From 6d6096d4b8080ed2d88974a0893d6641d476a78f Mon Sep 17 00:00:00 2001 From: Nick Cronin Date: Tue, 18 Feb 2020 16:39:10 +1100 Subject: [PATCH 1/3] Add description as an exposed property to the Group resource --- azuread/data_group.go | 10 ++++++++++ azuread/resource_group.go | 24 ++++++++++++++++++++---- website/docs/d/group.html.markdown | 1 + website/docs/r/group.markdown | 3 +++ 4 files changed, 34 insertions(+), 4 deletions(-) diff --git a/azuread/data_group.go b/azuread/data_group.go index 9517a341b8..020c70cde4 100644 --- a/azuread/data_group.go +++ b/azuread/data_group.go @@ -27,6 +27,12 @@ func dataGroup() *schema.Resource { ConflictsWith: []string{"name"}, }, + "description": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "name": { Type: schema.TypeString, Optional: true, @@ -83,6 +89,10 @@ func dataSourceActiveDirectoryGroupRead(d *schema.ResourceData, meta interface{} } d.SetId(*group.ObjectID) + if v, ok := group.AdditionalProperties["Properties"]; ok { + d.Set("description", v.(string)) + } + d.Set("object_id", group.ObjectID) d.Set("name", group.DisplayName) diff --git a/azuread/resource_group.go b/azuread/resource_group.go index eba7e9639b..5c9086cee2 100644 --- a/azuread/resource_group.go +++ b/azuread/resource_group.go @@ -42,6 +42,12 @@ func resourceGroup() *schema.Resource { Computed: true, }, + "description": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + }, + "members": { Type: schema.TypeSet, Optional: true, @@ -73,11 +79,18 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error { name := d.Get("name").(string) + additionalProperties := make(map[string]interface{}) + + if v, ok := d.GetOk("description"); ok { + additionalProperties["Description"] = v.(string) + } + properties := graphrbac.GroupCreateParameters{ - DisplayName: &name, - MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. - MailNickname: p.String(uuid.New().String()), // this matches the portal behaviour - SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. + DisplayName: &name, + MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. + MailNickname: p.String(uuid.New().String()), // this matches the portal behaviour + SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. + AdditionalProperties: additionalProperties, } group, err := client.Create(ctx, properties) @@ -132,6 +145,9 @@ func resourceGroupRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error retrieving Azure AD Group with ID %q: %+v", d.Id(), err) } + if v, ok := resp.AdditionalProperties["Properties"]; ok { + d.Set("description", v.(string)) + } d.Set("name", resp.DisplayName) d.Set("object_id", resp.ObjectID) diff --git a/website/docs/d/group.html.markdown b/website/docs/d/group.html.markdown index 7f0db09420..80dc7487f1 100644 --- a/website/docs/d/group.html.markdown +++ b/website/docs/d/group.html.markdown @@ -36,4 +36,5 @@ The following arguments are supported: The following attributes are exported: * `id` - The Object ID of the Azure AD Group. +* `description` - The description of the group diff --git a/website/docs/r/group.markdown b/website/docs/r/group.markdown index 4b96497cd6..98097eda04 100644 --- a/website/docs/r/group.markdown +++ b/website/docs/r/group.markdown @@ -43,6 +43,7 @@ resource "azuread_group" "example" { The following arguments are supported: * `name` - (Required) The display name for the Group. Changing this forces a new resource to be created. +* `description` - (Optional) The description for the Group. Changing this forces a new resource to be created. * `members` (Optional) A set of members who should be present in this Group. Supported Object types are Users, Groups or Service Principals. * `owners` (Optional) A set of owners who own this Group. Supported Object types are Users or Service Principals. @@ -60,6 +61,8 @@ The following attributes are exported: * `name` - The Display Name of the Group. +* `description` - The Description of the Group. + * `members` - The Members of the Group. * `owners` - The Members of the Group. From 2e1a920537860d32c08970cafee8100305baf0c6 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 10 Mar 2020 15:52:15 -0700 Subject: [PATCH 2/3] fix pr up for merge --- azuread/data_group.go | 6 +++--- azuread/resource_group.go | 5 +++-- website/docs/d/group.html.markdown | 2 +- website/docs/r/group.markdown | 2 +- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/azuread/data_group.go b/azuread/data_group.go index 020c70cde4..467d1a6fed 100644 --- a/azuread/data_group.go +++ b/azuread/data_group.go @@ -89,13 +89,13 @@ func dataSourceActiveDirectoryGroupRead(d *schema.ResourceData, meta interface{} } d.SetId(*group.ObjectID) + d.Set("object_id", group.ObjectID) + d.Set("name", group.DisplayName) + if v, ok := group.AdditionalProperties["Properties"]; ok { d.Set("description", v.(string)) } - d.Set("object_id", group.ObjectID) - d.Set("name", group.DisplayName) - members, err := graph.GroupAllMembers(client, ctx, d.Id()) if err != nil { return err diff --git a/azuread/resource_group.go b/azuread/resource_group.go index 5c9086cee2..aaeac17899 100644 --- a/azuread/resource_group.go +++ b/azuread/resource_group.go @@ -87,9 +87,9 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error { properties := graphrbac.GroupCreateParameters{ DisplayName: &name, - MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. + MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. MailNickname: p.String(uuid.New().String()), // this matches the portal behaviour - SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. + SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. AdditionalProperties: additionalProperties, } @@ -100,6 +100,7 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error { if group.ObjectID == nil { return fmt.Errorf("nil Group ID for %q: %+v", name, err) } + d.SetId(*group.ObjectID) // Add members if specified diff --git a/website/docs/d/group.html.markdown b/website/docs/d/group.html.markdown index 6812fba944..02281d25ce 100644 --- a/website/docs/d/group.html.markdown +++ b/website/docs/d/group.html.markdown @@ -36,7 +36,7 @@ The following arguments are supported: The following attributes are exported: * `id` - The Object ID of the Azure AD Group. -* `description` - The description of the group +* `description` - The description of the AD Group. * `name` - The name of the Azure AD Group. * `owners` - The Object IDs of the Azure AD Group owners. * `members` - The Object IDs of the Azure AD Group members. diff --git a/website/docs/r/group.markdown b/website/docs/r/group.markdown index 98097eda04..4d9908660d 100644 --- a/website/docs/r/group.markdown +++ b/website/docs/r/group.markdown @@ -61,7 +61,7 @@ The following attributes are exported: * `name` - The Display Name of the Group. -* `description` - The Description of the Group. +* `description` - The Description of the Group. * `members` - The Members of the Group. From 3e21293821ab3321b62d5e6c0403c22aaa0dfdd0 Mon Sep 17 00:00:00 2001 From: kt Date: Wed, 11 Mar 2020 15:46:19 -0700 Subject: [PATCH 3/3] fix up pr for merge --- azuread/data_group.go | 3 +-- azuread/resource_group.go | 35 +++++++++++++++++----------------- azuread/resource_group_test.go | 18 +++++++++++++++-- website/docs/r/group.markdown | 8 -------- 4 files changed, 34 insertions(+), 30 deletions(-) diff --git a/azuread/data_group.go b/azuread/data_group.go index e451cd209c..755ee839ad 100644 --- a/azuread/data_group.go +++ b/azuread/data_group.go @@ -29,7 +29,6 @@ func dataGroup() *schema.Resource { "description": { Type: schema.TypeString, - Optional: true, Computed: true, }, @@ -92,7 +91,7 @@ func dataSourceActiveDirectoryGroupRead(d *schema.ResourceData, meta interface{} d.Set("object_id", group.ObjectID) d.Set("name", group.DisplayName) - if v, ok := group.AdditionalProperties["Properties"]; ok { + if v, ok := group.AdditionalProperties["description"]; ok { d.Set("description", v.(string)) } diff --git a/azuread/resource_group.go b/azuread/resource_group.go index 03fe458c3d..61cecc9a8b 100644 --- a/azuread/resource_group.go +++ b/azuread/resource_group.go @@ -36,15 +36,10 @@ func resourceGroup() *schema.Resource { ValidateFunc: validation.NoZeroValues, }, - "object_id": { - Type: schema.TypeString, - Computed: true, - }, - "description": { Type: schema.TypeString, + ForceNew: true, // there is no update method availible in the SDK Optional: true, - ForceNew: true, }, "members": { @@ -68,6 +63,11 @@ func resourceGroup() *schema.Resource { ValidateFunc: validate.UUID, }, }, + + "object_id": { + Type: schema.TypeString, + Computed: true, + }, }, } } @@ -78,18 +78,16 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error { name := d.Get("name").(string) - additionalProperties := make(map[string]interface{}) - - if v, ok := d.GetOk("description"); ok { - additionalProperties["Description"] = v.(string) - } - properties := graphrbac.GroupCreateParameters{ DisplayName: &name, - MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. + MailEnabled: p.Bool(false), // we're defaulting to false, as the API currently only supports the creation of non-mail enabled security groups. MailNickname: p.String(uuid.New().String()), // this matches the portal behaviour - SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. - AdditionalProperties: additionalProperties, + SecurityEnabled: p.Bool(true), // we're defaulting to true, as the API currently only supports the creation of non-mail enabled security groups. + AdditionalProperties: make(map[string]interface{}), + } + + if v, ok := d.GetOk("description"); ok { + properties.AdditionalProperties["description"] = v.(string) } group, err := client.Create(ctx, properties) @@ -145,12 +143,13 @@ func resourceGroupRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error retrieving Azure AD Group with ID %q: %+v", d.Id(), err) } - if v, ok := resp.AdditionalProperties["Properties"]; ok { - d.Set("description", v.(string)) - } d.Set("name", resp.DisplayName) d.Set("object_id", resp.ObjectID) + if v, ok := resp.AdditionalProperties["description"]; ok { + d.Set("description", v.(string)) + } + members, err := graph.GroupAllMembers(client, ctx, d.Id()) if err != nil { return err diff --git a/azuread/resource_group_test.go b/azuread/resource_group_test.go index dc516ae0f8..83cb8f58b0 100644 --- a/azuread/resource_group_test.go +++ b/azuread/resource_group_test.go @@ -37,6 +37,7 @@ func TestAccAzureADGroup_basic(t *testing.T) { func TestAccAzureADGroup_complete(t *testing.T) { rn := "azuread_group.test" id := tf.AccRandTimeInt() + pw := "p@$$wR2" + acctest.RandStringFromCharSet(7, acctest.CharSetAlphaNum) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -44,8 +45,8 @@ func TestAccAzureADGroup_complete(t *testing.T) { CheckDestroy: testCheckAzureADGroupDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureADGroup_basic(id), - Check: testCheckAzureAdGroupBasic(id, "0", "0"), + Config: testAccAzureADGroup_complete(id, pw), + Check: testCheckAzureAdGroupBasic(id, "1", "1"), }, { ResourceName: rn, @@ -352,6 +353,19 @@ resource "azuread_group" "test" { `, id) } +func testAccAzureADGroup_complete(id int, password string) string { + return fmt.Sprintf(` +%s + +resource "azuread_group" "test" { + name = "acctestGroup-%d" + description = "Please delete me as this is a test AD group!" + members = [azuread_user.test.object_id] + owners = [azuread_user.test.object_id] +} +`, testAccADUser_basic(id, password), id) +} + func testAccAzureADDiverseDirectoryObjects(id int, password string) string { return fmt.Sprintf(` data "azuread_domains" "tenant_domain" { diff --git a/website/docs/r/group.markdown b/website/docs/r/group.markdown index 23cf9b68b4..df80da31fa 100644 --- a/website/docs/r/group.markdown +++ b/website/docs/r/group.markdown @@ -59,14 +59,6 @@ The following attributes are exported: * `id` - The Object ID of the Group. -* `name` - The Display Name of the Group. - -* `description` - The Description of the Group. - -* `members` - The Members of the Group. - -* `owners` - The Members of the Group. - ## Import Azure Active Directory Groups can be imported using the `object id`, e.g.