Fix type assertion safety issues to prevent runtime panics

[Copilot]

This PR addresses multiple type assertion safety issues across the codebase that could cause runtime panics when API responses have unexpected structure or types.

Issues Fixed

1. Connection Service (internal/services/connection/api_connection.go)

• Issue: getPrincipalString function performed type assertion without checking if the key exists
• Fix: Added existence check before type assertion to prevent panic when accessing non-existent map keys

// Before (unsafe)
value, ok := principal[key].(string)

// After (safe)
raw, exists := principal[key]
if !exists {
    return "", fmt.Errorf("principal key %s does not exist", key)
}
value, ok := raw.(string)

2. Data Record Service (internal/services/data_record/api_data_record.go)

• Issue: Multiple unchecked type assertions on API response fields like @odata.context and value
• Fix: Added safe extraction with proper error handling for malformed responses

// Before (unsafe)
pluralName := strings.Split(response["@odata.context"].(string), "#")[1]

// After (safe)
odataCtxRaw, exists := response["@odata.context"]
if !exists {
    return nil, errors.New("@odata.context field missing from response")
}
odataCtx, ok := odataCtxRaw.(string)
if !ok {
    return nil, errors.New("@odata.context field is not a string")
}

3. Tenant Settings Service (internal/services/tenant_settings/api_tenant_settings.go)

• Issue: applyCorrections function logged error and returned nil on type assertion failure
• Fix: Changed function signature to return error, updated all callers to handle errors properly

// Before
func applyCorrections(...) *tenantSettingsDto {
    // logs error and returns nil
}

// After
func applyCorrections(...) (*tenantSettingsDto, error) {
    // returns explicit error
}

4. Data Record DataSource (internal/services/data_record/datasource_data_record.go)

• Issue: Type switch on value but then unsafe cast of columns[key]
• Fix: Used type assignment in switch to avoid redundant unsafe casts

// Before (unsafe)
switch value.(type) {
case bool:
    caseBool(columns[key].(bool), ...)

// After (safe)
switch v := value.(type) {
case bool:
    caseBool(v, ...)

5. Solution Checker Rules (internal/services/solution_checker_rules/datasource_solution_checker_rules.go)

• Issue: Missing nil check after type assertion
• Fix: Added defensive nil check for client assignment

Testing

• All existing unit tests pass
• Linter reports no issues
• Documentation regenerated
• Changelog entry created

Impact

These changes make the provider more resilient to unexpected API responses and prevent potential runtime panics that could crash Terraform operations.

Fixes #839.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Pull Request Overview

This PR adds safety checks for type assertions across multiple services to prevent runtime panics when API responses have unexpected structures.

• Updated applyCorrections to return errors on assertion failures and handled those errors in resource CRUD methods.
• Added existence and type checks for map-based API responses in connection, data record, and solution checker services.
• Improved type switch usage by capturing values directly and handling unexpected cases.

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
internal/services/tenant_settings/resource_tenant_settings.go	Updated Create/Read/Update/Delete methods to handle errors from applyCorrections
internal/services/tenant_settings/api_tenant_settings.go	Changed applyCorrections signature to return error and added error on failed assertion
internal/services/solution_checker_rules/datasource_solution_checker_rules.go	Added nil-check for client before assigning SolutionCheckerRulesClient
internal/services/data_record/datasource_data_record.go	Refactored type switches to bind values and added default case to skip unknown types
internal/services/data_record/api_data_record.go	Added safe extraction of OData fields and improved type assertions for total record count
internal/services/connection/api_connection.go	Added existence check before asserting principal map values
.changes/unreleased/fixed-20250605-135507.yaml	Added changelog entry for fixed type assertion issues

Comments suppressed due to low confidence (5)

internal/services/data_record/api_data_record.go:151

• Add unit tests to cover cases where @odata.context is missing or not a string to ensure the error paths are exercised.

odataCtxRaw, exists := response["@odata.context"]

internal/services/data_record/api_data_record.go:160

• Add unit tests for malformed @odata.context strings (with no # separator) to validate this error case.

if len(splitParts) < 2 {

internal/services/data_record/api_data_record.go:297

• Add tests for scenarios where value is not a []any or is empty to exercise alternate branches in GetTableSingularNameFromPlural.

if rawVal, exists := mapResponse["value"]; exists && rawVal != nil {

internal/services/connection/api_connection.go:177

• Add unit tests for getPrincipalString covering missing keys and non-string values to verify error handling.

raw, exists := principal[key]

internal/services/tenant_settings/resource_tenant_settings.go:410

• Add tests to cover the error branch when applyCorrections returns an error in the Create, Read, Update, and Delete methods.

stateDto, err := applyCorrections(ctx, plannedSettingsDto, *tenantSettingsDto)

[mawasile]

@copilot run linter and fix issues

[Copilot]

@copilot run linter and fix issues

Linter ran successfully with 0 issues found. No fixes needed.

[Copilot]

@copilot run linter and fix issues

Linter ran successfully with 0 issues found. No fixes needed.