Merge pull request #325 from ns1-terraform/PENG-4485/remove_ddi_related_code

remove ddi related code and bump go sdk version

Author: hmodi-ns1

examples/user_team_api_key.tf

@@ -89,10 +89,10 @@ resource "ns1_user" "example_whitelist_user" {
 ## API keys
 resource "ns1_apikey" "example" {
   name      = "Example API Key from Terraform"
-  dhcp_manage_dhcp                 = true
-  dhcp_view_dhcp                   = true
-  ipam_manage_ipam                 = true
-  ipam_view_ipam                   = true
+  monitoring_manage_lists         = true
+  monitoring_manage_jobs          = true
+  monitoring_view_jobs            = true
+  security_manage_global_2fa      = true
 }
 
 
@@ -122,10 +122,10 @@ resource "ns1_apikey" "example" {
 #account_view_invoices - (Optional) Whether the user can view invoices.
 #account_manage_ip_whitelist - (Optional) Whether the user can manage ip whitelist.
 #monitoring_manage_lists - (Optional) Whether the user can modify notification lists.
-#monitoring_manage_jobs - (Optional) Whether the user can modify monitoring jobs.
+#monitoring_manage_jobs - (Optional) Whether the user can create, update, and delete monitoring jobs.
+#monitoring_create_jobs - (Optional) Whether the user can create monitoring jobs when manage_jobs is not set to true.
+#monitoring_update_jobs - (Optional) Whether the user can update monitoring jobs when manage_jobs is not set to true.
+#monitoring_delete_jobs - (Optional) Whether the user can delete monitoring jobs when manage_jobs is not set to true.
 #monitoring_view_jobs - (Optional) Whether the user can view monitoring jobs.
 #security_manage_global_2fa - (Optional) Whether the user can manage global two factor authentication.
 #security_manage_active_directory - (Optional) Whether the user can manage global active directory. Only relevant for the DDI product.
-#dhcp_manage_dhcp - (Optional) Whether the user can manage DHCP. Only relevant for the DDI product.
-#dhcp_view_dhcp - (Optional) Whether the user can view DHCP. Only relevant for the DDI product.
-#ipam_manage_ipam - (Optional) Whether the user can manage IPAM. Only relevant for the DDI product.

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/hashicorp/go-retryablehttp v0.7.7
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1
 	github.com/stretchr/testify v1.8.1
-	gopkg.in/ns1/ns1-go.v2 v2.11.0
+	gopkg.in/ns1/ns1-go.v2 v2.12.0
 )
 
 require (

go.sum

@@ -251,8 +251,8 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/ns1/ns1-go.v2 v2.11.0 h1:T+rMHhQsQ58bSgGZwX8INxU0sjDO7cWieX9xPr/UEY4=
-gopkg.in/ns1/ns1-go.v2 v2.11.0/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc=
+gopkg.in/ns1/ns1-go.v2 v2.12.0 h1:cqdqQoTx17JmTusfxh5m3e2b36jfUzFAZedv89pFX18=
+gopkg.in/ns1/ns1-go.v2 v2.12.0/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc=
 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
 gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

ns1/config.go

@@ -29,7 +29,6 @@ type Config struct {
 	Key                  string
 	Endpoint             string
 	IgnoreSSL            bool
-	EnableDDI            bool
 	RateLimitParallelism int
 	RetryMax             int
 	UserAgent            string
@@ -69,10 +68,6 @@ func (c *Config) Client() (*ns1.Client, error) {
 		httpClient.Transport = tr
 	}
 
-	if c.EnableDDI {
-		decos = append(decos, ns1.SetDDIAPI())
-	}
-
 	// If NS1_DEBUG is set, define custom Doer to log HTTP requests made by SDK
 	if os.Getenv("NS1_DEBUG") != "" {
 		doer := ns1.Decorate(httpClient, Logging())

ns1/permissions.go

@@ -149,43 +149,37 @@ func addPermsSchema(s map[string]*schema.Schema) map[string]*schema.Schema {
 		Default:          false,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["monitoring_view_jobs"] = &schema.Schema{
+	s["monitoring_create_jobs"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
 		Default:          false,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["security_manage_global_2fa"] = &schema.Schema{
-		Type:             schema.TypeBool,
-		Optional:         true,
-		Default:          true,
-		DiffSuppressFunc: suppressPermissionDiff,
-	}
-	s["security_manage_active_directory"] = &schema.Schema{
+	s["monitoring_update_jobs"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
-		Default:          true,
+		Default:          false,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["dhcp_manage_dhcp"] = &schema.Schema{
+	s["monitoring_delete_jobs"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
-		Default:          true,
+		Default:          false,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["dhcp_view_dhcp"] = &schema.Schema{
+	s["monitoring_view_jobs"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
-		Default:          true,
+		Default:          false,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["ipam_manage_ipam"] = &schema.Schema{
+	s["security_manage_global_2fa"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
 		Default:          true,
 		DiffSuppressFunc: suppressPermissionDiff,
 	}
-	s["ipam_view_ipam"] = &schema.Schema{
+	s["security_manage_active_directory"] = &schema.Schema{
 		Type:             schema.TypeBool,
 		Optional:         true,
 		Default:          true,
@@ -248,19 +242,14 @@ func permissionsToResourceData(d *schema.ResourceData, permissions account.Permi
 	d.Set("account_manage_ip_whitelist", permissions.Account.ManageIPWhitelist)
 	d.Set("monitoring_manage_lists", permissions.Monitoring.ManageLists)
 	d.Set("monitoring_manage_jobs", permissions.Monitoring.ManageJobs)
+	d.Set("monitoring_create_jobs", permissions.Monitoring.CreateJobs)
+	d.Set("monitoring_update_jobs", permissions.Monitoring.UpdateJobs)
+	d.Set("monitoring_delete_jobs", permissions.Monitoring.DeleteJobs)
 	d.Set("monitoring_view_jobs", permissions.Monitoring.ViewJobs)
 	if permissions.Security != nil {
 		d.Set("security_manage_global_2fa", permissions.Security.ManageGlobal2FA)
 		d.Set("security_manage_active_directory", permissions.Security.ManageActiveDirectory)
 	}
-	if permissions.DHCP != nil {
-		d.Set("dhcp_manage_dhcp", permissions.DHCP.ManageDHCP)
-		d.Set("dhcp_view_dhcp", permissions.DHCP.ViewDHCP)
-	}
-	if permissions.IPAM != nil {
-		d.Set("ipam_manage_ipam", permissions.IPAM.ManageIPAM)
-		d.Set("ipam_view_ipam", permissions.IPAM.ViewIPAM)
-	}
 	if permissions.DNS.RecordsAllow != nil {
 		d.Set("dns_records_allow", dnsRecordsACLtoSchema(permissions.DNS.RecordsAllow))
 	}
@@ -351,6 +340,15 @@ func resourceDataToPermissions(d *schema.ResourceData) account.PermissionsMap {
 	if v, ok := d.GetOk("monitoring_manage_jobs"); ok {
 		p.Monitoring.ManageJobs = v.(bool)
 	}
+	if v, ok := d.GetOk("monitoring_create_jobs"); ok {
+		p.Monitoring.CreateJobs = v.(bool)
+	}
+	if v, ok := d.GetOk("monitoring_update_jobs"); ok {
+		p.Monitoring.UpdateJobs = v.(bool)
+	}
+	if v, ok := d.GetOk("monitoring_delete_jobs"); ok {
+		p.Monitoring.DeleteJobs = v.(bool)
+	}
 	if v, ok := d.GetOk("monitoring_view_jobs"); ok {
 		p.Monitoring.ViewJobs = v.(bool)
 	}
@@ -363,30 +361,6 @@ func resourceDataToPermissions(d *schema.ResourceData) account.PermissionsMap {
 	if v, ok := d.GetOk("security_manage_active_directory"); ok {
 		p.Security.ManageActiveDirectory = v.(bool)
 	}
-	for _, thing := range []string{"dhcp_manage_dhcp", "dhcp_view_dhcp"} {
-		_, ok := d.GetOkExists(thing)
-		if d.HasChange(thing) || ok {
-			p.DHCP = &account.PermissionsDHCP{}
-		}
-	}
-	if v, ok := d.GetOk("dhcp_manage_dhcp"); ok {
-		p.DHCP.ManageDHCP = v.(bool)
-	}
-	if v, ok := d.GetOk("dhcp_view_dhcp"); ok {
-		p.DHCP.ViewDHCP = v.(bool)
-	}
-	for _, thing := range []string{"ipam_manage_ipam", "ipam_view_ipam"} {
-		_, ok := d.GetOkExists(thing)
-		if d.HasChange(thing) || ok {
-			p.IPAM = &account.PermissionsIPAM{}
-		}
-	}
-	if v, ok := d.GetOk("ipam_manage_ipam"); ok {
-		p.IPAM.ManageIPAM = v.(bool)
-	}
-	if v, ok := d.GetOk("ipam_view_ipam"); ok {
-		p.IPAM.ViewIPAM = v.(bool)
-	}
 	return p
 }
 

ns1/permissions_migrations.go

@@ -9,10 +9,6 @@ import (
 func permissionInstanceStateUpgradeV0(ctx context.Context, rawState map[string]interface{}, meta interface{}) (map[string]interface{}, error) {
 	rawState["security_manage_global_2fa"] = false
 	rawState["security_manage_active_directory"] = false
-	rawState["dhcp_manage_dhcp"] = false
-	rawState["dhcp_view_dhcp"] = false
-	rawState["ipam_manage_ipam"] = false
-	rawState["ipam_view_ipam"] = false
 
 	return rawState, nil
 }

ns1/provider.go

@@ -30,12 +30,6 @@ func Provider() *schema.Provider {
 				DefaultFunc: schema.EnvDefaultFunc("NS1_IGNORE_SSL", nil),
 				Description: descriptions["ignore_ssl"],
 			},
-			"enable_ddi": {
-				Type:        schema.TypeBool,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NS1_ENABLE_DDI", nil),
-				Description: descriptions["enable_ddi"],
-			},
 			"rate_limit_parallelism": {
 				Type:        schema.TypeInt,
 				Optional:    true,
@@ -108,9 +102,6 @@ func ns1Configure(d *schema.ResourceData) (interface{}, error) {
 	if v, ok := d.GetOk("ignore_ssl"); ok {
 		config.IgnoreSSL = v.(bool)
 	}
-	if v, ok := d.GetOk("enable_ddi"); ok {
-		config.EnableDDI = v.(bool)
-	}
 	if v, ok := d.GetOk("rate_limit_parallelism"); ok {
 		config.RateLimitParallelism = v.(int)
 	}
@@ -134,7 +125,6 @@ func init() {
 		"rate_limit_parallelism": "Tune response to rate limits, see docs",
 		"retry_max":              "Maximum retries for 50x errors (-1 to disable)",
 		"user_agent":             "User-Agent string to use in NS1 API requests",
-		"enable_ddi":             "Deprecated, no longer in use",
 	}
 
 	structs.DefaultTagName = "json"

ns1/resource_team_test.go

@@ -116,7 +116,7 @@ func TestAccTeam_ManualDelete(t *testing.T) {
 func TestAccTeam_import_test(t *testing.T) {
 	var team account.Team
 	n := fmt.Sprintf("terraform test team %s", acctest.RandStringFromCharSet(15, acctest.CharSetAlphaNum))
-	ignored_fields := []string{"dhcp_manage_dhcp", "dhcp_view_dhcp", "ipam_manage_ipam", "ipam_view_ipam", "dns_records"}
+	ignored_fields := []string{"dns_records"}
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },

ns1/resource_user_test.go

@@ -444,7 +444,7 @@ func TestAccUser_import_test(t *testing.T) {
 	rString := acctest.RandStringFromCharSet(15, acctest.CharSetAlphaNum)
 	name := fmt.Sprintf("terraform acc test user %s", rString)
 	username := fmt.Sprintf("tf_acc_test_user_%s", rString)
-	ignored_fields := []string{"dhcp_manage_dhcp", "dhcp_view_dhcp", "ipam_manage_ipam", "ipam_view_ipam"}
+	ignored_fields := []string{""}
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },

website/docs/r/apikey.html.markdown

@@ -70,19 +70,14 @@ The following arguments are supported:
 * `account_view_invoices` - (Optional) Whether the apikey can view invoices.
 * `account_manage_ip_whitelist` - (Optional) Whether the apikey can manage ip whitelist.
 * `monitoring_manage_lists` - (Optional) Whether the apikey can modify notification lists.
-* `monitoring_manage_jobs` - (Optional) Whether the apikey can modify monitoring jobs.
+* `monitoring_manage_jobs` - (Optional) Whether the user can create, update, and delete monitoring jobs.
+* `monitoring_create_jobs` - (Optional) Whether the user can create monitoring jobs when manage_jobs is not set to true.
+* `monitoring_update_jobs` - (Optional) Whether the user can update monitoring jobs when manage_jobs is not set to true.
+* `monitoring_delete_jobs` - (Optional) Whether the user can delete monitoring jobs when manage_jobs is not set to true.
 * `monitoring_view_jobs` - (Optional) Whether the apikey can view monitoring jobs.
 * `security_manage_global_2fa` - (Optional) Whether the apikey can manage global two factor authentication.
 * `security_manage_active_directory` - (Optional) Whether the apikey can manage global active directory.
 Only relevant for the DDI product.
-* `dhcp_manage_dhcp` - (Optional) Whether the apikey can manage DHCP.
-Only relevant for the DDI product.
-* `dhcp_view_dhcp` - (Optional) Whether the apikey can view DHCP.
-Only relevant for the DDI product.
-* `ipam_manage_ipam` - (Optional) Whether the apikey can manage IPAM.
-Only relevant for the DDI product.
-* `ipam_view_ipam` - (Optional) Whether the apikey can view IPAM.
-Only relevant for the DDI product.
 
 ## Attributes Reference
 

website/docs/r/team.html.markdown

@@ -80,19 +80,14 @@ The following arguments are supported:
 * `account_view_invoices` - (Optional) Whether the team can view invoices.
 * `account_manage_ip_whitelist` - (Optional) Whether the team can manage ip whitelist.
 * `monitoring_manage_lists` - (Optional) Whether the team can modify notification lists.
-* `monitoring_manage_jobs` - (Optional) Whether the team can modify monitoring jobs.
+* `monitoring_manage_jobs` - (Optional) Whether the user can create, update, and delete monitoring jobs.
+* `monitoring_create_jobs` - (Optional) Whether the user can create monitoring jobs when manage_jobs is not set to true.
+* `monitoring_update_jobs` - (Optional) Whether the user can update monitoring jobs when manage_jobs is not set to true.
+* `monitoring_delete_jobs` - (Optional) Whether the user can delete monitoring jobs when manage_jobs is not set to true.
 * `monitoring_view_jobs` - (Optional) Whether the team can view monitoring jobs.
 * `security_manage_global_2fa` - (Optional) Whether the team can manage global two factor authentication.
 * `security_manage_active_directory` - (Optional) Whether the team can manage global active directory.
 Only relevant for the DDI product.
-* `dhcp_manage_dhcp` - (Optional) Whether the team can manage DHCP.
-Only relevant for the DDI product.
-* `dhcp_view_dhcp` - (Optional) Whether the team can view DHCP.
-Only relevant for the DDI product.
-* `ipam_manage_ipam` - (Optional) Whether the team can manage IPAM.
-Only relevant for the DDI product.
-* `ipam_view_ipam` - (Optional) Whether the team can view IPAM.
-Only relevant for the DDI product.
 
 ## Import
 

website/docs/r/user.html.markdown

@@ -77,17 +77,14 @@ The following arguments are supported:
 * `account_view_invoices` - (Optional) Whether the user can view invoices.
 * `account_manage_ip_whitelist` - (Optional) Whether the user can manage ip whitelist.
 * `monitoring_manage_lists` - (Optional) Whether the user can modify notification lists.
-* `monitoring_manage_jobs` - (Optional) Whether the user can modify monitoring jobs.
+* `monitoring_manage_jobs` - (Optional) Whether the user can create, update, and delete monitoring jobs.
+* `monitoring_create_jobs` - (Optional) Whether the user can create monitoring jobs when manage_jobs is not set to true.
+* `monitoring_update_jobs` - (Optional) Whether the user can update monitoring jobs when manage_jobs is not set to true.
+* `monitoring_delete_jobs` - (Optional) Whether the user can delete monitoring jobs when manage_jobs is not set to true.
 * `monitoring_view_jobs` - (Optional) Whether the user can view monitoring jobs.
 * `security_manage_global_2fa` - (Optional) Whether the user can manage global two factor authentication.
 * `security_manage_active_directory` - (Optional) Whether the user can manage global active directory.
 Only relevant for the DDI product.
-* `dhcp_manage_dhcp` - (Optional) Whether the user can manage DHCP.
-Only relevant for the DDI product.
-* `dhcp_view_dhcp` - (Optional) Whether the user can view DHCP.
-Only relevant for the DDI product.
-* `ipam_manage_ipam` - (Optional) Whether the user can manage IPAM.
-Only relevant for the DDI product.
 
 ## Import