-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdata_source_zia_admin_roles.go
135 lines (127 loc) · 3.95 KB
/
data_source_zia_admin_roles.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
package zia
import (
"fmt"
"log"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/zscaler/zscaler-sdk-go/v2/zia/services/adminuserrolemgmt/roles"
)
func dataSourceAdminRoles() *schema.Resource {
return &schema.Resource{
Read: dataSourceAdminRolesRead,
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeInt,
Computed: true,
Description: "Admin role Id.",
},
"name": {
Type: schema.TypeString,
Optional: true,
Description: "Name of the admin role.",
},
"rank": {
Type: schema.TypeInt,
Computed: true,
Description: "Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.",
},
"policy_access": {
Type: schema.TypeString,
Computed: true,
Description: "Policy access permission.",
},
"dashboard_access": {
Type: schema.TypeString,
Computed: true,
Description: "Dashboard access permission.",
},
"report_access": {
Type: schema.TypeString,
Computed: true,
Description: "Report access permission.",
},
"analysis_access": {
Type: schema.TypeString,
Computed: true,
Description: "Insights logs access permission.",
},
"username_access": {
Type: schema.TypeString,
Computed: true,
Description: "Username access permission. When set to NONE, the username will be obfuscated.",
},
"admin_acct_access": {
Type: schema.TypeString,
Computed: true,
Description: "Admin and role management access permission.",
},
"is_auditor": {
Type: schema.TypeBool,
Computed: true,
Description: "Indicates whether this is an auditor role.",
},
"permissions": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Description: "List of functional areas to which this role has access. This attribute is subject to change.",
},
"is_non_editable": {
Type: schema.TypeBool,
Computed: true,
Description: "Indicates whether or not this admin user is editable/deletable.",
},
"logs_limit": {
Type: schema.TypeString,
Computed: true,
Description: "Log range limit.",
},
"role_type": {
Type: schema.TypeString,
Computed: true,
Description: "The admin role type. ()This attribute is subject to change.)",
},
},
}
}
func dataSourceAdminRolesRead(d *schema.ResourceData, m interface{}) error {
zClient := m.(*Client)
var resp *roles.AdminRoles
id, ok := getIntFromResourceData(d, "id")
if ok {
log.Printf("[INFO] Getting data for admin role id: %d\n", id)
res, err := zClient.roles.Get(id)
if err != nil {
return err
}
resp = res
}
name, _ := d.Get("name").(string)
if resp == nil && name != "" {
log.Printf("[INFO] Getting data for admin role name: %s\n", name)
res, err := zClient.roles.GetByName(name)
if err != nil {
return err
}
resp = res
}
if resp != nil {
d.SetId(fmt.Sprintf("%d", resp.ID))
_ = d.Set("rank", resp.Rank)
_ = d.Set("name", resp.Name)
_ = d.Set("policy_access", resp.PolicyAccess)
_ = d.Set("dashboard_access", resp.DashboardAccess)
_ = d.Set("report_access", resp.ReportAccess)
_ = d.Set("is_auditor", resp.IsAuditor)
_ = d.Set("analysis_access", resp.AnalysisAccess)
_ = d.Set("username_access", resp.UsernameAccess)
_ = d.Set("admin_acct_access", resp.AdminAcctAccess)
_ = d.Set("is_auditor", resp.IsAuditor)
_ = d.Set("permissions", resp.Permissions)
_ = d.Set("is_non_editable", resp.IsNonEditable)
_ = d.Set("logs_limit", resp.LogsLimit)
_ = d.Set("role_type", resp.RoleType)
} else {
return fmt.Errorf("couldn't find any admin role name '%s' or id '%d'", name, id)
}
return nil
}