issue#486: Add disable_self_service_change_password to auth0 database connections

docs/data-sources/connection.md

@@ -62,6 +62,7 @@ Read-Only:
 - `debug` (Boolean)
 - `digest_algorithm` (String)
 - `disable_cache` (Boolean)
+- `disable_self_service_change_password` (Boolean)
 - `disable_sign_out` (Boolean)
 - `disable_signup` (Boolean)
 - `discovery_url` (String)

docs/resources/connection.md

@@ -632,6 +632,7 @@ Optional:
 - `debug` (Boolean) When enabled, additional debug information will be generated.
 - `digest_algorithm` (String) Sign Request Algorithm Digest.
 - `disable_cache` (Boolean) Indicates whether to disable the cache or not.
+- `disable_self_service_change_password` (Boolean) Indicates whether to remove the forgot password link within the New Universal Login.
 - `disable_sign_out` (Boolean) When enabled, will disable sign out.
 - `disable_signup` (Boolean) Indicates whether to allow user sign-ups to your application.
 - `discovery_url` (String) OpenID discovery URL, e.g. `https://auth.example.com/.well-known/openid-configuration`.

internal/auth0/connection/expand.go

@@ -146,17 +146,18 @@ func expandConnectionOptionsAuth0(
 	api *management.Management,
 ) (*management.ConnectionOptions, diag.Diagnostics) {
 	options := &management.ConnectionOptions{
-		PasswordPolicy:               value.String(config.GetAttr("password_policy")),
-		NonPersistentAttrs:           value.Strings(config.GetAttr("non_persistent_attrs")),
-		SetUserAttributes:            value.String(config.GetAttr("set_user_root_attributes")),
-		EnableScriptContext:          value.Bool(config.GetAttr("enable_script_context")),
-		EnabledDatabaseCustomization: value.Bool(config.GetAttr("enabled_database_customization")),
-		BruteForceProtection:         value.Bool(config.GetAttr("brute_force_protection")),
-		ImportMode:                   value.Bool(config.GetAttr("import_mode")),
-		DisableSignup:                value.Bool(config.GetAttr("disable_signup")),
-		RequiresUsername:             value.Bool(config.GetAttr("requires_username")),
-		CustomScripts:                value.MapOfStrings(config.GetAttr("custom_scripts")),
-		Configuration:                value.MapOfStrings(config.GetAttr("configuration")),
+		PasswordPolicy:                   value.String(config.GetAttr("password_policy")),
+		NonPersistentAttrs:               value.Strings(config.GetAttr("non_persistent_attrs")),
+		SetUserAttributes:                value.String(config.GetAttr("set_user_root_attributes")),
+		EnableScriptContext:              value.Bool(config.GetAttr("enable_script_context")),
+		EnabledDatabaseCustomization:     value.Bool(config.GetAttr("enabled_database_customization")),
+		BruteForceProtection:             value.Bool(config.GetAttr("brute_force_protection")),
+		ImportMode:                       value.Bool(config.GetAttr("import_mode")),
+		DisableSignup:                    value.Bool(config.GetAttr("disable_signup")),
+		DisableSelfServiceChangePassword: value.Bool(config.GetAttr("disable_self_service_change_password")),
+		RequiresUsername:                 value.Bool(config.GetAttr("requires_username")),
+		CustomScripts:                    value.MapOfStrings(config.GetAttr("custom_scripts")),
+		Configuration:                    value.MapOfStrings(config.GetAttr("configuration")),
 	}
 
 	config.GetAttr("validation").ForEachElement(

internal/auth0/connection/flatten.go

@@ -106,17 +106,18 @@ func flattenConnectionOptionsAuth0(
 	}
 
 	m := map[string]interface{}{
-		"password_policy":                options.GetPasswordPolicy(),
-		"enable_script_context":          options.GetEnableScriptContext(),
-		"enabled_database_customization": options.GetEnabledDatabaseCustomization(),
-		"brute_force_protection":         options.GetBruteForceProtection(),
-		"import_mode":                    options.GetImportMode(),
-		"disable_signup":                 options.GetDisableSignup(),
-		"requires_username":              options.GetRequiresUsername(),
-		"custom_scripts":                 options.GetCustomScripts(),
-		"configuration":                  dbSecretConfig, // Values do not get read back.
-		"non_persistent_attrs":           options.GetNonPersistentAttrs(),
-		"set_user_root_attributes":       options.GetSetUserAttributes(),
+		"password_policy":                      options.GetPasswordPolicy(),
+		"enable_script_context":                options.GetEnableScriptContext(),
+		"enabled_database_customization":       options.GetEnabledDatabaseCustomization(),
+		"brute_force_protection":               options.GetBruteForceProtection(),
+		"import_mode":                          options.GetImportMode(),
+		"disable_signup":                       options.GetDisableSignup(),
+		"disable_self_service_change_password": options.GetDisableSelfServiceChangePassword(),
+		"requires_username":                    options.GetRequiresUsername(),
+		"custom_scripts":                       options.GetCustomScripts(),
+		"configuration":                        dbSecretConfig, // Values do not get read back.
+		"non_persistent_attrs":                 options.GetNonPersistentAttrs(),
+		"set_user_root_attributes":             options.GetSetUserAttributes(),
 	}
 
 	if options.PasswordComplexityOptions != nil {

internal/auth0/connection/resource_test.go

@@ -32,6 +32,7 @@ func TestAccConnection(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.brute_force_protection", "true"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.import_mode", "false"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.disable_signup", "false"),
+					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.disable_self_service_change_password", "false"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.requires_username", "true"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.validation.0.username.0.min", "10"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.validation.0.username.0.max", "40"),
@@ -53,6 +54,7 @@ func TestAccConnection(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.upstream_params", ""),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.enable_script_context", "true"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.enabled_database_customization", "true"),
+					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.disable_self_service_change_password", "true"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.set_user_root_attributes", "on_first_login"),
 					resource.TestCheckResourceAttr("auth0_connection.my_connection", "options.0.non_persistent_attrs.#", "0"),
 				),
@@ -97,6 +99,7 @@ resource "auth0_connection" "my_connection" {
 		import_mode = false
 		requires_username = true
 		disable_signup = false
+		disable_self_service_change_password = false
 		custom_scripts = {
 			get_user = "myFunction"
 		}
@@ -141,6 +144,7 @@ resource "auth0_connection" "my_connection" {
 		brute_force_protection = false
 		import_mode = false
 		disable_signup = false
+		disable_self_service_change_password = true
 		requires_username = true
 		custom_scripts = {
 			get_user = "myFunction"

internal/auth0/connection/schema.go

@@ -220,6 +220,11 @@ var resourceSchema = map[string]*schema.Schema{
 					Optional:    true,
 					Description: "Indicates whether to allow user sign-ups to your application.",
 				},
+				"disable_self_service_change_password": {
+					Type:        schema.TypeBool,
+					Optional:    true,
+					Description: "Indicates whether to remove the forgot password link within the New Universal Login.",
+				},
 				"requires_username": {
 					Type:     schema.TypeBool,
 					Optional: true,