Skip to content

Commit 787417c

Browse files
authored
DAITDS-290/DAITDS-291 permissions fixes (#263)
* fix missing diffsuppress * fix missing state read of DNS record ACLs
1 parent 7581377 commit 787417c

1 file changed

Lines changed: 34 additions & 12 deletions

File tree

ns1/permissions.go

Lines changed: 34 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,10 @@ import (
77

88
func addPermsSchema(s map[string]*schema.Schema) map[string]*schema.Schema {
99
dnsRecords := &schema.Schema{
10-
Type: schema.TypeList,
11-
Optional: true,
12-
Required: false,
10+
Type: schema.TypeList,
11+
Optional: true,
12+
Required: false,
13+
DiffSuppressFunc: suppressPermissionDiff,
1314
Elem: &schema.Resource{
1415
Schema: map[string]*schema.Schema{
1516
"domain": {
@@ -52,14 +53,16 @@ func addPermsSchema(s map[string]*schema.Schema) map[string]*schema.Schema {
5253
DiffSuppressFunc: suppressPermissionDiff,
5354
}
5455
s["dns_zones_deny"] = &schema.Schema{
55-
Type: schema.TypeList,
56-
Optional: true,
57-
Elem: &schema.Schema{Type: schema.TypeString},
56+
Type: schema.TypeList,
57+
Optional: true,
58+
Elem: &schema.Schema{Type: schema.TypeString},
59+
DiffSuppressFunc: suppressPermissionDiff,
5860
}
5961
s["dns_zones_allow"] = &schema.Schema{
60-
Type: schema.TypeList,
61-
Optional: true,
62-
Elem: &schema.Schema{Type: schema.TypeString},
62+
Type: schema.TypeList,
63+
Optional: true,
64+
Elem: &schema.Schema{Type: schema.TypeString},
65+
DiffSuppressFunc: suppressPermissionDiff,
6366
}
6467
s["data_push_to_datafeeds"] = &schema.Schema{
6568
Type: schema.TypeBool,
@@ -258,18 +261,24 @@ func permissionsToResourceData(d *schema.ResourceData, permissions account.Permi
258261
d.Set("ipam_manage_ipam", permissions.IPAM.ManageIPAM)
259262
d.Set("ipam_view_ipam", permissions.IPAM.ViewIPAM)
260263
}
264+
if permissions.DNS.RecordsAllow != nil {
265+
d.Set("dns_records_allow", dnsRecordsACLtoSchema(permissions.DNS.RecordsAllow))
266+
}
267+
if permissions.DNS.RecordsDeny != nil {
268+
d.Set("dns_records_deny", dnsRecordsACLtoSchema(permissions.DNS.RecordsDeny))
269+
}
261270
}
262271

263272
func resourceDataToPermissions(d *schema.ResourceData) account.PermissionsMap {
264273
var p account.PermissionsMap
265274

266275
if v, ok := d.GetOk("dns_records_allow"); ok {
267-
p.DNS.RecordsAllow = SchemaToRecordArray(v)
276+
p.DNS.RecordsAllow = schemaToDNSRecordsACL(v)
268277
} else {
269278
p.DNS.RecordsAllow = []account.PermissionsRecord{}
270279
}
271280
if v, ok := d.GetOk("dns_records_deny"); ok {
272-
p.DNS.RecordsDeny = SchemaToRecordArray(v)
281+
p.DNS.RecordsDeny = schemaToDNSRecordsACL(v)
273282
} else {
274283
p.DNS.RecordsDeny = []account.PermissionsRecord{}
275284
}
@@ -381,7 +390,20 @@ func resourceDataToPermissions(d *schema.ResourceData) account.PermissionsMap {
381390
return p
382391
}
383392

384-
func SchemaToRecordArray(v interface{}) []account.PermissionsRecord {
393+
func dnsRecordsACLtoSchema(acls []account.PermissionsRecord) []map[string]interface{} {
394+
results := make([]map[string]interface{}, len(acls))
395+
for i, r := range acls {
396+
m := make(map[string]interface{})
397+
m["domain"] = r.Domain
398+
m["include_subdomains"] = r.Subdomains
399+
m["zone"] = r.Zone
400+
m["type"] = r.RecordType
401+
results[i] = m
402+
}
403+
return results
404+
}
405+
406+
func schemaToDNSRecordsACL(v interface{}) []account.PermissionsRecord {
385407
if schemaRecord, ok := v.([]interface{}); ok {
386408
var records []account.PermissionsRecord
387409
for _, sr := range schemaRecord {

0 commit comments

Comments
 (0)