-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #6 from permitio/ori/per-7928-add-resource-sets-to…
…-tf-provider Begin condition set implementation
- Loading branch information
Showing
10 changed files
with
822 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -33,3 +33,4 @@ website/vendor | |
|
||
# Keep windows files with windows line endings | ||
*.winfile eol=crlf | ||
examples/.terraform.lock.hcl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
package conditionsetrules | ||
|
||
import ( | ||
"context" | ||
"github.com/hashicorp/terraform-plugin-framework/types" | ||
"github.com/permitio/permit-golang/pkg/permit" | ||
) | ||
|
||
type ConditionSetRuleModel struct { | ||
Id types.String `tfsdk:"id"` | ||
OrganizationId types.String `tfsdk:"organization_id"` | ||
ProjectId types.String `tfsdk:"project_id"` | ||
EnvironmentId types.String `tfsdk:"environment_id"` | ||
UserSet types.String `tfsdk:"user_set"` | ||
Permission types.String `tfsdk:"permission"` | ||
ResourceSet types.String `tfsdk:"resource_set"` | ||
} | ||
|
||
type ConditionSetRuleClient struct { | ||
client *permit.Client | ||
} | ||
|
||
func (c *ConditionSetRuleClient) Read(ctx context.Context, data ConditionSetRuleModel) (ConditionSetRuleModel, error) { | ||
_, err := c.client.Api.ConditionSets.ListSetPermissions( | ||
ctx, | ||
data.UserSet.ValueString(), | ||
data.Permission.ValueString(), | ||
data.ResourceSet.ValueString(), | ||
) | ||
|
||
if err != nil { | ||
return ConditionSetRuleModel{}, err | ||
} | ||
|
||
return data, nil | ||
} | ||
|
||
func (c *ConditionSetRuleClient) Create(ctx context.Context, rulePlan *ConditionSetRuleModel) error { | ||
ruleRead, err := c.client.Api.ConditionSets.AssignSetPermissions( | ||
ctx, | ||
rulePlan.UserSet.ValueString(), | ||
rulePlan.Permission.ValueString(), | ||
rulePlan.ResourceSet.ValueString()) | ||
|
||
if err != nil { | ||
return err | ||
} | ||
|
||
rulePlan.Id = types.StringValue(ruleRead[0].Id) | ||
rulePlan.OrganizationId = types.StringValue(ruleRead[0].OrganizationId) | ||
rulePlan.ProjectId = types.StringValue(ruleRead[0].ProjectId) | ||
rulePlan.EnvironmentId = types.StringValue(ruleRead[0].EnvironmentId) | ||
|
||
return nil | ||
} | ||
|
||
func (c *ConditionSetRuleClient) Delete(ctx context.Context, rulePlan *ConditionSetRuleModel) error { | ||
return c.client.Api.ConditionSets.UnassignSetPermissions( | ||
ctx, | ||
rulePlan.UserSet.ValueString(), | ||
rulePlan.Permission.ValueString(), | ||
rulePlan.ResourceSet.ValueString(), | ||
) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,180 @@ | ||
package conditionsetrules | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"github.com/hashicorp/terraform-plugin-framework/resource" | ||
"github.com/hashicorp/terraform-plugin-framework/resource/schema" | ||
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" | ||
"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" | ||
"github.com/permitio/permit-golang/pkg/permit" | ||
) | ||
|
||
// Ensure the implementation satisfies the expected interfaces. | ||
var ( | ||
_ resource.Resource = &ConditionSetRuleResource{} | ||
_ resource.ResourceWithConfigure = &ConditionSetRuleResource{} | ||
) | ||
|
||
func NewConditionSetRuleResource() resource.Resource { | ||
return &ConditionSetRuleResource{} | ||
} | ||
|
||
type ConditionSetRuleResource struct { | ||
client ConditionSetRuleClient | ||
} | ||
|
||
func (c *ConditionSetRuleResource) Configure(_ context.Context, request resource.ConfigureRequest, response *resource.ConfigureResponse) { | ||
if request.ProviderData == nil { | ||
return | ||
} | ||
|
||
permitClient, ok := request.ProviderData.(*permit.Client) | ||
|
||
if !ok { | ||
response.Diagnostics.AddError( | ||
"Unexpected Resource Configure Type", | ||
fmt.Sprintf("Expected *permit.Client, got: %T. Please report this issue to the provider developers.", request.ProviderData), | ||
) | ||
return | ||
} | ||
|
||
c.client = ConditionSetRuleClient{client: permitClient} | ||
} | ||
|
||
func (c *ConditionSetRuleResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { | ||
// should be completely implemented in ResourceSet/UserSet | ||
resp.TypeName = req.ProviderTypeName + "_condition_set_rule" | ||
} | ||
|
||
func (c *ConditionSetRuleResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) { | ||
resp.Schema = schema.Schema{ | ||
Attributes: map[string]schema.Attribute{ | ||
"id": schema.StringAttribute{ | ||
Computed: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.UseStateForUnknown(), | ||
}, | ||
}, | ||
"organization_id": schema.StringAttribute{ | ||
Computed: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.UseStateForUnknown(), | ||
}, | ||
}, | ||
"project_id": schema.StringAttribute{ | ||
Computed: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.UseStateForUnknown(), | ||
}, | ||
}, | ||
"environment_id": schema.StringAttribute{ | ||
Computed: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.UseStateForUnknown(), | ||
}, | ||
}, | ||
"user_set": schema.StringAttribute{ | ||
Required: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.RequiresReplace(), | ||
}, | ||
}, | ||
"permission": schema.StringAttribute{ | ||
Required: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.RequiresReplace(), | ||
}, | ||
}, | ||
"resource_set": schema.StringAttribute{ | ||
Required: true, | ||
PlanModifiers: []planmodifier.String{ | ||
stringplanmodifier.RequiresReplace(), | ||
}, | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func (c *ConditionSetRuleResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { | ||
var ( | ||
plan ConditionSetRuleModel | ||
) | ||
|
||
diags := req.Plan.Get(ctx, &plan) | ||
resp.Diagnostics.Append(diags...) | ||
|
||
if resp.Diagnostics.HasError() { | ||
return | ||
} | ||
|
||
if err := c.client.Create(ctx, &plan); err != nil { | ||
resp.Diagnostics.AddError( | ||
"Unable to create condition set rule", | ||
fmt.Sprintf("Unable to create condition set rule: %s", err), | ||
) | ||
return | ||
} | ||
|
||
// Set state to fully populated data | ||
diags = resp.State.Set(ctx, plan) | ||
resp.Diagnostics.Append(diags...) | ||
|
||
if resp.Diagnostics.HasError() { | ||
return | ||
} | ||
} | ||
|
||
func (c *ConditionSetRuleResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { | ||
var data ConditionSetRuleModel | ||
|
||
resp.Diagnostics.Append(req.State.Get(ctx, &data)...) | ||
if resp.Diagnostics.HasError() { | ||
return | ||
} | ||
|
||
state, err := c.client.Read(ctx, data) | ||
|
||
if err != nil { | ||
resp.Diagnostics.AddError( | ||
"Unable to Read Condition Set Rule", | ||
fmt.Sprintf("Unable to read condition set rule: %s, Error: %s", data.Id.String(), err.Error()), | ||
) | ||
return | ||
} | ||
|
||
// Set state | ||
diags := resp.State.Set(ctx, &state) | ||
resp.Diagnostics.Append(diags...) | ||
if resp.Diagnostics.HasError() { | ||
return | ||
} | ||
} | ||
|
||
// Update updates the resource and sets the updated Terraform state on success. | ||
func (c *ConditionSetRuleResource) Update(_ context.Context, _ resource.UpdateRequest, _ *resource.UpdateResponse) { | ||
// rules cannot be updated, only replaced - this should never be called | ||
panic("updating ConditionSetRules is not implemented") | ||
} | ||
|
||
// Delete deletes the resource and removes the Terraform state on success. | ||
func (c *ConditionSetRuleResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { | ||
// Retrieve values from state | ||
var state ConditionSetRuleModel | ||
diags := req.State.Get(ctx, &state) | ||
resp.Diagnostics.Append(diags...) | ||
|
||
if resp.Diagnostics.HasError() { | ||
return | ||
} | ||
|
||
err := c.client.Delete(ctx, &state) | ||
|
||
if err != nil { | ||
resp.Diagnostics.AddError( | ||
"Error Deleting Condition Set Rule", | ||
"Could not delete condition set rule, unexpected error: "+err.Error(), | ||
) | ||
return | ||
} | ||
} |
Oops, something went wrong.