Merge pull request #199 from mploski/feature/add-lookup-definition-support

Add lookup definition support

Author: mploski

CHANGELOG.md

@@ -1,3 +1,6 @@
+## 1.4.28 
+* Support for lookup definition
+
 ## 1.4.27
 * Support for lookup table files
 

client/acl.go

@@ -2,12 +2,13 @@ package client
 
 import (
 	"fmt"
+	"log"
 	"net/http"
+	"net/http/httputil"
 	"strings"
 
-	"github.com/splunk/terraform-provider-splunk/client/models"
-
 	"github.com/google/go-querystring/query"
+	"github.com/splunk/terraform-provider-splunk/client/models"
 )
 
 // https://docs.splunk.com/Documentation/Splunk/8.0.4/RESTUM/RESTusing#Access_Control_List
@@ -62,11 +63,21 @@ func (client *Client) UpdateAcl(owner, app, name string, acl *models.ACLObject,
 	resourcePath = append(resourcePath, name, "acl")
 	endpoint := client.BuildSplunkURL(nil, resourcePath...)
 	resp, err := client.Post(endpoint, values)
+	requestBody, _ := httputil.DumpRequest(resp.Request, false)
 	if err != nil {
 		return fmt.Errorf("GET failed for endpoint %s: %s", endpoint.Path, err)
 	}
 
 	defer resp.Body.Close()
+
+	respBody, error := httputil.DumpResponse(resp, true)
+	if error != nil {
+		log.Printf("[ERROR] Error occured during acl creation %s", error)
+	}
+
+	log.Printf("[DEBUG] Request object coming acl is: %s and body: %s", string(requestBody), string(values.Encode()))
+	log.Printf("[DEBUG] Response object returned from acl creation: %s", string(respBody))
+
 	return nil
 }
 

client/lookup_definition.go

@@ -0,0 +1,91 @@
+package client
+
+import (
+	"log"
+	"net/http"
+	"net/http/httputil"
+
+	"github.com/google/go-querystring/query"
+	"github.com/splunk/terraform-provider-splunk/client/models"
+)
+
+func (client *Client) CreateLookupDefinitionObject(owner string, app string, splunkLookupDefObj *models.SplunkLookupDefinitionObject) error {
+	values, err := query.Values(&splunkLookupDefObj)
+	if err != nil {
+		return err
+	}
+	endpoint := client.BuildSplunkURL(nil, "servicesNS", owner, app, "data", "transforms", "lookups")
+	resp, err := client.Post(endpoint, values)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	respBody, error := httputil.DumpResponse(resp, true)
+	if error != nil {
+		log.Printf("[ERROR] Error occured during CreateLookupDefinition %s", error)
+	}
+
+	log.Printf("[DEBUG] Response object returned from CreateLookupDefinition is: %s", string(respBody))
+	return nil
+}
+
+func (client *Client) ReadLookupDefinitionObject(name, owner, app string) (*http.Response, error) {
+	endpoint := client.BuildSplunkURL(nil, "servicesNS", owner, app, "data", "transforms", "lookups", name)
+	resp, err := client.Get(endpoint)
+	requestBody, _ := httputil.DumpRequest(resp.Request, true)
+	if err != nil {
+		log.Printf("[ERROR] Error occured during ReadLookupDefinitionObject %s", string(requestBody))
+		return nil, err
+	}
+	respBody, error := httputil.DumpResponse(resp, true)
+	if error != nil {
+		log.Printf("[ERROR] Error occured during ReadLookupDefinitionObject %s", error)
+	}
+
+	log.Printf("[DEBUG] Request object returned from ReadLookupDefinitionObject is: %s", string(requestBody))
+	log.Printf("[DEBUG] Response object returned from ReadLookupDefinitionObject is: %s", string(respBody))
+
+	return resp, nil
+}
+
+func (client *Client) UpdateLookupDefinitionObject(owner string, app string, name string, splunkLookupDefObj *models.SplunkLookupDefinitionObject) error {
+	values, err := query.Values(&splunkLookupDefObj)
+	values.Del("name")
+	if err != nil {
+		return err
+	}
+	endpoint := client.BuildSplunkURL(nil, "servicesNS", owner, app, "data", "transforms", "lookups", name)
+	resp, err := client.Post(endpoint, values)
+	if err != nil {
+		return err
+	}
+	respBody, error := httputil.DumpResponse(resp, true)
+	if error != nil {
+		log.Printf("[ERROR] Error occured during UpdateLookupDefinitionObject %s", error)
+	}
+
+	log.Printf("[DEBUG] Response object returned from UpdateLookupDefinitionObject is: %s", string(respBody))
+
+	defer resp.Body.Close()
+
+	return nil
+}
+
+func (client *Client) DeleteLookupDefinitionObject(owner string, app string, name string) (*http.Response, error) {
+	endpoint := client.BuildSplunkURL(nil, "servicesNS", owner, app, "data", "transforms", "lookups", name)
+	resp, err := client.Delete(endpoint)
+	if err != nil {
+		return nil, err
+	}
+	respBody, error := httputil.DumpResponse(resp, true)
+	if error != nil {
+		log.Printf("[ERROR] Error occured during DeleteLookupDefinitionObject %s", error)
+	}
+
+	log.Printf("[DEBUG] Response object returned from DeleteLookupDefinitionObject is: %s", string(respBody))
+
+	defer resp.Body.Close()
+
+	return resp, nil
+}

client/models/lookup_definition.go

@@ -0,0 +1,17 @@
+package models
+
+type SplunkLookupDefinitionResponse struct {
+	Entry    []SplunkLookupDefinitionEntry `json:"entry"`
+	Messages []ErrorMessage                `json:"messages"`
+}
+
+type SplunkLookupDefinitionEntry struct {
+	Name    string                       `json:"name"`
+	ACL     ACLObject                    `json:"acl"`
+	Content SplunkLookupDefinitionObject `json:"content"`
+}
+
+type SplunkLookupDefinitionObject struct {
+	Name     string `json:"name,omitempty" url:"name,omitempty"`
+	Filename string `json:"filename,omitempty" url:"filename,omitempty"`
+}

docs/resources/lookup_definition.md

@@ -0,0 +1,33 @@
+
+# Resource: splunk_lookup_definition
+
+Manage lookup definitions in Splunk. For more information on lookup definitions, refer to the official Splunk documentation: https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Aboutlookupsandfieldactions
+
+## Example Usage
+```hcl
+resource "splunk_lookup_definition" "example" {
+  name     = "example_lookup_definition"
+  filename = "example_lookup_file.csv"
+  acl {
+    owner   = "admin"
+    app     = "search"
+    sharing = "app"
+    read    = ["*"]
+    write   = ["admin"]
+  }
+}
+```
+
+## Argument Reference
+This resource block supports the following arguments:
+* `name` - (Required) A unique name for the lookup definition within the app context.
+* `filename` - (Required) The filename for the lookup table, usually ending in `.csv`.
+* `acl` - (Optional) Defines the access control list (ACL) for the lookup definition. See [acl.md](acl.md) for more details.
+
+## Validation Rules
+When `acl.sharing` is set to `user`, the `acl.read` and `acl.write` fields must not be explicitly set. Setting them will trigger a validation error.
+
+## Attribute Reference
+In addition to the arguments listed above, this resource exports the following attributes:
+
+* `id` - The ID of the lookup table file resource.

splunk/acl.go

@@ -1,7 +1,10 @@
 package splunk
 
 import (
+	"fmt"
+
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 	"github.com/splunk/terraform-provider-splunk/client/models"
 )
 
@@ -29,31 +32,29 @@ func aclSchema() *schema.Schema {
 						"nobody = All users may access the resource, but write access to the resource might be restricted.",
 				},
 				"sharing": {
-					Type:     schema.TypeString,
-					Optional: true,
-					Computed: true,
+					Type:         schema.TypeString,
+					Optional:     true,
+					Computed:     true,
+					ValidateFunc: validation.StringInSlice([]string{"user", "app", "global"}, false),
+					ForceNew:     true,
 					Description: "Indicates how the resource is shared. Required for updating any knowledge object ACL properties." +
 						"app: Shared within a specific app" +
 						"global: (Default) Shared globally to all apps." +
 						"user: Private to a user",
 				},
 				"read": {
-					Type:     schema.TypeList,
-					Optional: true,
-					Computed: true,
-					Elem: &schema.Schema{
-						Type: schema.TypeString,
-					},
+					Type:        schema.TypeList,
+					Optional:    true,
+					Computed:    true,
+					Elem:        &schema.Schema{Type: schema.TypeString},
 					Description: "Properties that indicate resource read permissions.",
 				},
 				"write": {
-					Type:     schema.TypeList,
-					Optional: true,
-					Computed: true,
-					Elem: &schema.Schema{
-						Type: schema.TypeString,
-					},
-					Description: "Properties that indicate write permissions of the resource.",
+					Type:        schema.TypeList,
+					Optional:    true,
+					Computed:    true,
+					Elem:        &schema.Schema{Type: schema.TypeString},
+					Description: "Properties that indicate resource write permissions.",
 				},
 				"can_change_perms": {
 					Type:        schema.TypeBool,
@@ -96,6 +97,37 @@ func aclSchema() *schema.Schema {
 	}
 }
 
+func aclValidator(diff *schema.ResourceDiff, v interface{}) error {
+	acl := diff.Get("acl").([]interface{})
+	if len(acl) == 0 {
+		return nil
+	}
+	// Assert that each item is a map[string]interface{}
+	aclMap, ok := acl[0].(map[string]interface{})
+	if !ok {
+		return fmt.Errorf("Value cannot be mapped to map!")
+	}
+
+	// Check if sharing has changed to "user"
+	if diff.HasChange("acl.0.sharing") {
+		_, new := diff.GetChange("acl.0.sharing")
+		if new == "user" {
+			// Check if `read` or `write` attributes are explicitly set in the configuration, ignoring persisted state
+			if diff.HasChange("acl.0.read") {
+				if aclMap["read"] != nil && len(aclMap["read"].([]interface{})) > 0 {
+					return fmt.Errorf("`acl.read` cannot be set when `acl.sharing` is `user`")
+				}
+			}
+			if diff.HasChange("acl.0.write") {
+				if aclMap["write"] != nil && len(aclMap["write"].([]interface{})) > 0 {
+					return fmt.Errorf("`acl.write` cannot be set when `acl.sharing` is `user`")
+				}
+			}
+		}
+	}
+	return nil
+}
+
 func getACLConfig(r []interface{}) (acl *models.ACLObject) {
 	acl = &models.ACLObject{}
 	for _, v := range r {

splunk/provider.go

@@ -91,6 +91,7 @@ func providerResources() map[string]*schema.Resource {
 		"splunk_outputs_tcp_group":           outputsTCPGroup(),
 		"splunk_outputs_tcp_syslog":          outputsTCPSyslog(),
 		"splunk_saved_searches":              savedSearches(),
+		"splunk_lookup_definition":           splunkLookupDefinitions(),
 		"splunk_sh_indexes_manager":          shIndexesManager(),
 		"splunk_indexes":                     index(),
 		"splunk_configs_conf":                configsConf(),