RADIUSProfile, error) {
+	c.init(ctx)
+	return c.inner.GetRADIUSProfile(ctx, site, id)
+}
+func (c *lazyClient) DeleteRADIUSProfile(ctx context.Context, site, id string) error {
+	c.init(ctx)
+	return c.inner.DeleteRADIUSProfile(ctx, site, id)
+}
+func (c *lazyClient) CreateRADIUSProfile(ctx context.Context, site string, d *unifi.RADIUSProfile) (*unifi.RADIUSProfile, error) {
+	c.init(ctx)
+	return c.inner.CreateRADIUSProfile(ctx, site, d)
+}
+func (c *lazyClient) UpdateRADIUSProfile(ctx context.Context, site string, d *unifi.RADIUSProfile) (*unifi.RADIUSProfile, error) {
+	c.init(ctx)
+	return c.inner.UpdateRADIUSProfile(ctx, site, d)
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index af4729a7..fc1b6ba8 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -41,8 +41,9 @@ func Provider() *schema.Provider {
 			},
 		},
 		DataSourcesMap: map[string]*schema.Resource{
-			"unifi_user_group": dataUserGroup(),
-			"unifi_wlan_group": dataWLANGroup(),
+			"unifi_radius_profile": dataRADIUSProfile(),
+			"unifi_user_group":     dataUserGroup(),
+			"unifi_wlan_group":     dataWLANGroup(),
 		},
 		ResourcesMap: map[string]*schema.Resource{
 			"unifi_firewall_group": resourceFirewallGroup(),
@@ -123,6 +124,12 @@ type unifiClient interface {
 	DeletePortForward(ctx context.Context, site, id string) error
 	CreatePortForward(ctx context.Context, site string, d *unifi.PortForward) (*unifi.PortForward, error)
 	UpdatePortForward(ctx context.Context, site string, d *unifi.PortForward) (*unifi.PortForward, error)
+
+	ListRADIUSProfile(ctx context.Context, site string) ([]unifi.RADIUSProfile, error)
+	GetRADIUSProfile(ctx context.Context, site, id string) (*unifi.RADIUSProfile, error)
+	DeleteRADIUSProfile(ctx context.Context, site, id string) error
+	CreateRADIUSProfile(ctx context.Context, site string, d *unifi.RADIUSProfile) (*unifi.RADIUSProfile, error)
+	UpdateRADIUSProfile(ctx context.Context, site string, d *unifi.RADIUSProfile) (*unifi.RADIUSProfile, error)
 }
 
 type client struct {
diff --git a/internal/provider/resource_wlan.go b/internal/provider/resource_wlan.go
index 3d701e6d..54c603bf 100644
--- a/internal/provider/resource_wlan.go
+++ b/internal/provider/resource_wlan.go
@@ -96,6 +96,10 @@ unifi_wlan manages a WiFi network / SSID.
 				Default:      "deny",
 				ValidateFunc: validation.StringInSlice([]string{"allow", "deny"}, false),
 			},
+			"radius_profile_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
 			"schedule": {
 				Description: "Start and stop schedules for the WLAN",
 				Type:        schema.TypeList,
@@ -168,6 +172,7 @@ func resourceWLANGetResourceData(d *schema.ResourceData) (*unifi.WLAN, error) {
 		MACFilterEnabled:        macFilterEnabled,
 		MACFilterList:           macFilterList,
 		MACFilterPolicy:         d.Get("mac_filter_policy").(string),
+		RADIUSProfileID:         d.Get("radius_profile_id").(string),
 		Schedule:                schedule,
 		ScheduleEnabled:         len(schedule) > 0,
 
@@ -244,6 +249,7 @@ func resourceWLANSetResourceData(resp *unifi.WLAN, d *schema.ResourceData) error
 	d.Set("mac_filter_enabled", macFilterEnabled)
 	d.Set("mac_filter_list", macFilterList)
 	d.Set("mac_filter_policy", macFilterPolicy)
+	d.Set("radius_profile_id", resp.RADIUSProfileID)
 	d.Set("schedule", schedule)
 
 	return nil
diff --git a/internal/provider/resource_wlan_test.go b/internal/provider/resource_wlan_test.go
index 4f146777..8c9e2d72 100644
--- a/internal/provider/resource_wlan_test.go
+++ b/internal/provider/resource_wlan_test.go
@@ -149,6 +149,31 @@ func TestAccWLAN_schedule(t *testing.T) {
 	})
 }
 
+func TestAccWLAN_wpaeap(t *testing.T) {
+	if os.Getenv("UNIFI_TEST_RADIUS") == "" {
+		t.Skip("UNIFI_TEST_RADIUS not set, skipping RADIUS test")
+	}
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: wlanPreCheck(t),
+		CheckDestroy: func(*terraform.State) error {
+			// TODO: actual CheckDestroy
+
+			<-wlanConcurrency
+			return nil
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: testAccWLANConfig_wpaeap,
+				Check:  resource.ComposeTestCheckFunc(
+				// testCheckNetworkExists(t, "name"),
+				),
+			},
+			importStep("unifi_wlan.test"),
+		},
+	})
+}
+
 const testAccWLANConfig_wpapsk = `
 data "unifi_wlan_group" "default" {
 }
@@ -168,6 +193,28 @@ resource "unifi_wlan" "test" {
 }
 `
 
+const testAccWLANConfig_wpaeap = `
+data "unifi_wlan_group" "default" {
+}
+
+data "unifi_user_group" "default" {
+}
+
+data "unifi_radius_profile" "default" {
+}
+
+resource "unifi_wlan" "test" {
+	name          = "tfacc-wpapsk"
+	vlan_id       = 202
+	passphrase    = "12345678"
+	wlan_group_id = data.unifi_wlan_group.default.id
+	user_group_id = data.unifi_user_group.default.id
+	security      = "wpaeap"
+
+	radius_profile_id = data.unifi_radius_profile.default.id
+}
+`
+
 const testAccWLANConfig_open = `
 data "unifi_wlan_group" "default" {
 }