Skip to content

Commit c65f3f3

Browse files
authored
match permissions defaults with API defaults (#243)
* permission schema fixes * fix api key test * user test fixes * match defaults to API * fixes * gofmt * INBOX-2226 workaround
1 parent 37412cb commit c65f3f3

4 files changed

Lines changed: 39 additions & 26 deletions

File tree

ns1/config.go

Lines changed: 19 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,9 @@ import (
77
"errors"
88
"fmt"
99
"io"
10-
"io/ioutil"
1110
"log"
1211
"net/http"
12+
"net/http/httputil"
1313
"os"
1414
"strings"
1515

@@ -86,39 +86,49 @@ func (c *Config) Client() (*ns1.Client, error) {
8686
func Logging() ns1.Decorator {
8787
return func(d ns1.Doer) ns1.Doer {
8888
return ns1.DoerFunc(func(r *http.Request) (*http.Response, error) {
89-
log.Printf("[DEBUG] %s: %s %s", r.UserAgent(), r.Method, r.URL)
89+
msgs := []string{}
90+
msgs = append(msgs, fmt.Sprintf("[DEBUG] HTTP %s: %s %s", r.UserAgent(), r.Method, r.URL))
9091
heads := r.Header.Clone()
9192
heads["X-Nsone-Key"] = []string{"<redacted>"}
92-
log.Printf("[DEBUG] Headers: %s", heads)
93+
msgs = append(msgs, fmt.Sprintf("[DEBUG] HTTP Headers: %s", heads))
9394
var err error
9495
if r.Body != nil {
95-
r.Body, err = logRequest(r.Body)
96+
var bodymsg string
97+
r.Body, err, bodymsg = logRequest(r.Body)
9698
if err != nil {
9799
return nil, err
98100
}
101+
msgs = append(msgs, bodymsg)
99102
}
100-
return d.Do(r)
103+
response, rerr := d.Do(r)
104+
dump, _ := httputil.DumpResponse(response, true)
105+
for _, m := range msgs {
106+
log.Printf(m)
107+
}
108+
log.Printf("[DEBUG] HTTP Response: %s", dump)
109+
return response, rerr
101110
})
102111
}
103112
}
104113

105114
// logRequest logs a HTTP request and returns a copy that can be read again
106-
func logRequest(original io.ReadCloser) (io.ReadCloser, error) {
115+
func logRequest(original io.ReadCloser) (io.ReadCloser, error, string) {
107116
// Handle request contentType
108117
var bs bytes.Buffer
109118
defer original.Close()
110119

111120
_, err := io.Copy(&bs, original)
112121
if err != nil {
113-
return nil, err
122+
return nil, err, ""
114123
}
115124

125+
msg := ""
116126
debugInfo, err := formatJSON(bs.Bytes())
117127
if err == nil {
118-
log.Printf("[DEBUG] Request Body: %s", debugInfo)
128+
msg = fmt.Sprintf("[DEBUG] HTTP Request Body: %s", debugInfo)
119129
}
120130

121-
return ioutil.NopCloser(strings.NewReader(bs.String())), nil
131+
return io.NopCloser(strings.NewReader(bs.String())), nil, msg
122132
}
123133

124134
// formatJSON attempts to format a byte slice as indented JSON for pretty printing

ns1/permissions.go

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -155,37 +155,37 @@ func addPermsSchema(s map[string]*schema.Schema) map[string]*schema.Schema {
155155
s["security_manage_global_2fa"] = &schema.Schema{
156156
Type: schema.TypeBool,
157157
Optional: true,
158-
Default: false,
158+
Default: true,
159159
DiffSuppressFunc: suppressPermissionDiff,
160160
}
161161
s["security_manage_active_directory"] = &schema.Schema{
162162
Type: schema.TypeBool,
163163
Optional: true,
164-
Computed: true,
164+
Default: true,
165165
DiffSuppressFunc: suppressPermissionDiff,
166166
}
167167
s["dhcp_manage_dhcp"] = &schema.Schema{
168168
Type: schema.TypeBool,
169169
Optional: true,
170-
Computed: true,
170+
Default: true,
171171
DiffSuppressFunc: suppressPermissionDiff,
172172
}
173173
s["dhcp_view_dhcp"] = &schema.Schema{
174174
Type: schema.TypeBool,
175175
Optional: true,
176-
Computed: true,
176+
Default: true,
177177
DiffSuppressFunc: suppressPermissionDiff,
178178
}
179179
s["ipam_manage_ipam"] = &schema.Schema{
180180
Type: schema.TypeBool,
181181
Optional: true,
182-
Computed: true,
182+
Default: true,
183183
DiffSuppressFunc: suppressPermissionDiff,
184184
}
185185
s["ipam_view_ipam"] = &schema.Schema{
186186
Type: schema.TypeBool,
187187
Optional: true,
188-
Computed: true,
188+
Default: true,
189189
DiffSuppressFunc: suppressPermissionDiff,
190190
}
191191
return s
@@ -354,28 +354,28 @@ func resourceDataToPermissions(d *schema.ResourceData) account.PermissionsMap {
354354
if v, ok := d.GetOk("security_manage_active_directory"); ok {
355355
p.Security.ManageActiveDirectory = v.(bool)
356356
}
357-
if v, ok := d.GetOk("dhcp_manage_dhcp"); ok {
358-
if p.DHCP == nil {
357+
for _, thing := range []string{"dhcp_manage_dhcp", "dhcp_view_dhcp"} {
358+
_, ok := d.GetOkExists(thing)
359+
if d.HasChange(thing) || ok {
359360
p.DHCP = &account.PermissionsDHCP{}
360361
}
362+
}
363+
if v, ok := d.GetOk("dhcp_manage_dhcp"); ok {
361364
p.DHCP.ManageDHCP = v.(bool)
362365
}
363366
if v, ok := d.GetOk("dhcp_view_dhcp"); ok {
364-
if p.DHCP == nil {
365-
p.DHCP = &account.PermissionsDHCP{}
366-
}
367367
p.DHCP.ViewDHCP = v.(bool)
368368
}
369-
if v, ok := d.GetOk("ipam_manage_ipam"); ok {
370-
if p.IPAM == nil {
369+
for _, thing := range []string{"ipam_manage_ipam", "ipam_view_ipam"} {
370+
_, ok := d.GetOkExists(thing)
371+
if d.HasChange(thing) || ok {
371372
p.IPAM = &account.PermissionsIPAM{}
372373
}
374+
}
375+
if v, ok := d.GetOk("ipam_manage_ipam"); ok {
373376
p.IPAM.ManageIPAM = v.(bool)
374377
}
375378
if v, ok := d.GetOk("ipam_view_ipam"); ok {
376-
if p.IPAM == nil {
377-
p.IPAM = &account.PermissionsIPAM{}
378-
}
379379
p.IPAM.ViewIPAM = v.(bool)
380380
}
381381
return p

ns1/resource_team.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,7 +111,9 @@ func TeamCreate(d *schema.ResourceData, meta interface{}) error {
111111
if resp, err := client.Teams.Create(&t); err != nil {
112112
return ConvertToNs1Error(resp, err)
113113
}
114-
return teamToResourceData(d, &t)
114+
// workaround INBOX-2226 - send a GET to refresh object
115+
_ = teamToResourceData(d, &t)
116+
return TeamRead(d, meta)
115117
}
116118

117119
// TeamRead reads the team data from ns1

ns1/resource_user_test.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,7 @@ func TestAccUser_permissions(t *testing.T) {
123123
resource.TestCheckResourceAttr("ns1_user.u", "account_manage_account_settings", "false"),
124124
resource.TestCheckResourceAttr("ns1_user.u", "account_manage_ip_whitelist", "true"),
125125
resource.TestCheckResourceAttr("ns1_user.u", "security_manage_global_2fa", "false"),
126+
resource.TestCheckResourceAttr("ns1_user.u", "security_manage_active_directory", "true"),
126127
),
127128
},
128129
{

0 commit comments

Comments
 (0)