Update APIs used for user management to a new v3 version (#391)

incapsula/client_account_user.go

@@ -6,19 +6,15 @@ import (
 	"io/ioutil"
 	"log"
 	"net/http"
-	"net/url"
 )
 
 // Endpoints (unexported consts)
-const endpointAccountUserAdd = "identity-management/v3/users"
-const endpointSubAccountUserAdd = "identity-management/v3/users/sub-account"
-const endpointUserStatus = "identity-management/v3/users"
-const endpointUserDelete = "identity-management/v3/users"
-const endpointUserUpdate = "identity-management/v3/roles/assignments"
+
+const endpointUserOperationNew = "identity-management/v3/idm-users"
 
 // UserApisResponse contains the relevant user information when adding, getting or updating a user
 type UserApisResponse struct {
-	Data struct {
+	Data []struct {
 		UserID    string `json:"id"`
 		AccountID int    `json:"accountId"`
 		FirstName string `json:"firstName"`
@@ -53,9 +49,7 @@ type UserAddReq struct {
 }
 
 type UserUpdateReq struct {
-	UserEmail string `json:"email"`
-	AccountId int    `json:"accountId"`
-	RoleIds   []int  `json:"roleIds"`
+	RoleIds []int `json:"roleIds"`
 }
 
 // AddAccountUser adds a user to Incapsula Account
@@ -74,11 +68,11 @@ func (c *Client) AddAccountUser(accountID int, email, firstName, lastName string
 		return nil, fmt.Errorf("Failed to JSON marshal IncapRule: %s", err)
 	}
 
-	endpointUserAdd := endpointAccountUserAdd
+	endpointUserAdd := endpointUserOperationNew
 	operation := CreateAccountUser
 	accountStatusResponse, err := c.AccountStatus(accountID, ReadAccount)
 	if accountStatusResponse != nil && accountStatusResponse.AccountType == "Sub Account" {
-		endpointUserAdd = endpointSubAccountUserAdd
+		endpointUserAdd = endpointUserOperationNew + "/" + email
 		operation = CreateSubAccountUser
 	}
 
@@ -120,7 +114,7 @@ func (c *Client) GetAccountUser(accountID int, email string) (*UserApisResponse,
 	log.Printf("[INFO] Getting Incapsula user status for email id: %s\n", email)
 
 	// Get to Incapsula
-	reqURL := fmt.Sprintf("%s/%s?caid=%d&email=%s", c.config.BaseURLAPI, endpointUserStatus, accountID, url.QueryEscape(email))
+	reqURL := fmt.Sprintf("%s/%s/%s?caid=%d", c.config.BaseURLAPI, endpointUserOperationNew, email, accountID)
 	resp, err := c.DoJsonRequestWithHeaders(http.MethodGet, reqURL, nil, ReadAccountUser)
 
 	if err != nil {
@@ -152,24 +146,23 @@ func (c *Client) GetAccountUser(accountID int, email string) (*UserApisResponse,
 // UpdateAccountUser User Roles
 func (c *Client) UpdateAccountUser(accountID int, email string, roleIds []interface{}) (*UserApisUpdateResponse, error) {
 	log.Printf("[INFO] Update Incapsula User for email: %s (account ID %d)\n", email, accountID)
-
 	listRoles := make([]int, len(roleIds))
 	for i, v := range roleIds {
 		listRoles[i] = v.(int)
 	}
 
-	userUpdateReq := []UserUpdateReq{{AccountId: accountID, UserEmail: email, RoleIds: listRoles}}
+	userUpdateReq := UserUpdateReq{RoleIds: listRoles}
 
 	userJSON, err := json.Marshal(userUpdateReq)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to JSON marshal IncapRule: %s", err)
 	}
 
-	reqURL := fmt.Sprintf("%s/%s?caid=%d", c.config.BaseURLAPI, endpointUserUpdate, accountID)
+	reqURL := fmt.Sprintf("%s/%s/%s?caid=%d", c.config.BaseURLAPI, endpointUserOperationNew, email, accountID)
 
 	log.Printf("[INFO] Req: %s\n", reqURL)
 	log.Printf("[INFO] json: %s\n", userJSON)
-	resp, err := c.DoJsonRequestWithHeaders(http.MethodPut, reqURL, userJSON, UpdateAccountUser)
+	resp, err := c.DoJsonRequestWithHeaders(http.MethodPatch, reqURL, userJSON, UpdateAccountUser)
 
 	if err != nil {
 		return nil, fmt.Errorf("Error updating user email %s: %s", email, err)
@@ -211,7 +204,7 @@ func (c *Client) DeleteAccountUser(accountID int, email string) error {
 
 	// Delete form to Incapsula
 
-	reqURL := fmt.Sprintf("%s/%s?caid=%d&email=%s", c.config.BaseURLAPI, endpointUserDelete, accountID, url.QueryEscape(email))
+	reqURL := fmt.Sprintf("%s/%s/%s?caid=%d", c.config.BaseURLAPI, endpointUserOperationNew, email, accountID)
 	resp, err := c.DoJsonRequestWithHeaders(http.MethodDelete, reqURL, nil, DeleteAccountUser)
 
 	if err != nil {

incapsula/resource_account_user.go

@@ -136,7 +136,7 @@ func resourceUserCreate(d *schema.ResourceData, m interface{}) error {
 
 	// Set the User ID
 	d.SetId(fmt.Sprintf("%s/%s", strconv.Itoa(accountId), email))
-	log.Printf("[INFO] Created Incapsula user for email: %s userid: %s\n", email, UserAddResponse.Data.UserID)
+	log.Printf("[INFO] Created Incapsula user for email: %s userid: %s\n", email, UserAddResponse.Data[0].UserID)
 
 	// There may be a timing/race condition here
 	// Set an arbitrary period to sleep
@@ -165,26 +165,26 @@ func resourceUserRead(d *schema.ResourceData, m interface{}) error {
 		return err
 	}
 
-	log.Printf("[INFO]listRoles : %v\n", userStatusResponse.Data.Roles)
+	log.Printf("[INFO]listRoles : %v\n", userStatusResponse.Data[0].Roles)
 
-	listRolesIds := make([]int, len(userStatusResponse.Data.Roles))
-	listRolesNames := make([]string, len(userStatusResponse.Data.Roles))
-	for i, v := range userStatusResponse.Data.Roles {
+	listRolesIds := make([]int, len(userStatusResponse.Data[0].Roles))
+	listRolesNames := make([]string, len(userStatusResponse.Data[0].Roles))
+	for i, v := range userStatusResponse.Data[0].Roles {
 		listRolesIds[i] = v.RoleID
 		listRolesNames[i] = v.RoleName
 	}
 
-	d.Set("email", userStatusResponse.Data.Email)
-	d.Set("account_id", userStatusResponse.Data.AccountID)
+	d.Set("email", userStatusResponse.Data[0].Email)
+	d.Set("account_id", userStatusResponse.Data[0].AccountID)
 
 	accountStatusResponse, err := client.AccountStatus(accountID, ReadAccount)
 	if accountStatusResponse != nil && accountStatusResponse.AccountType == "Sub Account" {
 		log.Printf("[DEBUG] User creation on Sub Account, setting null value to avoid forces replacement\n")
 		d.Set("first_name", nil)
 		d.Set("last_name", nil)
 	} else {
-		d.Set("first_name", userStatusResponse.Data.FirstName)
-		d.Set("last_name", userStatusResponse.Data.LastName)
+		d.Set("first_name", userStatusResponse.Data[0].FirstName)
+		d.Set("last_name", userStatusResponse.Data[0].LastName)
 	}
 	d.Set("role_ids", listRolesIds)
 	d.Set("role_names", listRolesNames)