Merge pull request #4 from anna-money/1.0.4

1.0.4

.github/CODEOWNERS

@@ -1 +1 @@
-* @arslanbekov
+* @arslanbekov @vladimir-kozyrev

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/hashicorp/terraform-plugin-log v0.7.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.21.0
 	github.com/sendgrid/rest v2.6.9+incompatible
-	github.com/sendgrid/sendgrid-go v3.11.1+incompatible
+	github.com/sendgrid/sendgrid-go v3.12.0+incompatible
 )
 
 require (

go.sum

@@ -221,6 +221,8 @@ github.com/sendgrid/rest v2.6.9+incompatible h1:1EyIcsNdn9KIisLW50MKwmSRSK+ekuei
 github.com/sendgrid/rest v2.6.9+incompatible/go.mod h1:kXX7q3jZtJXK5c5qK83bSGMdV6tsOE70KbHoqJls4lE=
 github.com/sendgrid/sendgrid-go v3.11.1+incompatible h1:ai0+woZ3r/+tKLQExznak5XerOFoD6S7ePO0lMV8WXo=
 github.com/sendgrid/sendgrid-go v3.11.1+incompatible/go.mod h1:QRQt+LX/NmgVEvmdRw0VT/QgUn499+iza2FnDca9fg8=
+github.com/sendgrid/sendgrid-go v3.12.0+incompatible h1:/N2vx18Fg1KmQOh6zESc5FJB8pYwt5QFBDflYPh1KVg=
+github.com/sendgrid/sendgrid-go v3.12.0+incompatible/go.mod h1:QRQt+LX/NmgVEvmdRw0VT/QgUn499+iza2FnDca9fg8=
 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=

main.go

@@ -1,9 +1,7 @@
 package main
 
 import (
-	"context"
 	"flag"
-	"log"
 
 	"github.com/anna-money/terraform-provider-sendgrid/sendgrid"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/plugin"
@@ -18,16 +16,7 @@ func main() {
 	flag.BoolVar(&debugMode, "debug", false, "set to true to run the provider with support for debuggers like delve")
 	flag.Parse()
 
-	opts := &plugin.ServeOpts{ProviderFunc: sendgrid.Provider}
-
-	if debugMode {
-		err := plugin.Debug(context.Background(), "registry.terraform.io/anna-money/sendgrid", opts)
-		if err != nil {
-			log.Fatal(err.Error())
-		}
-
-		return
-	}
+	opts := &plugin.ServeOpts{ProviderFunc: sendgrid.Provider, Debug: debugMode}
 
 	plugin.Serve(opts)
 }

scripts/main.go

@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"go/parser"
 	"go/token"
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
@@ -162,7 +161,7 @@ func genIdx(fpath string) { //nolint:cyclop,funlen
 		}
 	}()
 
-	idxTPL, err := ioutil.ReadFile(indexFile)
+	idxTPL, err := os.ReadFile(indexFile)
 	if err != nil {
 		log.Printf("[FAIL!]open file %s failed: %s", indexFile, err)
 
@@ -313,7 +312,7 @@ func genDoc(dtype, dtypeFolder, fpath, name string, resource *schema.Resource) {
 		}
 	}()
 
-	docTPL, err := ioutil.ReadFile(docFile)
+	docTPL, err := os.ReadFile(docFile)
 	if err != nil {
 		log.Printf("[FAIL!]open file %s failed: %s", docFile, err)
 

sdk/client.go

@@ -18,7 +18,6 @@ const (
 
 // Client is a Sendgrid client.
 type Client struct {
-	client    *http.Client
 	BaseURL   *url.URL
 	UserAgent string
 
@@ -27,17 +26,6 @@ type Client struct {
 	OnBehalfOf string
 }
 
-// matchHTTPResponse compares two http.Response objects. Currently, only StatusCode is checked.
-func matchHTTPResponse(r1, r2 *http.Response) bool {
-	if r1 == nil && r2 == nil {
-		return true
-	}
-	if r1 != nil && r2 != nil {
-		return r1.StatusCode == r2.StatusCode
-	}
-	return false
-}
-
 type Response struct {
 	*http.Response
 

sdk/teammate.go

@@ -81,7 +81,21 @@ func (c *Client) CreateUser(ctx context.Context, email string, scopes []string,
 		IsAdmin: isAdmin,
 		Scopes:  scopes,
 	})
+	if err != nil {
+		return nil, err
+	}
+
+	return parseUser(respBody)
+}
 
+func (c *Client) CreateSSOUser(ctx context.Context, firstName, lastName, email string, scopes []string, isAdmin bool) (*User, error) {
+	respBody, _, err := c.Post(ctx, "POST", "/sso/teammates", User{
+		FirstName: firstName,
+		LastName:  lastName,
+		Email:     email,
+		IsAdmin:   isAdmin,
+		Scopes:    scopes,
+	})
 	if err != nil {
 		return nil, err
 	}
@@ -115,11 +129,28 @@ func (c *Client) UpdateUser(ctx context.Context, email string, scopes []string,
 	}
 
 	respBody, _, err := c.Post(ctx, "PATCH", "/teammates/"+username, User{
-		Email:   email,
 		IsAdmin: isAdmin,
 		Scopes:  scopes,
 	})
+	if err != nil {
+		return nil, err
+	}
+
+	return parseUser(respBody)
+}
+
+func (c *Client) UpdateSSOUser(ctx context.Context, firstName, lastName, email string, scopes []string, isAdmin bool) (*User, error) {
+	username, err := c.GetUsernameByEmail(ctx, email)
+	if err != nil {
+		return nil, err
+	}
 
+	respBody, _, err := c.Post(ctx, "PATCH", "/sso/teammates/"+username, User{
+		FirstName: firstName,
+		LastName:  lastName,
+		IsAdmin:   isAdmin,
+		Scopes:    scopes,
+	})
 	if err != nil {
 		return nil, err
 	}
@@ -131,8 +162,6 @@ func (c *Client) DeleteUser(ctx context.Context, email string) (bool, error) {
 	username, err := c.GetUsernameByEmail(ctx, email)
 	if err != nil {
 		tokenInvite, err := c.GetPendingUserToken(ctx, email)
-		fmt.Println(tokenInvite)
-		fmt.Println("tokenInvite111123123123")
 		if _, statusCode, err := c.Get(ctx, "DELETE", "/teammates/pending/"+tokenInvite); statusCode > 299 || err != nil {
 			return false, fmt.Errorf("failed deleting user: %w", err)
 		}

sendgrid/resource_sendgrid_teammate.go

@@ -51,21 +51,24 @@ func resourceSendgridTeammate() *schema.Resource {
 				Description: "The last name of the user.",
 				Optional:    true,
 			},
-			"user_type": {
-				Type:        schema.TypeString,
-				Description: "Type of the user.",
-				Optional:    true,
-			},
 			"is_admin": {
 				Type:        schema.TypeBool,
-				Description: "Invited user should be admin?.",
+				Description: "Invited user should be admin?",
+				Required:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeBool,
+				},
+			},
+			"is_sso": {
+				Type:        schema.TypeBool,
+				Description: "Single Sign-On user?",
 				Required:    true,
 				Elem: &schema.Schema{
 					Type: schema.TypeBool,
 				},
 			},
 			"scopes": {
-				Type:        schema.TypeList,
+				Type:        schema.TypeSet,
 				Description: "Permission scopes, will ignored if parameter is_admin = true.",
 				Optional:    true,
 				Elem: &schema.Schema{
@@ -86,26 +89,39 @@ func resourceSendgridTeammate() *schema.Resource {
 
 func resourceSendgridTeammateCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*sendgrid.Client)
-
 	email := d.Get("email").(string)
 	isAdmin := d.Get("is_admin").(bool)
-	scopes := make([]string, 0)
-	if isAdmin != true {
-		scopes_set := d.Get("scopes").(*schema.Set).List()
-		scopes := make([]string, 0)
+	isSSO := d.Get("is_sso").(bool)
+	firstName := d.Get("first_name").(string)
+	lastName := d.Get("last_name").(string)
 
-		for _, scope := range scopes_set {
+	scopesSet := d.Get("scopes").(*schema.Set).List()
+	var scopes []string
+	if !isAdmin {
+		for _, scope := range scopesSet {
 			scopes = append(scopes, scope.(string))
 		}
 	}
-	tflog.Debug(ctx, "Creating teammate", map[string]interface{}{"email": email, "is_admin": isAdmin, "scopes": scopes})
-
-	user, err := client.CreateUser(ctx, email, scopes, isAdmin)
+	tflog.Debug(ctx, "Creating teammate", map[string]interface{}{
+		"first_name": firstName, "last_name": lastName,
+		"email": email, "is_admin": isAdmin, "scopes": scopes,
+	})
+
+	var user *sendgrid.User
+	var err error
+	if isSSO {
+		user, err = client.CreateSSOUser(ctx, firstName, lastName, email, scopes, isAdmin)
+	} else {
+		user, err = client.CreateUser(ctx, email, scopes, isAdmin)
+	}
 	if err != nil {
 		return diag.FromErr(err)
 	}
+
 	d.SetId(user.Email)
-	d.Set("email", user.Email)
+	if err := d.Set("email", user.Email); err != nil {
+		return diag.FromErr(err)
+	}
 
 	return nil
 }
@@ -121,30 +137,54 @@ func resourceSendgridTeammateRead(ctx context.Context, d *schema.ResourceData, m
 		return append(diags, diag.FromErr(err)...)
 	}
 
+	// There is no need to track admin scopes since they have full access.
+	if teammate.IsAdmin {
+		teammate.Scopes = nil
+	}
+
+	var filteredScopes []string
+	for _, s := range teammate.Scopes {
+		// Sendgrid sets these scopes automatically. If you try to set them, you will get a 400 error.
+		if s != "2fa_exempt" && s != "2fa_required" {
+			filteredScopes = append(filteredScopes, s)
+		}
+	}
+
 	d.SetId(teammate.Email)
 	retErr := multierror.Append(
 		d.Set("email", teammate.Email),
 		d.Set("username", teammate.Username),
-		d.Set("user_type", teammate.UserType),
 		d.Set("first_name", teammate.FirstName),
 		d.Set("last_name", teammate.LastName),
-		d.Set("scopes", teammate.Scopes),
+		d.Set("scopes", filteredScopes),
 		d.Set("is_admin", teammate.IsAdmin),
 	)
 	return diag.FromErr(retErr.ErrorOrNil())
 }
 
 func resourceSendgridTeammateUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*sendgrid.Client)
+	email := d.Get("email").(string)
+	isAdmin := d.Get("is_admin").(bool)
+	isSSO := d.Get("is_sso").(bool)
+	firstName := d.Get("first_name").(string)
+	lastName := d.Get("last_name").(string)
 
 	scopesSet := d.Get("scopes").(*schema.Set).List()
-	scopes := make([]string, 0)
+	var scopes []string
+	if !isAdmin {
+		for _, scope := range scopesSet {
+			scopes = append(scopes, scope.(string))
+		}
+	}
 
-	for _, scope := range scopesSet {
-		scopes = append(scopes, scope.(string))
+	var err error
+	if isSSO {
+		_, err = client.UpdateSSOUser(ctx, firstName, lastName, email, scopes, isAdmin)
+	} else {
+		_, err = client.UpdateUser(ctx, email, scopes, isAdmin)
 	}
 
-	_, err := client.UpdateUser(ctx, d.Get("email").(string), scopes, d.Get("is_admin").(bool))
 	if err != nil {
 		return diag.FromErr(err)
 	}
@@ -158,7 +198,6 @@ func resourceSendgridTeammateDelete(ctx context.Context, d *schema.ResourceData,
 	var diags diag.Diagnostics
 	userEmail := d.Id()
 	_, err := client.DeleteUser(ctx, userEmail)
-
 	if err != nil {
 		return append(diags, diag.FromErr(err)...)
 	}