Merge branch 'password-policy-fix' into 'master'

multiple password policy support

See merge request cidaas-management/terraform!115

.gitlab-ci.yml

@@ -7,6 +7,11 @@ stages:
   - test
   - release
 
+get_prereqiusites:
+  stage: prepare
+  only:
+    - never
+
 acceptance_test:
   image: golang:1.21.0
   stage: test

CHANGELOG.md

@@ -1,5 +1,10 @@
 ## Changelog
 
+### 3.1.2
+#### Enhancements
+
+- **Multiple Password Policy Support:** Password Policy resource changed to support multiple policies
+
 ### 3.1.1
 #### Enhancements
 

README.md

@@ -1340,24 +1340,22 @@ terraform import cidaas_hosted_page.resource_name hosted_page_id
 # cidaas_password_policy (Resource)
 
 The Password Policy resource in the provider allows you to manage the password policy within the Cidaas.
-Note that resource creation is not allowed, only updates are permitted after the resource has been imported.
 
  Ensure that the below scopes are assigned to the client with the specified `client_id`:
 - cidaas:password_policy_read
 - cidaas:password_policy_write
+- cidaas:password_policy_delete
 
 ## Example Usage
 
 ```terraform
 resource "cidaas_password_policy" "sample" {
-  minimum_length       = 8
-  lower_and_uppercase  = true
-  no_of_digits         = 1
-  expiration_in_days   = 30
-  no_of_special_chars  = 1
-  no_of_days_to_remind = 1
-  reuse_limit          = 1
-  maximum_length       = 20
+  policy_name         = "sample_terraform_policy"
+  minimum_length      = 8
+  maximum_length      = 20
+  lower_and_uppercase = true
+  no_of_digits        = 1
+  no_of_special_chars = 1
 }
 ```
 
@@ -1366,29 +1364,23 @@ resource "cidaas_password_policy" "sample" {
 
 ### Required
 
-- `expiration_in_days` (Number) The number of days after which the password expires.
 - `lower_and_uppercase` (Boolean) Specifies whether the password must contain both lowercase and uppercase letters.
-- `maximum_length` (Number) The maximum length allowed for the password. The `maximum_length` must be greater than `minimum_length`
-- `minimum_length` (Number) The minimum length required for the password. The `minimum_length` must be greater than or equal to the sum of `no_of_special_chars`, `no_of_digits`, and `lowercase/uppercase` characters.
-- `no_of_days_to_remind` (Number) The number of days before the password expiration to remind the user to change their password.
+- `maximum_length` (Number) The maximum length allowed for the password. The `maximum_length` must be at least sum of `minimum_length`, `no_of_special_chars`, `no_of_digits` and `lower_and_uppercase(1)`
+- `minimum_length` (Number) The minimum length required for the password. The `minimum_length` must be greater than or equal to 5.
 - `no_of_digits` (Number) The required number of digits in the password.
 - `no_of_special_chars` (Number) The required number of special characters in the password.
-- `reuse_limit` (Number) The number of previous passwords that cannot be reused. This number cannot exceed 5.
+- `policy_name` (String) The name of the password policy.
 
 ### Read-Only
 
-- `id` (String) Unique identifier of the password policy. This will be set to the same value as the import identifier.
-While the cidaas API does not require an identifier to import password policy, Terraform's import command does. Therefore, you can provide any arbitrary string as the identifier.
+- `id` (String) Unique identifier of the password policy.
 
 ## Import
 
 Import is supported using the following syntax:
 
 ```shell
-# The cidaas API does not require an identifier to import password policy but Terraform's import command does.
-# Therefore, you can provide any arbitrary string as the identifier. It will be set to the `id` attribute in the schema.
-
-terraform import cidaas_password_policy.resource_name cidaas
+terraform import cidaas_password_policy.resource_name id
 ```
 
 # cidaas_registration_field (Resource)

docs/resources/password_policy.md

@@ -4,32 +4,29 @@ page_title: "cidaas_password_policy Resource - cidaas"
 subcategory: ""
 description: |-
   The Password Policy resource in the provider allows you to manage the password policy within the Cidaas.
-  Note that resource creation is not allowed, only updates are permitted after the resource has been imported.
   Ensure that the below scopes are assigned to the client with the specified client_id:
-  cidaas:password_policy_readcidaas:password_policy_write
+  cidaas:password_policy_readcidaas:password_policy_writecidaas:password_policy_delete
 ---
 
 # cidaas_password_policy (Resource)
 
 The Password Policy resource in the provider allows you to manage the password policy within the Cidaas.
-Note that resource creation is not allowed, only updates are permitted after the resource has been imported.
 
  Ensure that the below scopes are assigned to the client with the specified `client_id`:
 - cidaas:password_policy_read
 - cidaas:password_policy_write
+- cidaas:password_policy_delete
 
 ## Example Usage
 
 ```terraform
 resource "cidaas_password_policy" "sample" {
-  minimum_length       = 8
-  lower_and_uppercase  = true
-  no_of_digits         = 1
-  expiration_in_days   = 30
-  no_of_special_chars  = 1
-  no_of_days_to_remind = 1
-  reuse_limit          = 1
-  maximum_length       = 20
+  policy_name         = "sample_terraform_policy"
+  minimum_length      = 8
+  maximum_length      = 20
+  lower_and_uppercase = true
+  no_of_digits        = 1
+  no_of_special_chars = 1
 }
 ```
 
@@ -38,27 +35,21 @@ resource "cidaas_password_policy" "sample" {
 
 ### Required
 
-- `expiration_in_days` (Number) The number of days after which the password expires.
 - `lower_and_uppercase` (Boolean) Specifies whether the password must contain both lowercase and uppercase letters.
-- `maximum_length` (Number) The maximum length allowed for the password. The `maximum_length` must be greater than `minimum_length`
-- `minimum_length` (Number) The minimum length required for the password. The `minimum_length` must be greater than or equal to the sum of `no_of_special_chars`, `no_of_digits`, and `lowercase/uppercase` characters.
-- `no_of_days_to_remind` (Number) The number of days before the password expiration to remind the user to change their password.
+- `maximum_length` (Number) The maximum length allowed for the password. The `maximum_length` must be at least sum of `minimum_length`, `no_of_special_chars`, `no_of_digits` and `lower_and_uppercase(1)`
+- `minimum_length` (Number) The minimum length required for the password. The `minimum_length` must be greater than or equal to 5.
 - `no_of_digits` (Number) The required number of digits in the password.
 - `no_of_special_chars` (Number) The required number of special characters in the password.
-- `reuse_limit` (Number) The number of previous passwords that cannot be reused. This number cannot exceed 5.
+- `policy_name` (String) The name of the password policy.
 
 ### Read-Only
 
-- `id` (String) Unique identifier of the password policy. This will be set to the same value as the import identifier.
-While the cidaas API does not require an identifier to import password policy, Terraform's import command does. Therefore, you can provide any arbitrary string as the identifier.
+- `id` (String) Unique identifier of the password policy.
 
 ## Import
 
 Import is supported using the following syntax:
 
 ```shell
-# The cidaas API does not require an identifier to import password policy but Terraform's import command does.
-# Therefore, you can provide any arbitrary string as the identifier. It will be set to the `id` attribute in the schema.
-
-terraform import cidaas_password_policy.resource_name cidaas
+terraform import cidaas_password_policy.resource_name id
 ```

examples/resources/cidaas_password_policy/import.sh

@@ -1,4 +1 @@
-# The cidaas API does not require an identifier to import password policy but Terraform's import command does.
-# Therefore, you can provide any arbitrary string as the identifier. It will be set to the `id` attribute in the schema.
-
-terraform import cidaas_password_policy.resource_name cidaas
+terraform import cidaas_password_policy.resource_name id

examples/resources/cidaas_password_policy/resource.tf

@@ -1,10 +1,8 @@
 resource "cidaas_password_policy" "sample" {
-  minimum_length       = 8
-  lower_and_uppercase  = true
-  no_of_digits         = 1
-  expiration_in_days   = 30
-  no_of_special_chars  = 1
-  no_of_days_to_remind = 1
-  reuse_limit          = 1
-  maximum_length       = 20
+  policy_name         = "sample_terraform_policy"
+  minimum_length      = 8
+  maximum_length      = 20
+  lower_and_uppercase = true
+  no_of_digits        = 1
+  no_of_special_chars = 1
 }

helpers/cidaas/password_policy.go

@@ -8,14 +8,13 @@ import (
 )
 
 type PasswordPolicyModel struct {
-	MaximumLength     int64 `json:"maximumLength"`
-	MinimumLength     int64 `json:"minimumLength"`
-	NoOfSpecialChars  int64 `json:"noOfSpecialChars"`
-	NoOfDigits        int64 `json:"noOfDigits"`
-	LowerAndUppercase bool  `json:"lowerAndUpperCase"`
-	ReuseLimit        int64 `json:"reuseLimit"`
-	ExpirationInDays  int64 `json:"expirationInDays"`
-	NoOfDaysToRemind  int64 `json:"noOfDaysToRemind"`
+	ID                string `json:"id"`
+	PolicyName        string `json:"policy_name"`
+	MaximumLength     int64  `json:"maximumLength"`
+	MinimumLength     int64  `json:"minimumLength"`
+	NoOfSpecialChars  int64  `json:"noOfSpecialChars"`
+	NoOfDigits        int64  `json:"noOfDigits"`
+	LowerAndUppercase bool   `json:"lowerAndUpperCase"`
 }
 
 type PasswordPolicyResponse struct {
@@ -28,17 +27,18 @@ type PasswordPolicy struct {
 	ClientConfig
 }
 type PasswordPolicyService interface {
-	Get() (*PasswordPolicyResponse, error)
-	Update(cp PasswordPolicyModel) error
+	Get(id string) (*PasswordPolicyResponse, error)
+	Upsert(cp PasswordPolicyModel) (*PasswordPolicyResponse, error)
+	Delete(id string) error
 }
 
 func NewPasswordPolicy(clientConfig ClientConfig) PasswordPolicyService {
 	return &PasswordPolicy{clientConfig}
 }
 
-func (p *PasswordPolicy) Get() (*PasswordPolicyResponse, error) {
+func (p *PasswordPolicy) Get(id string) (*PasswordPolicyResponse, error) {
 	var response PasswordPolicyResponse
-	url := fmt.Sprintf("%s/%s", p.BaseURL, "password-policy-srv/policy")
+	url := fmt.Sprintf("%s/%s?id=%s", p.BaseURL, "password-policy-srv/policy", id)
 	httpClient := util.NewHTTPClient(url, http.MethodGet, p.AccessToken)
 
 	res, err := httpClient.MakeRequest(nil)
@@ -53,11 +53,27 @@ func (p *PasswordPolicy) Get() (*PasswordPolicyResponse, error) {
 	return &response, nil
 }
 
-func (p *PasswordPolicy) Update(payload PasswordPolicyModel) error {
+func (p *PasswordPolicy) Upsert(payload PasswordPolicyModel) (*PasswordPolicyResponse, error) {
+	var response PasswordPolicyResponse
 	url := fmt.Sprintf("%s/%s", p.BaseURL, "password-policy-srv/policy")
-	httpClient := util.NewHTTPClient(url, http.MethodPut, p.AccessToken)
+	httpClient := util.NewHTTPClient(url, http.MethodPost, p.AccessToken)
 
 	res, err := httpClient.MakeRequest(payload)
+	if err = util.HandleResponseError(res, err); err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	if err = util.ProcessResponse(res, &response); err != nil {
+		return nil, err
+	}
+	return &response, nil
+}
+
+func (p *PasswordPolicy) Delete(id string) error {
+	url := fmt.Sprintf("%s/%s/%s", p.BaseURL, "password-policy-srv/policy", id)
+	httpClient := util.NewHTTPClient(url, http.MethodDelete, p.AccessToken)
+
+	res, err := httpClient.MakeRequest(nil)
 	if err = util.HandleResponseError(res, err); err != nil {
 		return err
 	}