-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add user_role_binding resource to manage users' roles (#161)
* add user_role_binding resource to manage users' roles * move back resource map; change users to be a set of strings * bump rate limit for local testing * implement tests * fix tests * fix import and lint * fix tf import and add tests; docs; review suggestions * bump version * Update lightstep/resource_user_role_binding.go Co-authored-by: Isaak Krautwurst <[email protected]> * Update lightstep/resource_user_role_binding.go Co-authored-by: Isaak Krautwurst <[email protected]> * Update lightstep/resource_user_role_binding.go Co-authored-by: Isaak Krautwurst <[email protected]> * update docs --------- Co-authored-by: Isaak Krautwurst <[email protected]>
- Loading branch information
1 parent
17210dd
commit 6c117d2
Showing
9 changed files
with
562 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1.78.1 | ||
1.80.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
package client | ||
|
||
import ( | ||
"context" | ||
"encoding/json" | ||
"fmt" | ||
"net/url" | ||
) | ||
|
||
type RoleBinding struct { | ||
RoleName string `json:"role-name"` | ||
ProjectName string `json:"project-name"` | ||
Users []string `json:"users"` | ||
} | ||
|
||
func (rb RoleBinding) ID() string { | ||
if rb.ProjectName == "" { | ||
return rb.RoleName | ||
} | ||
return fmt.Sprintf("%s/%s", rb.RoleName, rb.ProjectName) | ||
} | ||
|
||
type updateRoleBindingAPIResponse struct { | ||
Attributes RoleBinding `json:"attributes,omitempty"` | ||
} | ||
|
||
func (c *Client) ListRoleBinding( | ||
ctx context.Context, | ||
projectName string, | ||
roleName string, | ||
) (RoleBinding, error) { | ||
var resp genericAPIResponse[updateRoleBindingAPIResponse] | ||
|
||
err := c.CallAPI(ctx, "GET", fmt.Sprintf("role-binding?role-name=%s&project=%s", url.QueryEscape(roleName), url.QueryEscape(projectName)), nil, &resp) | ||
if err != nil { | ||
return RoleBinding{}, err | ||
} | ||
|
||
return resp.Data.Attributes, nil | ||
} | ||
|
||
func (c *Client) UpdateRoleBinding( | ||
ctx context.Context, | ||
projectName string, | ||
roleName string, | ||
users ...string, | ||
) (RoleBinding, error) { | ||
var resp Envelope | ||
var roleBinding updateRoleBindingAPIResponse | ||
|
||
bytes, err := json.Marshal(RoleBinding{ | ||
ProjectName: projectName, | ||
RoleName: roleName, | ||
Users: users, | ||
}) | ||
if err != nil { | ||
return roleBinding.Attributes, err | ||
} | ||
|
||
err = c.CallAPI(ctx, "POST", "role-binding", Envelope{Data: bytes}, &resp) | ||
if err != nil { | ||
return roleBinding.Attributes, err | ||
} | ||
|
||
err = json.Unmarshal(resp.Data, &roleBinding.Attributes) | ||
if err != nil { | ||
return roleBinding.Attributes, err | ||
} | ||
|
||
return roleBinding.Attributes, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
package client | ||
|
||
import ( | ||
"context" | ||
"encoding/json" | ||
"net/http" | ||
"net/http/httptest" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
func Test_UserRoleBinding(t *testing.T) { | ||
var server *httptest.Server | ||
server = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | ||
assert.Equal(t, "/public/v0.2/blars/role-binding", r.URL.Path) | ||
|
||
assert.Equal(t, "project with spaces", r.URL.Query().Get("project")) | ||
assert.Equal(t, "project editor", r.URL.Query().Get("role-name")) | ||
|
||
resp, err := json.Marshal(map[string]any{ | ||
"data": map[string]any{ | ||
"attributes": RoleBinding{ | ||
RoleName: "project editor", | ||
ProjectName: "project with spaces", | ||
Users: []string{"[email protected]"}, | ||
}, | ||
}, | ||
}) | ||
require.NoError(t, err) | ||
|
||
w.Write(resp) | ||
w.WriteHeader(http.StatusOK) | ||
})) | ||
defer server.Close() | ||
|
||
t.Setenv("LIGHTSTEP_API_BASE_URL", server.URL) | ||
c := NewClient("api", "blars", "staging") | ||
rb, err := c.ListRoleBinding(context.Background(), "project with spaces", "project editor") | ||
assert.NoError(t, err) | ||
|
||
assert.Equal(t, RoleBinding{ | ||
RoleName: "project editor", | ||
ProjectName: "project with spaces", | ||
Users: []string{"[email protected]"}, | ||
}, rb) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
--- | ||
# generated by https://github.com/hashicorp/terraform-plugin-docs | ||
page_title: "lightstep_user_role_binding Resource - terraform-provider-lightstep" | ||
subcategory: "" | ||
description: |- | ||
This resource is under development and is not generally available yet. | ||
--- | ||
|
||
# lightstep_user_role_binding (Resource) | ||
|
||
This resource is under development and is not generally available yet. | ||
|
||
|
||
|
||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Required | ||
|
||
- `role` (String) Role's name being granted with this role binding. | ||
- `users` (Set of String) Complete list of users that should have this specified role in the organization or in the project (if specified). Important: this list is authoritative; any users not included in this list WILL NOT have this role for the given project or organization. | ||
|
||
### Optional | ||
|
||
- `project` (String) Name of the project where this role will be applied; if omitted the role will be applied to the organization | ||
|
||
### Read-Only | ||
|
||
- `id` (String) The ID of this resource. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.