Add gsuite_user_attributes resource (#138)

tomaspinho · web-flow · commit 4151e664736a · 2020-05-21T00:20:51.000+02:00
* Add gsuite_user_fields resource to allow adding custom user fields to
already existing users' custom schemas.

* rename gsuite_user_fields -&gt; gsuite_user_attributes

* Fix resourceUserAttributesDelete,now has logic to clean all of the attributes properly; define resourceUserAttributesUpdate in terms of resourceUserAttributesDelete and resourceUserAttributesCreate to take advantage

* Add example
diff --git a/examples/custom-attributes/custom-attributes.tf b/examples/custom-attributes/custom-attributes.tf
@@ -0,0 +1,39 @@
+// The below define a custom directory user schema. For additional details on
+// possible types of fields, their values, etc see Google's reference documentation:
+//     https://developers.google.com/admin-sdk/directory/v1/reference/schemas
+resource "gsuite_user_schema" "details" {
+  schema_name  = "additional-details" // Required
+  display_name = "Additional Details" // Optional (default: value of `schema_name`)
+
+  // Defines the schema of a specific field. The `field` element may be
+  // repeated multiple times to define more than a single custom field.
+  field {
+    field_type       = "PHONE"            // Required (valid values: BOOL, DATE, DOUBLE, EMAIL, INT64, PHONE, STRING)
+    field_name       = "internal-phone"   // Required
+    display_name     = "Internal Phone"   // Optional (default: value of `field_name`)
+    indexed          = true               // Optional (default: true)
+    read_access_type = "ALL_DOMAIN_USERS" // Optional (default: ADMINS_AND_SELF)
+    multi_valued     = false              // Optional (default: false)
+  }
+}
+
+data "gsuite_user_attributes" "details" {
+  phone {
+    name  = "internal-phone"
+    value = "555-555-5555"
+  }
+}
+
+resource "gsuite_user" "user" {
+  primary_email = "flast@example.com"
+
+  name {
+    given_name  = "First"
+    family_name = "Last"
+  }
+}
+
+resource "gsuite_user_attributes" "user_attributes" {
+  primary_email = gsuite_user.user.primary_email
+  custom_schema =  data.gsuite_user_attributes.details.json
+}
diff --git a/gsuite/provider.go b/gsuite/provider.go
@@ -55,13 +55,14 @@ func Provider() *schema.Provider {
 			"gsuite_user_attributes": dataUserAttributes(),
 		},
 		ResourcesMap: map[string]*schema.Resource{
-			"gsuite_domain":         resourceDomain(),
-			"gsuite_group":          resourceGroup(),
-			"gsuite_group_member":   resourceGroupMember(),
-			"gsuite_group_members":  resourceGroupMembers(),
-			"gsuite_group_settings": resourceGroupSettings(),
-			"gsuite_user":           resourceUser(),
-			"gsuite_user_schema":    resourceUserSchema(),
+			"gsuite_domain":          resourceDomain(),
+			"gsuite_group":           resourceGroup(),
+			"gsuite_group_member":    resourceGroupMember(),
+			"gsuite_group_members":   resourceGroupMembers(),
+			"gsuite_group_settings":  resourceGroupSettings(),
+			"gsuite_user":            resourceUser(),
+			"gsuite_user_attributes": resourceUserAttributes(),
+			"gsuite_user_schema":     resourceUserSchema(),
 		},
 	}
 
diff --git a/gsuite/resource_user_attributes.go b/gsuite/resource_user_attributes.go
@@ -0,0 +1,200 @@
+package gsuite
+
+import (
+	"encoding/json"
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/pkg/errors"
+	directory "google.golang.org/api/admin/directory/v1"
+	"google.golang.org/api/googleapi"
+)
+
+func resourceUserAttributes() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceUserAttributesCreate,
+		Read:   resourceUserAttributesRead,
+		Update: resourceUserAttributesUpdate,
+		Delete: resourceUserAttributesDelete,
+		Importer: &schema.ResourceImporter{
+			State: resourceUserAttributesImporter,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"primary_email": {
+				Type:     schema.TypeString,
+				Required: true,
+				StateFunc: func(val interface{}) string {
+					return strings.ToLower(val.(string))
+				},
+			},
+
+			"custom_schema": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"name": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+						"value": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceUserAttributesCreate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	user := &directory.User{}
+
+	if v, ok := d.GetOk("primary_email"); ok {
+		log.Printf("[DEBUG] Setting %s: %s", "primary_email", v.(string))
+		user.PrimaryEmail = strings.ToLower(v.(string))
+	}
+
+	customSchemas := map[string]googleapi.RawMessage{}
+	for i := 0; i < d.Get("custom_schema.#").(int); i++ {
+		entry := d.Get(fmt.Sprintf("custom_schema.%d", i)).(map[string]interface{})
+		customSchemas[entry["name"].(string)] = []byte(entry["value"].(string))
+
+		log.Printf("[DEBUG] setting entry %v", entry)
+	}
+	if len(customSchemas) > 0 {
+		user.CustomSchemas = customSchemas
+	}
+
+	var err error
+	var updatedUser *directory.User
+	err = retry(func() error {
+		updatedUser, err = config.directory.Users.Patch(user.PrimaryEmail, user).Do()
+		return err
+	}, config.TimeoutMinutes)
+
+	if err != nil {
+		return fmt.Errorf("[ERROR] Error creating user fields: %s", err)
+	}
+
+	d.SetId(updatedUser.Id)
+	log.Printf("[INFO] Created user fields: %s", updatedUser.PrimaryEmail)
+	return resourceUserAttributesRead(d, meta)
+}
+
+func resourceUserAttributesUpdate(d *schema.ResourceData, meta interface{}) error {
+	/*
+		Defined in terms of delete + create, because resourceUserAttributesDelete will delete the information from a user by its stored id - even if we're actually changing the primary_email the gsuite_user_attributes resource points to - and resourceUserAttributesCreate will create the attributes for the current primary_email
+	*/
+	err := resourceUserAttributesDelete(d, meta)
+	if err != nil {
+		return err
+	}
+
+	err = resourceUserAttributesCreate(d, meta)
+	if err != nil {
+		return err
+	}
+
+	return resourceUserAttributesRead(d, meta)
+}
+
+func resourceUserAttributesRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	var user *directory.User
+	var err error
+	err = retry(func() error {
+		user, err = config.directory.Users.Get(d.Id()).Projection("full").Do()
+		if user != nil && user.Name == nil {
+			return errors.New("Eventual consistency. Please try again")
+		}
+		return err
+	}, config.TimeoutMinutes)
+
+	if err != nil {
+		return handleNotFoundError(err, d, fmt.Sprintf("User %q", d.Id()))
+	}
+
+	d.SetId(user.Id)
+	d.Set("primary_email", user.PrimaryEmail)
+
+	err, flattenedCustomSchema := flattenCustomSchema(user.CustomSchemas)
+	if err != nil {
+		return err
+	}
+
+	if err = d.Set("custom_schema", flattenedCustomSchema); err != nil {
+		return fmt.Errorf("Error setting custom_schema in state: %s", err.Error())
+	}
+
+	return nil
+}
+
+func resourceUserAttributesDelete(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	user := &directory.User{}
+
+	customSchemas := map[string]googleapi.RawMessage{}
+	for i := 0; i < d.Get("custom_schema.#").(int); i++ {
+		entry := d.Get(fmt.Sprintf("custom_schema.%d", i)).(map[string]interface{})
+
+		customAttributes := map[string]interface{}{}
+		err := json.Unmarshal([]byte(entry["value"].(string)), &customAttributes)
+
+		if err != nil {
+			return fmt.Errorf("Error unmarshalling custom attributes in resource: %s", err)
+		}
+
+		schemaBody := "{"
+		for field := range customAttributes {
+			schemaBody = schemaBody + fmt.Sprintf("\n  \"%s\": null,", field)
+		}
+		// remove the training comma
+		schemaBody = schemaBody[:len(schemaBody)-1] + "\n}"
+
+		customSchemas[entry["name"].(string)] = []byte(schemaBody)
+	}
+	user.CustomSchemas = customSchemas
+
+	var err error
+	err = retry(func() error {
+		_, err = config.directory.Users.Patch(d.Id(), user).Do()
+		return err
+	}, config.TimeoutMinutes)
+	if err != nil {
+		return fmt.Errorf("Error deleting user fields: %s", err)
+	}
+
+	d.SetId("")
+	return nil
+}
+
+// Allow importing using any key (id, email, alias)
+func resourceUserAttributesImporter(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	config := meta.(*Config)
+
+	id, err := config.directory.Users.Get(d.Id()).Projection("full").Do()
+
+	if err != nil {
+		return nil, fmt.Errorf("Error fetching user fields. Make sure the user fields exist: %s ", err)
+	}
+
+	d.SetId(id.Id)
+
+	err, flattenedCustomSchema := flattenCustomSchema(id.CustomSchemas)
+	if err != nil {
+		return []*schema.ResourceData{d}, err
+	}
+
+	d.Set("custom_schema", flattenedCustomSchema)
+
+	return []*schema.ResourceData{d}, nil
+}
