diff --git a/CHANGELOG.md b/CHANGELOG.md index 3eb5c62a..c8daf885 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ - Add `community_list_expanded` resource and data source - Add `authentication`, `mab` and `dot1x` attributes to `iosxe_interface_ethernet` resource and data source - Add `authorization_exec` and `transport_input` attributes to `iosxe_line` resource and data source +- Add `a2`, `a3` and `a4` attributes to `iosxe_aaa_authorization` resource and data source ## 0.5.1 diff --git a/docs/data-sources/aaa_authorization.md b/docs/data-sources/aaa_authorization.md index dee5ca84..8153f6ae 100644 --- a/docs/data-sources/aaa_authorization.md +++ b/docs/data-sources/aaa_authorization.md @@ -38,7 +38,23 @@ Read-Only: - `a1_group` (String) Use Server-group - `a1_if_authenticated` (Boolean) Succeed if user has authenticated. - `a1_local` (Boolean) Use local database +- `a1_radius` (Boolean) Use radius +- `a1_tacacs` (Boolean) Use TACACS+ +- `a2_group` (String) Use Server-group +- `a2_if_authenticated` (Boolean) Succeed if user has authenticated. - `a2_local` (Boolean) +- `a2_radius` (Boolean) Use Radius +- `a2_tacacs` (Boolean) Use TACACS+ +- `a3_group` (String) Use Server-group +- `a3_if_authenticated` (Boolean) Succeed if user has authenticated. +- `a3_local` (Boolean) +- `a3_radius` (Boolean) Use Radius +- `a3_tacacs` (Boolean) Use TACACS+ +- `a4_group` (String) Use Server-group +- `a4_if_authenticated` (Boolean) Succeed if user has authenticated. +- `a4_local` (Boolean) +- `a4_radius` (Boolean) Use radius +- `a4_tacacs` (Boolean) Use TACACS+ - `name` (String) @@ -48,4 +64,11 @@ Read-Only: Read-Only: - `a1_group` (String) Use Server-group +- `a1_local` (Boolean) Use local username authentication. +- `a2_group` (String) Use Server-group +- `a2_local` (Boolean) +- `a3_group` (String) Use Server-group +- `a3_local` (Boolean) +- `a4_group` (String) Use Server-group +- `a4_local` (Boolean) - `id` (String) diff --git a/docs/guides/changelog.md b/docs/guides/changelog.md index 833388f7..5e4a6955 100644 --- a/docs/guides/changelog.md +++ b/docs/guides/changelog.md @@ -21,6 +21,7 @@ description: |- - Add `community_list_expanded` resource and data source - Add `authentication`, `mab` and `dot1x` attributes to `iosxe_interface_ethernet` resource and data source - Add `authorization_exec` and `transport_input` attributes to `iosxe_line` resource and data source +- Add `a2`, `a3` and `a4` attributes to `iosxe_aaa_authorization` resource and data source ## 0.5.1 diff --git a/docs/resources/aaa_authorization.md b/docs/resources/aaa_authorization.md index 8e594db7..44468b39 100644 --- a/docs/resources/aaa_authorization.md +++ b/docs/resources/aaa_authorization.md @@ -16,10 +16,20 @@ This resource can manage the AAA Authorization configuration. resource "iosxe_aaa_authorization" "example" { execs = [ { - name = "TEST" - a1_local = false - a1_group = "GROUP1" - a1_if_authenticated = true + name = "EXEC1" + a1_group = "GROUP1" + a2_group = "GROUP2" + a3_group = "GROUP3" + a4_local = true + } + ] + networks = [ + { + id = "NET1" + a1_group = "RGROUP1" + a2_group = "RGROUP2" + a3_group = "RGROUP3" + a4_local = true } ] } @@ -52,7 +62,23 @@ Optional: - `a1_group` (String) Use Server-group - `a1_if_authenticated` (Boolean) Succeed if user has authenticated. - `a1_local` (Boolean) Use local database +- `a1_radius` (Boolean) Use radius +- `a1_tacacs` (Boolean) Use TACACS+ +- `a2_group` (String) Use Server-group +- `a2_if_authenticated` (Boolean) Succeed if user has authenticated. - `a2_local` (Boolean) +- `a2_radius` (Boolean) Use Radius +- `a2_tacacs` (Boolean) Use TACACS+ +- `a3_group` (String) Use Server-group +- `a3_if_authenticated` (Boolean) Succeed if user has authenticated. +- `a3_local` (Boolean) +- `a3_radius` (Boolean) Use Radius +- `a3_tacacs` (Boolean) Use TACACS+ +- `a4_group` (String) Use Server-group +- `a4_if_authenticated` (Boolean) Succeed if user has authenticated. +- `a4_local` (Boolean) +- `a4_radius` (Boolean) Use radius +- `a4_tacacs` (Boolean) Use TACACS+ @@ -65,6 +91,13 @@ Required: Optional: - `a1_group` (String) Use Server-group +- `a1_local` (Boolean) Use local username authentication. +- `a2_group` (String) Use Server-group +- `a2_local` (Boolean) +- `a3_group` (String) Use Server-group +- `a3_local` (Boolean) +- `a4_group` (String) Use Server-group +- `a4_local` (Boolean) ## Import diff --git a/examples/resources/iosxe_aaa_authorization/resource.tf b/examples/resources/iosxe_aaa_authorization/resource.tf index 30f60634..1b44a5c1 100644 --- a/examples/resources/iosxe_aaa_authorization/resource.tf +++ b/examples/resources/iosxe_aaa_authorization/resource.tf @@ -1,10 +1,20 @@ resource "iosxe_aaa_authorization" "example" { execs = [ { - name = "TEST" - a1_local = false - a1_group = "GROUP1" - a1_if_authenticated = true + name = "EXEC1" + a1_group = "GROUP1" + a2_group = "GROUP2" + a3_group = "GROUP3" + a4_local = true + } + ] + networks = [ + { + id = "NET1" + a1_group = "RGROUP1" + a2_group = "RGROUP2" + a3_group = "RGROUP3" + a4_local = true } ] } diff --git a/gen/definitions/aaa_authorization.yaml b/gen/definitions/aaa_authorization.yaml index 3c2f7939..1286e009 100644 --- a/gen/definitions/aaa_authorization.yaml +++ b/gen/definitions/aaa_authorization.yaml @@ -10,33 +10,143 @@ attributes: attributes: - yang_name: name id: true - example: TEST + example: EXEC1 - yang_name: a1/auth-exec-choice/local/local xpath: a1/local tf_name: a1_local example: false + exclude_test: true - yang_name: a1/auth-exec-choice/group/group xpath: a1/group tf_name: a1_group example: GROUP1 + - yang_name: a1/auth-exec-choice/radius/radius + xpath: a1/radius + tf_name: a1_radius + example: true + exclude_test: true + - yang_name: a1/auth-exec-choice/tacacs/tacacs + xpath: a1/tacacs + tf_name: a1_tacacs + example: true + exclude_test: true + - yang_name: a1/auth-exec-choice/if-authenticated/if-authenticated + xpath: a1/if-authenticated + tf_name: a1_if_authenticated + example: true + exclude_test: true - yang_name: a2/auth-exec-choice/local/local xpath: a2/local tf_name: a2_local example: false exclude_test: true - - yang_name: a1/auth-exec-choice/if-authenticated/if-authenticated - xpath: a1/if-authenticated - tf_name: a1_if_authenticated + - yang_name: a2/auth-exec-choice/group/group + xpath: a2/group + tf_name: a2_group + example: GROUP2 + - yang_name: a2/auth-exec-choice/radius/radius + xpath: a2/radius + tf_name: a2_radius + example: true + exclude_test: true + - yang_name: a2/auth-exec-choice/tacacs/tacacs + xpath: a2/tacacs + tf_name: a2_tacacs + example: true + exclude_test: true + - yang_name: a2/auth-exec-choice/if-authenticated/if-authenticated + xpath: a2/if-authenticated + tf_name: a2_if_authenticated + example: true + exclude_test: true + - yang_name: a3/auth-exec-choice/local/local + xpath: a3/local + tf_name: a3_local + example: false + exclude_test: true + - yang_name: a3/auth-exec-choice/group/group + xpath: a3/group + tf_name: a3_group + example: GROUP3 + - yang_name: a3/auth-exec-choice/radius/radius + xpath: a3/radius + tf_name: a3_radius + example: true + exclude_test: true + - yang_name: a3/auth-exec-choice/tacacs/tacacs + xpath: a3/tacacs + tf_name: a3_tacacs example: true + exclude_test: true + - yang_name: a3/auth-exec-choice/if-authenticated/if-authenticated + xpath: a3/if-authenticated + tf_name: a3_if_authenticated + example: true + exclude_test: true + - yang_name: a4/auth-exec-choice/local/local + xpath: a4/local + tf_name: a4_local + example: true + - yang_name: a4/auth-exec-choice/group/group + xpath: a4/group + tf_name: a4_group + example: GROUP4 + exclude_test: true + - yang_name: a4/auth-exec-choice/radius/radius + xpath: a4/radius + tf_name: a4_radius + example: true + exclude_test: true + - yang_name: a4/auth-exec-choice/tacacs/tacacs + xpath: a4/tacacs + tf_name: a4_tacacs + example: true + exclude_test: true + - yang_name: a4/auth-exec-choice/if-authenticated/if-authenticated + xpath: a4/if-authenticated + tf_name: a4_if_authenticated + example: true + exclude_test: true - yang_name: network tf_name: networks type: List - exclude_test: true attributes: - yang_name: id id: true - example: TEST11 + example: NET1 + - yang_name: a1/auth-choice/local/local + xpath: a1/local + tf_name: a1_local + example: true + exclude_test: true - yang_name: a1/auth-choice/group/group xpath: a1/group tf_name: a1_group - example: Radius-GROUP + example: RGROUP1 + - yang_name: a2/auth-choice/local/local + xpath: a2/local + tf_name: a2_local + example: true + exclude_test: true + - yang_name: a2/auth-choice/group/group + xpath: a2/group + tf_name: a2_group + example: RGROUP2 + - yang_name: a3/auth-choice/local/local + xpath: a3/local + tf_name: a3_local + example: true + exclude_test: true + - yang_name: a3/auth-choice/group/group + xpath: a3/group + tf_name: a3_group + example: RGROUP3 + - yang_name: a4/auth-choice/local/local + xpath: a4/local + tf_name: a4_local + example: true + - yang_name: a4/auth-choice/group/group + xpath: a4/group + tf_name: a4_group + example: RGROUP4 + exclude_test: true diff --git a/internal/provider/data_source_iosxe_aaa_authorization.go b/internal/provider/data_source_iosxe_aaa_authorization.go index fbcf8034..743541b1 100644 --- a/internal/provider/data_source_iosxe_aaa_authorization.go +++ b/internal/provider/data_source_iosxe_aaa_authorization.go @@ -80,11 +80,75 @@ func (d *AAAAuthorizationDataSource) Schema(ctx context.Context, req datasource. MarkdownDescription: "Use Server-group", Computed: true, }, + "a1_radius": schema.BoolAttribute{ + MarkdownDescription: "Use radius", + Computed: true, + }, + "a1_tacacs": schema.BoolAttribute{ + MarkdownDescription: "Use TACACS+", + Computed: true, + }, + "a1_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: "Succeed if user has authenticated.", + Computed: true, + }, "a2_local": schema.BoolAttribute{ MarkdownDescription: "", Computed: true, }, - "a1_if_authenticated": schema.BoolAttribute{ + "a2_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, + "a2_radius": schema.BoolAttribute{ + MarkdownDescription: "Use Radius", + Computed: true, + }, + "a2_tacacs": schema.BoolAttribute{ + MarkdownDescription: "Use TACACS+", + Computed: true, + }, + "a2_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: "Succeed if user has authenticated.", + Computed: true, + }, + "a3_local": schema.BoolAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "a3_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, + "a3_radius": schema.BoolAttribute{ + MarkdownDescription: "Use Radius", + Computed: true, + }, + "a3_tacacs": schema.BoolAttribute{ + MarkdownDescription: "Use TACACS+", + Computed: true, + }, + "a3_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: "Succeed if user has authenticated.", + Computed: true, + }, + "a4_local": schema.BoolAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "a4_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, + "a4_radius": schema.BoolAttribute{ + MarkdownDescription: "Use radius", + Computed: true, + }, + "a4_tacacs": schema.BoolAttribute{ + MarkdownDescription: "Use TACACS+", + Computed: true, + }, + "a4_if_authenticated": schema.BoolAttribute{ MarkdownDescription: "Succeed if user has authenticated.", Computed: true, }, @@ -100,10 +164,38 @@ func (d *AAAAuthorizationDataSource) Schema(ctx context.Context, req datasource. MarkdownDescription: "", Computed: true, }, + "a1_local": schema.BoolAttribute{ + MarkdownDescription: "Use local username authentication.", + Computed: true, + }, "a1_group": schema.StringAttribute{ MarkdownDescription: "Use Server-group", Computed: true, }, + "a2_local": schema.BoolAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "a2_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, + "a3_local": schema.BoolAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "a3_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, + "a4_local": schema.BoolAttribute{ + MarkdownDescription: "", + Computed: true, + }, + "a4_group": schema.StringAttribute{ + MarkdownDescription: "Use Server-group", + Computed: true, + }, }, }, }, diff --git a/internal/provider/data_source_iosxe_aaa_authorization_test.go b/internal/provider/data_source_iosxe_aaa_authorization_test.go index 249e7813..800f9b29 100644 --- a/internal/provider/data_source_iosxe_aaa_authorization_test.go +++ b/internal/provider/data_source_iosxe_aaa_authorization_test.go @@ -31,10 +31,16 @@ func TestAccDataSourceIosxeAAAAuthorization(t *testing.T) { t.Skip("skipping test, set environment variable AAA") } var checks []resource.TestCheckFunc - checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.name", "TEST")) - checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a1_local", "false")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.name", "EXEC1")) checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a1_group", "GROUP1")) - checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a1_if_authenticated", "true")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a2_group", "GROUP2")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a3_group", "GROUP3")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "execs.0.a4_local", "true")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "networks.0.id", "NET1")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "networks.0.a1_group", "RGROUP1")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "networks.0.a2_group", "RGROUP2")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "networks.0.a3_group", "RGROUP3")) + checks = append(checks, resource.TestCheckResourceAttr("data.iosxe_aaa_authorization.test", "networks.0.a4_local", "true")) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, ProtoV6ProviderFactories: testAccProtoV6ProviderFactories, @@ -51,10 +57,18 @@ func testAccDataSourceIosxeAAAAuthorizationConfig() string { config := `resource "iosxe_aaa_authorization" "test" {` + "\n" config += ` delete_mode = "attributes"` + "\n" config += ` execs = [{` + "\n" - config += ` name = "TEST"` + "\n" - config += ` a1_local = false` + "\n" + config += ` name = "EXEC1"` + "\n" config += ` a1_group = "GROUP1"` + "\n" - config += ` a1_if_authenticated = true` + "\n" + config += ` a2_group = "GROUP2"` + "\n" + config += ` a3_group = "GROUP3"` + "\n" + config += ` a4_local = true` + "\n" + config += ` }]` + "\n" + config += ` networks = [{` + "\n" + config += ` id = "NET1"` + "\n" + config += ` a1_group = "RGROUP1"` + "\n" + config += ` a2_group = "RGROUP2"` + "\n" + config += ` a3_group = "RGROUP3"` + "\n" + config += ` a4_local = true` + "\n" config += ` }]` + "\n" config += `}` + "\n" diff --git a/internal/provider/model_iosxe_aaa_authorization.go b/internal/provider/model_iosxe_aaa_authorization.go index 97a02d2a..d5f7ba88 100644 --- a/internal/provider/model_iosxe_aaa_authorization.go +++ b/internal/provider/model_iosxe_aaa_authorization.go @@ -51,12 +51,35 @@ type AAAAuthorizationExecs struct { Name types.String `tfsdk:"name"` A1Local types.Bool `tfsdk:"a1_local"` A1Group types.String `tfsdk:"a1_group"` - A2Local types.Bool `tfsdk:"a2_local"` + A1Radius types.Bool `tfsdk:"a1_radius"` + A1Tacacs types.Bool `tfsdk:"a1_tacacs"` A1IfAuthenticated types.Bool `tfsdk:"a1_if_authenticated"` + A2Local types.Bool `tfsdk:"a2_local"` + A2Group types.String `tfsdk:"a2_group"` + A2Radius types.Bool `tfsdk:"a2_radius"` + A2Tacacs types.Bool `tfsdk:"a2_tacacs"` + A2IfAuthenticated types.Bool `tfsdk:"a2_if_authenticated"` + A3Local types.Bool `tfsdk:"a3_local"` + A3Group types.String `tfsdk:"a3_group"` + A3Radius types.Bool `tfsdk:"a3_radius"` + A3Tacacs types.Bool `tfsdk:"a3_tacacs"` + A3IfAuthenticated types.Bool `tfsdk:"a3_if_authenticated"` + A4Local types.Bool `tfsdk:"a4_local"` + A4Group types.String `tfsdk:"a4_group"` + A4Radius types.Bool `tfsdk:"a4_radius"` + A4Tacacs types.Bool `tfsdk:"a4_tacacs"` + A4IfAuthenticated types.Bool `tfsdk:"a4_if_authenticated"` } type AAAAuthorizationNetworks struct { Id types.String `tfsdk:"id"` + A1Local types.Bool `tfsdk:"a1_local"` A1Group types.String `tfsdk:"a1_group"` + A2Local types.Bool `tfsdk:"a2_local"` + A2Group types.String `tfsdk:"a2_group"` + A3Local types.Bool `tfsdk:"a3_local"` + A3Group types.String `tfsdk:"a3_group"` + A4Local types.Bool `tfsdk:"a4_local"` + A4Group types.String `tfsdk:"a4_group"` } func (data AAAAuthorization) getPath() string { @@ -94,9 +117,14 @@ func (data AAAAuthorization) toBody(ctx context.Context) string { if !item.A1Group.IsNull() && !item.A1Group.IsUnknown() { body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a1.group", item.A1Group.ValueString()) } - if !item.A2Local.IsNull() && !item.A2Local.IsUnknown() { - if item.A2Local.ValueBool() { - body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.local", map[string]string{}) + if !item.A1Radius.IsNull() && !item.A1Radius.IsUnknown() { + if item.A1Radius.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a1.radius", map[string]string{}) + } + } + if !item.A1Tacacs.IsNull() && !item.A1Tacacs.IsUnknown() { + if item.A1Tacacs.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a1.tacacs", map[string]string{}) } } if !item.A1IfAuthenticated.IsNull() && !item.A1IfAuthenticated.IsUnknown() { @@ -104,6 +132,75 @@ func (data AAAAuthorization) toBody(ctx context.Context) string { body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a1.if-authenticated", map[string]string{}) } } + if !item.A2Local.IsNull() && !item.A2Local.IsUnknown() { + if item.A2Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.local", map[string]string{}) + } + } + if !item.A2Group.IsNull() && !item.A2Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.group", item.A2Group.ValueString()) + } + if !item.A2Radius.IsNull() && !item.A2Radius.IsUnknown() { + if item.A2Radius.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.radius", map[string]string{}) + } + } + if !item.A2Tacacs.IsNull() && !item.A2Tacacs.IsUnknown() { + if item.A2Tacacs.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.tacacs", map[string]string{}) + } + } + if !item.A2IfAuthenticated.IsNull() && !item.A2IfAuthenticated.IsUnknown() { + if item.A2IfAuthenticated.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a2.if-authenticated", map[string]string{}) + } + } + if !item.A3Local.IsNull() && !item.A3Local.IsUnknown() { + if item.A3Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a3.local", map[string]string{}) + } + } + if !item.A3Group.IsNull() && !item.A3Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a3.group", item.A3Group.ValueString()) + } + if !item.A3Radius.IsNull() && !item.A3Radius.IsUnknown() { + if item.A3Radius.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a3.radius", map[string]string{}) + } + } + if !item.A3Tacacs.IsNull() && !item.A3Tacacs.IsUnknown() { + if item.A3Tacacs.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a3.tacacs", map[string]string{}) + } + } + if !item.A3IfAuthenticated.IsNull() && !item.A3IfAuthenticated.IsUnknown() { + if item.A3IfAuthenticated.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a3.if-authenticated", map[string]string{}) + } + } + if !item.A4Local.IsNull() && !item.A4Local.IsUnknown() { + if item.A4Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a4.local", map[string]string{}) + } + } + if !item.A4Group.IsNull() && !item.A4Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a4.group", item.A4Group.ValueString()) + } + if !item.A4Radius.IsNull() && !item.A4Radius.IsUnknown() { + if item.A4Radius.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a4.radius", map[string]string{}) + } + } + if !item.A4Tacacs.IsNull() && !item.A4Tacacs.IsUnknown() { + if item.A4Tacacs.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a4.tacacs", map[string]string{}) + } + } + if !item.A4IfAuthenticated.IsNull() && !item.A4IfAuthenticated.IsUnknown() { + if item.A4IfAuthenticated.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"exec"+"."+strconv.Itoa(index)+"."+"a4.if-authenticated", map[string]string{}) + } + } } } if len(data.Networks) > 0 { @@ -112,9 +209,38 @@ func (data AAAAuthorization) toBody(ctx context.Context) string { if !item.Id.IsNull() && !item.Id.IsUnknown() { body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"id", item.Id.ValueString()) } + if !item.A1Local.IsNull() && !item.A1Local.IsUnknown() { + if item.A1Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a1.local", map[string]string{}) + } + } if !item.A1Group.IsNull() && !item.A1Group.IsUnknown() { body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a1.group", item.A1Group.ValueString()) } + if !item.A2Local.IsNull() && !item.A2Local.IsUnknown() { + if item.A2Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a2.local", map[string]string{}) + } + } + if !item.A2Group.IsNull() && !item.A2Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a2.group", item.A2Group.ValueString()) + } + if !item.A3Local.IsNull() && !item.A3Local.IsUnknown() { + if item.A3Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a3.local", map[string]string{}) + } + } + if !item.A3Group.IsNull() && !item.A3Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a3.group", item.A3Group.ValueString()) + } + if !item.A4Local.IsNull() && !item.A4Local.IsUnknown() { + if item.A4Local.ValueBool() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a4.local", map[string]string{}) + } + } + if !item.A4Group.IsNull() && !item.A4Group.IsUnknown() { + body, _ = sjson.Set(body, helpers.LastElement(data.getPath())+"."+"network"+"."+strconv.Itoa(index)+"."+"a4.group", item.A4Group.ValueString()) + } } } return body @@ -167,14 +293,23 @@ func (data *AAAAuthorization) updateFromBody(ctx context.Context, res gjson.Resu } else { data.Execs[i].A1Group = types.StringNull() } - if value := r.Get("a2.local"); !data.Execs[i].A2Local.IsNull() { + if value := r.Get("a1.radius"); !data.Execs[i].A1Radius.IsNull() { if value.Exists() { - data.Execs[i].A2Local = types.BoolValue(true) + data.Execs[i].A1Radius = types.BoolValue(true) } else { - data.Execs[i].A2Local = types.BoolValue(false) + data.Execs[i].A1Radius = types.BoolValue(false) } } else { - data.Execs[i].A2Local = types.BoolNull() + data.Execs[i].A1Radius = types.BoolNull() + } + if value := r.Get("a1.tacacs"); !data.Execs[i].A1Tacacs.IsNull() { + if value.Exists() { + data.Execs[i].A1Tacacs = types.BoolValue(true) + } else { + data.Execs[i].A1Tacacs = types.BoolValue(false) + } + } else { + data.Execs[i].A1Tacacs = types.BoolNull() } if value := r.Get("a1.if-authenticated"); !data.Execs[i].A1IfAuthenticated.IsNull() { if value.Exists() { @@ -185,6 +320,129 @@ func (data *AAAAuthorization) updateFromBody(ctx context.Context, res gjson.Resu } else { data.Execs[i].A1IfAuthenticated = types.BoolNull() } + if value := r.Get("a2.local"); !data.Execs[i].A2Local.IsNull() { + if value.Exists() { + data.Execs[i].A2Local = types.BoolValue(true) + } else { + data.Execs[i].A2Local = types.BoolValue(false) + } + } else { + data.Execs[i].A2Local = types.BoolNull() + } + if value := r.Get("a2.group"); value.Exists() && !data.Execs[i].A2Group.IsNull() { + data.Execs[i].A2Group = types.StringValue(value.String()) + } else { + data.Execs[i].A2Group = types.StringNull() + } + if value := r.Get("a2.radius"); !data.Execs[i].A2Radius.IsNull() { + if value.Exists() { + data.Execs[i].A2Radius = types.BoolValue(true) + } else { + data.Execs[i].A2Radius = types.BoolValue(false) + } + } else { + data.Execs[i].A2Radius = types.BoolNull() + } + if value := r.Get("a2.tacacs"); !data.Execs[i].A2Tacacs.IsNull() { + if value.Exists() { + data.Execs[i].A2Tacacs = types.BoolValue(true) + } else { + data.Execs[i].A2Tacacs = types.BoolValue(false) + } + } else { + data.Execs[i].A2Tacacs = types.BoolNull() + } + if value := r.Get("a2.if-authenticated"); !data.Execs[i].A2IfAuthenticated.IsNull() { + if value.Exists() { + data.Execs[i].A2IfAuthenticated = types.BoolValue(true) + } else { + data.Execs[i].A2IfAuthenticated = types.BoolValue(false) + } + } else { + data.Execs[i].A2IfAuthenticated = types.BoolNull() + } + if value := r.Get("a3.local"); !data.Execs[i].A3Local.IsNull() { + if value.Exists() { + data.Execs[i].A3Local = types.BoolValue(true) + } else { + data.Execs[i].A3Local = types.BoolValue(false) + } + } else { + data.Execs[i].A3Local = types.BoolNull() + } + if value := r.Get("a3.group"); value.Exists() && !data.Execs[i].A3Group.IsNull() { + data.Execs[i].A3Group = types.StringValue(value.String()) + } else { + data.Execs[i].A3Group = types.StringNull() + } + if value := r.Get("a3.radius"); !data.Execs[i].A3Radius.IsNull() { + if value.Exists() { + data.Execs[i].A3Radius = types.BoolValue(true) + } else { + data.Execs[i].A3Radius = types.BoolValue(false) + } + } else { + data.Execs[i].A3Radius = types.BoolNull() + } + if value := r.Get("a3.tacacs"); !data.Execs[i].A3Tacacs.IsNull() { + if value.Exists() { + data.Execs[i].A3Tacacs = types.BoolValue(true) + } else { + data.Execs[i].A3Tacacs = types.BoolValue(false) + } + } else { + data.Execs[i].A3Tacacs = types.BoolNull() + } + if value := r.Get("a3.if-authenticated"); !data.Execs[i].A3IfAuthenticated.IsNull() { + if value.Exists() { + data.Execs[i].A3IfAuthenticated = types.BoolValue(true) + } else { + data.Execs[i].A3IfAuthenticated = types.BoolValue(false) + } + } else { + data.Execs[i].A3IfAuthenticated = types.BoolNull() + } + if value := r.Get("a4.local"); !data.Execs[i].A4Local.IsNull() { + if value.Exists() { + data.Execs[i].A4Local = types.BoolValue(true) + } else { + data.Execs[i].A4Local = types.BoolValue(false) + } + } else { + data.Execs[i].A4Local = types.BoolNull() + } + if value := r.Get("a4.group"); value.Exists() && !data.Execs[i].A4Group.IsNull() { + data.Execs[i].A4Group = types.StringValue(value.String()) + } else { + data.Execs[i].A4Group = types.StringNull() + } + if value := r.Get("a4.radius"); !data.Execs[i].A4Radius.IsNull() { + if value.Exists() { + data.Execs[i].A4Radius = types.BoolValue(true) + } else { + data.Execs[i].A4Radius = types.BoolValue(false) + } + } else { + data.Execs[i].A4Radius = types.BoolNull() + } + if value := r.Get("a4.tacacs"); !data.Execs[i].A4Tacacs.IsNull() { + if value.Exists() { + data.Execs[i].A4Tacacs = types.BoolValue(true) + } else { + data.Execs[i].A4Tacacs = types.BoolValue(false) + } + } else { + data.Execs[i].A4Tacacs = types.BoolNull() + } + if value := r.Get("a4.if-authenticated"); !data.Execs[i].A4IfAuthenticated.IsNull() { + if value.Exists() { + data.Execs[i].A4IfAuthenticated = types.BoolValue(true) + } else { + data.Execs[i].A4IfAuthenticated = types.BoolValue(false) + } + } else { + data.Execs[i].A4IfAuthenticated = types.BoolNull() + } } for i := range data.Networks { keys := [...]string{"id"} @@ -214,11 +472,62 @@ func (data *AAAAuthorization) updateFromBody(ctx context.Context, res gjson.Resu } else { data.Networks[i].Id = types.StringNull() } + if value := r.Get("a1.local"); !data.Networks[i].A1Local.IsNull() { + if value.Exists() { + data.Networks[i].A1Local = types.BoolValue(true) + } else { + data.Networks[i].A1Local = types.BoolValue(false) + } + } else { + data.Networks[i].A1Local = types.BoolNull() + } if value := r.Get("a1.group"); value.Exists() && !data.Networks[i].A1Group.IsNull() { data.Networks[i].A1Group = types.StringValue(value.String()) } else { data.Networks[i].A1Group = types.StringNull() } + if value := r.Get("a2.local"); !data.Networks[i].A2Local.IsNull() { + if value.Exists() { + data.Networks[i].A2Local = types.BoolValue(true) + } else { + data.Networks[i].A2Local = types.BoolValue(false) + } + } else { + data.Networks[i].A2Local = types.BoolNull() + } + if value := r.Get("a2.group"); value.Exists() && !data.Networks[i].A2Group.IsNull() { + data.Networks[i].A2Group = types.StringValue(value.String()) + } else { + data.Networks[i].A2Group = types.StringNull() + } + if value := r.Get("a3.local"); !data.Networks[i].A3Local.IsNull() { + if value.Exists() { + data.Networks[i].A3Local = types.BoolValue(true) + } else { + data.Networks[i].A3Local = types.BoolValue(false) + } + } else { + data.Networks[i].A3Local = types.BoolNull() + } + if value := r.Get("a3.group"); value.Exists() && !data.Networks[i].A3Group.IsNull() { + data.Networks[i].A3Group = types.StringValue(value.String()) + } else { + data.Networks[i].A3Group = types.StringNull() + } + if value := r.Get("a4.local"); !data.Networks[i].A4Local.IsNull() { + if value.Exists() { + data.Networks[i].A4Local = types.BoolValue(true) + } else { + data.Networks[i].A4Local = types.BoolValue(false) + } + } else { + data.Networks[i].A4Local = types.BoolNull() + } + if value := r.Get("a4.group"); value.Exists() && !data.Networks[i].A4Group.IsNull() { + data.Networks[i].A4Group = types.StringValue(value.String()) + } else { + data.Networks[i].A4Group = types.StringNull() + } } } @@ -242,16 +551,90 @@ func (data *AAAAuthorizationData) fromBody(ctx context.Context, res gjson.Result if cValue := v.Get("a1.group"); cValue.Exists() { item.A1Group = types.StringValue(cValue.String()) } - if cValue := v.Get("a2.local"); cValue.Exists() { - item.A2Local = types.BoolValue(true) + if cValue := v.Get("a1.radius"); cValue.Exists() { + item.A1Radius = types.BoolValue(true) } else { - item.A2Local = types.BoolValue(false) + item.A1Radius = types.BoolValue(false) + } + if cValue := v.Get("a1.tacacs"); cValue.Exists() { + item.A1Tacacs = types.BoolValue(true) + } else { + item.A1Tacacs = types.BoolValue(false) } if cValue := v.Get("a1.if-authenticated"); cValue.Exists() { item.A1IfAuthenticated = types.BoolValue(true) } else { item.A1IfAuthenticated = types.BoolValue(false) } + if cValue := v.Get("a2.local"); cValue.Exists() { + item.A2Local = types.BoolValue(true) + } else { + item.A2Local = types.BoolValue(false) + } + if cValue := v.Get("a2.group"); cValue.Exists() { + item.A2Group = types.StringValue(cValue.String()) + } + if cValue := v.Get("a2.radius"); cValue.Exists() { + item.A2Radius = types.BoolValue(true) + } else { + item.A2Radius = types.BoolValue(false) + } + if cValue := v.Get("a2.tacacs"); cValue.Exists() { + item.A2Tacacs = types.BoolValue(true) + } else { + item.A2Tacacs = types.BoolValue(false) + } + if cValue := v.Get("a2.if-authenticated"); cValue.Exists() { + item.A2IfAuthenticated = types.BoolValue(true) + } else { + item.A2IfAuthenticated = types.BoolValue(false) + } + if cValue := v.Get("a3.local"); cValue.Exists() { + item.A3Local = types.BoolValue(true) + } else { + item.A3Local = types.BoolValue(false) + } + if cValue := v.Get("a3.group"); cValue.Exists() { + item.A3Group = types.StringValue(cValue.String()) + } + if cValue := v.Get("a3.radius"); cValue.Exists() { + item.A3Radius = types.BoolValue(true) + } else { + item.A3Radius = types.BoolValue(false) + } + if cValue := v.Get("a3.tacacs"); cValue.Exists() { + item.A3Tacacs = types.BoolValue(true) + } else { + item.A3Tacacs = types.BoolValue(false) + } + if cValue := v.Get("a3.if-authenticated"); cValue.Exists() { + item.A3IfAuthenticated = types.BoolValue(true) + } else { + item.A3IfAuthenticated = types.BoolValue(false) + } + if cValue := v.Get("a4.local"); cValue.Exists() { + item.A4Local = types.BoolValue(true) + } else { + item.A4Local = types.BoolValue(false) + } + if cValue := v.Get("a4.group"); cValue.Exists() { + item.A4Group = types.StringValue(cValue.String()) + } + if cValue := v.Get("a4.radius"); cValue.Exists() { + item.A4Radius = types.BoolValue(true) + } else { + item.A4Radius = types.BoolValue(false) + } + if cValue := v.Get("a4.tacacs"); cValue.Exists() { + item.A4Tacacs = types.BoolValue(true) + } else { + item.A4Tacacs = types.BoolValue(false) + } + if cValue := v.Get("a4.if-authenticated"); cValue.Exists() { + item.A4IfAuthenticated = types.BoolValue(true) + } else { + item.A4IfAuthenticated = types.BoolValue(false) + } data.Execs = append(data.Execs, item) return true }) @@ -263,9 +646,38 @@ func (data *AAAAuthorizationData) fromBody(ctx context.Context, res gjson.Result if cValue := v.Get("id"); cValue.Exists() { item.Id = types.StringValue(cValue.String()) } + if cValue := v.Get("a1.local"); cValue.Exists() { + item.A1Local = types.BoolValue(true) + } else { + item.A1Local = types.BoolValue(false) + } if cValue := v.Get("a1.group"); cValue.Exists() { item.A1Group = types.StringValue(cValue.String()) } + if cValue := v.Get("a2.local"); cValue.Exists() { + item.A2Local = types.BoolValue(true) + } else { + item.A2Local = types.BoolValue(false) + } + if cValue := v.Get("a2.group"); cValue.Exists() { + item.A2Group = types.StringValue(cValue.String()) + } + if cValue := v.Get("a3.local"); cValue.Exists() { + item.A3Local = types.BoolValue(true) + } else { + item.A3Local = types.BoolValue(false) + } + if cValue := v.Get("a3.group"); cValue.Exists() { + item.A3Group = types.StringValue(cValue.String()) + } + if cValue := v.Get("a4.local"); cValue.Exists() { + item.A4Local = types.BoolValue(true) + } else { + item.A4Local = types.BoolValue(false) + } + if cValue := v.Get("a4.group"); cValue.Exists() { + item.A4Group = types.StringValue(cValue.String()) + } data.Networks = append(data.Networks, item) return true }) @@ -298,12 +710,60 @@ func (data *AAAAuthorization) getDeletedItems(ctx context.Context, state AAAAuth if !state.Execs[i].A1Group.IsNull() && data.Execs[j].A1Group.IsNull() { deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a1/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) } - if !state.Execs[i].A2Local.IsNull() && data.Execs[j].A2Local.IsNull() { - deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + if !state.Execs[i].A1Radius.IsNull() && data.Execs[j].A1Radius.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a1/radius", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A1Tacacs.IsNull() && data.Execs[j].A1Tacacs.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a1/tacacs", state.getPath(), strings.Join(stateKeyValues[:], ","))) } if !state.Execs[i].A1IfAuthenticated.IsNull() && data.Execs[j].A1IfAuthenticated.IsNull() { deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a1/if-authenticated", state.getPath(), strings.Join(stateKeyValues[:], ","))) } + if !state.Execs[i].A2Local.IsNull() && data.Execs[j].A2Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A2Group.IsNull() && data.Execs[j].A2Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A2Radius.IsNull() && data.Execs[j].A2Radius.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/radius", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A2Tacacs.IsNull() && data.Execs[j].A2Tacacs.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/tacacs", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A2IfAuthenticated.IsNull() && data.Execs[j].A2IfAuthenticated.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a2/if-authenticated", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A3Local.IsNull() && data.Execs[j].A3Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a3/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A3Group.IsNull() && data.Execs[j].A3Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a3/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A3Radius.IsNull() && data.Execs[j].A3Radius.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a3/radius", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A3Tacacs.IsNull() && data.Execs[j].A3Tacacs.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a3/tacacs", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A3IfAuthenticated.IsNull() && data.Execs[j].A3IfAuthenticated.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a3/if-authenticated", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A4Local.IsNull() && data.Execs[j].A4Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a4/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A4Group.IsNull() && data.Execs[j].A4Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a4/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A4Radius.IsNull() && data.Execs[j].A4Radius.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a4/radius", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A4Tacacs.IsNull() && data.Execs[j].A4Tacacs.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a4/tacacs", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Execs[i].A4IfAuthenticated.IsNull() && data.Execs[j].A4IfAuthenticated.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/exec=%v/a4/if-authenticated", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } break } } @@ -329,9 +789,30 @@ func (data *AAAAuthorization) getDeletedItems(ctx context.Context, state AAAAuth found = false } if found { + if !state.Networks[i].A1Local.IsNull() && data.Networks[j].A1Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a1/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } if !state.Networks[i].A1Group.IsNull() && data.Networks[j].A1Group.IsNull() { deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a1/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) } + if !state.Networks[i].A2Local.IsNull() && data.Networks[j].A2Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a2/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Networks[i].A2Group.IsNull() && data.Networks[j].A2Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a2/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Networks[i].A3Local.IsNull() && data.Networks[j].A3Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a3/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Networks[i].A3Group.IsNull() && data.Networks[j].A3Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a3/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Networks[i].A4Local.IsNull() && data.Networks[j].A4Local.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a4/local", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } + if !state.Networks[i].A4Group.IsNull() && data.Networks[j].A4Group.IsNull() { + deletedItems = append(deletedItems, fmt.Sprintf("%v/network=%v/a4/group", state.getPath(), strings.Join(stateKeyValues[:], ","))) + } break } } @@ -350,14 +831,68 @@ func (data *AAAAuthorization) getEmptyLeafsDelete(ctx context.Context) []string if !data.Execs[i].A1Local.IsNull() && !data.Execs[i].A1Local.ValueBool() { emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a1/local", data.getPath(), strings.Join(keyValues[:], ","))) } - if !data.Execs[i].A2Local.IsNull() && !data.Execs[i].A2Local.ValueBool() { - emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a2/local", data.getPath(), strings.Join(keyValues[:], ","))) + if !data.Execs[i].A1Radius.IsNull() && !data.Execs[i].A1Radius.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a1/radius", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A1Tacacs.IsNull() && !data.Execs[i].A1Tacacs.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a1/tacacs", data.getPath(), strings.Join(keyValues[:], ","))) } if !data.Execs[i].A1IfAuthenticated.IsNull() && !data.Execs[i].A1IfAuthenticated.ValueBool() { emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a1/if-authenticated", data.getPath(), strings.Join(keyValues[:], ","))) } + if !data.Execs[i].A2Local.IsNull() && !data.Execs[i].A2Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a2/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A2Radius.IsNull() && !data.Execs[i].A2Radius.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a2/radius", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A2Tacacs.IsNull() && !data.Execs[i].A2Tacacs.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a2/tacacs", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A2IfAuthenticated.IsNull() && !data.Execs[i].A2IfAuthenticated.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a2/if-authenticated", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A3Local.IsNull() && !data.Execs[i].A3Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a3/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A3Radius.IsNull() && !data.Execs[i].A3Radius.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a3/radius", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A3Tacacs.IsNull() && !data.Execs[i].A3Tacacs.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a3/tacacs", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A3IfAuthenticated.IsNull() && !data.Execs[i].A3IfAuthenticated.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a3/if-authenticated", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A4Local.IsNull() && !data.Execs[i].A4Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a4/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A4Radius.IsNull() && !data.Execs[i].A4Radius.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a4/radius", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A4Tacacs.IsNull() && !data.Execs[i].A4Tacacs.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a4/tacacs", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Execs[i].A4IfAuthenticated.IsNull() && !data.Execs[i].A4IfAuthenticated.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/exec=%v/a4/if-authenticated", data.getPath(), strings.Join(keyValues[:], ","))) + } } + for i := range data.Networks { + keyValues := [...]string{data.Networks[i].Id.ValueString()} + if !data.Networks[i].A1Local.IsNull() && !data.Networks[i].A1Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/network=%v/a1/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Networks[i].A2Local.IsNull() && !data.Networks[i].A2Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/network=%v/a2/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Networks[i].A3Local.IsNull() && !data.Networks[i].A3Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/network=%v/a3/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + if !data.Networks[i].A4Local.IsNull() && !data.Networks[i].A4Local.ValueBool() { + emptyLeafsDelete = append(emptyLeafsDelete, fmt.Sprintf("%v/network=%v/a4/local", data.getPath(), strings.Join(keyValues[:], ","))) + } + } return emptyLeafsDelete } diff --git a/internal/provider/resource_iosxe_aaa_authorization.go b/internal/provider/resource_iosxe_aaa_authorization.go index b11e8094..9442e3d4 100644 --- a/internal/provider/resource_iosxe_aaa_authorization.go +++ b/internal/provider/resource_iosxe_aaa_authorization.go @@ -89,11 +89,75 @@ func (r *AAAAuthorizationResource) Schema(ctx context.Context, req resource.Sche MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, Optional: true, }, + "a1_radius": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use radius").String, + Optional: true, + }, + "a1_tacacs": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use TACACS+").String, + Optional: true, + }, + "a1_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Succeed if user has authenticated.").String, + Optional: true, + }, "a2_local": schema.BoolAttribute{ MarkdownDescription: helpers.NewAttributeDescription("").String, Optional: true, }, - "a1_if_authenticated": schema.BoolAttribute{ + "a2_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, + "a2_radius": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Radius").String, + Optional: true, + }, + "a2_tacacs": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use TACACS+").String, + Optional: true, + }, + "a2_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Succeed if user has authenticated.").String, + Optional: true, + }, + "a3_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").String, + Optional: true, + }, + "a3_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, + "a3_radius": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Radius").String, + Optional: true, + }, + "a3_tacacs": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use TACACS+").String, + Optional: true, + }, + "a3_if_authenticated": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Succeed if user has authenticated.").String, + Optional: true, + }, + "a4_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").String, + Optional: true, + }, + "a4_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, + "a4_radius": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use radius").String, + Optional: true, + }, + "a4_tacacs": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use TACACS+").String, + Optional: true, + }, + "a4_if_authenticated": schema.BoolAttribute{ MarkdownDescription: helpers.NewAttributeDescription("Succeed if user has authenticated.").String, Optional: true, }, @@ -109,10 +173,38 @@ func (r *AAAAuthorizationResource) Schema(ctx context.Context, req resource.Sche MarkdownDescription: helpers.NewAttributeDescription("").String, Required: true, }, + "a1_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use local username authentication.").String, + Optional: true, + }, "a1_group": schema.StringAttribute{ MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, Optional: true, }, + "a2_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").String, + Optional: true, + }, + "a2_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, + "a3_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").String, + Optional: true, + }, + "a3_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, + "a4_local": schema.BoolAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("").String, + Optional: true, + }, + "a4_group": schema.StringAttribute{ + MarkdownDescription: helpers.NewAttributeDescription("Use Server-group").String, + Optional: true, + }, }, }, }, diff --git a/internal/provider/resource_iosxe_aaa_authorization_test.go b/internal/provider/resource_iosxe_aaa_authorization_test.go index 240a5a69..2fa433aa 100644 --- a/internal/provider/resource_iosxe_aaa_authorization_test.go +++ b/internal/provider/resource_iosxe_aaa_authorization_test.go @@ -31,10 +31,16 @@ func TestAccIosxeAAAAuthorization(t *testing.T) { t.Skip("skipping test, set environment variable AAA") } var checks []resource.TestCheckFunc - checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.name", "TEST")) - checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a1_local", "false")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.name", "EXEC1")) checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a1_group", "GROUP1")) - checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a1_if_authenticated", "true")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a2_group", "GROUP2")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a3_group", "GROUP3")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "execs.0.a4_local", "true")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "networks.0.id", "NET1")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "networks.0.a1_group", "RGROUP1")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "networks.0.a2_group", "RGROUP2")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "networks.0.a3_group", "RGROUP3")) + checks = append(checks, resource.TestCheckResourceAttr("iosxe_aaa_authorization.test", "networks.0.a4_local", "true")) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, ProtoV6ProviderFactories: testAccProtoV6ProviderFactories, @@ -64,10 +70,18 @@ func testAccIosxeAAAAuthorizationConfig_minimum() string { func testAccIosxeAAAAuthorizationConfig_all() string { config := `resource "iosxe_aaa_authorization" "test" {` + "\n" config += ` execs = [{` + "\n" - config += ` name = "TEST"` + "\n" - config += ` a1_local = false` + "\n" + config += ` name = "EXEC1"` + "\n" config += ` a1_group = "GROUP1"` + "\n" - config += ` a1_if_authenticated = true` + "\n" + config += ` a2_group = "GROUP2"` + "\n" + config += ` a3_group = "GROUP3"` + "\n" + config += ` a4_local = true` + "\n" + config += ` }]` + "\n" + config += ` networks = [{` + "\n" + config += ` id = "NET1"` + "\n" + config += ` a1_group = "RGROUP1"` + "\n" + config += ` a2_group = "RGROUP2"` + "\n" + config += ` a3_group = "RGROUP3"` + "\n" + config += ` a4_local = true` + "\n" config += ` }]` + "\n" config += `}` + "\n" return config diff --git a/templates/guides/changelog.md.tmpl b/templates/guides/changelog.md.tmpl index 833388f7..5e4a6955 100644 --- a/templates/guides/changelog.md.tmpl +++ b/templates/guides/changelog.md.tmpl @@ -21,6 +21,7 @@ description: |- - Add `community_list_expanded` resource and data source - Add `authentication`, `mab` and `dot1x` attributes to `iosxe_interface_ethernet` resource and data source - Add `authorization_exec` and `transport_input` attributes to `iosxe_line` resource and data source +- Add `a2`, `a3` and `a4` attributes to `iosxe_aaa_authorization` resource and data source ## 0.5.1