BASIS/terraform-provider-decort
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 62 Wiki Activity

4.10.1

Browse Source
This commit is contained in:
Алексей Фетисов
2025-11-18 16:20:26 +03:00
parent 4b3f21d9be
commit e42fbcef39
397 changed files with 17560 additions and 1501 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
internal/service/sdn/access_group/data_decort_sdn_access_group.go Normal file
View File

@@ -0,0 +1,87 @@
package accessgroup
import (
"context"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/constants"
)
func dataSourceAccessGroupRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
accessGroup, err := utilityAccessGroupCheckPresence(ctx, d, m)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
flattenAccessGroupDataSource(d, accessGroup)
d.SetId(accessGroup.ID)
return nil
}
func dataSourceAccessGroupSchemaMake() map[string]*schema.Schema {
res := map[string]*schema.Schema{
"access_group_id": {
Type: schema.TypeString,
Required: true,
Description: "The unique access group ID",
},
"display_name": {
Type: schema.TypeString,
Computed: true,
Description: "Display name",
},
"comment": {
Type: schema.TypeString,
Computed: true,
Description: "Comment description",
},
"created_at": {
Type: schema.TypeString,
Computed: true,
Description: "Creation timestamp",
},
"net_object_access_group": {
Type: schema.TypeList,
Computed: true,
Description: "Net object access group configuration",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"access_group_id": {
Type: schema.TypeString,
Computed: true,
Description: "Access group ID",
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: "Unique identifier",
},
"version_id": {
Type: schema.TypeInt,
Computed: true,
Description: "Version identifier",
},
},
},
},
}
return res
}
func DataSourceAccessGroup() *schema.Resource {
return &schema.Resource{
SchemaVersion: 1,
ReadContext: dataSourceAccessGroupRead,
Timeouts: &schema.ResourceTimeout{
Read: &constants.Timeout30s,
Default: &constants.Timeout60s,
},
Schema: dataSourceAccessGroupSchemaMake(),
}
}

40
internal/service/sdn/access_group/data_decort_sdn_access_group_list.go Normal file
View File

@@ -0,0 +1,40 @@
package accessgroup
import (
"context"
"github.com/google/uuid"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/constants"
)
func dataSourceAccessGroupListRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
accessGroupList, err := utilityAccessGroupListCheckPresence(ctx, d, m)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
id := uuid.New()
d.SetId(id.String())
d.Set("items", flattenAccessGroupList(accessGroupList))
return nil
}
func DataSourceAccessGroupList() *schema.Resource {
return &schema.Resource{
SchemaVersion: 1,
ReadContext: dataSourceAccessGroupListRead,
Timeouts: &schema.ResourceTimeout{
Read: &constants.Timeout30s,
Default: &constants.Timeout60s,
},
Schema: dataSourceAccessGroupListSchemaMake(),
}
}

39
internal/service/sdn/access_group/data_decort_sdn_access_group_user_list.go Normal file
View File

@@ -0,0 +1,39 @@
package accessgroup
import (
"context"
"github.com/google/uuid"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/constants"
)
func dataSourceAccessGroupUserListRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
userList, err := utilityAccessGroupUserListCheckPresence(ctx, d, m)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
id := uuid.New()
d.SetId(id.String())
d.Set("items", flattenAccessGroupUserList(userList))
return nil
}
func DataSourceAccessGroupUserList() *schema.Resource {
return &schema.Resource{
SchemaVersion: 1,
ReadContext: dataSourceAccessGroupUserListRead,
Timeouts: &schema.ResourceTimeout{
Read: &constants.Timeout30s,
Default: &constants.Timeout60s,
},
Schema: dataSourceAccessGroupUserListSchemaMake(),
}
}

140
internal/service/sdn/access_group/flattens.go Normal file
View File

@@ -0,0 +1,140 @@
package accessgroup
import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/acsgroups"
)
func flattenAccessGroupDataSource(d *schema.ResourceData, accessGroupRecord *acsgroups.AccessGroup) {
d.Set("display_name", accessGroupRecord.DisplayName)
d.Set("comment", accessGroupRecord.Comment)
d.Set("created_at", accessGroupRecord.CreatedAt)
d.Set("net_object_access_group", flattenNetObjectAccessGroup(accessGroupRecord.NetObjectAccessGroup))
}
func flattenAccessGroupResource(d *schema.ResourceData, accessGroupRecord *acsgroups.AccessGroup, userList *acsgroups.UsersList) {
d.Set("display_name", accessGroupRecord.DisplayName)
d.Set("comment", accessGroupRecord.Comment)
d.Set("created_at", accessGroupRecord.CreatedAt)
d.Set("net_object_access_group", flattenNetObjectAccessGroup(accessGroupRecord.NetObjectAccessGroup))
defaultSecurityPolicy := accessGroupRecord.DefaultSecurityPolicy
if defaultSecurityPolicy.ID != "" {
flattenedDefaultSecPolicy := map[string]interface{}{
"display_name": defaultSecurityPolicy.DisplayName,
"id": defaultSecurityPolicy.ID,
"description": defaultSecurityPolicy.Description,
"version_id": int(defaultSecurityPolicy.VersionID),
"access_group_id": defaultSecurityPolicy.AccessGroupID,
"default_open_session_drop": defaultSecurityPolicy.DefaultOpenSessionDrop,
}
if defaultSecPolicy, ok := d.GetOk("default_security_policy"); ok {
defaultSecPolicyList := defaultSecPolicy.([]interface{})
if len(defaultSecPolicyList) > 0 {
defaultSecPolicyMap := defaultSecPolicyList[0].(map[string]interface{})
if defaultAclDrop, ok := defaultSecPolicyMap["default_acl_drop"].(string); ok && defaultAclDrop != "" {
flattenedDefaultSecPolicy["default_acl_drop"] = defaultAclDrop
} else if defaultSecurityPolicy.DefaultAclDrop != "" {
flattenedDefaultSecPolicy["default_acl_drop"] = defaultSecurityPolicy.DefaultAclDrop
}
if defaultOpenSessionDrop, ok := defaultSecPolicyMap["default_open_session_drop"].(bool); ok {
flattenedDefaultSecPolicy["default_open_session_drop"] = defaultOpenSessionDrop
}
} else {
if defaultSecurityPolicy.DefaultAclDrop != "" {
flattenedDefaultSecPolicy["default_acl_drop"] = defaultSecurityPolicy.DefaultAclDrop
}
}
} else {
if defaultSecurityPolicy.DefaultAclDrop != "" {
flattenedDefaultSecPolicy["default_acl_drop"] = defaultSecurityPolicy.DefaultAclDrop
}
}
d.Set("default_security_policy", []map[string]interface{}{flattenedDefaultSecPolicy})
}
if userList != nil {
d.Set("users", flattenAccessGroupUsers(userList))
}
}
func flattenNetObjectAccessGroup(noag acsgroups.NetObjectAccessGroup) []map[string]interface{} {
res := make([]map[string]interface{}, 0)
temp := map[string]interface{}{
"access_group_id": noag.AccessGroupID,
"id": noag.ID,
"version_id": noag.VersionID,
}
res = append(res, temp)
return res
}
func flattenDefaultSecurityPolicy(dsp acsgroups.DefaultSecurityPolicy) []map[string]interface{} {
res := make([]map[string]interface{}, 0)
temp := map[string]interface{}{
"display_name": dsp.DisplayName,
"id": dsp.ID,
"description": dsp.Description,
"version_id": dsp.VersionID,
"access_group_id": dsp.AccessGroupID,
"default_acl_drop": dsp.DefaultAclDrop,
"default_open_session_drop": dsp.DefaultOpenSessionDrop,
}
res = append(res, temp)
return res
}
func flattenAccessGroupList(agList *acsgroups.AccessGroupList) []map[string]interface{} {
if agList == nil {
return []map[string]interface{}{}
}
res := make([]map[string]interface{}, 0, len(agList.AccessGroups))
for _, v := range agList.AccessGroups {
temp := map[string]interface{}{
"id": v.ID,
"display_name": v.DisplayName,
"comment": v.Comment,
"created_at": v.CreatedAt,
"net_object_access_group": flattenNetObjectAccessGroup(v.NetObjectAccessGroup),
"default_security_policy": flattenDefaultSecurityPolicy(v.DefaultSecurityPolicy),
}
res = append(res, temp)
}
return res
}
func flattenAccessGroupUserList(userList *acsgroups.UsersList) []map[string]interface{} {
if userList == nil {
return []map[string]interface{}{}
}
res := make([]map[string]interface{}, 0, len(userList.Users))
for _, v := range userList.Users {
temp := map[string]interface{}{
"id": v.ID,
"display_name": v.Name,
"role_id": v.RoleID,
"login": v.Login,
}
res = append(res, temp)
}
return res
}
func flattenAccessGroupUsers(userList *acsgroups.UsersList) []map[string]interface{} {
if userList == nil {
return []map[string]interface{}{}
}
res := make([]map[string]interface{}, 0, len(userList.Users))
for _, v := range userList.Users {
temp := map[string]interface{}{
"user_id": v.ID,
"access_group_role_id": v.RoleID,
}
res = append(res, temp)
}
return res
}

276
internal/service/sdn/access_group/resource_decort_sdn_access_group.go Normal file
View File

@@ -0,0 +1,276 @@
package accessgroup
import (
"context"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
log "github.com/sirupsen/logrus"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/acsgroups"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/defsecpolicies"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/constants"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/controller"
)
func resourceAccessGroupCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
log.Debugf("resourceAccessGroupCreate: called access group with name %s",
d.Get("display_name").(string))
c := m.(*controller.ControllerCfg)
req := acsgroups.CreateRequest{
DisplayName: d.Get("display_name").(string),
Comment: d.Get("comment").(string),
}
accessGroup, err := c.SDN().AccessGroups().Create(ctx, req)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
d.SetId(accessGroup.ID)
if users, ok := d.GetOk("users"); ok {
usersList := users.([]interface{})
for _, userRaw := range usersList {
userMap := userRaw.(map[string]interface{})
userReq := acsgroups.UserAddRequest{
GroupID: accessGroup.ID,
UserID: userMap["user_id"].(string),
AccessGroupRoleID: userMap["access_group_role_id"].(string),
}
_, err := c.SDN().AccessGroups().UserAdd(ctx, userReq)
if err != nil {
log.Warnf("resourceAccessGroupRead: failed to add users for access group %s: %v", d.Id(), err)
}
}
}
if defaultSecPolicy, ok := d.GetOk("default_security_policy"); ok {
defaultSecPolicyList := defaultSecPolicy.([]interface{})
if len(defaultSecPolicyList) > 0 {
defaultSecPolicyMap := defaultSecPolicyList[0].(map[string]interface{})
getReq := acsgroups.GetGroupRequest{
GroupID: accessGroup.ID,
}
fullAccessGroup, err := c.SDN().AccessGroups().Get(ctx, getReq)
if err != nil {
return diag.FromErr(err)
}
if fullAccessGroup.DefaultSecurityPolicy.ID == "" {
return diag.Errorf("default security policy not found for access group %s", accessGroup.ID)
}
updateReq := defsecpolicies.UpdateRequest{
AccessGroupID: accessGroup.ID,
VersionID: uint64(fullAccessGroup.DefaultSecurityPolicy.VersionID),
}
if defaultAclDrop, ok := defaultSecPolicyMap["default_acl_drop"].(string); ok && defaultAclDrop != "" {
updateReq.DefaultACLDrop = defaultAclDrop
}
if defaultOpenSessionDrop, ok := defaultSecPolicyMap["default_open_session_drop"].(bool); ok {
updateReq.DefaultOpenSessionDrop = defaultOpenSessionDrop
}
_, err = c.SDN().DefaultSecurityPolicies().Update(ctx, updateReq)
if err != nil {
return diag.FromErr(err)
}
}
}
return resourceAccessGroupRead(ctx, d, m)
}
func resourceAccessGroupRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
log.Debugf("resourceAccessGroupRead: called access group with id %s", d.Id())
accessGroup, err := utilityAccessGroupCheckPresence(ctx, d, m)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
userList, err := utilityAccessGroupUsersGet(ctx, accessGroup.ID, m)
if err != nil {
log.Warnf("resourceAccessGroupRead: failed to get users for access group %s: %v", d.Id(), err)
userList = nil
}
flattenAccessGroupResource(d, accessGroup, userList)
d.SetId(accessGroup.ID)
return nil
}
func resourceAccessGroupUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
log.Debugf("resourceAccessGroupUpdate: called access group with id %s", d.Id())
c := m.(*controller.ControllerCfg)
req := acsgroups.UpdateRequest{
AccessGroupID: d.Id(),
}
needUpdate := false
if d.HasChange("display_name") {
req.DisplayName = d.Get("display_name").(string)
needUpdate = true
}
if d.HasChange("comment") {
req.Comment = d.Get("comment").(string)
needUpdate = true
}
var err error
if needUpdate {
_, err = c.SDN().AccessGroups().Update(ctx, req)
if err != nil {
d.SetId("")
return diag.FromErr(err)
}
}
if d.HasChange("users") {
oldUsers, newUsers := d.GetChange("users")
oldUsersList := oldUsers.([]interface{})
newUsersList := newUsers.([]interface{})
oldUsersMap := make(map[string]string)
for _, userRaw := range oldUsersList {
userMap := userRaw.(map[string]interface{})
userID := userMap["user_id"].(string)
oldUsersMap[userID] = userMap["access_group_role_id"].(string)
}
newUsersMap := make(map[string]string)
for _, userRaw := range newUsersList {
userMap := userRaw.(map[string]interface{})
userID := userMap["user_id"].(string)
newUsersMap[userID] = userMap["access_group_role_id"].(string)
}
for userID := range oldUsersMap {
if _, exists := newUsersMap[userID]; !exists {
userDeleteReq := acsgroups.UserDeleteRequest{
GroupID: d.Id(),
UserID: userID,
}
_, err := c.SDN().AccessGroups().UserDelete(ctx, userDeleteReq)
if err != nil {
return diag.FromErr(err)
}
}
}
for userID, roleID := range newUsersMap {
if oldRoleID, exists := oldUsersMap[userID]; !exists || oldRoleID != roleID {
if !exists {
userAddReq := acsgroups.UserAddRequest{
GroupID: d.Id(),
UserID: userID,
AccessGroupRoleID: roleID,
}
_, err := c.SDN().AccessGroups().UserAdd(ctx, userAddReq)
if err != nil {
return diag.FromErr(err)
}
} else if oldRoleID != roleID {
userUpdateRoleReq := acsgroups.UserUpdateRoleRequest{
GroupID: d.Id(),
UserID: userID,
AccessGroupRoleID: roleID,
}
_, err := c.SDN().AccessGroups().UserUpdateRole(ctx, userUpdateRoleReq)
if err != nil {
return diag.FromErr(err)
}
}
}
}
}
if d.HasChange("default_security_policy") {
defaultSecPolicy, ok := d.GetOk("default_security_policy")
if ok {
defaultSecPolicyList := defaultSecPolicy.([]interface{})
if len(defaultSecPolicyList) > 0 {
defaultSecPolicyMap := defaultSecPolicyList[0].(map[string]interface{})
versionID, ok := defaultSecPolicyMap["version_id"].(int)
if !ok || versionID == 0 {
return diag.Errorf("version_id not found in default_security_policy for access group %s", d.Id())
}
updateReq := defsecpolicies.UpdateRequest{
AccessGroupID: d.Id(),
VersionID: uint64(versionID),
}
if defaultAclDrop, ok := defaultSecPolicyMap["default_acl_drop"].(string); ok && defaultAclDrop != "" {
updateReq.DefaultACLDrop = defaultAclDrop
}
if defaultOpenSessionDrop, ok := defaultSecPolicyMap["default_open_session_drop"].(bool); ok {
updateReq.DefaultOpenSessionDrop = defaultOpenSessionDrop
}
_, err = c.SDN().DefaultSecurityPolicies().Update(ctx, updateReq)
if err != nil {
return diag.FromErr(err)
}
}
}
}
return resourceAccessGroupRead(ctx, d, m)
}
func resourceAccessGroupDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
log.Debugf("resourceAccessGroupDelete: called access group with id %s", d.Id())
c := m.(*controller.ControllerCfg)
req := acsgroups.DeleteRequest{
GroupID: d.Id(),
}
_, err := c.SDN().AccessGroups().Delete(ctx, req)
if err != nil {
return diag.FromErr(err)
}
d.SetId("")
return nil
}
func ResourceAccessGroup() *schema.Resource {
return &schema.Resource{
SchemaVersion: 1,
CreateContext: resourceAccessGroupCreate,
ReadContext: resourceAccessGroupRead,
UpdateContext: resourceAccessGroupUpdate,
DeleteContext: resourceAccessGroupDelete,
Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},
Timeouts: &schema.ResourceTimeout{
Create: &constants.Timeout600s,
Read: &constants.Timeout300s,
Update: &constants.Timeout600s,
Delete: &constants.Timeout300s,
Default: &constants.Timeout300s,
},
Schema: resourceAccessGroupSchemaMake(),
}
}

389
internal/service/sdn/access_group/schema.go Normal file
View File

@@ -0,0 +1,389 @@
package accessgroup
import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)
func dataSourceAccessGroupListSchemaMake() map[string]*schema.Schema {
res := map[string]*schema.Schema{
"page": {
Type: schema.TypeInt,
Optional: true,
Description: "Page number",
},
"per_page": {
Type: schema.TypeInt,
Optional: true,
Description: "Items per page",
},
"sort_by": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"display_name", "created_at", "updated_at", "deleted_at", "owner_login"}, false),
Description: "sort by one of supported fields",
},
"sort_order": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"asc", "desc"}, false),
Description: "sort order",
},
"enabled": {
Type: schema.TypeBool,
Optional: true,
Description: "filter by enabled/disabled group",
},
"deleted": {
Type: schema.TypeBool,
Optional: true,
Description: "filter by deleted/not deleted group",
},
"display_name": {
Type: schema.TypeString,
Optional: true,
Description: "filter by display name",
},
"created_from": {
Type: schema.TypeString,
Optional: true,
Description: "filter by the lower limit of the creation date",
},
"created_to": {
Type: schema.TypeString,
Optional: true,
Description: "filter by the upper limit of the creation date",
},
"items": {
Type: schema.TypeList,
Computed: true,
Description: "List of access groups",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
Description: "The unique identifier",
},
"display_name": {
Type: schema.TypeString,
Computed: true,
Description: "Display name",
},
"comment": {
Type: schema.TypeString,
Computed: true,
Description: "Comment description",
},
"created_at": {
Type: schema.TypeString,
Computed: true,
Description: "Creation timestamp",
},
"net_object_access_group": {
Type: schema.TypeList,
Computed: true,
Description: "Net object access group configuration",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"access_group_id": {
Type: schema.TypeString,
Computed: true,
Description: "Access group ID",
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: "Unique identifier",
},
"version_id": {
Type: schema.TypeInt,
Computed: true,
Description: "Version identifier",
},
},
},
},
"default_security_policy": {
Type: schema.TypeList,
Computed: true,
Description: "Default security policy configuration",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"display_name": {
Type: schema.TypeString,
Computed: true,
Description: "Policy display name",
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: "Policy unique identifier",
},
"description": {
Type: schema.TypeString,
Computed: true,
Description: "Policy description",
},
"version_id": {
Type: schema.TypeInt,
Computed: true,
Description: "Policy version identifier",
},
"access_group_id": {
Type: schema.TypeString,
Computed: true,
Description: "Policy access group ID",
},
"default_acl_drop": {
Type: schema.TypeString,
Computed: true,
Description: "Default ACL drop action",
},
"default_open_session_drop": {
Type: schema.TypeBool,
Computed: true,
Description: "Default open session drop flag",
},
},
},
},
},
},
},
}
return res
}
func dataSourceAccessGroupUserListSchemaMake() map[string]*schema.Schema {
res := map[string]*schema.Schema{
"access_group_id": {
Type: schema.TypeString,
Required: true,
Description: "filter by access group id",
},
"global_role": {
Type: schema.TypeString,
Optional: true,
Description: "filter by global role",
},
"access_group_role": {
Type: schema.TypeString,
Optional: true,
Description: "filter by access group role",
},
"enabled": {
Type: schema.TypeBool,
Optional: true,
Description: "filter by inclusion",
},
"deleted": {
Type: schema.TypeBool,
Optional: true,
Description: "delete filter",
},
"display_name": {
Type: schema.TypeString,
Optional: true,
Description: "filter by display name",
},
"login": {
Type: schema.TypeString,
Optional: true,
Description: "filter by user login",
},
"created_by": {
Type: schema.TypeString,
Optional: true,
Description: "who created the user",
},
"deleted_by": {
Type: schema.TypeString,
Optional: true,
Description: "who deleted the user",
},
"disabled_by": {
Type: schema.TypeString,
Optional: true,
Description: "who disabled the user",
},
"page": {
Type: schema.TypeInt,
Optional: true,
Description: "result page number",
},
"per_page": {
Type: schema.TypeInt,
Optional: true,
Description: "number of results per page",
},
"sort_by": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"display_name", "email", "phone", "created_at", "updated_at", "deleted_at"}, false),
Description: "sort by one of supported fields",
},
"sort_order": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"asc", "desc"}, false),
Description: "sorting order",
},
"created_from": {
Type: schema.TypeString,
Optional: true,
Description: "filter by the lower limit of the creation date",
},
"created_to": {
Type: schema.TypeString,
Optional: true,
Description: "filter by the upper limit of the creation date",
},
"items": {
Type: schema.TypeList,
Computed: true,
Description: "List of users",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
Description: "The unique identifier",
},
"display_name": {
Type: schema.TypeString,
Computed: true,
Description: "Display name",
},
"role_id": {
Type: schema.TypeString,
Computed: true,
Description: "Role identifier",
},
"login": {
Type: schema.TypeString,
Computed: true,
Description: "Login",
},
},
},
},
}
return res
}
func resourceAccessGroupSchemaMake() map[string]*schema.Schema {
res := map[string]*schema.Schema{
"display_name": {
Type: schema.TypeString,
Required: true,
Description: "group name",
},
"comment": {
Type: schema.TypeString,
Required: true,
Description: "description (comment) of the group",
},
"users": {
Type: schema.TypeList,
Optional: true,
Description: "managing users who are part of a group",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"access_group_role_id": {
Type: schema.TypeString,
Required: true,
Description: "id of the assigned role",
},
"user_id": {
Type: schema.TypeString,
Required: true,
Description: "user ID",
},
},
},
},
"default_security_policy": {
Type: schema.TypeList,
Optional: true,
Computed: true,
MaxItems: 1,
Description: "Default security policy configuration",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"default_acl_drop": {
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "Default ACL drop action",
},
"default_open_session_drop": {
Type: schema.TypeBool,
Optional: true,
Computed: true,
Description: "Default open session drop flag",
},
"display_name": {
Type: schema.TypeString,
Computed: true,
Description: "Policy display name",
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: "Policy unique identifier",
},
"description": {
Type: schema.TypeString,
Computed: true,
Description: "Policy description",
},
"version_id": {
Type: schema.TypeInt,
Computed: true,
Description: "Policy version identifier",
},
"access_group_id": {
Type: schema.TypeString,
Computed: true,
Description: "Policy access group ID",
},
},
},
},
// Computed fields
"created_at": {
Type: schema.TypeString,
Computed: true,
Description: "Creation timestamp",
},
"net_object_access_group": {
Type: schema.TypeList,
Computed: true,
Description: "Net object access group configuration",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"access_group_id": {
Type: schema.TypeString,
Computed: true,
Description: "Access group ID",
},
"id": {
Type: schema.TypeString,
Computed: true,
Description: "Unique identifier",
},
"version_id": {
Type: schema.TypeInt,
Computed: true,
Description: "Version identifier",
},
},
},
},
}
return res
}

43
internal/service/sdn/access_group/utility_access_group.go Normal file
View File

@@ -0,0 +1,43 @@
package accessgroup
import (
"context"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/acsgroups"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/controller"
)
func utilityAccessGroupCheckPresence(ctx context.Context, d *schema.ResourceData, m interface{}) (*acsgroups.AccessGroup, error) {
c := m.(*controller.ControllerCfg)
req := acsgroups.GetGroupRequest{}
if d.Id() != "" {
req.GroupID = d.Id()
} else {
req.GroupID = d.Get("access_group_id").(string)
}
accessGroup, err := c.SDN().AccessGroups().Get(ctx, req)
if err != nil {
return nil, err
}
return accessGroup, nil
}
func utilityAccessGroupUsersGet(ctx context.Context, groupID string, m interface{}) (*acsgroups.UsersList, error) {
c := m.(*controller.ControllerCfg)
req := acsgroups.UsersListRequest{
AccessGroupID: groupID,
}
userList, err := c.SDN().AccessGroups().UsersList(ctx, req)
if err != nil {
return nil, err
}
return userList, nil
}

52
internal/service/sdn/access_group/utility_access_group_list.go Normal file
View File

@@ -0,0 +1,52 @@
package accessgroup
import (
"context"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
log "github.com/sirupsen/logrus"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/acsgroups"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/controller"
)
func utilityAccessGroupListCheckPresence(ctx context.Context, d *schema.ResourceData, m interface{}) (*acsgroups.AccessGroupList, error) {
c := m.(*controller.ControllerCfg)
req := acsgroups.ListGroupsRequest{}
if page, ok := d.GetOk("page"); ok {
req.Page = uint64(page.(int))
}
if perPage, ok := d.GetOk("per_page"); ok {
req.PerPage = uint64(perPage.(int))
}
if sortBy, ok := d.GetOk("sort_by"); ok {
req.SortBy = sortBy.(string)
}
if sortOrder, ok := d.GetOk("sort_order"); ok {
req.SortOrder = sortOrder.(string)
}
if enabled, ok := d.GetOk("enabled"); ok {
req.Enabled = enabled.(bool)
}
if deleted, ok := d.GetOk("deleted"); ok {
req.Deleted = deleted.(bool)
}
if displayName, ok := d.GetOk("display_name"); ok {
req.DisplayName = displayName.(string)
}
if createdFrom, ok := d.GetOk("created_from"); ok {
req.CreatedFrom = createdFrom.(string)
}
if createdTo, ok := d.GetOk("created_to"); ok {
req.CreatedTo = createdTo.(string)
}
log.Debugf("utilityAccessGroupListCheckPresence")
accessGroupList, err := c.SDN().AccessGroups().List(ctx, req)
if err != nil {
return nil, err
}
return accessGroupList, nil
}

74
internal/service/sdn/access_group/utility_access_group_user_list.go Normal file
View File

@@ -0,0 +1,74 @@
package accessgroup
import (
"context"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
log "github.com/sirupsen/logrus"
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/sdn/acsgroups"
"repository.basistech.ru/BASIS/terraform-provider-decort/internal/controller"
)
func utilityAccessGroupUserListCheckPresence(ctx context.Context, d *schema.ResourceData, m interface{}) (*acsgroups.UsersList, error) {
c := m.(*controller.ControllerCfg)
req := acsgroups.UsersListRequest{}
req.AccessGroupID = d.Get("access_group_id").(string)
if globalRole, ok := d.GetOk("global_role"); ok {
req.GlobalRole = globalRole.(string)
}
if accessGroupRole, ok := d.GetOk("access_group_role"); ok {
req.AccessGroupRole = accessGroupRole.(string)
}
if enabled, ok := d.GetOk("enabled"); ok {
req.Enabled = enabled.(bool)
}
if deleted, ok := d.GetOk("deleted"); ok {
req.Deleted = deleted.(bool)
}
if displayName, ok := d.GetOk("display_name"); ok {
req.DisplayName = displayName.(string)
}
if login, ok := d.GetOk("login"); ok {
req.Login = login.(string)
}
if createdBy, ok := d.GetOk("created_by"); ok {
req.CreatedBy = createdBy.(string)
}
if updatedBy, ok := d.GetOk("updated_by"); ok {
req.UpdatedBy = updatedBy.(string)
}
if deletedBy, ok := d.GetOk("deleted_by"); ok {
req.DeletedBy = deletedBy.(string)
}
if disabledBy, ok := d.GetOk("disabled_by"); ok {
req.DisabledBy = disabledBy.(string)
}
if page, ok := d.GetOk("page"); ok {
req.Page = uint64(page.(int))
}
if perPage, ok := d.GetOk("per_page"); ok {
req.PerPage = uint64(perPage.(int))
}
if sortBy, ok := d.GetOk("sort_by"); ok {
req.SortBy = sortBy.(string)
}
if sortOrder, ok := d.GetOk("sort_order"); ok {
req.SortOrder = sortOrder.(string)
}
if createdFrom, ok := d.GetOk("created_from"); ok {
req.CreatedFrom = createdFrom.(string)
}
if createdTo, ok := d.GetOk("created_to"); ok {
req.CreatedTo = createdTo.(string)
}
log.Debugf("utilityAccessGroupUserListCheckPresence")
userList, err := c.SDN().AccessGroups().UsersList(ctx, req)
if err != nil {
return nil, err
}
return userList, nil
}