User data source (#48)

Co-authored-by: Marcelo Vargas <[email protected]>

Author: deanhuynh

docs/data-sources/user.md

@@ -0,0 +1,59 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "segment_user Data Source - terraform-provider-segment"
+subcategory: ""
+description: |-
+  A user belonging to a Segment Workspace.
+---
+
+# segment_user (Data Source)
+
+A user belonging to a Segment Workspace.
+
+## Example Usage
+
+```terraform
+# Gets the user info
+data "segment_user" "me" {
+  id = "abc123"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier for this user.
+
+### Read-Only
+
+- `email` (String) The email address associated with this user.
+- `name` (String) The human-readable name of this user.
+- `permissions` (Attributes Set) The permissions associated with this user. (see [below for nested schema](#nestedatt--permissions))
+
+<a id="nestedatt--permissions"></a>
+### Nested Schema for `permissions`
+
+Read-Only:
+
+- `resources` (Attributes Set) The resources associated with this permission. (see [below for nested schema](#nestedatt--permissions--resources))
+- `role_id` (String) The id of the role associated with this permission.
+
+<a id="nestedatt--permissions--resources"></a>
+### Nested Schema for `permissions.resources`
+
+Read-Only:
+
+- `id` (String) The id of this resource.
+- `labels` (Attributes Set) The labels that further refine access to this resource. Labels are exclusive to Workspace-level permissions. (see [below for nested schema](#nestedatt--permissions--resources--labels))
+- `type` (String) The type for this resource.
+
+<a id="nestedatt--permissions--resources--labels"></a>
+### Nested Schema for `permissions.resources.labels`
+
+Read-Only:
+
+- `description` (String) An optional description of the purpose of this label.
+- `key` (String) The key that represents the name of this label.
+- `value` (String) The value associated with the key of this label.

docs/resources/user.md

@@ -3,12 +3,12 @@
 page_title: "segment_user Resource - terraform-provider-segment"
 subcategory: ""
 description: |-
-  A user or invite belonging to a Segment Workspace. Only users may be imported
+  A user or invite belonging to a Segment Workspace. Only users may be imported.
 ---
 
 # segment_user (Resource)
 
-A user or invite belonging to a Segment Workspace. Only users may be imported
+A user or invite belonging to a Segment Workspace. Only users may be imported.
 
 ## Example Usage
 

examples/data-sources/segment_user/data-source.tf

@@ -0,0 +1,4 @@
+# Gets the user info
+data "segment_user" "me" {
+  id = "abc123"
+}

internal/provider/models/user.go

@@ -34,6 +34,31 @@ func (u *UserState) Fill(user api.UserV1) error {
 	return nil
 }
 
+type UserDataSourceState struct {
+	ID          types.String      `tfsdk:"id"`
+	Name        types.String      `tfsdk:"name"`
+	Email       types.String      `tfsdk:"email"`
+	Permissions []PermissionState `tfsdk:"permissions"`
+}
+
+func (u *UserDataSourceState) Fill(user api.UserV1) error {
+	u.ID = types.StringValue(user.Id)
+	u.Name = types.StringValue(user.Name)
+	u.Email = types.StringValue(user.Email)
+
+	u.Permissions = []PermissionState{}
+	for _, p := range user.Permissions {
+		var permission PermissionState
+		err := permission.Fill(p)
+		if err != nil {
+			return err
+		}
+		u.Permissions = append(u.Permissions, permission)
+	}
+
+	return nil
+}
+
 type PermissionState struct {
 	RoleID    types.String    `tfsdk:"role_id"`
 	Resources []ResourceState `tfsdk:"resources"`

internal/provider/provider.go

@@ -164,6 +164,7 @@ func (p *segmentProvider) DataSources(_ context.Context) []func() datasource.Dat
 		NewWarehouseDataSource,
 		NewTrackingPlanDataSource,
 		NewRoleDataSource,
+		NewUserDataSource,
 	}
 }
 

internal/provider/user_data_source.go

@@ -0,0 +1,163 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/segmentio/terraform-provider-segment/internal/provider/models"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/segmentio/public-api-sdk-go/api"
+)
+
+var (
+	_ datasource.DataSource              = &userDataSource{}
+	_ datasource.DataSourceWithConfigure = &userDataSource{}
+)
+
+type userDataSource struct {
+	client      *api.APIClient
+	authContext context.Context
+}
+
+func NewUserDataSource() datasource.DataSource {
+	return &userDataSource{}
+}
+
+func (d *userDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	config, ok := req.ProviderData.(*ClientInfo)
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Data Source Configure Type",
+			fmt.Sprintf("Expected ClientInfo, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+
+		return
+	}
+
+	d.client = config.client
+	d.authContext = config.authContext
+}
+
+func (d *userDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_user"
+}
+
+func (d *userDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Description: "A user belonging to a Segment Workspace.",
+		Attributes: map[string]schema.Attribute{
+			"id": schema.StringAttribute{
+				Required:    true,
+				Description: "The unique identifier for this user.",
+			},
+			"name": schema.StringAttribute{
+				Description: "The human-readable name of this user.",
+				Computed:    true,
+			},
+			"email": schema.StringAttribute{
+				Description: "The email address associated with this user.",
+				Computed:    true,
+			},
+			"permissions": schema.SetNestedAttribute{
+				Description: "The permissions associated with this user.",
+				Computed:    true,
+				NestedObject: schema.NestedAttributeObject{
+					Attributes: map[string]schema.Attribute{
+						"role_id": schema.StringAttribute{
+							Description: "The id of the role associated with this permission.",
+							Computed:    true,
+						},
+						"resources": schema.SetNestedAttribute{
+							Description: "The resources associated with this permission.",
+							Computed:    true,
+							NestedObject: schema.NestedAttributeObject{
+								Attributes: map[string]schema.Attribute{
+									"id": schema.StringAttribute{
+										Description: "The id of this resource.",
+										Computed:    true,
+									},
+									"type": schema.StringAttribute{
+										Description: "The type for this resource.",
+										Computed:    true,
+									},
+									"labels": schema.SetNestedAttribute{
+										Description: "The labels that further refine access to this resource. Labels are exclusive to Workspace-level permissions.",
+										Computed:    true,
+										NestedObject: schema.NestedAttributeObject{
+											Attributes: map[string]schema.Attribute{
+												"key": schema.StringAttribute{
+													Description: "The key that represents the name of this label.",
+													Computed:    true,
+												},
+												"value": schema.StringAttribute{
+													Description: "The value associated with the key of this label.",
+													Computed:    true,
+												},
+												"description": schema.StringAttribute{
+													Description: "An optional description of the purpose of this label.",
+													Computed:    true,
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func (d *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var config models.UserDataSourceState
+	diags := req.Config.Get(ctx, &config)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	id := config.ID.ValueString()
+	if id == "" {
+		resp.Diagnostics.AddError("Unable to read user", "ID is empty")
+
+		return
+	}
+
+	out, body, err := d.client.IAMUsersApi.GetUser(d.authContext, id).Execute()
+	if body != nil {
+		defer body.Body.Close()
+	}
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Unable to read user",
+			getError(err, body),
+		)
+
+		return
+	}
+
+	var state models.UserDataSourceState
+	err = state.Fill(api.UserV1(out.Data.User))
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Unable to read user",
+			err.Error(),
+		)
+
+		return
+	}
+
+	diags = resp.State.Set(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+}