mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-07-05 05:24:01 +00:00
Code
4be9914757
terraform-provider-proxmox/proxmoxtf/datasource/user.go
Pavel Boldyrev 98e1cff7fe
feat: Add firewall resources (#246) 
* refactoring existing cluster / firewall API for better composition

* add basic security groups API
fix linter errors

* add rules API

* fix after renaming resourceVirtualEnvironmentClusterIPSet

* fix linter errors

* make linter happy

* even more refactoring

* tidy up datasources

* in refactoring spree

* update examples

* fix firewall resource/datasource & client error handling

* add ipset(s) datasource

* update docs

* add security group resource with rules

* docs

* fix security group update, TODO: rule update

* fix after rebase

* add rule update, extract common rule schema, refactor group

* fix linter  errors

* bump linter for ci

* make alias and ipset reusable

* make security group reusable

* refactor datasources

* add security group datasources

* fix linter errors

* update docs

TODO: documentation for group datasources

* add sg docs, update doc index

* minor cleanup

* fix examples & tests

* stub for firewall-level options and rules

* extract firewall interface

* add firewall options and rules on the cluster level

TODO: issues with rule list management

* refactor all resources format AGAIN, now more flat, without complex subresources

* sort out hierarchy of APIs and remove duplication in API wrappers

* bring back security group

* finally, working rules

* restore cluster firewall option

* add containers support

* add options

* move rules back under security group, update docs

* fix vm_id / container_id attrs

* add examples

* cleanup

* more cleanup


Release-As: 0.17.0-rc1
2023-04-02 18:01:10 -04:00

224 lines
6.6 KiB
Go
Raw Blame History

/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
package datasource
import (
"context"
"time"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/bpg/terraform-provider-proxmox/proxmoxtf"
)
const (
mkDataSourceVirtualEnvironmentUserACL = "acl"
mkDataSourceVirtualEnvironmentUserACLPath = "path"
mkDataSourceVirtualEnvironmentUserACLPropagate = "propagate"
mkDataSourceVirtualEnvironmentUserACLRoleID = "role_id"
mkDataSourceVirtualEnvironmentUserComment = "comment"
mkDataSourceVirtualEnvironmentUserEmail = "email"
mkDataSourceVirtualEnvironmentUserEnabled = "enabled"
mkDataSourceVirtualEnvironmentUserExpirationDate = "expiration_date"
mkDataSourceVirtualEnvironmentUserFirstName = "first_name"
mkDataSourceVirtualEnvironmentUserGroups = "groups"
mkDataSourceVirtualEnvironmentUserKeys = "keys"
mkDataSourceVirtualEnvironmentUserLastName = "last_name"
mkDataSourceVirtualEnvironmentUserUserID = "user_id"
)
func User() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
mkDataSourceVirtualEnvironmentUserACL: {
Type: schema.TypeSet,
Description: "The access control list",
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
mkDataSourceVirtualEnvironmentUserACLPath: {
Type: schema.TypeString,
Computed: true,
Description: "The path",
},
mkDataSourceVirtualEnvironmentUserACLPropagate: {
Type: schema.TypeBool,
Computed: true,
Description: "Whether to propagate to child paths",
},
mkDataSourceVirtualEnvironmentUserACLRoleID: {
Type: schema.TypeString,
Computed: true,
Description: "The role id",
},
},
},
},
mkDataSourceVirtualEnvironmentUserComment: {
Type: schema.TypeString,
Description: "The user comment",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserEmail: {
Type: schema.TypeString,
Description: "The user's email address",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserEnabled: {
Type: schema.TypeBool,
Description: "Whether the user account is enabled",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserExpirationDate: {
Type: schema.TypeString,
Description: "The user account's expiration date",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserFirstName: {
Type: schema.TypeString,
Description: "The user's first name",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserGroups: {
Type: schema.TypeList,
Description: "The user's groups",
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
mkDataSourceVirtualEnvironmentUserKeys: {
Type: schema.TypeString,
Description: "The user's keys",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserLastName: {
Type: schema.TypeString,
Description: "The user's last name",
Computed: true,
},
mkDataSourceVirtualEnvironmentUserUserID: {
Type: schema.TypeString,
Description: "The user id",
Required: true,
},
},
ReadContext: userRead,
}
}
func userRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
var diags diag.Diagnostics
config := m.(proxmoxtf.ProviderConfiguration)
veClient, err := config.GetVEClient()
if err != nil {
return diag.FromErr(err)
}
userID := d.Get(mkDataSourceVirtualEnvironmentUserUserID).(string)
v, err := veClient.GetUser(ctx, userID)
if err != nil {
return diag.FromErr(err)
}
acl, err := veClient.GetACL(ctx)
if err != nil {
return diag.FromErr(err)
}
d.SetId(userID)
var aclParsed []interface{}
for _, v := range acl {
if v.Type == "user" && v.UserOrGroupID == userID {
aclEntry := map[string]interface{}{}
aclEntry[mkDataSourceVirtualEnvironmentUserACLPath] = v.Path
if v.Propagate != nil {
aclEntry[mkDataSourceVirtualEnvironmentUserACLPropagate] = bool(*v.Propagate)
} else {
aclEntry[mkDataSourceVirtualEnvironmentUserACLPropagate] = false
}
aclEntry[mkDataSourceVirtualEnvironmentUserACLRoleID] = v.RoleID
aclParsed = append(aclParsed, aclEntry)
}
}
err = d.Set(mkDataSourceVirtualEnvironmentUserACL, aclParsed)
diags = append(diags, diag.FromErr(err)...)
if v.Comment != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserComment, v.Comment)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserComment, "")
}
diags = append(diags, diag.FromErr(err)...)
if v.Email != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserEmail, v.Email)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserEmail, "")
}
diags = append(diags, diag.FromErr(err)...)
if v.Enabled != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserEnabled, v.Enabled)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserEnabled, true)
}
diags = append(diags, diag.FromErr(err)...)
if v.ExpirationDate != nil {
t := time.Time(*v.ExpirationDate)
if t.Unix() > 0 {
err = d.Set(
mkDataSourceVirtualEnvironmentUserExpirationDate,
t.UTC().Format(time.RFC3339),
)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserExpirationDate, time.Unix(0, 0).UTC().Format(time.RFC3339))
}
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserExpirationDate, time.Unix(0, 0).UTC().Format(time.RFC3339))
}
diags = append(diags, diag.FromErr(err)...)
if v.FirstName != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserFirstName, v.FirstName)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserFirstName, "")
}
diags = append(diags, diag.FromErr(err)...)
if v.Groups != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserGroups, v.Groups)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserGroups, []string{})
}
diags = append(diags, diag.FromErr(err)...)
if v.Keys != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUsersKeys, v.Keys)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUsersKeys, "")
}
diags = append(diags, diag.FromErr(err)...)
if v.LastName != nil {
err = d.Set(mkDataSourceVirtualEnvironmentUserLastName, v.LastName)
} else {
err = d.Set(mkDataSourceVirtualEnvironmentUserLastName, "")
}
diags = append(diags, diag.FromErr(err)...)
return diags
}
View Git Blame Copy Permalink