Merge pull request #263 from NetApp/261-add-113-changes-to-200

add 1.1.3 changes to 2.0.0

CHANGELOG.md

@@ -8,6 +8,13 @@ ENHANCEMENTS:
 * **netapp-ontap_lun**: added `size_unit` option. ([#227](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/227))
 * **netapp-ontap_security_account**: Add support for import and update ([#243](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/243))
 
+## 1.1.3
+
+BUG FIXES:
+* **netapp-ontap_protocols_cifs_service_resource**: fixed on attribute checking ([#250](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/250))
+* **netapp-ontap_protocols_cifs_share_resource** :`acls` unable to update acls ([#236](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/236))
+* **netapp-ontap_protocols_san_igroups_resource**: fixed bug nil pointer dereference ([#247](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/247))
+
 ## 1.1.2 (2024-06-03)
 
 ENHANCEMENTS:

docs/resources/protocols_cifs_service_resource.md

@@ -120,10 +120,10 @@ Optional:
 
 Optional:
 
-- `advertised_kdc_encryptions` (Set of String) List of advertised KDC encryptions
+- `advertised_kdc_encryptions` (Set of String) List of advertised KDC encryptions (9.12)
 - `aes_netlogon_enabled` (Boolean) An AES session key is enabled for the Netlogon channel (9.10)
 - `encrypt_dc_connection` (Boolean) Encryption is required for domain controller connections (9.8)
-- `kdc_encryption` (Boolean) Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC
+- `kdc_encryption` (Boolean) Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC. Deprecated in 9.12. Use 'advertised_kdc_encryptions' instead.
 - `ldap_referral_enabled` (Boolean) Specifies if LDAP referral chasing is enabled for AD LDAP connections (9.10)
 - `lm_compatibility_level` (String) CIFS server minimum security level
 - `restrict_anonymous` (String) Specifies what level of access an anonymous user is granted

internal/interfaces/protocols_cifs_share.go

@@ -52,20 +52,20 @@ type ProtocolsCIFSShareResourceBodyDataModelONTAP struct {
 	Name                  string `mapstructure:"name,omitempty"` // can't be present in update, so omit empty.
 	SVM                   svm    `mapstructure:"svm"`
 	Acls                  []Acls `mapstructure:"acls,omitempty"` // API complains if this is not omit empty
-	ChangeNotify          bool   `mapstructure:"change_notify"`
+	ChangeNotify          bool   `mapstructure:"change_notify,omitempty"`
 	Comment               string `mapstructure:"comment,omitempty"` // API complains if this is not omit empty
-	ContinuouslyAvailable bool   `mapstructure:"continuously_available"`
-	DirUmask              int64  `mapstructure:"dir_umask"`
-	Encryption            bool   `mapstructure:"encryption"`
-	FileUmask             int64  `mapstructure:"file_umask"`
-	ForceGroupForCreate   string `mapstructure:"force_group_for_create"`
+	ContinuouslyAvailable bool   `mapstructure:"continuously_available,omitempty"`
+	DirUmask              int64  `mapstructure:"dir_umask,omitempty"`
+	Encryption            bool   `mapstructure:"encryption,omitempty"`
+	FileUmask             int64  `mapstructure:"file_umask,omitempty"`
+	ForceGroupForCreate   string `mapstructure:"force_group_for_create,omitempty"`
 	HomeDirectory         bool   `mapstructure:"home_directory,omitempty"` // can't be present in update, so omit empty.
-	NamespaceCaching      bool   `mapstructure:"namespace_caching"`
-	NoStrictSecurity      bool   `mapstructure:"no_strict_security"`
+	NamespaceCaching      bool   `mapstructure:"namespace_caching,omitempty"`
+	NoStrictSecurity      bool   `mapstructure:"no_strict_security,omitempty"`
 	OfflineFiles          string `mapstructure:"offline_files,omitempty"` // API complains if this is not omit empty
-	Oplocks               bool   `mapstructure:"oplocks"`
+	Oplocks               bool   `mapstructure:"oplocks,omitempty"`
 	Path                  string `mapstructure:"path,omitempty"` // can't be present in update, so omit empty.
-	ShowSnapshot          bool   `mapstructure:"show_snapshot"`
+	ShowSnapshot          bool   `mapstructure:"show_snapshot,omitempty"`
 	UnixSymlink           string `mapstructure:"unix_symlink,omitempty"`  // API complains if this is not omit empty
 	VscanProfile          string `mapstructure:"vscan_profile,omitempty"` // API complains if this is not omit empty
 }
@@ -159,14 +159,14 @@ func CreateProtocolsCIFSShare(errorHandler *utils.ErrorHandler, r restclient.Res
 
 // UpdateProtocolsCIFSShare to update protocols_cifs_share
 func UpdateProtocolsCIFSShare(errorHandler *utils.ErrorHandler, r restclient.RestClient, body ProtocolsCIFSShareResourceBodyDataModelONTAP, name string, svmUUID string) error {
-	api := "/protocols/cifs/shares/"
+	api := fmt.Sprintf("/protocols/cifs/shares/%s/%s", svmUUID, name)
 	var bodyMap map[string]interface{}
 	if err := mapstructure.Decode(body, &bodyMap); err != nil {
 		return errorHandler.MakeAndReportError("error encoding protocols_cifs_share body", fmt.Sprintf("error on encoding %s body: %s, body: %#v", api, err, body))
 	}
-	statusCode, _, err := r.CallUpdateMethod(api+"/"+svmUUID+"/"+name, nil, bodyMap)
+	statusCode, _, err := r.CallUpdateMethod(api, nil, bodyMap)
 	if err != nil {
-		return errorHandler.MakeAndReportError("error updating protocols_cifs_share", fmt.Sprintf("error on POST %s: %s, statusCode %d", api, err, statusCode))
+		return errorHandler.MakeAndReportError("error updating protocols_cifs_share", fmt.Sprintf("error on PATCH %s: %s, statusCode %d", api, err, statusCode))
 	}
 	return nil
 }

internal/interfaces/protocols_cifs_share_acl.go

@@ -0,0 +1,143 @@
+package interfaces
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/mitchellh/mapstructure"
+	"github.com/netapp/terraform-provider-netapp-ontap/internal/restclient"
+	"github.com/netapp/terraform-provider-netapp-ontap/internal/utils"
+)
+
+// ProtocolsCIFSShareACLGetDataModelONTAP describes the GET record data model using go types for mapping.
+type ProtocolsCIFSShareACLGetDataModelONTAP struct {
+	Name        string `mapstructure:"name"`
+	UUID        string `mapstructure:"uuid"`
+	UserOrGroup string `mapstructure:"user_or_group"`
+}
+
+// ProtocolsCIFSShareACLResourceBodyDataModelONTAP describes the body data model using go types for mapping.
+type ProtocolsCIFSShareACLResourceBodyDataModelONTAP struct {
+	// Name       string `mapstructure:"name"`
+	// SVM        svm    `mapstructure:"svm"`
+	Permission  string `mapstructure:"permission"`
+	UserOrGroup string `mapstructure:"user_or_group"`
+	Type        string `mapstructure:"type"`
+}
+
+// ProtocolsCIFSShareACLDataSourceFilterModel describes the data source data model for queries.
+type ProtocolsCIFSShareACLDataSourceFilterModel struct {
+	Name        string `mapstructure:"name"`
+	SVMName     string `mapstructure:"svm.name"`
+	UserOrGroup string `mapstructure:"user_or_group"`
+}
+
+// GetProtocolsCIFSShareACLByName to get protocols_cifs_share_acl info
+func GetProtocolsCIFSShareACLByName(errorHandler *utils.ErrorHandler, r restclient.RestClient, name string, svmName string) (*ProtocolsCIFSShareACLGetDataModelONTAP, error) {
+	api := "api_url"
+	query := r.NewQuery()
+	query.Set("name", name)
+	if svmName == "" {
+		query.Set("scope", "cluster")
+	} else {
+		query.Set("svm.name", svmName)
+		query.Set("scope", "svm")
+	}
+	query.Fields([]string{"name", "svm.name", "ip", "scope"})
+	statusCode, response, err := r.GetNilOrOneRecord(api, query, nil)
+	if err == nil && response == nil {
+		err = fmt.Errorf("no response for GET %s", api)
+	}
+	if err != nil {
+		return nil, errorHandler.MakeAndReportError("error reading protocols_cifs_share_acl info", fmt.Sprintf("error on GET %s: %s, statusCode %d", api, err, statusCode))
+	}
+
+	var dataONTAP ProtocolsCIFSShareACLGetDataModelONTAP
+	if err := mapstructure.Decode(response, &dataONTAP); err != nil {
+		return nil, errorHandler.MakeAndReportError(fmt.Sprintf("failed to decode response from GET %s", api),
+			fmt.Sprintf("error: %s, statusCode %d, response %#v", err, statusCode, response))
+	}
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("Read protocols_cifs_share_acl data source: %#v", dataONTAP))
+	return &dataONTAP, nil
+}
+
+// GetProtocolsCIFSShareAcls to get protocols_cifs_share_acl info for all resources matching a filter
+func GetProtocolsCIFSShareAcls(errorHandler *utils.ErrorHandler, r restclient.RestClient, filter *ProtocolsCIFSShareACLDataSourceFilterModel, svmName string, shareName string) ([]ProtocolsCIFSShareACLGetDataModelONTAP, error) {
+	api := fmt.Sprintf("/protocols/cifs/shares/%s/%s/acls", svmName, shareName)
+	query := r.NewQuery()
+	query.Fields([]string{"name", "svm.name", "scope"})
+	if filter != nil {
+		var filterMap map[string]interface{}
+		if err := mapstructure.Decode(filter, &filterMap); err != nil {
+			return nil, errorHandler.MakeAndReportError("error encoding protocols_cifs_share_acls filter info", fmt.Sprintf("error on filter %#v: %s", filter, err))
+		}
+		query.SetValues(filterMap)
+	}
+	statusCode, response, err := r.GetZeroOrMoreRecords(api, query, nil)
+	if err == nil && response == nil {
+		err = fmt.Errorf("no response for GET %s", api)
+	}
+	if err != nil {
+		return nil, errorHandler.MakeAndReportError("error reading protocols_cifs_share_acls info", fmt.Sprintf("error on GET %s: %s, statusCode %d", api, err, statusCode))
+	}
+
+	var dataONTAP []ProtocolsCIFSShareACLGetDataModelONTAP
+	for _, info := range response {
+		var record ProtocolsCIFSShareACLGetDataModelONTAP
+		if err := mapstructure.Decode(info, &record); err != nil {
+			return nil, errorHandler.MakeAndReportError(fmt.Sprintf("failed to decode response from GET %s", api),
+				fmt.Sprintf("error: %s, statusCode %d, info %#v", err, statusCode, info))
+		}
+		dataONTAP = append(dataONTAP, record)
+	}
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("Read protocols_cifs_share_acls data source: %#v", dataONTAP))
+	return dataONTAP, nil
+}
+
+// CreateProtocolsCIFSShareACL to create protocols_cifs_share_acl
+func CreateProtocolsCIFSShareACL(errorHandler *utils.ErrorHandler, r restclient.RestClient, body ProtocolsCIFSShareACLResourceBodyDataModelONTAP, svmID string, shareName string) (*ProtocolsCIFSShareACLGetDataModelONTAP, error) {
+	api := fmt.Sprintf("/protocols/cifs/shares/%s/%s/acls", svmID, shareName)
+	var bodyMap map[string]interface{}
+	if err := mapstructure.Decode(body, &bodyMap); err != nil {
+		return nil, errorHandler.MakeAndReportError("error encoding protocols_cifs_share_acl body", fmt.Sprintf("error on encoding %s body: %s, body: %#v", api, err, body))
+	}
+	query := r.NewQuery()
+	query.Add("return_records", "true")
+	statusCode, response, err := r.CallCreateMethod(api, query, bodyMap)
+	if err != nil {
+		return nil, errorHandler.MakeAndReportError("error creating protocols_cifs_share_acl", fmt.Sprintf("error on POST %s: %s, statusCode %d", api, err, statusCode))
+	}
+
+	var dataONTAP ProtocolsCIFSShareACLGetDataModelONTAP
+	if err := mapstructure.Decode(response.Records[0], &dataONTAP); err != nil {
+		return nil, errorHandler.MakeAndReportError("error decoding protocols_cifs_share_acl info", fmt.Sprintf("error on decode storage/protocols_cifs_share_acls info: %s, statusCode %d, response %#v", err, statusCode, response))
+	}
+	tflog.Debug(errorHandler.Ctx, fmt.Sprintf("Create protocols_cifs_share_acl source - udata: %#v", dataONTAP))
+	return &dataONTAP, nil
+}
+
+// UpdateProtocolsCIFSShareACL to update protocols_cifs_share_acl
+func UpdateProtocolsCIFSShareACL(errorHandler *utils.ErrorHandler, r restclient.RestClient, body ProtocolsCIFSShareACLResourceBodyDataModelONTAP, svmID string, shareName string, userOrGroup string, aclType string) error {
+	api := fmt.Sprintf("/protocols/cifs/shares/%s/%s/acls/%s/%s", svmID, shareName, userOrGroup, aclType)
+	var bodyMap map[string]interface{}
+	if err := mapstructure.Decode(body, &bodyMap); err != nil {
+		return errorHandler.MakeAndReportError("error encoding protocols_cifs_share_acl body", fmt.Sprintf("error on encoding %s body: %s, body: %#v", api, err, body))
+	}
+	delete(bodyMap, "type")          // type is not returned in the response
+	delete(bodyMap, "user_or_group") // user_or_group is not returned in the response
+	statusCode, _, err := r.CallUpdateMethod(api, nil, bodyMap)
+	if err != nil {
+		return errorHandler.MakeAndReportError("error updating protocols_cifs_share_acl", fmt.Sprintf("error on PATCH %s: %s, statusCode %d", api, err, statusCode))
+	}
+	return nil
+}
+
+// DeleteProtocolsCIFSShareACL to delete protocols_cifs_share_acl
+func DeleteProtocolsCIFSShareACL(errorHandler *utils.ErrorHandler, r restclient.RestClient, svmID string, shareName string, userOrGroup string, aclType string) error {
+	api := fmt.Sprintf("/protocols/cifs/shares/%s/%s/acls/%s/%s", svmID, shareName, userOrGroup, aclType)
+	statusCode, _, err := r.CallDeleteMethod(api, nil, nil)
+	if err != nil {
+		return errorHandler.MakeAndReportError("error deleting protocols_cifs_share_acl", fmt.Sprintf("error on DELETE %s: %s, statusCode %d", api, err, statusCode))
+	}
+	return nil
+}

internal/interfaces/protocols_san_igroup.go

@@ -56,14 +56,14 @@ type Portset struct {
 
 // ProtocolsSanIgroupResourceBodyDataModelONTAP describes the body data model using go types for mapping.
 type ProtocolsSanIgroupResourceBodyDataModelONTAP struct {
-	Name       string            `mapstructure:"name"`
-	SVM        SvmDataModelONTAP `mapstructure:"svm"`
-	OsType     string            `mapstructure:"os_type"`
-	Protocol   string            `mapstructure:"protocol"`
-	Comment    string            `mapstructure:"comment,omitempty"`
-	Igroups    []IgroupLun       `mapstructure:"igroups,omitempty"`
-	Initiators []IgroupInitiator `mapstructure:"initiators,omitempty"`
-	Portset    Portset           `mapstructure:"portset,omitempty"`
+	Name       string                   `mapstructure:"name"`
+	SVM        SvmDataModelONTAP        `mapstructure:"svm"`
+	OsType     string                   `mapstructure:"os_type"`
+	Protocol   string                   `mapstructure:"protocol"`
+	Comment    string                   `mapstructure:"comment,omitempty"`
+	Igroups    []map[string]interface{} `mapstructure:"igroups,omitempty"`
+	Initiators []map[string]interface{} `mapstructure:"initiators,omitempty"`
+	Portset    Portset                  `mapstructure:"portset,omitempty"`
 }
 
 // UpdateProtocolsSanIgroupResourceBodyDataModelONTAP describes the body data model using go types for mapping.

internal/provider/protocols/protocols_cifs_service_resource.go

@@ -6,7 +6,6 @@ import (
 	"github.com/netapp/terraform-provider-netapp-ontap/internal/provider/connection"
 	"strings"
 
-	"github.com/hashicorp/terraform-plugin-framework-validators/boolvalidator"
 	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
 	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
@@ -256,12 +255,7 @@ func (r *CifsServiceResource) Schema(ctx context.Context, req resource.SchemaReq
 						PlanModifiers: []planmodifier.Bool{
 							boolplanmodifier.UseStateForUnknown(),
 						},
-						Validators: []validator.Bool{
-							boolvalidator.ConflictsWith(path.Expressions{
-								path.MatchRoot("advertised_kdc_encryptions"),
-							}...),
-						},
-						MarkdownDescription: "Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC",
+						MarkdownDescription: "Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC. Deprecated in 9.12. Use 'advertised_kdc_encryptions' instead.",
 					},
 					"lm_compatibility_level": schema.StringAttribute{
 						Optional:            true,
@@ -339,7 +333,7 @@ func (r *CifsServiceResource) Schema(ctx context.Context, req resource.SchemaReq
 						PlanModifiers: []planmodifier.Set{
 							setplanmodifier.UseStateForUnknown(),
 						},
-						MarkdownDescription: "List of advertised KDC encryptions",
+						MarkdownDescription: "List of advertised KDC encryptions (9.12)",
 						ElementType:         types.StringType,
 					},
 				},