From e5320673ae4d3f3b8ff5a61f1b521c88945db770 Mon Sep 17 00:00:00 2001 From: danischm Date: Sat, 2 Dec 2023 11:38:05 +0100 Subject: [PATCH] Refactor advanced attributes of authorization profile resource --- CHANGELOG.md | 4 + docs/data-sources/authorization_profile.md | 11 +- docs/guides/changelog.md | 4 + docs/resources/authorization_profile.md | 23 ++-- .../ise_authorization_profile/resource.tf | 9 +- gen/definitions/authorization_profile.yaml | 44 +++++--- gen/templates/model.go | 12 +- .../data_source_ise_authorization_profile.go | 22 ++-- ...a_source_ise_authorization_profile_test.go | 18 ++- .../model_ise_authorization_profile.go | 105 ++++++++++-------- .../resource_ise_authorization_profile.go | 33 +++--- ...resource_ise_authorization_profile_test.go | 18 ++- templates/guides/changelog.md.tmpl | 4 + 13 files changed, 173 insertions(+), 134 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed6788b..931e60c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.1.7 (unreleased) + +- BREAKING CHANGE: Refactor `advanced_attributes` of `ise_authorization_profile` resource and data source + ## 0.1.6 - Add `ise_downloadable_acl` resource and data source diff --git a/docs/data-sources/authorization_profile.md b/docs/data-sources/authorization_profile.md index 0f1be3d..c650c74 100644 --- a/docs/data-sources/authorization_profile.md +++ b/docs/data-sources/authorization_profile.md @@ -66,8 +66,9 @@ data "ise_authorization_profile" "example" { Read-Only: -- `attribute_1_dictionary_name` (String) Dictionary name -- `attribute_1_name` (String) Attribute name -- `attribute_1_value_type` (String) Advanced attribute value type -- `attribute_2_value` (String) Attribute value -- `attribute_2_value_type` (String) Advanced attribute value type +- `attribute_left_dictionary_name` (String) Dictionary name +- `attribute_left_name` (String) Attribute name +- `attribute_right_dictionary_name` (String) Dictionary name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` +- `attribute_right_name` (String) Attribute name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` +- `attribute_right_value` (String) Attribute value, only required when `attribute_right_value_type` is `AttributeValue` +- `attribute_right_value_type` (String) Advanced attribute value type diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md index e6eeade..893b860 100644 --- a/docs/guides/changelog.md +++ b/docs/guides/changelog.md @@ -7,6 +7,10 @@ description: |- # Changelog +## 0.1.7 (unreleased) + +- BREAKING CHANGE: Refactor `advanced_attributes` of `ise_authorization_profile` resource and data source + ## 0.1.6 - Add `ise_downloadable_acl` resource and data source diff --git a/docs/resources/authorization_profile.md b/docs/resources/authorization_profile.md index f24a522..3f45a1f 100644 --- a/docs/resources/authorization_profile.md +++ b/docs/resources/authorization_profile.md @@ -45,11 +45,10 @@ resource "ise_authorization_profile" "example" { reauthentication_timer = 1 advanced_attributes = [ { - attribute_1_value_type = "AdvancedDictionaryAttribute" - attribute_1_dictionary_name = "Cisco" - attribute_1_name = "cisco-av-pair" - attribute_2_value_type = "AttributeValue" - attribute_2_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1" + attribute_left_dictionary_name = "Cisco" + attribute_left_name = "cisco-av-pair" + attribute_right_value_type = "AttributeValue" + attribute_right_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1" } ] airespace_ipv6_acl = "ACL1" @@ -119,14 +118,14 @@ resource "ise_authorization_profile" "example" { ### Nested Schema for `advanced_attributes` -Required: +Optional: -- `attribute_1_dictionary_name` (String) Dictionary name -- `attribute_1_name` (String) Attribute name -- `attribute_1_value_type` (String) Advanced attribute value type - - Choices: `AdvancedDictionaryAttribute`, `AttributeValue` -- `attribute_2_value` (String) Attribute value -- `attribute_2_value_type` (String) Advanced attribute value type +- `attribute_left_dictionary_name` (String) Dictionary name +- `attribute_left_name` (String) Attribute name +- `attribute_right_dictionary_name` (String) Dictionary name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` +- `attribute_right_name` (String) Attribute name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` +- `attribute_right_value` (String) Attribute value, only required when `attribute_right_value_type` is `AttributeValue` +- `attribute_right_value_type` (String) Advanced attribute value type - Choices: `AdvancedDictionaryAttribute`, `AttributeValue` ## Import diff --git a/examples/resources/ise_authorization_profile/resource.tf b/examples/resources/ise_authorization_profile/resource.tf index 08be2e3..c980d46 100644 --- a/examples/resources/ise_authorization_profile/resource.tf +++ b/examples/resources/ise_authorization_profile/resource.tf @@ -30,11 +30,10 @@ resource "ise_authorization_profile" "example" { reauthentication_timer = 1 advanced_attributes = [ { - attribute_1_value_type = "AdvancedDictionaryAttribute" - attribute_1_dictionary_name = "Cisco" - attribute_1_name = "cisco-av-pair" - attribute_2_value_type = "AttributeValue" - attribute_2_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1" + attribute_left_dictionary_name = "Cisco" + attribute_left_name = "cisco-av-pair" + attribute_right_value_type = "AttributeValue" + attribute_right_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1" } ] airespace_ipv6_acl = "ACL1" diff --git a/gen/definitions/authorization_profile.yaml b/gen/definitions/authorization_profile.yaml index 84b7bae..bb38a2e 100644 --- a/gen/definitions/authorization_profile.yaml +++ b/gen/definitions/authorization_profile.yaml @@ -34,7 +34,13 @@ attributes: - model_name: WebRedirectionType data_path: [AuthorizationProfile, webRedirection] type: String - enum_values: [CentralizedWebAuth, HotSpot, NativeSupplicanProvisioning, ClientProvisioning] + enum_values: + [ + CentralizedWebAuth, + HotSpot, + NativeSupplicanProvisioning, + ClientProvisioning, + ] description: "This type must fit the `web_redirection_portal_name`" example: CentralizedWebAuth - model_name: acl @@ -178,7 +184,7 @@ attributes: tf_name: reauthentication_connectivity type: String enum_values: [DEFAULT, RADIUS_REQUEST] - description: Maintain Connectivity During Reauthentication + description: Maintain Connectivity During Reauthentication example: DEFAULT - model_name: timer data_path: [AuthorizationProfile, reauth] @@ -195,41 +201,47 @@ attributes: attributes: - model_name: AdvancedAttributeValueType data_path: [leftHandSideDictionaryAttribue] - tf_name: attribute_1_value_type type: String - enum_values: [AdvancedDictionaryAttribute, AttributeValue] - description: Advanced attribute value type - id: true - example: AdvancedDictionaryAttribute + value: AdvancedDictionaryAttribute - model_name: dictionaryName data_path: [leftHandSideDictionaryAttribue] - tf_name: attribute_1_dictionary_name + tf_name: attribute_left_dictionary_name type: String - id: true description: Dictionary name example: Cisco - model_name: attributeName data_path: [leftHandSideDictionaryAttribue] - tf_name: attribute_1_name + tf_name: attribute_left_name type: String - id: true description: Attribute name example: cisco-av-pair - model_name: AdvancedAttributeValueType - tf_name: attribute_2_value_type + tf_name: attribute_right_value_type data_path: [rightHandSideAttribueValue] type: String enum_values: [AdvancedDictionaryAttribute, AttributeValue] description: Advanced attribute value type - id: true example: AttributeValue - model_name: value data_path: [rightHandSideAttribueValue] - tf_name: attribute_2_value + tf_name: attribute_right_value type: String - id: true - description: Attribute value + description: Attribute value, only required when `attribute_right_value_type` is `AttributeValue` example: set_nadprofile_vlan=true,vlan=TEST,tag=1 + - model_name: dictionaryName + data_path: [rightHandSideAttribueValue] + tf_name: attribute_right_dictionary_name + type: String + description: Dictionary name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` + example: Cisco + exclude_test: true + - model_name: attributeName + data_path: [rightHandSideAttribueValue] + tf_name: attribute_right_name + type: String + description: Attribute name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute` + example: cisco-av-pair + exclude_test: true - model_name: ipv6DaclName data_path: [AuthorizationProfile] type: String diff --git a/gen/templates/model.go b/gen/templates/model.go index d693743..0679592 100644 --- a/gen/templates/model.go +++ b/gen/templates/model.go @@ -390,8 +390,8 @@ func (data *{{camelCase .Name}}) updateFromBody(ctx context.Context, res gjson.R {{- else if or (eq .Type "List") (eq .Type "Set")}} {{- $list := (toGoName .TfName)}} for i := range data.{{toGoName .TfName}} { - keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } - keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } + keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } + keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } var r gjson.Result res.{{if .ModelName}}Get("{{if $openApi}}response.{{end}}{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}").{{end}}ForEach( @@ -430,8 +430,8 @@ func (data *{{camelCase .Name}}) updateFromBody(ctx context.Context, res gjson.R {{- else if or (eq .Type "List") (eq .Type "Set")}} {{- $clist := (toGoName .TfName)}} for ci := range data.{{$list}}[i].{{toGoName .TfName}} { - keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } - keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } + keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } + keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } var cr gjson.Result r.Get("{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}").ForEach( @@ -470,8 +470,8 @@ func (data *{{camelCase .Name}}) updateFromBody(ctx context.Context, res gjson.R {{- else if or (eq .Type "List") (eq .Type "Set")}} {{- $cclist := (toGoName .TfName)}} for cci := range data.{{$list}}[i].{{$clist}}[ci].{{toGoName .TfName}} { - keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } - keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id $noId}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } + keys := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if or (eq .Type "Int64") (eq .Type "Bool") (eq .Type "String")}}"{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}", {{end}}{{end}}{{end}} } + keyValues := [...]string{ {{$noId := not (hasId .Attributes)}}{{range .Attributes}}{{if or .Id (and $noId (not .Value))}}{{if eq .Type "Int64"}}strconv.FormatInt(data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.ValueInt64(), 10), {{else if eq .Type "Bool"}}strconv.FormatBool(data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.ValueBool()), {{else if eq .Type "String"}}data.{{$list}}[i].{{$clist}}[ci].{{$cclist}}[cci].{{toGoName .TfName}}.Value{{.Type}}(), {{end}}{{end}}{{end}} } var ccr gjson.Result cr.Get("{{range .DataPath}}{{.}}.{{end}}{{.ModelName}}").ForEach( diff --git a/internal/provider/data_source_ise_authorization_profile.go b/internal/provider/data_source_ise_authorization_profile.go index c5f26d1..ca357ff 100644 --- a/internal/provider/data_source_ise_authorization_profile.go +++ b/internal/provider/data_source_ise_authorization_profile.go @@ -193,24 +193,28 @@ func (d *AuthorizationProfileDataSource) Schema(ctx context.Context, req datasou Computed: true, NestedObject: schema.NestedAttributeObject{ Attributes: map[string]schema.Attribute{ - "attribute_1_value_type": schema.StringAttribute{ - MarkdownDescription: "Advanced attribute value type", - Computed: true, - }, - "attribute_1_dictionary_name": schema.StringAttribute{ + "attribute_left_dictionary_name": schema.StringAttribute{ MarkdownDescription: "Dictionary name", Computed: true, }, - "attribute_1_name": schema.StringAttribute{ + "attribute_left_name": schema.StringAttribute{ MarkdownDescription: "Attribute name", Computed: true, }, - "attribute_2_value_type": schema.StringAttribute{ + "attribute_right_value_type": schema.StringAttribute{ MarkdownDescription: "Advanced attribute value type", Computed: true, }, - "attribute_2_value": schema.StringAttribute{ - MarkdownDescription: "Attribute value", + "attribute_right_value": schema.StringAttribute{ + MarkdownDescription: "Attribute value, only required when `attribute_right_value_type` is `AttributeValue`", + Computed: true, + }, + "attribute_right_dictionary_name": schema.StringAttribute{ + MarkdownDescription: "Dictionary name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute`", + Computed: true, + }, + "attribute_right_name": schema.StringAttribute{ + MarkdownDescription: "Attribute name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute`", Computed: true, }, }, diff --git a/internal/provider/data_source_ise_authorization_profile_test.go b/internal/provider/data_source_ise_authorization_profile_test.go index afd57a4..cc8f743 100644 --- a/internal/provider/data_source_ise_authorization_profile_test.go +++ b/internal/provider/data_source_ise_authorization_profile_test.go @@ -60,11 +60,10 @@ func TestAccDataSourceIseAuthorizationProfile(t *testing.T) { checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "mac_sec_policy", "MUST_SECURE")) checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "reauthentication_connectivity", "DEFAULT")) checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "reauthentication_timer", "1")) - checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_1_value_type", "AdvancedDictionaryAttribute")) - checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_1_dictionary_name", "Cisco")) - checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_1_name", "cisco-av-pair")) - checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_2_value_type", "AttributeValue")) - checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_2_value", "set_nadprofile_vlan=true,vlan=TEST,tag=1")) + checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_left_dictionary_name", "Cisco")) + checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_left_name", "cisco-av-pair")) + checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_right_value_type", "AttributeValue")) + checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "advanced_attributes.0.attribute_right_value", "set_nadprofile_vlan=true,vlan=TEST,tag=1")) checks = append(checks, resource.TestCheckResourceAttr("data.ise_authorization_profile.test", "airespace_ipv6_acl", "ACL1")) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -116,11 +115,10 @@ func testAccDataSourceIseAuthorizationProfileConfig() string { config += ` reauthentication_connectivity = "DEFAULT"` + "\n" config += ` reauthentication_timer = 1` + "\n" config += ` advanced_attributes = [{` + "\n" - config += ` attribute_1_value_type = "AdvancedDictionaryAttribute"` + "\n" - config += ` attribute_1_dictionary_name = "Cisco"` + "\n" - config += ` attribute_1_name = "cisco-av-pair"` + "\n" - config += ` attribute_2_value_type = "AttributeValue"` + "\n" - config += ` attribute_2_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1"` + "\n" + config += ` attribute_left_dictionary_name = "Cisco"` + "\n" + config += ` attribute_left_name = "cisco-av-pair"` + "\n" + config += ` attribute_right_value_type = "AttributeValue"` + "\n" + config += ` attribute_right_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1"` + "\n" config += ` }]` + "\n" config += ` airespace_ipv6_acl = "ACL1"` + "\n" config += `}` + "\n" diff --git a/internal/provider/model_ise_authorization_profile.go b/internal/provider/model_ise_authorization_profile.go index 5fd8e28..07e4cf8 100644 --- a/internal/provider/model_ise_authorization_profile.go +++ b/internal/provider/model_ise_authorization_profile.go @@ -69,11 +69,12 @@ type AuthorizationProfile struct { } type AuthorizationProfileAdvancedAttributes struct { - Attribute1ValueType types.String `tfsdk:"attribute_1_value_type"` - Attribute1DictionaryName types.String `tfsdk:"attribute_1_dictionary_name"` - Attribute1Name types.String `tfsdk:"attribute_1_name"` - Attribute2ValueType types.String `tfsdk:"attribute_2_value_type"` - Attribute2Value types.String `tfsdk:"attribute_2_value"` + AttributeLeftDictionaryName types.String `tfsdk:"attribute_left_dictionary_name"` + AttributeLeftName types.String `tfsdk:"attribute_left_name"` + AttributeRightValueType types.String `tfsdk:"attribute_right_value_type"` + AttributeRightValue types.String `tfsdk:"attribute_right_value"` + AttributeRightDictionaryName types.String `tfsdk:"attribute_right_dictionary_name"` + AttributeRightName types.String `tfsdk:"attribute_right_name"` } //template:end types @@ -183,20 +184,24 @@ func (data AuthorizationProfile) toBody(ctx context.Context, state Authorization body, _ = sjson.Set(body, "AuthorizationProfile.advancedAttributes", []interface{}{}) for _, item := range data.AdvancedAttributes { itemBody := "" - if !item.Attribute1ValueType.IsNull() { - itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.AdvancedAttributeValueType", item.Attribute1ValueType.ValueString()) + itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.AdvancedAttributeValueType", "AdvancedDictionaryAttribute") + if !item.AttributeLeftDictionaryName.IsNull() { + itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.dictionaryName", item.AttributeLeftDictionaryName.ValueString()) } - if !item.Attribute1DictionaryName.IsNull() { - itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.dictionaryName", item.Attribute1DictionaryName.ValueString()) + if !item.AttributeLeftName.IsNull() { + itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.attributeName", item.AttributeLeftName.ValueString()) } - if !item.Attribute1Name.IsNull() { - itemBody, _ = sjson.Set(itemBody, "leftHandSideDictionaryAttribue.attributeName", item.Attribute1Name.ValueString()) + if !item.AttributeRightValueType.IsNull() { + itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.AdvancedAttributeValueType", item.AttributeRightValueType.ValueString()) } - if !item.Attribute2ValueType.IsNull() { - itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.AdvancedAttributeValueType", item.Attribute2ValueType.ValueString()) + if !item.AttributeRightValue.IsNull() { + itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.value", item.AttributeRightValue.ValueString()) } - if !item.Attribute2Value.IsNull() { - itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.value", item.Attribute2Value.ValueString()) + if !item.AttributeRightDictionaryName.IsNull() { + itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.dictionaryName", item.AttributeRightDictionaryName.ValueString()) + } + if !item.AttributeRightName.IsNull() { + itemBody, _ = sjson.Set(itemBody, "rightHandSideAttribueValue.attributeName", item.AttributeRightName.ValueString()) } body, _ = sjson.SetRaw(body, "AuthorizationProfile.advancedAttributes.-1", itemBody) } @@ -368,30 +373,35 @@ func (data *AuthorizationProfile) fromBody(ctx context.Context, res gjson.Result data.AdvancedAttributes = make([]AuthorizationProfileAdvancedAttributes, 0) value.ForEach(func(k, v gjson.Result) bool { item := AuthorizationProfileAdvancedAttributes{} - if cValue := v.Get("leftHandSideDictionaryAttribue.AdvancedAttributeValueType"); cValue.Exists() { - item.Attribute1ValueType = types.StringValue(cValue.String()) - } else { - item.Attribute1ValueType = types.StringNull() - } if cValue := v.Get("leftHandSideDictionaryAttribue.dictionaryName"); cValue.Exists() { - item.Attribute1DictionaryName = types.StringValue(cValue.String()) + item.AttributeLeftDictionaryName = types.StringValue(cValue.String()) } else { - item.Attribute1DictionaryName = types.StringNull() + item.AttributeLeftDictionaryName = types.StringNull() } if cValue := v.Get("leftHandSideDictionaryAttribue.attributeName"); cValue.Exists() { - item.Attribute1Name = types.StringValue(cValue.String()) + item.AttributeLeftName = types.StringValue(cValue.String()) } else { - item.Attribute1Name = types.StringNull() + item.AttributeLeftName = types.StringNull() } if cValue := v.Get("rightHandSideAttribueValue.AdvancedAttributeValueType"); cValue.Exists() { - item.Attribute2ValueType = types.StringValue(cValue.String()) + item.AttributeRightValueType = types.StringValue(cValue.String()) } else { - item.Attribute2ValueType = types.StringNull() + item.AttributeRightValueType = types.StringNull() } if cValue := v.Get("rightHandSideAttribueValue.value"); cValue.Exists() { - item.Attribute2Value = types.StringValue(cValue.String()) + item.AttributeRightValue = types.StringValue(cValue.String()) + } else { + item.AttributeRightValue = types.StringNull() + } + if cValue := v.Get("rightHandSideAttribueValue.dictionaryName"); cValue.Exists() { + item.AttributeRightDictionaryName = types.StringValue(cValue.String()) } else { - item.Attribute2Value = types.StringNull() + item.AttributeRightDictionaryName = types.StringNull() + } + if cValue := v.Get("rightHandSideAttribueValue.attributeName"); cValue.Exists() { + item.AttributeRightName = types.StringValue(cValue.String()) + } else { + item.AttributeRightName = types.StringNull() } data.AdvancedAttributes = append(data.AdvancedAttributes, item) return true @@ -564,8 +574,8 @@ func (data *AuthorizationProfile) updateFromBody(ctx context.Context, res gjson. data.ReauthenticationTimer = types.Int64Null() } for i := range data.AdvancedAttributes { - keys := [...]string{"leftHandSideDictionaryAttribue.AdvancedAttributeValueType", "leftHandSideDictionaryAttribue.dictionaryName", "leftHandSideDictionaryAttribue.attributeName", "rightHandSideAttribueValue.AdvancedAttributeValueType", "rightHandSideAttribueValue.value"} - keyValues := [...]string{data.AdvancedAttributes[i].Attribute1ValueType.ValueString(), data.AdvancedAttributes[i].Attribute1DictionaryName.ValueString(), data.AdvancedAttributes[i].Attribute1Name.ValueString(), data.AdvancedAttributes[i].Attribute2ValueType.ValueString(), data.AdvancedAttributes[i].Attribute2Value.ValueString()} + keys := [...]string{"leftHandSideDictionaryAttribue.dictionaryName", "leftHandSideDictionaryAttribue.attributeName", "rightHandSideAttribueValue.AdvancedAttributeValueType", "rightHandSideAttribueValue.value", "rightHandSideAttribueValue.dictionaryName", "rightHandSideAttribueValue.attributeName"} + keyValues := [...]string{data.AdvancedAttributes[i].AttributeLeftDictionaryName.ValueString(), data.AdvancedAttributes[i].AttributeLeftName.ValueString(), data.AdvancedAttributes[i].AttributeRightValueType.ValueString(), data.AdvancedAttributes[i].AttributeRightValue.ValueString(), data.AdvancedAttributes[i].AttributeRightDictionaryName.ValueString(), data.AdvancedAttributes[i].AttributeRightName.ValueString()} var r gjson.Result res.Get("AuthorizationProfile.advancedAttributes").ForEach( @@ -586,30 +596,35 @@ func (data *AuthorizationProfile) updateFromBody(ctx context.Context, res gjson. return true }, ) - if value := r.Get("leftHandSideDictionaryAttribue.AdvancedAttributeValueType"); value.Exists() && !data.AdvancedAttributes[i].Attribute1ValueType.IsNull() { - data.AdvancedAttributes[i].Attribute1ValueType = types.StringValue(value.String()) + if value := r.Get("leftHandSideDictionaryAttribue.dictionaryName"); value.Exists() && !data.AdvancedAttributes[i].AttributeLeftDictionaryName.IsNull() { + data.AdvancedAttributes[i].AttributeLeftDictionaryName = types.StringValue(value.String()) + } else { + data.AdvancedAttributes[i].AttributeLeftDictionaryName = types.StringNull() + } + if value := r.Get("leftHandSideDictionaryAttribue.attributeName"); value.Exists() && !data.AdvancedAttributes[i].AttributeLeftName.IsNull() { + data.AdvancedAttributes[i].AttributeLeftName = types.StringValue(value.String()) } else { - data.AdvancedAttributes[i].Attribute1ValueType = types.StringNull() + data.AdvancedAttributes[i].AttributeLeftName = types.StringNull() } - if value := r.Get("leftHandSideDictionaryAttribue.dictionaryName"); value.Exists() && !data.AdvancedAttributes[i].Attribute1DictionaryName.IsNull() { - data.AdvancedAttributes[i].Attribute1DictionaryName = types.StringValue(value.String()) + if value := r.Get("rightHandSideAttribueValue.AdvancedAttributeValueType"); value.Exists() && !data.AdvancedAttributes[i].AttributeRightValueType.IsNull() { + data.AdvancedAttributes[i].AttributeRightValueType = types.StringValue(value.String()) } else { - data.AdvancedAttributes[i].Attribute1DictionaryName = types.StringNull() + data.AdvancedAttributes[i].AttributeRightValueType = types.StringNull() } - if value := r.Get("leftHandSideDictionaryAttribue.attributeName"); value.Exists() && !data.AdvancedAttributes[i].Attribute1Name.IsNull() { - data.AdvancedAttributes[i].Attribute1Name = types.StringValue(value.String()) + if value := r.Get("rightHandSideAttribueValue.value"); value.Exists() && !data.AdvancedAttributes[i].AttributeRightValue.IsNull() { + data.AdvancedAttributes[i].AttributeRightValue = types.StringValue(value.String()) } else { - data.AdvancedAttributes[i].Attribute1Name = types.StringNull() + data.AdvancedAttributes[i].AttributeRightValue = types.StringNull() } - if value := r.Get("rightHandSideAttribueValue.AdvancedAttributeValueType"); value.Exists() && !data.AdvancedAttributes[i].Attribute2ValueType.IsNull() { - data.AdvancedAttributes[i].Attribute2ValueType = types.StringValue(value.String()) + if value := r.Get("rightHandSideAttribueValue.dictionaryName"); value.Exists() && !data.AdvancedAttributes[i].AttributeRightDictionaryName.IsNull() { + data.AdvancedAttributes[i].AttributeRightDictionaryName = types.StringValue(value.String()) } else { - data.AdvancedAttributes[i].Attribute2ValueType = types.StringNull() + data.AdvancedAttributes[i].AttributeRightDictionaryName = types.StringNull() } - if value := r.Get("rightHandSideAttribueValue.value"); value.Exists() && !data.AdvancedAttributes[i].Attribute2Value.IsNull() { - data.AdvancedAttributes[i].Attribute2Value = types.StringValue(value.String()) + if value := r.Get("rightHandSideAttribueValue.attributeName"); value.Exists() && !data.AdvancedAttributes[i].AttributeRightName.IsNull() { + data.AdvancedAttributes[i].AttributeRightName = types.StringValue(value.String()) } else { - data.AdvancedAttributes[i].Attribute2Value = types.StringNull() + data.AdvancedAttributes[i].AttributeRightName = types.StringNull() } } if value := res.Get("AuthorizationProfile.ipv6DaclName"); value.Exists() && !data.Ipv6DaclName.IsNull() { diff --git a/internal/provider/resource_ise_authorization_profile.go b/internal/provider/resource_ise_authorization_profile.go index 48278c7..331ef44 100644 --- a/internal/provider/resource_ise_authorization_profile.go +++ b/internal/provider/resource_ise_authorization_profile.go @@ -233,31 +233,32 @@ func (r *AuthorizationProfileResource) Schema(ctx context.Context, req resource. Optional: true, NestedObject: schema.NestedAttributeObject{ Attributes: map[string]schema.Attribute{ - "attribute_1_value_type": schema.StringAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("Advanced attribute value type").AddStringEnumDescription("AdvancedDictionaryAttribute", "AttributeValue").String, - Required: true, - Validators: []validator.String{ - stringvalidator.OneOf("AdvancedDictionaryAttribute", "AttributeValue"), - }, - }, - "attribute_1_dictionary_name": schema.StringAttribute{ + "attribute_left_dictionary_name": schema.StringAttribute{ MarkdownDescription: helpers.NewAttributeDescription("Dictionary name").String, - Required: true, + Optional: true, }, - "attribute_1_name": schema.StringAttribute{ + "attribute_left_name": schema.StringAttribute{ MarkdownDescription: helpers.NewAttributeDescription("Attribute name").String, - Required: true, + Optional: true, }, - "attribute_2_value_type": schema.StringAttribute{ + "attribute_right_value_type": schema.StringAttribute{ MarkdownDescription: helpers.NewAttributeDescription("Advanced attribute value type").AddStringEnumDescription("AdvancedDictionaryAttribute", "AttributeValue").String, - Required: true, + Optional: true, Validators: []validator.String{ stringvalidator.OneOf("AdvancedDictionaryAttribute", "AttributeValue"), }, }, - "attribute_2_value": schema.StringAttribute{ - MarkdownDescription: helpers.NewAttributeDescription("Attribute value").String, - Required: true, + "attribute_right_value": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Attribute value, only required when `attribute_right_value_type` is `AttributeValue`").String, + Optional: true, + }, + "attribute_right_dictionary_name": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Dictionary name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute`").String, + Optional: true, + }, + "attribute_right_name": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Attribute name, only required when `attribute_right_value_type` is `AdvancedDictionaryAttribute`").String, + Optional: true, }, }, }, diff --git a/internal/provider/resource_ise_authorization_profile_test.go b/internal/provider/resource_ise_authorization_profile_test.go index 746ca6e..2ec62e9 100644 --- a/internal/provider/resource_ise_authorization_profile_test.go +++ b/internal/provider/resource_ise_authorization_profile_test.go @@ -61,11 +61,10 @@ func TestAccIseAuthorizationProfile(t *testing.T) { checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "mac_sec_policy", "MUST_SECURE")) checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "reauthentication_connectivity", "DEFAULT")) checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "reauthentication_timer", "1")) - checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_1_value_type", "AdvancedDictionaryAttribute")) - checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_1_dictionary_name", "Cisco")) - checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_1_name", "cisco-av-pair")) - checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_2_value_type", "AttributeValue")) - checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_2_value", "set_nadprofile_vlan=true,vlan=TEST,tag=1")) + checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_left_dictionary_name", "Cisco")) + checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_left_name", "cisco-av-pair")) + checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_right_value_type", "AttributeValue")) + checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "advanced_attributes.0.attribute_right_value", "set_nadprofile_vlan=true,vlan=TEST,tag=1")) checks = append(checks, resource.TestCheckResourceAttr("ise_authorization_profile.test", "airespace_ipv6_acl", "ACL1")) var steps []resource.TestStep @@ -138,11 +137,10 @@ func testAccIseAuthorizationProfileConfig_all() string { config += ` reauthentication_connectivity = "DEFAULT"` + "\n" config += ` reauthentication_timer = 1` + "\n" config += ` advanced_attributes = [{` + "\n" - config += ` attribute_1_value_type = "AdvancedDictionaryAttribute"` + "\n" - config += ` attribute_1_dictionary_name = "Cisco"` + "\n" - config += ` attribute_1_name = "cisco-av-pair"` + "\n" - config += ` attribute_2_value_type = "AttributeValue"` + "\n" - config += ` attribute_2_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1"` + "\n" + config += ` attribute_left_dictionary_name = "Cisco"` + "\n" + config += ` attribute_left_name = "cisco-av-pair"` + "\n" + config += ` attribute_right_value_type = "AttributeValue"` + "\n" + config += ` attribute_right_value = "set_nadprofile_vlan=true,vlan=TEST,tag=1"` + "\n" config += ` }]` + "\n" config += ` airespace_ipv6_acl = "ACL1"` + "\n" config += `}` + "\n" diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl index e6eeade..893b860 100644 --- a/templates/guides/changelog.md.tmpl +++ b/templates/guides/changelog.md.tmpl @@ -7,6 +7,10 @@ description: |- # Changelog +## 0.1.7 (unreleased) + +- BREAKING CHANGE: Refactor `advanced_attributes` of `ise_authorization_profile` resource and data source + ## 0.1.6 - Add `ise_downloadable_acl` resource and data source