Merge pull request #5851 from cloudflare/tamas/zero_trust_access_policy_

chore: modernize zero_trust_access_policy acceptance tests

Author: tamas-jozsa

internal/services/zero_trust_access_policy/normalizations.go

@@ -3,6 +3,7 @@ package zero_trust_access_policy
 import (
 	"context"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-framework/types/basetypes"
 )
 
@@ -39,3 +40,21 @@ func normalizeReadZeroTrustAccessPolicyAPIData(ctx context.Context, data, source
 
 	return diags
 }
+
+// Specialized normalization for import operations where API omits false boolean values
+func normalizeImportZeroTrustAccessPolicyAPIData(ctx context.Context, data *ZeroTrustAccessPolicyModel) diag.Diagnostics {
+	diags := make(diag.Diagnostics, 0)
+
+	// Set boolean fields to false if they are null (API omits false values during import)
+	if data.ApprovalRequired.IsNull() {
+		data.ApprovalRequired = types.BoolValue(false)
+	}
+	if data.IsolationRequired.IsNull() {
+		data.IsolationRequired = types.BoolValue(false)
+	}
+	if data.PurposeJustificationRequired.IsNull() {
+		data.PurposeJustificationRequired = types.BoolValue(false)
+	}
+
+	return diags
+}

internal/services/zero_trust_access_policy/resource.go

@@ -84,6 +84,10 @@ func (r *ZeroTrustAccessPolicyResource) Create(ctx context.Context, req resource
 		resp.Diagnostics.AddError("failed to make http request", err.Error())
 		return
 	}
+	if res == nil || res.Body == nil {
+		resp.Diagnostics.AddError("failed to read response", "Response or response body is nil")
+		return
+	}
 	bytes, _ := io.ReadAll(res.Body)
 	err = apijson.UnmarshalComputed(bytes, &env)
 	if err != nil {
@@ -133,6 +137,10 @@ func (r *ZeroTrustAccessPolicyResource) Update(ctx context.Context, req resource
 		resp.Diagnostics.AddError("failed to make http request", err.Error())
 		return
 	}
+	if res == nil || res.Body == nil {
+		resp.Diagnostics.AddError("failed to read response", "Response or response body is nil")
+		return
+	}
 	bytes, _ := io.ReadAll(res.Body)
 	err = apijson.UnmarshalComputed(bytes, &env)
 	if err != nil {
@@ -180,6 +188,10 @@ func (r *ZeroTrustAccessPolicyResource) Read(ctx context.Context, req resource.R
 		resp.Diagnostics.AddError("failed to make http request", err.Error())
 		return
 	}
+	if res == nil || res.Body == nil {
+		resp.Diagnostics.AddError("failed to read response", "Response or response body is nil")
+		return
+	}
 	bytes, _ := io.ReadAll(res.Body)
 	err = apijson.Unmarshal(bytes, &env)
 	if err != nil {
@@ -258,6 +270,10 @@ func (r *ZeroTrustAccessPolicyResource) ImportState(ctx context.Context, req res
 		resp.Diagnostics.AddError("failed to make http request", err.Error())
 		return
 	}
+	if res == nil || res.Body == nil {
+		resp.Diagnostics.AddError("failed to read response", "Response or response body is nil")
+		return
+	}
 	bytes, _ := io.ReadAll(res.Body)
 	err = apijson.Unmarshal(bytes, &env)
 	if err != nil {
@@ -266,6 +282,9 @@ func (r *ZeroTrustAccessPolicyResource) ImportState(ctx context.Context, req res
 	}
 	data = &env.Result
 
+	// Apply import-specific normalizations to handle API omissions
+	resp.Diagnostics.Append(normalizeImportZeroTrustAccessPolicyAPIData(ctx, data)...)
+
 	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
 }