github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/rabbitmq/resource_permissions.go (about)

     1  package rabbitmq
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"strings"
     7  
     8  	"github.com/michaelklishin/rabbit-hole"
     9  
    10  	"github.com/hashicorp/terraform/helper/schema"
    11  )
    12  
    13  func resourcePermissions() *schema.Resource {
    14  	return &schema.Resource{
    15  		Create: CreatePermissions,
    16  		Update: UpdatePermissions,
    17  		Read:   ReadPermissions,
    18  		Delete: DeletePermissions,
    19  		Importer: &schema.ResourceImporter{
    20  			State: schema.ImportStatePassthrough,
    21  		},
    22  
    23  		Schema: map[string]*schema.Schema{
    24  			"user": &schema.Schema{
    25  				Type:     schema.TypeString,
    26  				Required: true,
    27  				ForceNew: true,
    28  			},
    29  
    30  			"vhost": &schema.Schema{
    31  				Type:     schema.TypeString,
    32  				Optional: true,
    33  				Default:  "/",
    34  				ForceNew: true,
    35  			},
    36  
    37  			"permissions": &schema.Schema{
    38  				Type:     schema.TypeList,
    39  				Required: true,
    40  				MaxItems: 1,
    41  				Elem: &schema.Resource{
    42  					Schema: map[string]*schema.Schema{
    43  						"configure": &schema.Schema{
    44  							Type:     schema.TypeString,
    45  							Required: true,
    46  						},
    47  
    48  						"write": &schema.Schema{
    49  							Type:     schema.TypeString,
    50  							Required: true,
    51  						},
    52  
    53  						"read": &schema.Schema{
    54  							Type:     schema.TypeString,
    55  							Required: true,
    56  						},
    57  					},
    58  				},
    59  			},
    60  		},
    61  	}
    62  }
    63  
    64  func CreatePermissions(d *schema.ResourceData, meta interface{}) error {
    65  	rmqc := meta.(*rabbithole.Client)
    66  
    67  	user := d.Get("user").(string)
    68  	vhost := d.Get("vhost").(string)
    69  	permsList := d.Get("permissions").([]interface{})
    70  
    71  	permsMap, ok := permsList[0].(map[string]interface{})
    72  	if !ok {
    73  		return fmt.Errorf("Unable to parse permissions")
    74  	}
    75  
    76  	if err := setPermissionsIn(rmqc, vhost, user, permsMap); err != nil {
    77  		return err
    78  	}
    79  
    80  	id := fmt.Sprintf("%s@%s", user, vhost)
    81  	d.SetId(id)
    82  
    83  	return ReadPermissions(d, meta)
    84  }
    85  
    86  func ReadPermissions(d *schema.ResourceData, meta interface{}) error {
    87  	rmqc := meta.(*rabbithole.Client)
    88  
    89  	permissionId := strings.Split(d.Id(), "@")
    90  	if len(permissionId) < 2 {
    91  		return fmt.Errorf("Unable to determine Permission ID")
    92  	}
    93  
    94  	user := permissionId[0]
    95  	vhost := permissionId[1]
    96  
    97  	userPerms, err := rmqc.GetPermissionsIn(vhost, user)
    98  	if err != nil {
    99  		return checkDeleted(d, err)
   100  	}
   101  
   102  	log.Printf("[DEBUG] RabbitMQ: Permission retrieved for %s: %#v", d.Id(), userPerms)
   103  
   104  	d.Set("user", userPerms.User)
   105  	d.Set("vhost", userPerms.Vhost)
   106  
   107  	perms := make([]map[string]interface{}, 1)
   108  	p := make(map[string]interface{})
   109  	p["configure"] = userPerms.Configure
   110  	p["write"] = userPerms.Write
   111  	p["read"] = userPerms.Read
   112  	perms[0] = p
   113  	d.Set("permissions", perms)
   114  
   115  	return nil
   116  }
   117  
   118  func UpdatePermissions(d *schema.ResourceData, meta interface{}) error {
   119  	rmqc := meta.(*rabbithole.Client)
   120  
   121  	permissionId := strings.Split(d.Id(), "@")
   122  	if len(permissionId) < 2 {
   123  		return fmt.Errorf("Unable to determine Permission ID")
   124  	}
   125  
   126  	user := permissionId[0]
   127  	vhost := permissionId[1]
   128  
   129  	if d.HasChange("permissions") {
   130  		_, newPerms := d.GetChange("permissions")
   131  
   132  		newPermsList := newPerms.([]interface{})
   133  		permsMap, ok := newPermsList[0].(map[string]interface{})
   134  		if !ok {
   135  			return fmt.Errorf("Unable to parse permissions")
   136  		}
   137  
   138  		if err := setPermissionsIn(rmqc, vhost, user, permsMap); err != nil {
   139  			return err
   140  		}
   141  	}
   142  
   143  	return ReadPermissions(d, meta)
   144  }
   145  
   146  func DeletePermissions(d *schema.ResourceData, meta interface{}) error {
   147  	rmqc := meta.(*rabbithole.Client)
   148  
   149  	permissionId := strings.Split(d.Id(), "@")
   150  	if len(permissionId) < 2 {
   151  		return fmt.Errorf("Unable to determine Permission ID")
   152  	}
   153  
   154  	user := permissionId[0]
   155  	vhost := permissionId[1]
   156  
   157  	log.Printf("[DEBUG] RabbitMQ: Attempting to delete permission for %s", d.Id())
   158  
   159  	resp, err := rmqc.ClearPermissionsIn(vhost, user)
   160  	log.Printf("[DEBUG] RabbitMQ: Permission delete response: %#v", resp)
   161  	if err != nil {
   162  		return err
   163  	}
   164  
   165  	if resp.StatusCode == 404 {
   166  		// The permissions were already deleted
   167  		return nil
   168  	}
   169  
   170  	if resp.StatusCode >= 400 {
   171  		return fmt.Errorf("Error deleting RabbitMQ permission: %s", resp.Status)
   172  	}
   173  
   174  	return nil
   175  }
   176  
   177  func setPermissionsIn(rmqc *rabbithole.Client, vhost string, user string, permsMap map[string]interface{}) error {
   178  	perms := rabbithole.Permissions{}
   179  
   180  	if v, ok := permsMap["configure"].(string); ok {
   181  		perms.Configure = v
   182  	}
   183  
   184  	if v, ok := permsMap["write"].(string); ok {
   185  		perms.Write = v
   186  	}
   187  
   188  	if v, ok := permsMap["read"].(string); ok {
   189  		perms.Read = v
   190  	}
   191  
   192  	log.Printf("[DEBUG] RabbitMQ: Attempting to set permissions for %s@%s: %#v", user, vhost, perms)
   193  
   194  	resp, err := rmqc.UpdatePermissionsIn(vhost, user, perms)
   195  	log.Printf("[DEBUG] RabbitMQ: Permission response: %#v", resp)
   196  	if err != nil {
   197  		return err
   198  	}
   199  
   200  	if resp.StatusCode >= 400 {
   201  		return fmt.Errorf("Error setting permissions: %s", resp.Status)
   202  	}
   203  
   204  	return nil
   205  }