github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/influxdb/resource_user_test.go (about) 1 package influxdb 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 "github.com/influxdata/influxdb/client" 10 ) 11 12 func TestAccInfluxDBUser_admin(t *testing.T) { 13 resource.Test(t, resource.TestCase{ 14 Providers: testAccProviders, 15 Steps: []resource.TestStep{ 16 resource.TestStep{ 17 Config: testAccUserConfig_admin, 18 Check: resource.ComposeTestCheckFunc( 19 testAccCheckUserExists("influxdb_user.test"), 20 resource.TestCheckResourceAttr( 21 "influxdb_user.test", "name", "terraform_test", 22 ), 23 resource.TestCheckResourceAttr( 24 "influxdb_user.test", "password", "terraform", 25 ), 26 resource.TestCheckResourceAttr( 27 "influxdb_user.test", "admin", "true", 28 ), 29 ), 30 }, 31 resource.TestStep{ 32 Config: testAccUserConfig_revoke, 33 Check: resource.ComposeTestCheckFunc( 34 testAccCheckUserExists("influxdb_user.test"), 35 testAccCheckUserNoAdmin("influxdb_user.test"), 36 resource.TestCheckResourceAttr( 37 "influxdb_user.test", "name", "terraform_test", 38 ), 39 resource.TestCheckResourceAttr( 40 "influxdb_user.test", "password", "terraform", 41 ), 42 resource.TestCheckResourceAttr( 43 "influxdb_user.test", "admin", "false", 44 ), 45 ), 46 }, 47 }, 48 }) 49 } 50 51 func TestAccInfluxDBUser_grant(t *testing.T) { 52 resource.Test(t, resource.TestCase{ 53 Providers: testAccProviders, 54 Steps: []resource.TestStep{ 55 resource.TestStep{ 56 Config: testAccUserConfig_grant, 57 Check: resource.ComposeTestCheckFunc( 58 testAccCheckUserExists("influxdb_user.test"), 59 testAccCheckUserGrants("influxdb_user.test", "terraform-green", "READ"), 60 resource.TestCheckResourceAttr( 61 "influxdb_user.test", "name", "terraform_test", 62 ), 63 resource.TestCheckResourceAttr( 64 "influxdb_user.test", "password", "terraform", 65 ), 66 resource.TestCheckResourceAttr( 67 "influxdb_user.test", "admin", "false", 68 ), 69 resource.TestCheckResourceAttr( 70 "influxdb_user.test", "grant.#", "1", 71 ), 72 ), 73 }, 74 resource.TestStep{ 75 Config: testAccUserConfig_grantUpdate, 76 Check: resource.ComposeTestCheckFunc( 77 testAccCheckUserGrants("influxdb_user.test", "terraform-green", "WRITE"), 78 testAccCheckUserGrants("influxdb_user.test", "terraform-blue", "READ"), 79 resource.TestCheckResourceAttr( 80 "influxdb_user.test", "name", "terraform_test", 81 ), 82 resource.TestCheckResourceAttr( 83 "influxdb_user.test", "password", "terraform", 84 ), 85 resource.TestCheckResourceAttr( 86 "influxdb_user.test", "admin", "false", 87 ), 88 resource.TestCheckResourceAttr( 89 "influxdb_user.test", "grant.#", "2", 90 ), 91 ), 92 }, 93 }, 94 }) 95 } 96 97 func TestAccInfluxDBUser_revoke(t *testing.T) { 98 resource.Test(t, resource.TestCase{ 99 Providers: testAccProviders, 100 Steps: []resource.TestStep{ 101 resource.TestStep{ 102 Config: testAccUserConfig_grant, 103 Check: resource.ComposeTestCheckFunc( 104 testAccCheckUserExists("influxdb_user.test"), 105 testAccCheckUserGrants("influxdb_user.test", "terraform-green", "READ"), 106 resource.TestCheckResourceAttr( 107 "influxdb_user.test", "name", "terraform_test", 108 ), 109 resource.TestCheckResourceAttr( 110 "influxdb_user.test", "password", "terraform", 111 ), 112 resource.TestCheckResourceAttr( 113 "influxdb_user.test", "admin", "false", 114 ), 115 resource.TestCheckResourceAttr( 116 "influxdb_user.test", "grant.#", "1", 117 ), 118 ), 119 }, 120 resource.TestStep{ 121 Config: testAccUserConfig_revoke, 122 Check: resource.ComposeTestCheckFunc( 123 testAccCheckUserGrantsEmpty("influxdb_user.test"), 124 resource.TestCheckResourceAttr( 125 "influxdb_user.test", "name", "terraform_test", 126 ), 127 resource.TestCheckResourceAttr( 128 "influxdb_user.test", "password", "terraform", 129 ), 130 resource.TestCheckResourceAttr( 131 "influxdb_user.test", "admin", "false", 132 ), 133 resource.TestCheckResourceAttr( 134 "influxdb_user.test", "grant.#", "0", 135 ), 136 ), 137 }, 138 }, 139 }) 140 } 141 142 func testAccCheckUserExists(n string) resource.TestCheckFunc { 143 return func(s *terraform.State) error { 144 rs, ok := s.RootModule().Resources[n] 145 if !ok { 146 return fmt.Errorf("Not found: %s", n) 147 } 148 149 if rs.Primary.ID == "" { 150 return fmt.Errorf("No user id set") 151 } 152 153 conn := testAccProvider.Meta().(*client.Client) 154 155 query := client.Query{ 156 Command: "SHOW USERS", 157 } 158 159 resp, err := conn.Query(query) 160 if err != nil { 161 return err 162 } 163 164 if resp.Err != nil { 165 return resp.Err 166 } 167 168 for _, result := range resp.Results[0].Series[0].Values { 169 if result[0] == rs.Primary.Attributes["name"] { 170 return nil 171 } 172 } 173 174 return fmt.Errorf("User %q does not exist", rs.Primary.Attributes["name"]) 175 } 176 } 177 178 func testAccCheckUserNoAdmin(n string) resource.TestCheckFunc { 179 return func(s *terraform.State) error { 180 rs, ok := s.RootModule().Resources[n] 181 if !ok { 182 return fmt.Errorf("Not found: %s", n) 183 } 184 185 if rs.Primary.ID == "" { 186 return fmt.Errorf("No user id set") 187 } 188 189 conn := testAccProvider.Meta().(*client.Client) 190 191 query := client.Query{ 192 Command: "SHOW USERS", 193 } 194 195 resp, err := conn.Query(query) 196 if err != nil { 197 return err 198 } 199 200 if resp.Err != nil { 201 return resp.Err 202 } 203 204 for _, result := range resp.Results[0].Series[0].Values { 205 if result[0] == rs.Primary.Attributes["name"] { 206 if result[1].(bool) == true { 207 return fmt.Errorf("User %q is admin", rs.Primary.ID) 208 } 209 210 return nil 211 } 212 } 213 214 return fmt.Errorf("User %q does not exist", rs.Primary.Attributes["name"]) 215 } 216 } 217 218 func testAccCheckUserGrantsEmpty(n string) resource.TestCheckFunc { 219 return func(s *terraform.State) error { 220 rs, ok := s.RootModule().Resources[n] 221 if !ok { 222 return fmt.Errorf("Not found: %s", n) 223 } 224 225 if rs.Primary.ID == "" { 226 return fmt.Errorf("No user id set") 227 } 228 229 conn := testAccProvider.Meta().(*client.Client) 230 231 query := client.Query{ 232 Command: fmt.Sprintf("SHOW GRANTS FOR %s", rs.Primary.Attributes["name"]), 233 } 234 235 resp, err := conn.Query(query) 236 if err != nil { 237 return err 238 } 239 240 if resp.Err != nil { 241 return resp.Err 242 } 243 244 for _, result := range resp.Results[0].Series[0].Values { 245 if result[1].(string) != "NO PRIVILEGES" { 246 return fmt.Errorf("User %q still has grants: %#v", rs.Primary.ID, resp.Results[0].Series[0].Values) 247 } 248 } 249 250 return nil 251 } 252 } 253 254 func testAccCheckUserGrants(n, database, privilege string) resource.TestCheckFunc { 255 return func(s *terraform.State) error { 256 rs, ok := s.RootModule().Resources[n] 257 if !ok { 258 return fmt.Errorf("Not found: %s", n) 259 } 260 261 if rs.Primary.ID == "" { 262 return fmt.Errorf("No user id set") 263 } 264 265 conn := testAccProvider.Meta().(*client.Client) 266 267 query := client.Query{ 268 Command: fmt.Sprintf("SHOW GRANTS FOR %s", rs.Primary.Attributes["name"]), 269 } 270 271 resp, err := conn.Query(query) 272 if err != nil { 273 return err 274 } 275 276 if resp.Err != nil { 277 return resp.Err 278 } 279 280 for _, result := range resp.Results[0].Series[0].Values { 281 if result[0].(string) == database && result[1].(string) == privilege { 282 return nil 283 } 284 } 285 286 return fmt.Errorf("Privilege %q on %q for %q does not exist", privilege, database, rs.Primary.Attributes["name"]) 287 } 288 } 289 290 var testAccUserConfig_admin = ` 291 resource "influxdb_user" "test" { 292 name = "terraform_test" 293 password = "terraform" 294 admin = true 295 } 296 ` 297 298 var testAccUserConfig_grant = ` 299 resource "influxdb_database" "green" { 300 name = "terraform-green" 301 } 302 303 resource "influxdb_user" "test" { 304 name = "terraform_test" 305 password = "terraform" 306 307 grant { 308 database = "${influxdb_database.green.name}" 309 privilege = "read" 310 } 311 } 312 ` 313 314 var testAccUserConfig_revoke = ` 315 resource "influxdb_database" "green" { 316 name = "terraform-green" 317 } 318 319 resource "influxdb_user" "test" { 320 name = "terraform_test" 321 password = "terraform" 322 admin = false 323 } 324 ` 325 326 var testAccUserConfig_grantUpdate = ` 327 resource "influxdb_database" "green" { 328 name = "terraform-green" 329 } 330 331 resource "influxdb_database" "blue" { 332 name = "terraform-blue" 333 } 334 335 resource "influxdb_user" "test" { 336 name = "terraform_test" 337 password = "terraform" 338 339 grant { 340 database = "${influxdb_database.green.name}" 341 privilege = "write" 342 } 343 344 grant { 345 database = "${influxdb_database.blue.name}" 346 privilege = "read" 347 } 348 } 349 `