github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/rabbitmq/resource_permissions.go (about) 1 package rabbitmq 2 3 import ( 4 "fmt" 5 "log" 6 "strings" 7 8 "github.com/michaelklishin/rabbit-hole" 9 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourcePermissions() *schema.Resource { 14 return &schema.Resource{ 15 Create: CreatePermissions, 16 Update: UpdatePermissions, 17 Read: ReadPermissions, 18 Delete: DeletePermissions, 19 Importer: &schema.ResourceImporter{ 20 State: schema.ImportStatePassthrough, 21 }, 22 23 Schema: map[string]*schema.Schema{ 24 "user": &schema.Schema{ 25 Type: schema.TypeString, 26 Required: true, 27 ForceNew: true, 28 }, 29 30 "vhost": &schema.Schema{ 31 Type: schema.TypeString, 32 Optional: true, 33 Default: "/", 34 ForceNew: true, 35 }, 36 37 "permissions": &schema.Schema{ 38 Type: schema.TypeList, 39 Required: true, 40 MaxItems: 1, 41 Elem: &schema.Resource{ 42 Schema: map[string]*schema.Schema{ 43 "configure": &schema.Schema{ 44 Type: schema.TypeString, 45 Required: true, 46 }, 47 48 "write": &schema.Schema{ 49 Type: schema.TypeString, 50 Required: true, 51 }, 52 53 "read": &schema.Schema{ 54 Type: schema.TypeString, 55 Required: true, 56 }, 57 }, 58 }, 59 }, 60 }, 61 } 62 } 63 64 func CreatePermissions(d *schema.ResourceData, meta interface{}) error { 65 rmqc := meta.(*rabbithole.Client) 66 67 user := d.Get("user").(string) 68 vhost := d.Get("vhost").(string) 69 permsList := d.Get("permissions").([]interface{}) 70 71 permsMap, ok := permsList[0].(map[string]interface{}) 72 if !ok { 73 return fmt.Errorf("Unable to parse permissions") 74 } 75 76 if err := setPermissionsIn(rmqc, vhost, user, permsMap); err != nil { 77 return err 78 } 79 80 id := fmt.Sprintf("%s@%s", user, vhost) 81 d.SetId(id) 82 83 return ReadPermissions(d, meta) 84 } 85 86 func ReadPermissions(d *schema.ResourceData, meta interface{}) error { 87 rmqc := meta.(*rabbithole.Client) 88 89 permissionId := strings.Split(d.Id(), "@") 90 if len(permissionId) < 2 { 91 return fmt.Errorf("Unable to determine Permission ID") 92 } 93 94 user := permissionId[0] 95 vhost := permissionId[1] 96 97 userPerms, err := rmqc.GetPermissionsIn(vhost, user) 98 if err != nil { 99 return checkDeleted(d, err) 100 } 101 102 log.Printf("[DEBUG] RabbitMQ: Permission retrieved for %s: %#v", d.Id(), userPerms) 103 104 d.Set("user", userPerms.User) 105 d.Set("vhost", userPerms.Vhost) 106 107 perms := make([]map[string]interface{}, 1) 108 p := make(map[string]interface{}) 109 p["configure"] = userPerms.Configure 110 p["write"] = userPerms.Write 111 p["read"] = userPerms.Read 112 perms[0] = p 113 d.Set("permissions", perms) 114 115 return nil 116 } 117 118 func UpdatePermissions(d *schema.ResourceData, meta interface{}) error { 119 rmqc := meta.(*rabbithole.Client) 120 121 permissionId := strings.Split(d.Id(), "@") 122 if len(permissionId) < 2 { 123 return fmt.Errorf("Unable to determine Permission ID") 124 } 125 126 user := permissionId[0] 127 vhost := permissionId[1] 128 129 if d.HasChange("permissions") { 130 _, newPerms := d.GetChange("permissions") 131 132 newPermsList := newPerms.([]interface{}) 133 permsMap, ok := newPermsList[0].(map[string]interface{}) 134 if !ok { 135 return fmt.Errorf("Unable to parse permissions") 136 } 137 138 if err := setPermissionsIn(rmqc, vhost, user, permsMap); err != nil { 139 return err 140 } 141 } 142 143 return ReadPermissions(d, meta) 144 } 145 146 func DeletePermissions(d *schema.ResourceData, meta interface{}) error { 147 rmqc := meta.(*rabbithole.Client) 148 149 permissionId := strings.Split(d.Id(), "@") 150 if len(permissionId) < 2 { 151 return fmt.Errorf("Unable to determine Permission ID") 152 } 153 154 user := permissionId[0] 155 vhost := permissionId[1] 156 157 log.Printf("[DEBUG] RabbitMQ: Attempting to delete permission for %s", d.Id()) 158 159 resp, err := rmqc.ClearPermissionsIn(vhost, user) 160 log.Printf("[DEBUG] RabbitMQ: Permission delete response: %#v", resp) 161 if err != nil { 162 return err 163 } 164 165 if resp.StatusCode == 404 { 166 // The permissions were already deleted 167 return nil 168 } 169 170 if resp.StatusCode >= 400 { 171 return fmt.Errorf("Error deleting RabbitMQ permission: %s", resp.Status) 172 } 173 174 return nil 175 } 176 177 func setPermissionsIn(rmqc *rabbithole.Client, vhost string, user string, permsMap map[string]interface{}) error { 178 perms := rabbithole.Permissions{} 179 180 if v, ok := permsMap["configure"].(string); ok { 181 perms.Configure = v 182 } 183 184 if v, ok := permsMap["write"].(string); ok { 185 perms.Write = v 186 } 187 188 if v, ok := permsMap["read"].(string); ok { 189 perms.Read = v 190 } 191 192 log.Printf("[DEBUG] RabbitMQ: Attempting to set permissions for %s@%s: %#v", user, vhost, perms) 193 194 resp, err := rmqc.UpdatePermissionsIn(vhost, user, perms) 195 log.Printf("[DEBUG] RabbitMQ: Permission response: %#v", resp) 196 if err != nil { 197 return err 198 } 199 200 if resp.StatusCode >= 400 { 201 return fmt.Errorf("Error setting permissions: %s", resp.Status) 202 } 203 204 return nil 205 }