Skip to content

Commit

Permalink
Add import tests for auth0_resource_server_scope(s)
Browse files Browse the repository at this point in the history
  • Loading branch information
sergiught committed Jun 14, 2023
1 parent 86db0fd commit 5f142ec
Show file tree
Hide file tree
Showing 7 changed files with 3,970 additions and 2,091 deletions.
243 changes: 146 additions & 97 deletions internal/auth0/resourceserver/resource_scope_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,79 +6,139 @@ import (
"testing"

"github.com/hashicorp/terraform-plugin-testing/helper/resource"
"github.com/hashicorp/terraform-plugin-testing/plancheck"
"github.com/hashicorp/terraform-plugin-testing/terraform"
"github.com/stretchr/testify/assert"

"github.com/auth0/terraform-provider-auth0/internal/acctest"
)

const givenAResourceServer = `
resource "auth0_resource_server" "resource_server" {
name = "Acceptance Test - {{.testName}}"
identifier = "https://uat.api.terraform-provider-auth0.com/{{.testName}}"
const testAccResourceWillNotFailOnCreateIfScopeAlreadyExisting = testAccGivenAResourceServerWithNoScopes + `
resource "auth0_resource_server_scope" "read_posts_copy" {
depends_on = [ auth0_resource_server.my_api ]
lifecycle {
ignore_changes = [ scopes ]
}
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts"
}
resource "auth0_resource_server_scope" "read_posts" {
depends_on = [ auth0_resource_server_scope.read_posts_copy ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts"
}
data "auth0_resource_server" "my_api" {
depends_on = [ auth0_resource_server_scope.read_posts_copy ]
resource_server_id = auth0_resource_server.my_api.id
}
`

const givenAScope = `
const testAccResourceServerWithOneScope = testAccGivenAResourceServerWithNoScopes + `
resource "auth0_resource_server_scope" "read_posts" {
resource_server_identifier = auth0_resource_server.resource_server.identifier
depends_on = [ auth0_resource_server.my_api ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts"
}
data "auth0_resource_server" "my_api" {
depends_on = [ auth0_resource_server_scope.read_posts ]
resource_server_id = auth0_resource_server.my_api.id
}
`

const givenAnUpdatedScope = `
const testAccResourceServerWithUpdatedScope = testAccGivenAResourceServerWithNoScopes + `
resource "auth0_resource_server_scope" "read_posts" {
resource_server_identifier = auth0_resource_server.resource_server.identifier
depends_on = [ auth0_resource_server.my_api ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts from API"
}
data "auth0_resource_server" "my_api" {
depends_on = [ auth0_resource_server_scope.read_posts ]
resource_server_id = auth0_resource_server.my_api.id
}
`

const givenAnotherScope = `
const testAccResourceServerWithTwoScopes = testAccGivenAResourceServerWithNoScopes + `
resource "auth0_resource_server_scope" "read_posts" {
depends_on = [ auth0_resource_server.my_api ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts from API"
}
resource "auth0_resource_server_scope" "write_posts" {
depends_on = [ auth0_resource_server_scope.read_posts ]
resource_server_identifier = auth0_resource_server.resource_server.identifier
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "write:posts"
}
`
const testAccNoScopesAssigned = `
resource "auth0_resource_server" "resource_server" {
name = "Acceptance Test - {{.testName}}"
identifier = "https://uat.api.terraform-provider-auth0.com/{{.testName}}"
data "auth0_resource_server" "my_api" {
depends_on = [ auth0_resource_server_scope.write_posts ]
resource_server_id = auth0_resource_server.my_api.id
}
`
const testAccOneScopeAssigned = givenAResourceServer + givenAScope + `
data "auth0_resource_server" "resource_server" {
depends_on = [ auth0_resource_server_scope.read_posts ]

identifier = auth0_resource_server.resource_server.identifier
const testAccResourceServerScopeImportSetup = testAccGivenAResourceServerWithNoScopes + `
resource "auth0_resource_server_scopes" "my_api_scopes" {
depends_on = [ auth0_resource_server.my_api ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scopes {
name = "read:posts"
description = "Can read posts from API"
}
scopes {
name = "write:posts"
}
}
`

const testAccOneScopeAssignedWithUpdate = givenAResourceServer + givenAnUpdatedScope + `
data "auth0_resource_server" "resource_server" {
const testAccResourceServerScopeImportCheck = testAccResourceServerScopeImportSetup + `
resource "auth0_resource_server_scope" "read_posts" {
depends_on = [ auth0_resource_server_scopes.my_api_scopes ]
resource_server_identifier = auth0_resource_server.my_api.identifier
scope = "read:posts"
description = "Can read posts from API"
}
resource "auth0_resource_server_scope" "write_posts" {
depends_on = [ auth0_resource_server_scope.read_posts ]
identifier = auth0_resource_server.resource_server.identifier
}`
resource_server_identifier = auth0_resource_server.my_api.identifier
const testAccTwoScopesAssigned = givenAResourceServer + givenAnUpdatedScope + givenAnotherScope + `
data "auth0_resource_server" "resource_server" {
depends_on = [
auth0_resource_server_scope.read_posts,
auth0_resource_server_scope.write_posts
]
scope = "write:posts"
}
data "auth0_resource_server" "my_api" {
depends_on = [ auth0_resource_server_scope.write_posts ]
identifier = auth0_resource_server.resource_server.identifier
}`
resource_server_id = auth0_resource_server.my_api.id
}
`

func TestAccResourceServerScope(t *testing.T) {
testName := strings.ToLower(t.Name())
Expand All @@ -87,106 +147,95 @@ func TestAccResourceServerScope(t *testing.T) {
acctest.Test(t, resource.TestCase{
Steps: []resource.TestStep{
{
Config: acctest.ParseTestName(testAccNoScopesAssigned, testName),
Config: acctest.ParseTestName(testAccResourceWillNotFailOnCreateIfScopeAlreadyExisting, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_resource_server.resource_server", "scopes.#", "0"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "1"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts_copy", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts_copy", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts_copy", "resource_server_identifier", resourceServerIdentifier),
),
},
{
Config: acctest.ParseTestName(testAccOneScopeAssigned, testName),
Config: acctest.ParseTestName(testAccDeleteResourceServerScopes, testName),
},
{
Config: acctest.ParseTestName(testAccResourceServerWithOneScope, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "1"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "1"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),

resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.value", "read:posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.description", "Can read posts"),
),
},
{
Config: acctest.ParseTestName(testAccOneScopeAssignedWithUpdate, testName),
Config: acctest.ParseTestName(testAccResourceServerWithUpdatedScope, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "1"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "1"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts from API"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),
),
},
{
Config: acctest.ParseTestName(testAccTwoScopesAssigned, testName),
Config: acctest.ParseTestName(testAccResourceServerWithTwoScopes, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "2"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "2"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts from API"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),
resource.TestCheckResourceAttr("auth0_resource_server_scope.write_posts", "scope", "write:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.write_posts", "description", ""),
resource.TestCheckResourceAttr("auth0_resource_server_scope.write_posts", "resource_server_identifier", resourceServerIdentifier),

resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.value", "write:posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.description", ""),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.1.value", "read:posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.1.description", "Can read posts from API"),
),
},
{
Config: acctest.ParseTestName(testAccOneScopeAssignedWithUpdate, testName),
Config: acctest.ParseTestName(testAccDeleteResourceServerScopes, testName),
},
{
RefreshState: true,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "1"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "0"),
),
},
{
Config: acctest.ParseTestName(testAccNoScopesAssigned, testName),
Config: acctest.ParseTestName(testAccResourceServerScopeImportSetup, testName),
},
{
RefreshState: true,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_resource_server.resource_server", "scopes.#", "0"),
),
Config: acctest.ParseTestName(testAccResourceServerScopeImportCheck, testName),
ResourceName: "auth0_resource_server_scope.read_posts",
ImportState: true,
ImportStateIdFunc: func(state *terraform.State) (string, error) {
apiID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_resource_server.my_api", "identifier")
assert.NoError(t, err)

return apiID + "::read:posts", nil
},
ImportStatePersist: true,
},
},
})
}

const testAccResourceWillNotFailOnCreateIfScopeAlreadyExisting = testAccOneScopeAssigned + `
resource "auth0_resource_server_scope" "read_posts-copy" {
depends_on = [ auth0_resource_server_scope.read_posts ]
resource_server_identifier = auth0_resource_server.resource_server.identifier
scope = "read:posts"
description = "Can read posts"
}
`

func TestAccResourceServerScopeWillNotFailOnCreateIfScopeAlreadyExisting(t *testing.T) {
testName := strings.ToLower(t.Name())
resourceServerIdentifier := fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName)

acctest.Test(t, resource.TestCase{
Steps: []resource.TestStep{
{
Config: acctest.ParseTestName(testAccOneScopeAssigned, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "1"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.value", "read:posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.description", "Can read posts"),
),
Config: acctest.ParseTestName(testAccResourceServerScopeImportCheck, testName),
ResourceName: "auth0_resource_server_scope.write_posts",
ImportState: true,
ImportStateIdFunc: func(state *terraform.State) (string, error) {
apiID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_resource_server.my_api", "identifier")
assert.NoError(t, err)

return apiID + "::write:posts", nil
},
ImportStatePersist: true,
},
{
Config: acctest.ParseTestName(testAccResourceWillNotFailOnCreateIfScopeAlreadyExisting, testName),
Config: acctest.ParseTestName(testAccResourceServerScopeImportCheck, testName),
ConfigPlanChecks: resource.ConfigPlanChecks{
PreApply: []plancheck.PlanCheck{
plancheck.ExpectEmptyPlan(),
},
},
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.#", "1"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts", "resource_server_identifier", resourceServerIdentifier),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts-copy", "scope", "read:posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts-copy", "description", "Can read posts"),
resource.TestCheckResourceAttr("auth0_resource_server_scope.read_posts-copy", "resource_server_identifier", resourceServerIdentifier),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.value", "read:posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.resource_server", "scopes.0.description", "Can read posts"),
resource.TestCheckResourceAttr("data.auth0_resource_server.my_api", "scopes.#", "2"),
),
},
},
Expand Down
Loading

0 comments on commit 5f142ec

Please sign in to comment.