Added bitbucketserver_user resource; updated tests to create users on the fly

2026-03-14 06:15:27 +01:00 · 2019-10-10 09:36:56 -07:00
parent d63df2e655
commit f748cb05c7
10 changed files with 313 additions and 10 deletions
--- a/README.md
+++ b/README.md
@@ -143,6 +143,34 @@ $ terraform import bitbucketserver_repository.test TEST/test-01
 ```


+### Create a Bitbucket User
+
+```hcl
+resource "bitbucketserver_user" "admin" {
+  name          = "mreynolds"
+  display_name  = "Malcolm Reynolds"
+  email_address = "browncoat@example.com"
+}
+```
+
+* `name` - Required. Username of the user.
+* `display_name` - Required. User's name to display.
+* `email_address` - Required. Email address of user.
+* `password_length` - Optional. The length of the generated password on resource creation. Only applies on resource creation. Default `20`.
+
+#### Attributes
+
+Additional to the above, the following attributes are emitted:
+
+* `initial_password` - The generated user password. Only available if password was handled on Terraform resource creation, not import.
+
+#### Import User
+
+```bash
+$ terraform import bitbucketserver_user.test mreynolds
+```
+
+
 ### Set Server License

 ```hcl
--- a/bitbucket/client.go
+++ b/bitbucket/client.go
@@ -58,6 +58,7 @@ func (c *BitbucketClient) Do(method, endpoint string, payload *bytes.Buffer) (*h
 	}

 	req.SetBasicAuth(c.Username, c.Password)
+	req.Header.Add("X-Atlassian-Token", "no-check")

 	if payload != nil {
 		// Can cause bad request when putting default reviews if set.
--- a/bitbucket/data_project_permissions_users.go
+++ b/bitbucket/data_project_permissions_users.go
@@ -18,9 +18,9 @@ type PaginatedProjectPermissionsUsersValue struct {

 type ProjectPermissionsUser struct {
 	Name         string
-	EmailAddress string `json:"emailAddress,omitempty"`
-	DisplayName  string `json:"displayName,omitempty"`
-	Active       bool   `json:"active,omitempty"`
+	EmailAddress string
+	DisplayName  string
+	Active       bool
 	Permission   string
 }

--- a/bitbucket/data_project_permissions_users_test.go
+++ b/bitbucket/data_project_permissions_users_test.go
@@ -47,9 +47,15 @@ func TestAccBitbucketDataProjectPermissionsUsers_additional(t *testing.T) {
 			name = "test-repo-for-repository-test"
 		}

+		resource "bitbucketserver_user" "mreynolds" {
+		  name          = "mreynolds"
+		  display_name  = "Malcolm Reynolds"
+		  email_address = "browncoat@example.com"
+		}
+
 		resource "bitbucketserver_project_permissions_user" "test" {
 			project = bitbucketserver_project.test.key
-			user = "admin2"
+			user = bitbucketserver_user.mreynolds.name
 			permission = "PROJECT_WRITE"
 		}
 		
@@ -71,9 +77,9 @@ func TestAccBitbucketDataProjectPermissionsUsers_additional(t *testing.T) {
 					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.email_address", "admin@example.com"),
 					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.active", "true"),
 					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.permission", "PROJECT_ADMIN"),
-					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.name", "admin2"),
-					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.display_name", "Admin 2"),
-					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.email_address", "admin2@example.com"),
+					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.name", "mreynolds"),
+					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.display_name", "Malcolm Reynolds"),
+					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.email_address", "browncoat@example.com"),
 					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.active", "true"),
 					resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.permission", "PROJECT_WRITE"),
 				),
--- a/bitbucket/provider.go
+++ b/bitbucket/provider.go
@@ -40,6 +40,7 @@ func Provider() terraform.ResourceProvider {
 			"bitbucketserver_project_permissions_group": resourceProjectPermissionsGroup(),
 			"bitbucketserver_project_permissions_user":  resourceProjectPermissionsUser(),
 			"bitbucketserver_repository":                resourceRepository(),
+			"bitbucketserver_user":                      resourceUser(),
 		},
 	}
 }
--- a/bitbucket/resource_project.go
+++ b/bitbucket/resource_project.go
@@ -35,6 +35,7 @@ func resourceProject() *schema.Resource {
 			"key": {
 				Type:     schema.TypeString,
 				Required: true,
+				ForceNew: true,
 			},
 			"description": {
 				Type:     schema.TypeString,
--- a/bitbucket/resource_project_permissions_user_test.go
+++ b/bitbucket/resource_project_permissions_user_test.go
@@ -17,9 +17,15 @@ func TestAccBitbucketResourceProjectPermissionsUser(t *testing.T) {
 			name = "test-repo-for-repository-test"
 		}

+		resource "bitbucketserver_user" "mreynolds" {
+		  name          = "mreynolds"
+		  display_name  = "Malcolm Reynolds"
+		  email_address = "browncoat@example.com"
+		}
+
 		resource "bitbucketserver_project_permissions_user" "test" {
 			project = bitbucketserver_project.test.key
-			user = "admin2"
+			user = bitbucketserver_user.mreynolds.name
 			permission = "PROJECT_READ"
 		}
 	`, projectKey)
@@ -31,9 +37,9 @@ func TestAccBitbucketResourceProjectPermissionsUser(t *testing.T) {
 			{
 				Config: config,
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "id", projectKey+"/admin2"),
+					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "id", projectKey+"/mreynolds"),
 					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "project", projectKey),
-					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "user", "admin2"),
+					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "user", "mreynolds"),
 					resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "permission", "PROJECT_READ"),
 				),
 			},
--- a/bitbucket/resource_repository.go
+++ b/bitbucket/resource_repository.go
@@ -41,6 +41,7 @@ func resourceRepository() *schema.Resource {
 			"name": {
 				Type:     schema.TypeString,
 				Required: true,
+				ForceNew: true,
 			},
 			"slug": {
 				Type:     schema.TypeString,
@@ -50,6 +51,7 @@ func resourceRepository() *schema.Resource {
 			"project": {
 				Type:     schema.TypeString,
 				Required: true,
+				ForceNew: true,
 			},
 			"description": {
 				Type:     schema.TypeString,
--- a/bitbucket/resource_user.go
+++ b/bitbucket/resource_user.go
@@ -0,0 +1,203 @@
+package bitbucket
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/validation"
+	"io/ioutil"
+	"math/rand"
+	"net/url"
+	"time"
+)
+
+type User struct {
+	Name         string `json:"name,omitempty"`
+	EmailAddress string `json:"emailAddress,omitempty"`
+	DisplayName  string `json:"displayName,omitempty"`
+}
+
+func resourceUser() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceUserCreate,
+		Update: resourceUserUpdate,
+		Read:   resourceUserRead,
+		Exists: resourceUserExists,
+		Delete: resourceUserDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"email_address": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"display_name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"password_length": {
+				Type:         schema.TypeInt,
+				Optional:     true,
+				Default:      20,
+				ForceNew:     true,
+				ValidateFunc: validation.IntBetween(5, 128),
+			},
+			"initial_password": {
+				Type:      schema.TypeString,
+				Sensitive: true,
+				Computed:  true,
+			},
+		},
+	}
+}
+
+const passwordCharset = "abcdefghijklmnopqrstuvwxyz" +
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" +
+	"0123456789" +
+	"@^*_-[]"
+
+func generateUserPassword(length int) string {
+	var seededRand *rand.Rand = rand.New(rand.NewSource(time.Now().UnixNano()))
+	b := make([]byte, length)
+	for i := range b {
+		b[i] = passwordCharset[seededRand.Intn(len(passwordCharset))]
+	}
+	return string(b)
+}
+
+func newUserFromResource(d *schema.ResourceData) *User {
+	user := &User{
+		Name:         d.Get("name").(string),
+		EmailAddress: d.Get("email_address").(string),
+		DisplayName:  d.Get("display_name").(string),
+	}
+
+	return user
+}
+
+func resourceUserUpdate(d *schema.ResourceData, m interface{}) error {
+	client := m.(*BitbucketClient)
+	user := newUserFromResource(d)
+
+	bytedata, err := json.Marshal(user)
+
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Put(fmt.Sprintf("/rest/api/1.0/admin/users/%s",
+		user.Name,
+	), bytes.NewBuffer(bytedata))
+
+	if err != nil {
+		return err
+	}
+
+	return resourceUserRead(d, m)
+}
+
+func resourceUserCreate(d *schema.ResourceData, m interface{}) error {
+	client := m.(*BitbucketClient)
+	user := newUserFromResource(d)
+
+	passwordLength := d.Get("password_length").(int)
+	initialPassword := generateUserPassword(passwordLength)
+	d.Set("initial_password", initialPassword)
+
+	_, err := client.Post(fmt.Sprintf("/rest/api/1.0/admin/users?name=%s&password=%s&displayName=%s&emailAddress=%s",
+		url.QueryEscape(user.Name),
+		url.QueryEscape(initialPassword),
+		url.QueryEscape(user.DisplayName),
+		url.QueryEscape(user.EmailAddress),
+	), nil)
+
+	if err != nil {
+		return err
+	}
+
+	d.SetId(user.Name)
+
+	return resourceUserRead(d, m)
+}
+
+func resourceUserRead(d *schema.ResourceData, m interface{}) error {
+	id := d.Id()
+	if id != "" {
+		d.Set("name", id)
+	}
+
+	name := d.Get("name").(string)
+
+	client := m.(*BitbucketClient)
+	req, err := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s",
+		url.QueryEscape(name),
+	))
+
+	if err != nil {
+		return err
+	}
+
+	if req.StatusCode == 200 {
+
+		var user User
+
+		body, readerr := ioutil.ReadAll(req.Body)
+		if readerr != nil {
+			return readerr
+		}
+
+		decodeerr := json.Unmarshal(body, &user)
+		if decodeerr != nil {
+			return decodeerr
+		}
+
+		d.Set("name", user.Name)
+		d.Set("email_address", user.EmailAddress)
+		d.Set("display_name", user.DisplayName)
+	}
+
+	return nil
+}
+
+func resourceUserExists(d *schema.ResourceData, m interface{}) (bool, error) {
+	var name = ""
+	id := d.Id()
+	if id != "" {
+		name = id
+	} else {
+		name = d.Get("name").(string)
+	}
+
+	client := m.(*BitbucketClient)
+	req, err := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s",
+		url.QueryEscape(name),
+	))
+
+	if err != nil {
+		return false, fmt.Errorf("failed to get user %s from bitbucket: %+v", name, err)
+	}
+
+	if req.StatusCode == 200 {
+		return true, nil
+	} else {
+		return false, nil
+	}
+}
+
+func resourceUserDelete(d *schema.ResourceData, m interface{}) error {
+	name := d.Get("name").(string)
+	client := m.(*BitbucketClient)
+	_, err := client.Delete(fmt.Sprintf("/rest/api/1.0/admin/users?name=%s",
+		url.QueryEscape(name),
+	))
+
+	return err
+}
--- a/bitbucket/resource_user_test.go
+++ b/bitbucket/resource_user_test.go
@@ -0,0 +1,55 @@
+package bitbucket
+
+import (
+	"fmt"
+	"math/rand"
+	"testing"
+	"time"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccBitbucketUser(t *testing.T) {
+	userRand := fmt.Sprintf("%v", rand.New(rand.NewSource(time.Now().UnixNano())).Int())
+	testAccBitbucketUserConfig := fmt.Sprintf(`
+		resource "bitbucketserver_user" "test" {
+			name = "admin%v"
+			display_name = "Admin %v"
+			email_address = "admin%v@example.com"
+		}
+	`, userRand, userRand, userRand)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckBitbucketUserDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccBitbucketUserConfig,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("bitbucketserver_user.test", "name", "admin"+userRand),
+					resource.TestCheckResourceAttr("bitbucketserver_user.test", "display_name", "Admin "+userRand),
+					resource.TestCheckResourceAttr("bitbucketserver_user.test", "email_address", "admin"+userRand+"@example.com"),
+					resource.TestCheckResourceAttrSet("bitbucketserver_user.test", "initial_password"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckBitbucketUserDestroy(s *terraform.State) error {
+	client := testAccProvider.Meta().(*BitbucketClient)
+	rs, ok := s.RootModule().Resources["bitbucketserver_user.test"]
+	if !ok {
+		return fmt.Errorf("not found %s", "bitbucketserver_user.test")
+	}
+
+	response, _ := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s", rs.Primary.Attributes["name"]))
+
+	if response.StatusCode != 404 {
+		return fmt.Errorf("user still exists")
+	}
+
+	return nil
+}