allow managing workflow permissions

Author: michaelst

internal/client/models.go

@@ -82,7 +82,8 @@ type WorkflowStep struct {
 	Id   string `json:"id"`
 	Name string `json:"name"`
 	// Action fields
-	Action *WorkflowStepAction `json:"action"`
+	Action      *WorkflowStepAction `json:"action"`
+	Permissions []*Permission       `json:"permissions"`
 }
 
 type WorkflowStepAction struct {
@@ -138,3 +139,23 @@ type DashboardPanelDetails struct {
 	Query        string `json:"query"`
 	CredentialId string `json:"credential_id"`
 }
+
+type Permission struct {
+	Id                 string `json:"id"`
+	Permission         string `json:"permission"`
+	RoleId             string `json:"role_id"`
+	OrganizationUserId string `json:"organization_user_id"`
+}
+
+type Role struct {
+	Id          string `json:"id"`
+	Name        string `json:"name"`
+	Description string `json:"description"`
+	Managed     bool   `json:"managed"`
+}
+
+type User struct {
+	Id    string `json:"id"`
+	Name  string `json:"name"`
+	Email string `json:"email"`
+}

internal/client/role.go

@@ -0,0 +1,27 @@
+package devhub
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+)
+
+func (c *Client) GetRole(name string) (*Role, error) {
+	req, err := http.NewRequest("GET", fmt.Sprintf("%s/api/v1/roles/lookup?name=%s", c.HostURL, name), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	body, err := c.doRequest(req)
+	if err != nil {
+		return nil, err
+	}
+
+	role := Role{}
+	err = json.Unmarshal(body, &role)
+	if err != nil {
+		return nil, err
+	}
+
+	return &role, nil
+}

internal/client/user.go

@@ -0,0 +1,27 @@
+package devhub
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+)
+
+func (c *Client) GetUser(identifier string, lookupBy string) (*User, error) {
+	req, err := http.NewRequest("GET", fmt.Sprintf("%s/api/v1/users/lookup?%s=%s", c.HostURL, lookupBy, identifier), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	body, err := c.doRequest(req)
+	if err != nil {
+		return nil, err
+	}
+
+	user := User{}
+	err = json.Unmarshal(body, &user)
+	if err != nil {
+		return nil, err
+	}
+
+	return &user, nil
+}

internal/provider/devhub_role_data_source.go

@@ -0,0 +1,102 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+	devhub "terraform-provider-devhub/internal/client"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+var (
+	_ datasource.DataSource              = &roleDataSource{}
+	_ datasource.DataSourceWithConfigure = &roleDataSource{}
+)
+
+func NewRoleDataSource() datasource.DataSource {
+	return &roleDataSource{}
+}
+
+type roleDataSource struct {
+	client *devhub.Client
+}
+
+type roleDataSourceModel struct {
+	Id          types.String `tfsdk:"id"`
+	Name        types.String `tfsdk:"name"`
+	Description types.String `tfsdk:"description"`
+	Managed     types.Bool   `tfsdk:"managed"`
+}
+
+func (d *roleDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_role"
+}
+
+func (d *roleDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"id": schema.StringAttribute{
+				Computed: true,
+			},
+			"name": schema.StringAttribute{
+				Required: true,
+			},
+			"description": schema.StringAttribute{
+				Computed: true,
+			},
+			"managed": schema.BoolAttribute{
+				Computed: true,
+			},
+		},
+	}
+}
+
+// Read refreshes the Terraform state with the latest data.
+func (d *roleDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var state roleDataSourceModel
+
+	resp.Diagnostics.Append(req.Config.Get(ctx, &state)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	role, err := d.client.GetRole(state.Name.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error Reading Role",
+			fmt.Sprintf("Could not read role: %s", err.Error()),
+		)
+		return
+	}
+
+	state.Id = types.StringValue(role.Id)
+	state.Name = types.StringValue(role.Name)
+	state.Description = types.StringValue(role.Description)
+	state.Managed = types.BoolValue(role.Managed)
+
+	diags := resp.State.Set(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+}
+
+// Configure adds the provider configured client to the data source.
+func (d *roleDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	client, ok := req.ProviderData.(*devhub.Client)
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Data Source Configure Type",
+			fmt.Sprintf("Expected *devhub.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+		return
+	}
+
+	d.client = client
+}

internal/provider/devhub_user_data_source.go

@@ -0,0 +1,110 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+	devhub "terraform-provider-devhub/internal/client"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+var (
+	_ datasource.DataSource              = &userDataSource{}
+	_ datasource.DataSourceWithConfigure = &userDataSource{}
+)
+
+func NewUserDataSource() datasource.DataSource {
+	return &userDataSource{}
+}
+
+type userDataSource struct {
+	client *devhub.Client
+}
+
+type userDataSourceModel struct {
+	Id    types.String `tfsdk:"id"`
+	Name  types.String `tfsdk:"name"`
+	Email types.String `tfsdk:"email"`
+}
+
+func (d *userDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_user"
+}
+
+func (d *userDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"id": schema.StringAttribute{
+				Computed: true,
+			},
+			"name": schema.StringAttribute{
+				Optional: true,
+			},
+			"email": schema.StringAttribute{
+				Optional: true,
+			},
+		},
+	}
+}
+
+// Read refreshes the Terraform state with the latest data.
+func (d *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var state userDataSourceModel
+
+	resp.Diagnostics.Append(req.Config.Get(ctx, &state)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	lookupBy := ""
+	identifier := ""
+
+	if state.Email.ValueString() != "" {
+		lookupBy = "email"
+		identifier = state.Email.ValueString()
+	}
+
+	if state.Name.ValueString() != "" {
+		lookupBy = "name"
+		identifier = state.Name.ValueString()
+	}
+
+	user, err := d.client.GetUser(identifier, lookupBy)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error Reading User",
+			fmt.Sprintf("Could not read User: %s", err.Error()),
+		)
+		return
+	}
+
+	state.Id = types.StringValue(user.Id)
+	state.Name = types.StringValue(user.Name)
+	state.Email = types.StringValue(user.Email)
+
+	diags := resp.State.Set(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+}
+
+// Configure adds the provider configured client to the data source.
+func (d *userDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	client, ok := req.ProviderData.(*devhub.Client)
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Data Source Configure Type",
+			fmt.Sprintf("Expected *devhub.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+		return
+	}
+
+	d.client = client
+}