-
Notifications
You must be signed in to change notification settings - Fork 285
/
group_member_resource.go
134 lines (105 loc) · 3.95 KB
/
group_member_resource.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package groups
import (
"context"
"strings"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/terraform-providers/terraform-provider-azuread/internal/clients"
"github.com/terraform-providers/terraform-provider-azuread/internal/helpers/aadgraph"
"github.com/terraform-providers/terraform-provider-azuread/internal/services/groups/parse"
"github.com/terraform-providers/terraform-provider-azuread/internal/tf"
"github.com/terraform-providers/terraform-provider-azuread/internal/validate"
)
const groupMemberResourceName = "azuread_group_member"
func groupMemberResource() *schema.Resource {
return &schema.Resource{
CreateContext: groupMemberResourceCreate,
ReadContext: groupMemberResourceRead,
DeleteContext: groupMemberResourceDelete,
Importer: tf.ValidateResourceIDPriorToImport(func(id string) error {
_, err := parse.GroupMemberID(id)
return err
}),
Schema: map[string]*schema.Schema{
"group_object_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateDiagFunc: validate.UUID,
},
"member_object_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateDiagFunc: validate.UUID,
},
},
}
}
func groupMemberResourceCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*clients.Client).Groups.AadClient
groupID := d.Get("group_object_id").(string)
memberID := d.Get("member_object_id").(string)
id := parse.NewGroupMemberID(groupID, memberID)
tf.LockByName(groupMemberResourceName, groupID)
defer tf.UnlockByName(groupMemberResourceName, groupID)
existingMembers, err := aadgraph.GroupAllMembers(ctx, client, groupID)
if err != nil {
return tf.ErrorDiagF(err, "Listing existing members for group with object ID: %q", id.GroupId)
}
if len(existingMembers) > 0 {
for _, v := range existingMembers {
if strings.EqualFold(v, memberID) {
return tf.ImportAsExistsDiag("azuread_group_member", id.String())
}
}
}
if err := aadgraph.GroupAddMember(ctx, client, groupID, memberID); err != nil {
return tf.ErrorDiagF(err, "Adding group member")
}
d.SetId(id.String())
return groupMemberResourceRead(ctx, d, meta)
}
func groupMemberResourceRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*clients.Client).Groups.AadClient
id, err := parse.GroupMemberID(d.Id())
if err != nil {
return tf.ErrorDiagPathF(err, "id", "Parsing Group Member ID %q", d.Id())
}
members, err := aadgraph.GroupAllMembers(ctx, client, id.GroupId)
if err != nil {
return tf.ErrorDiagF(err, "Retrieving members for group with object ID: %q", id.GroupId)
}
var memberObjectID string
for _, objectID := range members {
if strings.EqualFold(objectID, id.MemberId) {
memberObjectID = objectID
break
}
}
if memberObjectID == "" {
d.SetId("")
return nil
}
tf.Set(d, "group_object_id", id.GroupId)
tf.Set(d, "member_object_id", memberObjectID)
return nil
}
func groupMemberResourceDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*clients.Client).Groups.AadClient
id, err := parse.GroupMemberID(d.Id())
if err != nil {
return tf.ErrorDiagPathF(err, "id", "Parsing Group Member ID %q", d.Id())
}
tf.LockByName(groupMemberResourceName, id.GroupId)
defer tf.UnlockByName(groupMemberResourceName, id.GroupId)
if err := aadgraph.GroupRemoveMember(ctx, client, d.Timeout(schema.TimeoutDelete), id.GroupId, id.MemberId); err != nil {
return tf.ErrorDiagF(err, "Removing member %q from group with object ID: %q", id.MemberId, id.GroupId)
}
if _, err := aadgraph.WaitForListRemove(ctx, id.MemberId, func() ([]string, error) {
return aadgraph.GroupAllMembers(ctx, client, id.GroupId)
}); err != nil {
return tf.ErrorDiagF(err, "Waiting for group membership removal")
}
return nil
}