pingidentity · patrickcping · Oct 8, 2024 · Oct 10, 2024 · Oct 11, 2024 · Oct 15, 2024
@@ -7,6 +7,8 @@ tool (
 	github.com/pavius/impi
 )
 
+replace github.com/patrickcping/pingone-go-sdk-v2/authorize => github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.1-0.20250218183914-e9ec95e476b9
+
 require (
 	github.com/fatih/color v1.18.0
 	github.com/hashicorp/go-uuid v1.0.3

@@ -431,8 +431,8 @@ github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT9
 github.com/otiai10/mint v1.3.1/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc=
 github.com/patrickcping/pingone-go-sdk-v2 v0.12.9 h1:EznRTRLzpgHeqkBtXHBrwjIMlfLamqOurODgIKNyoBY=
 github.com/patrickcping/pingone-go-sdk-v2 v0.12.9/go.mod h1:ZA09d5Rw6Mp7MBT7iJageVfzU1k6yjEjsQCLpIlFyRQ=
-github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.0 h1:gEPzZToJlBcJh2Ft12dP1GCSGzsNFQFEHS7Bql86RQk=
-github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.0/go.mod h1:2PDrgC1ufXk2IDIk4JQHx6r34r2xpkbnzKIpXFv8gYs=
+github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.1-0.20250218183914-e9ec95e476b9 h1:O+LMmb6pH7VKVRV3nZbWadMuBoAq7FhEAi/9s09dhEw=
+github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.1-0.20250218183914-e9ec95e476b9/go.mod h1:2PDrgC1ufXk2IDIk4JQHx6r34r2xpkbnzKIpXFv8gYs=
 github.com/patrickcping/pingone-go-sdk-v2/credentials v0.11.0 h1:pLiiBkROks/40vhFWJEcr/tiIEqqYdP4FWsHtfCLdIs=
 github.com/patrickcping/pingone-go-sdk-v2/credentials v0.11.0/go.mod h1:yRGf7+tsB3/AQYsNjIIs4ScJhR885mvDYMgwHiQeMl0=
 github.com/patrickcping/pingone-go-sdk-v2/management v0.49.0 h1:F1zE2PhxgZCu08TObPylcnXzKqdbaAXkDODWegTE7WM=

@@ -42,14 +42,21 @@ func (c *PingoneAuthorizeConnector) Export(format, outputDir string, overwriteEx
 	l.Debug().Msgf("Exporting all PingOne Authorize Resources...")
 
 	exportableResources := []connector.ExportableResource{
+		resources.ApplicationResource(&c.clientInfo),
 		resources.AuthorizeAPIService(&c.clientInfo),
 		resources.AuthorizeAPIServiceDeployment(&c.clientInfo),
 		resources.AuthorizeAPIServiceOperation(&c.clientInfo),
-		resources.ApplicationResource(&c.clientInfo),
 		resources.AuthorizeApplicationResourcePermission(&c.clientInfo),
 		resources.AuthorizeApplicationRole(&c.clientInfo),
 		resources.AuthorizeApplicationRolePermission(&c.clientInfo),
 		resources.AuthorizeDecisionEndpoint(&c.clientInfo),
+		resources.AuthorizePolicyManagementPolicy(&c.clientInfo),
+		resources.AuthorizePolicyManagementRule(&c.clientInfo),
+		resources.AuthorizePolicyManagementStatement(&c.clientInfo),
+		resources.AuthorizeTrustFrameworkAttribute(&c.clientInfo),
+		resources.AuthorizeTrustFrameworkCondition(&c.clientInfo),
+		resources.AuthorizeTrustFrameworkProcessor(&c.clientInfo),
+		resources.AuthorizeTrustFrameworkService(&c.clientInfo),
 	}
 
 	return common.WriteFiles(exportableResources, format, outputDir, overwriteExport)

@@ -49,6 +49,41 @@ func TestAuthorizeTerraformPlan(t *testing.T) {
 			resource:      resources.AuthorizeDecisionEndpoint(PingOneClientInfo),
 			ignoredErrors: nil,
 		},
+		{
+			name:          "AuthorizePolicyManagementPolicy",
+			resource:      resources.AuthorizePolicyManagementPolicy(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizePolicyManagementRule",
+			resource:      resources.AuthorizePolicyManagementRule(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizePolicyManagementStatement",
+			resource:      resources.AuthorizePolicyManagementStatement(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeTrustFrameworkAttribute",
+			resource:      resources.AuthorizeTrustFrameworkAttribute(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeTrustFrameworkCondition",
+			resource:      resources.AuthorizeTrustFrameworkCondition(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeTrustFrameworkProcessor",
+			resource:      resources.AuthorizeTrustFrameworkProcessor(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeTrustFrameworkService",
+			resource:      resources.AuthorizeTrustFrameworkService(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
 	}
 
 	for _, tc := range testCases {

@@ -0,0 +1,93 @@
+package resources
+
+import (
+	"github.com/patrickcping/pingone-go-sdk-v2/authorize"
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/common"
+	"github.com/pingidentity/pingcli/internal/connector/pingone"
+	"github.com/pingidentity/pingcli/internal/logger"
+)
+
+// Verify that the resource satisfies the exportable resource interface
+var (
+	_ connector.ExportableResource = &PingoneAuthorizePolicyManagementPolicyResource{}
+)
+
+type PingoneAuthorizePolicyManagementPolicyResource struct {
+	clientInfo *connector.PingOneClientInfo
+}
+
+// Utility method for creating a PingoneAuthorizePolicyManagementPolicyResource
+func AuthorizePolicyManagementPolicy(clientInfo *connector.PingOneClientInfo) *PingoneAuthorizePolicyManagementPolicyResource {
+	return &PingoneAuthorizePolicyManagementPolicyResource{
+		clientInfo: clientInfo,
+	}
+}
+
+func (r *PingoneAuthorizePolicyManagementPolicyResource) ExportAll() (*[]connector.ImportBlock, error) {
+	l := logger.Get()
+	l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType())
+
+	importBlocks := []connector.ImportBlock{}
+
+	editorPolicyData, err := r.getEditorPolicyData()
+	if err != nil {
+		return nil, err
+	}
+
+	for editorPolicyId, editorPolicyName := range editorPolicyData {
+		commentData := map[string]string{
+			"Export Environment ID": r.clientInfo.ExportEnvironmentID,
+			"Editor Policy ID":      editorPolicyId,
+			"Editor Policy Name":    editorPolicyName,
+			"Resource Type":         r.ResourceType(),
+		}
+
+		importBlock := connector.ImportBlock{
+			ResourceType:       r.ResourceType(),
+			ResourceName:       editorPolicyName,
+			ResourceID:         r.clientInfo.ExportEnvironmentID,
+			CommentInformation: common.GenerateCommentInformation(commentData),
+		}
+
+		importBlocks = append(importBlocks, importBlock)
+	}
+
+	return &importBlocks, nil
+}
+
+func (r *PingoneAuthorizePolicyManagementPolicyResource) getEditorPolicyData() (map[string]string, error) {
+	editorPolicyData := make(map[string]string)
+
+	iter := r.clientInfo.ApiClient.AuthorizeAPIClient.AuthorizeEditorPoliciesApi.ListRootPolicies(r.clientInfo.Context, r.clientInfo.ExportEnvironmentID).Execute()
+	editorPolicys, err := pingone.GetAuthorizeAPIObjectsFromIterator[authorize.AuthorizeEditorDataPoliciesReferenceablePolicyDTO](iter, "ListRootPolicies", "GetAuthorizationPolicies", r.ResourceType())
+	if err != nil {
+		return nil, err
+	}
+
+	for _, editorPolicy := range editorPolicys {
+
+		if me, ok := editorPolicy.GetManagedEntityOk(); ok {
+			if restrictions, ok := me.GetRestrictionsOk(); ok {
+				if readOnly, ok := restrictions.GetReadOnlyOk(); ok {
+					if *readOnly {
+						continue
+					}
+				}
+			}
+		}
+
+		editorPolicyId, editorPolicyIdOk := editorPolicy.GetIdOk()
+		editorPolicyName, editorPolicyNameOk := editorPolicy.GetNameOk()
+
+		if editorPolicyIdOk && editorPolicyNameOk {
+			editorPolicyData[*editorPolicyId] = *editorPolicyName
+		}
+	}
+
+	return editorPolicyData, nil
+}
+
+func (r *PingoneAuthorizePolicyManagementPolicyResource) ResourceType() string {
+	return "pingone_authorize_policy_management_root_policy"
+}
@@ -0,0 +1,27 @@
+package resources_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/pingone/authorize/resources"
+	"github.com/pingidentity/pingcli/internal/testing/testutils"
+)
+
+func TestAuthorizePolicyManagementPolicyExport(t *testing.T) {
+	// Get initialized apiClient and resource
+	PingOneClientInfo := testutils.GetPingOneClientInfo(t)
+	resource := resources.AuthorizePolicyManagementPolicy(PingOneClientInfo)
+
+	// Defined the expected ImportBlocks for the resource
+	expectedImportBlocks := []connector.ImportBlock{
+		{
+			ResourceType: "pingone_authorize_policy_management_policy",
+			ResourceName: "Test Authorize Policy Management Policy",
+			ResourceID:   fmt.Sprintf("%s/5ae2227f-cb5b-47c3-bb40-440db09a98e6", testutils.GetEnvironmentID()),
+		},
+	}
+
+	testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks)
+}
@@ -0,0 +1,85 @@
+package resources
+
+import (
+	"fmt"
+
+	"github.com/patrickcping/pingone-go-sdk-v2/authorize"
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/common"
+	"github.com/pingidentity/pingcli/internal/connector/pingone"
+	"github.com/pingidentity/pingcli/internal/logger"
+)
+
+// Verify that the resource satisfies the exportable resource interface
+var (
+	_ connector.ExportableResource = &PingoneAuthorizePolicyManagementRuleResource{}
+)
+
+type PingoneAuthorizePolicyManagementRuleResource struct {
+	clientInfo *connector.PingOneClientInfo
+}
+
+// Utility method for creating a PingoneAuthorizePolicyManagementRuleResource
+func AuthorizePolicyManagementRule(clientInfo *connector.PingOneClientInfo) *PingoneAuthorizePolicyManagementRuleResource {
+	return &PingoneAuthorizePolicyManagementRuleResource{
+		clientInfo: clientInfo,
+	}
+}
+
+func (r *PingoneAuthorizePolicyManagementRuleResource) ExportAll() (*[]connector.ImportBlock, error) {
+	l := logger.Get()
+	l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType())
+
+	importBlocks := []connector.ImportBlock{}
+
+	editorRuleData, err := r.getEditorRuleData()
+	if err != nil {
+		return nil, err
+	}
+
+	for editorRuleId, editorRuleName := range editorRuleData {
+		commentData := map[string]string{
+			"Export Environment ID": r.clientInfo.ExportEnvironmentID,
+			"Editor Rule ID":        editorRuleId,
+			"Editor Rule Name":      editorRuleName,
+			"Resource Type":         r.ResourceType(),
+		}
+
+		importBlock := connector.ImportBlock{
+			ResourceType:       r.ResourceType(),
+			ResourceName:       editorRuleName,
+			ResourceID:         fmt.Sprintf("%s/%s", r.clientInfo.ExportEnvironmentID, editorRuleId),
+			CommentInformation: common.GenerateCommentInformation(commentData),
+		}
+
+		importBlocks = append(importBlocks, importBlock)
+	}
+
+	return &importBlocks, nil
+}
+
+func (r *PingoneAuthorizePolicyManagementRuleResource) getEditorRuleData() (map[string]string, error) {
+	editorRuleData := make(map[string]string)
+
+	iter := r.clientInfo.ApiClient.AuthorizeAPIClient.AuthorizeEditorRulesApi.ListRules(r.clientInfo.Context, r.clientInfo.ExportEnvironmentID).Execute()
+	editorRules, err := pingone.GetAuthorizeAPIObjectsFromIterator[authorize.AuthorizeEditorDataRulesReferenceableRuleDTO](iter, "ListRules", "GetAuthorizationRules", r.ResourceType())
+	if err != nil {
+		return nil, err
+	}
+
+	for _, editorRule := range editorRules {
+
+		editorRuleId, editorRuleIdOk := editorRule.GetIdOk()
+		editorRuleName, editorRuleNameOk := editorRule.GetNameOk()
+
+		if editorRuleIdOk && editorRuleNameOk {
+			editorRuleData[*editorRuleId] = *editorRuleName
+		}
+	}
+
+	return editorRuleData, nil
+}
+
+func (r *PingoneAuthorizePolicyManagementRuleResource) ResourceType() string {
+	return "pingone_authorize_policy_management_rule"
+}
@@ -0,0 +1,27 @@
+package resources_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/pingone/authorize/resources"
+	"github.com/pingidentity/pingcli/internal/testing/testutils"
+)
+
+func TestAuthorizePolicyManagementRuleExport(t *testing.T) {
+	// Get initialized apiClient and resource
+	PingOneClientInfo := testutils.GetPingOneClientInfo(t)
+	resource := resources.AuthorizePolicyManagementRule(PingOneClientInfo)
+
+	// Defined the expected ImportBlocks for the resource
+	expectedImportBlocks := []connector.ImportBlock{
+		{
+			ResourceType: "pingone_authorize_policy_management_rule",
+			ResourceName: "Test Authorize Policy Management Rule",
+			ResourceID:   fmt.Sprintf("%s/5ae2227f-cb5b-47c3-bb40-440db09a98e6", testutils.GetEnvironmentID()),
+		},
+	}
+
+	testutils.ValidateImportBlocks(t, resource, &expectedImportBlocks)
+}