Skip to content

Commit

Permalink
Add tests for importing an auth0_user_permission resource
Browse files Browse the repository at this point in the history
  • Loading branch information
@sergiught
sergiught committed Jun 13, 2023
1 parent dfc862f commit d8ca34f
Show file tree
Hide file tree
Showing 3 changed files with 3,250 additions and 422 deletions.
12 changes: 8 additions & 4 deletions internal/auth0/user/resource_permission.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package user

import (
"context"
"fmt"
"net/http"

"github.com/auth0/go-auth0/management"
Expand Down Expand Up @@ -74,10 +73,14 @@ func createUserPermission(ctx context.Context, data *schema.ResourceData, meta i
Name: &permissionName,
},
}); err != nil {
if mErr, ok := err.(management.Error); ok && mErr.Status() == http.StatusNotFound {
return nil
}

return diag.FromErr(err)
}

data.SetId(fmt.Sprintf(`%s::%s::%s`, userID, resourceServerID, permissionName))
data.SetId(userID + internalSchema.SeparatorDoubleColon + resourceServerID + internalSchema.SeparatorDoubleColon + permissionName)

return readUserPermission(ctx, data, meta)
}
Expand All @@ -95,6 +98,7 @@ func readUserPermission(_ context.Context, data *schema.ResourceData, meta inter
data.SetId("")
return nil
}

return diag.FromErr(err)
}

Expand All @@ -104,6 +108,7 @@ func readUserPermission(_ context.Context, data *schema.ResourceData, meta inter
data.Set("description", p.GetDescription()),
data.Set("resource_server_name", p.GetResourceServerName()),
)

return diag.FromErr(result.ErrorOrNil())
}
}
Expand Down Expand Up @@ -133,12 +138,11 @@ func deleteUserPermission(_ context.Context, data *schema.ResourceData, meta int
},
); err != nil {
if mErr, ok := err.(management.Error); ok && mErr.Status() == http.StatusNotFound {
data.SetId("")
return nil
}

return diag.FromErr(err)
}

data.SetId("")
return nil
}
218 changes: 153 additions & 65 deletions internal/auth0/user/resource_permission_test.go
View file
Original file line number Diff line number Diff line change
@@ -1,124 +1,212 @@
package user_test

import (
"fmt"
"strings"
"testing"

"github.com/hashicorp/terraform-plugin-testing/helper/resource"
"github.com/hashicorp/terraform-plugin-testing/plancheck"
"github.com/hashicorp/terraform-plugin-testing/terraform"
"github.com/stretchr/testify/assert"

"github.com/auth0/terraform-provider-auth0/internal/acctest"
)

const givenAResourceServerAndUser = `
resource "auth0_resource_server" "resource_server" {
name = "Acceptance Test - {{.testName}}"
identifier = "https://uat.api.terraform-provider-auth0.com/{{.testName}}"
scopes {
value = "read:foo"
description = "Can read Foo"
}
scopes {
value = "create:foo"
description = "Can create Foo"
}
const testAccUserPermissionWithOnePermissionAssigned = testAccGivenAResourceServerWithTwoScopesAndAUser + `
resource "auth0_user_permission" "user_permission_read" {
depends_on = [ auth0_user.user ]
user_id = auth0_user.user.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = "read:foo"
}
resource "auth0_user" "user" {
depends_on = [ auth0_resource_server.resource_server ]
connection_name = "Username-Password-Authentication"
user_id = "{{.testName}}"
username = "{{.testName}}"
password = "passpass$12$12"
email = "{{.testName}}@acceptance.test.com"
data "auth0_user" "user_data" {
depends_on = [ auth0_user_permission.user_permission_read ]
user_id = auth0_user.user.id
}
`

const givenAUserPermission = `
const testAccUserPermissionWithTwoPermissionsAssigned = testAccGivenAResourceServerWithTwoScopesAndAUser + `
resource "auth0_user_permission" "user_permission_read" {
depends_on = [ auth0_resource_server.resource_server, auth0_user.user ]
depends_on = [ auth0_user.user ]
user_id = auth0_user.user.id
user_id = auth0_user.user.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = "read:foo"
permission = "read:foo"
}
`
const givenAnotherUserPermission = `
resource "auth0_user_permission" "user_permission_create" {
depends_on = [ auth0_resource_server.resource_server, auth0_user.user ]
depends_on = [ auth0_user_permission.user_permission_read ]
user_id = auth0_user.user.id
user_id = auth0_user.user.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = "create:foo"
permission = "create:foo"
}
data "auth0_user" "user_data" {
depends_on = [ auth0_user_permission.user_permission_create ]
user_id = auth0_user.user.id
}
`

const testAccUserPermissionNoneAssigned = givenAResourceServerAndUser
const testAccUserPermissionOneAssigned = givenAResourceServerAndUser + givenAUserPermission
const testAccUserPermissionTwoAssigned = givenAResourceServerAndUser + givenAUserPermission + givenAnotherUserPermission
const testAccUserPermissionImportSetup = testAccGivenAResourceServerWithTwoScopesAndAUser + `
resource "auth0_user_permissions" "user_permissions" {
depends_on = [ auth0_user.user ]
user_id = auth0_user.user.id
permissions {
resource_server_identifier = auth0_resource_server.resource_server.identifier
name = "read:foo"
}
permissions {
resource_server_identifier = auth0_resource_server.resource_server.identifier
name = "create:foo"
}
}
`

const testAccUserPermissionImportCheck = testAccUserPermissionImportSetup + `
resource "auth0_user_permission" "user_permission_read" {
depends_on = [ auth0_user.user ]
user_id = auth0_user.user.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = "read:foo"
}
resource "auth0_user_permission" "user_permission_create" {
depends_on = [ auth0_user_permission.user_permission_read ]
user_id = auth0_user.user.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = "create:foo"
}
data "auth0_user" "user_data" {
depends_on = [ auth0_user_permission.user_permission_create ]
user_id = auth0_user.user.id
}
`

func TestAccUserPermission(t *testing.T) {
testName := strings.ToLower(t.Name())
acctest.Test(t, resource.TestCase{
Steps: []resource.TestStep{
{
Config: acctest.ParseTestName(testAccUserPermissionNoneAssigned, strings.ToLower(t.Name())),
Config: acctest.ParseTestName(testAccUserPermissionWithOnePermissionAssigned, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_user.user", "permissions.#", "0"),
resource.TestCheckResourceAttr("data.auth0_user.user_data", "permissions.#", "1"),
resource.TestCheckTypeSetElemNestedAttrs(
"data.auth0_user.user_data",
"permissions.*",
map[string]string{
"name": "read:foo",
"description": "Can read Foo",
"resource_server_identifier": fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName),
"resource_server_name": fmt.Sprintf("Acceptance Test - %s", testName),
},
),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "permission", "read:foo"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "user_id", fmt.Sprintf("auth0|%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_identifier", fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_name", fmt.Sprintf("Acceptance Test - %s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "description", "Can read Foo"),
),
},
{
Config: acctest.ParseTestName(testAccUserPermissionOneAssigned, strings.ToLower(t.Name())),
},
{
RefreshState: true,
Config: acctest.ParseTestName(testAccUserPermissionWithTwoPermissionsAssigned, testName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_user.user", "permissions.#", "1"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.name", "read:foo"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.resource_server_identifier", "https://uat.api.terraform-provider-auth0.com/testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.resource_server_name", "Acceptance Test - testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.description", "Can read Foo"),

resource.TestCheckResourceAttr("data.auth0_user.user_data", "permissions.#", "2"),
resource.TestCheckTypeSetElemNestedAttrs(
"data.auth0_user.user_data",
"permissions.*",
map[string]string{
"name": "read:foo",
"description": "Can read Foo",
"resource_server_identifier": fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName),
"resource_server_name": fmt.Sprintf("Acceptance Test - %s", testName),
},
),
resource.TestCheckTypeSetElemNestedAttrs(
"data.auth0_user.user_data",
"permissions.*",
map[string]string{
"name": "create:foo",
"description": "Can create Foo",
"resource_server_identifier": fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName),
"resource_server_name": fmt.Sprintf("Acceptance Test - %s", testName),
},
),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "permission", "read:foo"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "user_id", "auth0|testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_identifier", "https://uat.api.terraform-provider-auth0.com/testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_name", "Acceptance Test - testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "user_id", fmt.Sprintf("auth0|%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_identifier", fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "resource_server_name", fmt.Sprintf("Acceptance Test - %s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_read", "description", "Can read Foo"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "permission", "create:foo"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "user_id", fmt.Sprintf("auth0|%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "resource_server_identifier", fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "resource_server_name", fmt.Sprintf("Acceptance Test - %s", testName)),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "description", "Can create Foo"),
),
},
{
Config: acctest.ParseTestName(testAccUserPermissionTwoAssigned, strings.ToLower(t.Name())),
Config: acctest.ParseTestName(testAccUserPermissionsDeleteResource, testName),
},
{
RefreshState: true,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_user.user", "permissions.#", "2"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.name", "create:foo"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.1.name", "read:foo"),

resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "permission", "create:foo"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "user_id", "auth0|testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "resource_server_identifier", "https://uat.api.terraform-provider-auth0.com/testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "resource_server_name", "Acceptance Test - testaccuserpermission"),
resource.TestCheckResourceAttr("auth0_user_permission.user_permission_create", "description", "Can create Foo"),
resource.TestCheckResourceAttr("data.auth0_user.user_data", "permissions.#", "0"),
),
},
{
Config: acctest.ParseTestName(testAccUserPermissionOneAssigned, strings.ToLower(t.Name())),
Config: acctest.ParseTestName(testAccUserPermissionImportSetup, testName),
},
{
RefreshState: true,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_user.user", "permissions.#", "1"),
resource.TestCheckResourceAttr("auth0_user.user", "permissions.0.name", "read:foo"),
),
Config: acctest.ParseTestName(testAccUserPermissionImportCheck, testName),
ResourceName: "auth0_user_permission.user_permission_read",
ImportState: true,
ImportStateIdFunc: func(state *terraform.State) (string, error) {
userID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_user.user", "id")
assert.NoError(t, err)

apiID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_resource_server.resource_server", "identifier")
assert.NoError(t, err)

return userID + "::" + apiID + "::" + "read:foo", nil
},
ImportStatePersist: true,
},
{
Config: acctest.ParseTestName(testAccUserPermissionNoneAssigned, strings.ToLower(t.Name())),
Config: acctest.ParseTestName(testAccUserPermissionImportCheck, testName),
ResourceName: "auth0_user_permission.user_permission_create",
ImportState: true,
ImportStateIdFunc: func(state *terraform.State) (string, error) {
userID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_user.user", "id")
assert.NoError(t, err)

apiID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_resource_server.resource_server", "identifier")
assert.NoError(t, err)

return userID + "::" + apiID + "::" + "create:foo", nil
},
ImportStatePersist: true,
},
{
RefreshState: true,
Config: acctest.ParseTestName(testAccUserPermissionImportCheck, testName),
ConfigPlanChecks: resource.ConfigPlanChecks{
PreApply: []plancheck.PlanCheck{
plancheck.ExpectEmptyPlan(),
},
},
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_user.user", "permissions.#", "0"),
resource.TestCheckResourceAttr("data.auth0_user.user_data", "permissions.#", "2"),
),
},
},
Expand Down
Loading

0 comments on commit d8ca34f

Please sign in to comment.