diff --git a/CHANGELOG.md b/CHANGELOG.md index 95f95ecf..d290e6b8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ DOCUMENTATION: BUG FIXES: +- **netapp-ontap_security_account**: unable to unlock existing `security_account` resource ([#499](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/499)) - **netapp-ontap_port**: fixed error when importing VLANs in multi-node clusters ([#479](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/479)) - **netapp-ontap_san_igroup**: fixed issue with adding initiators to new igroup ([#274](https://github.com/NetApp/terraform-provider-netapp-ontap/issues/274)) diff --git a/internal/interfaces/security_account.go b/internal/interfaces/security_account.go index 421fc61e..c580d82f 100644 --- a/internal/interfaces/security_account.go +++ b/internal/interfaces/security_account.go @@ -17,7 +17,7 @@ type SecurityAccountResourceBodyDataModelONTAP struct { Role SecurityAccountRole `mapstructure:"role,omitempty"` Password string `mapstructure:"password,omitempty"` Comment string `mapstructure:"comment,omitempty"` - Locked bool `mapstructure:"locked,omitempty"` + Locked *bool `mapstructure:"locked,omitempty"` } // SecurityAccountGetDataModelONTAP describes the GET record data model using go types for mapping. @@ -38,7 +38,7 @@ type SecurityAccountResourceUpdateBodyDataModelONTAP struct { Role SecurityAccountRole `mapstructure:"role,omitempty"` Password string `mapstructure:"password,omitempty"` Comment string `mapstructure:"comment,omitempty"` - Locked bool `mapstructure:"locked,omitempty"` + Locked *bool `mapstructure:"locked,omitempty"` } // SecurityAccountApplication describes the application data model using go types for mapping. diff --git a/internal/provider/security/security_account_resource.go b/internal/provider/security/security_account_resource.go index 478ffc2d..9ea2e59d 100644 --- a/internal/provider/security/security_account_resource.go +++ b/internal/provider/security/security_account_resource.go @@ -9,8 +9,6 @@ import ( "github.com/hashicorp/terraform-plugin-framework/path" "github.com/hashicorp/terraform-plugin-framework/resource" "github.com/hashicorp/terraform-plugin-framework/resource/schema" - "github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault" - "github.com/hashicorp/terraform-plugin-framework/resource/schema/boolplanmodifier" "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault" "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" @@ -166,8 +164,6 @@ func (r *SecurityAccountResource) Schema(ctx context.Context, req resource.Schem MarkdownDescription: "Account locked", Optional: true, Computed: true, - Default: booldefault.StaticBool(false), - PlanModifiers: []planmodifier.Bool{boolplanmodifier.UseStateForUnknown()}, }, "id": schema.StringAttribute{ MarkdownDescription: "SecurityAccount id", @@ -346,7 +342,7 @@ func (r *SecurityAccountResource) Create(ctx context.Context, req resource.Creat body.Comment = data.Comment.ValueString() } if !data.Locked.IsNull() { - body.Locked = data.Locked.ValueBool() + body.Locked = data.Locked.ValueBoolPointer() } client, err := connection.GetRestClient(errorHandler, r.config, data.CxProfileName) @@ -410,6 +406,7 @@ func (r *SecurityAccountResource) Create(ctx context.Context, req resource.Creat data.ID = types.StringValue(resource.Name) data.OwnerID = types.StringValue(resource.Owner.UUID) + data.Locked = types.BoolValue(resource.Locked) tflog.Trace(ctx, "created a resource") @@ -472,7 +469,7 @@ func (r *SecurityAccountResource) Update(ctx context.Context, req resource.Updat // locked update if !plan.Locked.IsNull() { - request.Locked = plan.Locked.ValueBool() + request.Locked = plan.Locked.ValueBoolPointer() } // comment update diff --git a/internal/provider/security/security_account_resource_test.go b/internal/provider/security/security_account_resource_test.go index 776b7b99..0ef6e1c0 100644 --- a/internal/provider/security/security_account_resource_test.go +++ b/internal/provider/security/security_account_resource_test.go @@ -20,17 +20,27 @@ func TestAccSecurityAccountResource(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "name", "tf_acc_test"), resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "password", "password123"), + resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "locked", "false"), ), }, // Test updating a resource with comment and locked { - Config: testAccSecurityAccountResourceConfig("tf_acc_test", "update", true), + Config: testAccSecurityAccountResourceConfig("tf_acc_test", "locked", true), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "name", "tf_acc_test"), - resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "comment", "update"), + resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "comment", "locked"), resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "locked", "true"), ), }, + // Test updating a resource with comment and unlocked + { + Config: testAccSecurityAccountResourceConfig("tf_acc_test", "unlocked", false), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "name", "tf_acc_test"), + resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "comment", "unlocked"), + resource.TestCheckResourceAttr("netapp-ontap_security_account.security_account", "locked", "false"), + ), + }, // Test updating a resource with application and secondAuthenticationMethod { Config: testAccSecurityAccountResourceConfigUpdateAndCheckIdempotency("tf_acc_test"),