forked from databricks/terraform-provider-databricks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathresource_user_role.go
30 lines (27 loc) · 1.09 KB
/
resource_user_role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
package aws
import (
"context"
"fmt"
"github.com/databricks/databricks-sdk-go/apierr"
"github.com/databricks/terraform-provider-databricks/common"
"github.com/databricks/terraform-provider-databricks/scim"
)
func ResourceUserRole() common.Resource {
return common.NewPairID("user_id", "role").BindResource(common.BindResource{
CreateContext: func(ctx context.Context, userID, role string, c *common.DatabricksClient) error {
return scim.NewUsersAPI(ctx, c).Patch(userID, scim.PatchRequestWithValue("add", "roles", role))
},
ReadContext: func(ctx context.Context, userID, roleARN string, c *common.DatabricksClient) error {
user, err := scim.NewUsersAPI(ctx, c).Read(userID, "roles")
hasRole := scim.ComplexValues(user.Roles).HasValue(roleARN)
if err == nil && !hasRole {
return apierr.NotFound("User has no role")
}
return err
},
DeleteContext: func(ctx context.Context, userID, roleARN string, c *common.DatabricksClient) error {
return scim.NewUsersAPI(ctx, c).Patch(userID, scim.PatchRequest(
"remove", fmt.Sprintf(`roles[value eq "%s"]`, roleARN)))
},
})
}