Revert "fix: zt org test assertions and normalizations"

vaishakdinesh · web-flow · commit 7041a0d8bde5 · 2025-08-14T20:23:55.000-07:00
diff --git a/internal/services/zero_trust_organization/normalizations.go b/internal/services/zero_trust_organization/normalizations.go
@@ -44,8 +44,7 @@ func normalizeImportZeroTrustOrganizationAPIData(_ context.Context, data *ZeroTr
 		data.AutoRedirectToIdentity = types.BoolValue(false)
 	}
 
-	var empty ZeroTrustOrganizationLoginDesignModel
-	if data.LoginDesign != nil || *data.LoginDesign == empty {
+	if data.LoginDesign != nil && *data.LoginDesign == (ZeroTrustOrganizationLoginDesignModel{}) {
 		data.LoginDesign = nil
 	}
 
diff --git a/internal/services/zero_trust_organization/resource_test.go b/internal/services/zero_trust_organization/resource_test.go
@@ -10,7 +10,6 @@ import (
 	"github.com/cloudflare/terraform-provider-cloudflare/internal/consts"
 	"github.com/cloudflare/terraform-provider-cloudflare/internal/utils"
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
-	"github.com/hashicorp/terraform-plugin-testing/plancheck"
 	"github.com/hashicorp/terraform-plugin-testing/terraform"
 )
 
@@ -44,7 +43,7 @@ func TestAccCloudflareAccessOrganization(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "auth_domain", rnd+"-"+testAuthDomain()),
 					resource.TestCheckResourceAttr(name, "is_ui_read_only", "false"),
 					resource.TestCheckResourceAttr(name, "user_seat_expiration_inactive_time", "1460h"),
-					resource.TestCheckResourceAttr(name, "auto_redirect_to_identity", "false"),
+					resource.TestCheckNoResourceAttr(name, "auto_redirect_to_identity"),
 					resource.TestCheckResourceAttr(name, "login_design.background_color", "#FFFFFF"),
 					resource.TestCheckResourceAttr(name, "login_design.text_color", "#000000"),
 					resource.TestCheckResourceAttr(name, "login_design.logo_path", "https://example.com/logo.png"),
@@ -54,33 +53,29 @@ func TestAccCloudflareAccessOrganization(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "warp_auth_session_duration", "36h"),
 					resource.TestCheckResourceAttr(name, "allow_authenticate_via_warp", "false"),
 				),
+				ResourceName:     name,
+				ImportState:      true,
+				ImportStateId:    accountID,
+				ImportStateCheck: accessOrgImportStateCheck,
 			},
 			{
-				Config: testAccCloudflareAccessOrganizationConfigBasic(rnd, accountID, headerText, testAuthDomain()),
+				Config: testAccCloudflareAccessOrganizationConfigBasic(rnd, accountID, headerText+" updated", testAuthDomain()),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID),
 					resource.TestCheckResourceAttr(name, "name", testAuthDomain()),
 					resource.TestCheckResourceAttr(name, "auth_domain", rnd+"-"+testAuthDomain()),
 					resource.TestCheckResourceAttr(name, "is_ui_read_only", "false"),
 					resource.TestCheckResourceAttr(name, "user_seat_expiration_inactive_time", "1460h"),
-					resource.TestCheckResourceAttr(name, "auto_redirect_to_identity", "false"),
+					resource.TestCheckNoResourceAttr(name, "auto_redirect_to_identity"),
 					resource.TestCheckResourceAttr(name, "login_design.background_color", "#FFFFFF"),
 					resource.TestCheckResourceAttr(name, "login_design.text_color", "#000000"),
 					resource.TestCheckResourceAttr(name, "login_design.logo_path", "https://example.com/logo.png"),
-					resource.TestCheckResourceAttr(name, "login_design.header_text", headerText),
+					resource.TestCheckResourceAttr(name, "login_design.header_text", headerText+" updated"),
 					resource.TestCheckResourceAttr(name, "login_design.footer_text", "My footer text"),
 					resource.TestCheckResourceAttr(name, "session_duration", "12h"),
 					resource.TestCheckResourceAttr(name, "warp_auth_session_duration", "36h"),
 					resource.TestCheckResourceAttr(name, "allow_authenticate_via_warp", "false"),
 				),
-				ConfigPlanChecks: resource.ConfigPlanChecks{
-					PreApply: []plancheck.PlanCheck{
-						plancheck.ExpectResourceAction(name, plancheck.ResourceActionNoop),
-						plancheck.ExpectEmptyPlan(),
-					},
-				},
-			},
-			{
 				ResourceName:     name,
 				ImportState:      true,
 				ImportStateId:    accountID,
@@ -100,8 +95,6 @@ func TestAccCloudflareAccessOrganization(t *testing.T) {
 					resource.TestCheckNoResourceAttr(name, "login_design.header_text"),
 					resource.TestCheckNoResourceAttr(name, "login_design.footer_text"),
 				),
-			},
-			{
 				ResourceName:     name,
 				ImportState:      true,
 				ImportStateId:    accountID,
@@ -175,7 +168,7 @@ func accessOrgImportStateCheckEmpty(instanceStates []*terraform.InstanceState) e
 		{field: consts.AccountIDSchemaKey, stateValue: attrs[consts.AccountIDSchemaKey], expectedValue: accountID},
 		{field: "is_ui_read_only", stateValue: attrs["is_ui_read_only"], expectedValue: "false"},
 		{field: "auto_redirect_to_identity", stateValue: attrs["auto_redirect_to_identity"], expectedValue: "false"},
-		{field: "user_seat_expiration_inactive_time", stateValue: attrs["user_seat_expiration_inactive_time"], expectedValue: ""},
+		{field: "user_seat_expiration_inactive_time", stateValue: attrs["user_seat_expiration_inactive_time"], expectedValue: "1460h"},
 	}
 
 	for _, check := range stateChecks {

Original file line number	Diff line number	Diff line change
`@@ -44,8 +44,7 @@ func normalizeImportZeroTrustOrganizationAPIData(_ context.Context, data *ZeroTr`
`44`	`44`	`data.AutoRedirectToIdentity = types.BoolValue(false)`
`45`	`45`	`}`
`46`	`46`
`47`		`- var empty ZeroTrustOrganizationLoginDesignModel`
`48`		`- if data.LoginDesign != nil \|\| *data.LoginDesign == empty {`
	`47`	`+ if data.LoginDesign != nil && *data.LoginDesign == (ZeroTrustOrganizationLoginDesignModel{}) {`
`49`	`48`	`data.LoginDesign = nil`
`50`	`49`	`}`
`51`	`50`