fix assert helper to not fail if resource does not exist

hashicorp · Nov 13, 2023 · 1a65c04 · 1a65c04
1 parent f8f6f35
commit 1a65c04
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 36 deletions.
diff --git a/api/applications.go b/api/applications.go
@@ -177,39 +177,57 @@ func (c *MSGraphClient) RemoveApplicationPassword(ctx context.Context, applicati
 
 func getPasswordCredentialsForApplication(app models.Applicationable) []PasswordCredential {
 	var appCredentials []PasswordCredential
-	for _, cred := range app.GetPasswordCredentials() {
-		appCredentials = append(appCredentials, getPasswordCredentialResponse(cred))
+	creds := app.GetPasswordCredentials()
+	if creds != nil {
+		for _, cred := range creds {
+			appCredentials = append(appCredentials, getPasswordCredentialResponse(cred))
+		}
 	}
+
 	return appCredentials
 }
 
 func getApplicationResponse(app models.Applicationable) Application {
-	if app == nil {
-		return Application{
-			AppID:               "",
-			AppObjectID:         "",
-			PasswordCredentials: []PasswordCredential{},
+	if app != nil {
+		appID := app.GetAppId()
+		appObjectID := app.GetId()
+
+		if appID != nil && appObjectID != nil {
+			return Application{
+				AppID:               *appID,
+				AppObjectID:         *appObjectID,
+				PasswordCredentials: getPasswordCredentialsForApplication(app),
+			}
 		}
-
 	}
+
+	// return zero-value result if app in nil
+	// or fields can't be dereferenced
 	return Application{
-		AppID:               *app.GetAppId(),
-		AppObjectID:         *app.GetId(),
-		PasswordCredentials: getPasswordCredentialsForApplication(app),
+		AppID:               "",
+		AppObjectID:         "",
+		PasswordCredentials: []PasswordCredential{},
 	}
 }
 
 func getPasswordCredentialResponse(cred models.PasswordCredentialable) PasswordCredential {
-	if cred == nil {
-		return PasswordCredential{
-			SecretText: "",
-			EndDate:    time.Time{},
-			KeyID:      "",
+	if cred != nil {
+		secretText := cred.GetSecretText()
+		endDate := cred.GetEndDateTime()
+		keyID := cred.GetKeyId()
+
+		if secretText != nil && endDate != nil && keyID != nil {
+			return PasswordCredential{
+				SecretText: *secretText,
+				EndDate:    *endDate,
+				KeyID:      keyID.String(),
+			}
 		}
+
 	}
 	return PasswordCredential{
-		SecretText: *cred.GetSecretText(),
-		EndDate:    *cred.GetEndDateTime(),
-		KeyID:      cred.GetKeyId().String(),
+		SecretText: "",
+		EndDate:    time.Time{},
+		KeyID:      "",
 	}
 }
diff --git a/api/service_principals.go b/api/service_principals.go
@@ -96,14 +96,19 @@ func (c *MSGraphClient) GetServicePrincipalByID(ctx context.Context, spObjectID
 }
 
 func getServicePrincipalResponse(sp models.ServicePrincipalable) ServicePrincipal {
-	if sp == nil {
-		return ServicePrincipal{
-			ID:    "",
-			AppID: "",
+	if sp != nil {
+		spID := sp.GetId()
+		spAppID := sp.GetAppId()
+		if spID != nil && spAppID != nil {
+			return ServicePrincipal{
+				ID:    *spID,
+				AppID: *spAppID,
+			}
 		}
+
 	}
 	return ServicePrincipal{
-		ID:    *sp.GetId(),
-		AppID: *sp.GetAppId(),
+		ID:    "",
+		AppID: "",
 	}
 }
diff --git a/path_service_principal_test.go b/path_service_principal_test.go
@@ -23,7 +23,8 @@ import (
 )
 
 var (
-	testRole = map[string]interface{}{
+	errDoesNotExist = "does not exist"
+	testRole        = map[string]interface{}{
 		"azure_roles": encodeJSON([]AzureRole{
 			{
 				RoleName: "Owner",
@@ -765,7 +766,7 @@ func TestRoleAssignmentWALRollback(t *testing.T) {
 		provider := client.provider.(*provider)
 		spObjID := findServicePrincipalID(t, provider.spClient, appID)
 
-		assertServicePrincipalExists(t, provider.spClient, spObjID, true)
+		assertServicePrincipalExistence(t, provider.spClient, spObjID, true)
 
 		// Verify that the role assignments were created. Get the assignment
 		// info from Azure and verify it matches the Reader role.
@@ -877,7 +878,7 @@ func TestRoleAssignmentWALRollback(t *testing.T) {
 		// Verify that SP get is an error after delete. Expected there
 		// to be a delay and that this step would take some time/retries,
 		// but that seems not to be the case.
-		assertServicePrincipalExists(t, provider.spClient, spObjID, false)
+		assertServicePrincipalExistence(t, provider.spClient, spObjID, false)
 	})
 }
 
@@ -980,7 +981,7 @@ func TestCredentialInteg_msgraph(t *testing.T) {
 		provider := client.provider.(*provider)
 		spObjID := findServicePrincipalID(t, provider.spClient, appID)
 
-		assertServicePrincipalExists(t, provider.spClient, spObjID, true)
+		assertServicePrincipalExistence(t, provider.spClient, spObjID, true)
 
 		// Verify that the role assignments were created. Get the assignment
 		// info from Azure and verify it matches the Reader role.
@@ -990,13 +991,13 @@ func TestCredentialInteg_msgraph(t *testing.T) {
 		ra, err := provider.raClient.GetByID(context.Background(), raIDs[0], nil)
 		assertErrorIsNil(t, err)
 
-		roleDefs, err := provider.ListRoleDefinitions(nil, fmt.Sprintf("subscriptions/%s", subscriptionID), "")
+		roleDefs, err := provider.ListRoleDefinitions(context.Background(), fmt.Sprintf("subscriptions/%s", subscriptionID), "")
 		assertErrorIsNil(t, err)
 
 		defID := *ra.Properties.RoleDefinitionID
 		found := false
 		for _, def := range roleDefs {
-			if *def.ID == defID && *def.Name == "Storage Blob Data Owner" {
+			if *def.ID == defID && *def.Properties.RoleName == "Storage Blob Data Owner" {
 				found = true
 				break
 			}
@@ -1020,7 +1021,7 @@ func TestCredentialInteg_msgraph(t *testing.T) {
 		// Verify that SP get is an error after delete. Expected there
 		// to be a delay and that this step would take some time/retries,
 		// but that seems not to be the case.
-		assertServicePrincipalExists(t, provider.spClient, spObjID, false)
+		assertServicePrincipalExistence(t, provider.spClient, spObjID, false)
 	})
 }
 
@@ -1072,20 +1073,20 @@ func findServicePrincipalID(t *testing.T, client api.ServicePrincipalClient, app
 	return "" // Because compilers
 }
 
-func assertServicePrincipalExists(t *testing.T, client api.ServicePrincipalClient, spID string, exists bool) {
+func assertServicePrincipalExistence(t *testing.T, client api.ServicePrincipalClient, spID string, exists bool) {
 	t.Helper()
 
 	switch spClient := client.(type) {
 	case *api.MSGraphClient:
 		sp, err := spClient.GetServicePrincipalByID(context.Background(), spID)
-		assertErrorIsNil(t, err)
-
 		if exists {
+			assertErrorIsNil(t, err)
+
 			if sp.ID == "" {
 				t.Fatalf("Failed to find service principal")
 			}
 		} else {
-			if sp.ID != "" {
+			if !strings.Contains(err.Error(), errDoesNotExist) || sp.ID != "" {
 				t.Fatalf("Found service principal when it shouldn't exist")
 			}
 		}