Implicitly force import manually added account-level user (#1063)

Author: nkvuong

aws/resource_user_role.go

@@ -27,4 +27,4 @@ func ResourceUserRole() *schema.Resource {
 				"remove", fmt.Sprintf(`roles[value eq "%s"]`, roleARN), ""))
 		},
 	})
-}
+}

aws/resource_user_role_test.go

@@ -8,17 +8,17 @@ import (
 )
 
 func TestUserRoleCornerCases(t *testing.T) {
-	qa.ResourceCornerCases(t, ResourceUserRole(), 
-		qa.CornerCaseID("a|b"), 
+	qa.ResourceCornerCases(t, ResourceUserRole(),
+		qa.CornerCaseID("a|b"),
 		qa.CornerCaseSkipCRUD("create"))
 }
 
 func TestUserRoleCreate_AndGetResourceDrift(t *testing.T) {
 	qa.ResourceFixture{
 		Fixtures: []qa.HTTPFixture{
 			{
-				Method:   "PATCH",
-				Resource: "/api/2.0/preview/scim/v2/Users/a",
+				Method:          "PATCH",
+				Resource:        "/api/2.0/preview/scim/v2/Users/a",
 				ExpectedRequest: scim.PatchRequest("add", "roles", "b"),
 			},
 			{
@@ -27,11 +27,11 @@ func TestUserRoleCreate_AndGetResourceDrift(t *testing.T) {
 				Response: scim.User{},
 			},
 		},
-		Create: true,
+		Create:   true,
 		Resource: ResourceUserRole(),
 		HCL: `
 		user_id = "a"
 		role = "b"
 		`,
 	}.ExpectError(t, "User has no role")
-}
+}

scim/resource_user.go

@@ -86,13 +86,17 @@ func createForceOverridesManuallyAddedUser(err error, d *schema.ResourceData, us
 	// corner-case for overriding manually provisioned users
 	userName := strings.ReplaceAll(u.UserName, "'", "")
 	force := fmt.Sprintf("User with username %s already exists.", userName)
-	if err.Error() != force {
+	force_account := "User already exists in another account"
+	if (err.Error() != force) && (err.Error() != force_account) {
 		return err
 	}
 	userList, err := usersAPI.Filter(fmt.Sprintf("userName eq '%s'", userName))
 	if err != nil {
 		return err
 	}
+	if len(userList) == 0 {
+		return fmt.Errorf("cannot find %s for force import", userName)
+	}
 	user := userList[0]
 	d.SetId(user.ID)
 	return usersAPI.Update(d.Id(), u)

scim/resource_user_test.go

@@ -404,6 +404,27 @@ func TestCreateForceOverwriteCannotListUsers(t *testing.T) {
 	})
 }
 
+func TestCreateForceOverwriteCannotListAccUsers(t *testing.T) {
+	qa.HTTPFixturesApply(t, []qa.HTTPFixture{
+		{
+			Method:   "GET",
+			Resource: "/api/2.0/preview/scim/v2/Users?filter=userName%20eq%20%27me%40example.com%27",
+			Response: UserList{
+				TotalResults: 0,
+			},
+		},
+	}, func(ctx context.Context, client *common.DatabricksClient) {
+		d := ResourceUser().TestResourceData()
+		d.Set("force", true)
+		err := createForceOverridesManuallyAddedUser(
+			fmt.Errorf("User already exists in another account"),
+			d, NewUsersAPI(ctx, client), User{
+				UserName: "[email protected]",
+			})
+		assert.EqualError(t, err, "cannot find [email protected] for force import")
+	})
+}
+
 func TestCreateForceOverwriteFindsAndSetsID(t *testing.T) {
 	qa.HTTPFixturesApply(t, []qa.HTTPFixture{
 		{
@@ -445,3 +466,45 @@ func TestCreateForceOverwriteFindsAndSetsID(t *testing.T) {
 		assert.Equal(t, "abc", d.Id())
 	})
 }
+
+func TestCreateForceOverwriteFindsAndSetsAccID(t *testing.T) {
+	qa.HTTPFixturesApply(t, []qa.HTTPFixture{
+		{
+			Method:   "GET",
+			Resource: "/api/2.0/preview/scim/v2/Users?filter=userName%20eq%20%27me%40example.com%27",
+			Response: UserList{
+				Resources: []User{
+					{
+						ID: "abc",
+					},
+				},
+			},
+		},
+		{
+			Method:   "GET",
+			Resource: "/api/2.0/preview/scim/v2/Users/abc",
+			Response: User{
+				ID: "abc",
+			},
+		},
+		{
+			Method:   "PUT",
+			Resource: "/api/2.0/preview/scim/v2/Users/abc",
+			ExpectedRequest: User{
+				Schemas:  []URN{UserSchema},
+				UserName: "[email protected]",
+			},
+		},
+	}, func(ctx context.Context, client *common.DatabricksClient) {
+		d := ResourceUser().TestResourceData()
+		d.Set("force", true)
+		d.Set("user_name", "[email protected]")
+		err := createForceOverridesManuallyAddedUser(
+			fmt.Errorf("User already exists in another account"),
+			d, NewUsersAPI(ctx, client), User{
+				UserName: "[email protected]",
+			})
+		assert.NoError(t, err)
+		assert.Equal(t, "abc", d.Id())
+	})
+}