From 22763ebe5da561a96486a063ee1b544a5a88f1b4 Mon Sep 17 00:00:00 2001
From: Daniel Hougaard <daniel@infisical.com>
Date: Thu, 10 Oct 2024 02:36:01 +0400
Subject: [PATCH 1/3] fix: project role drift when no conditions are set

---
 .../provider/resource/project_role_resource.go | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/internal/provider/resource/project_role_resource.go b/internal/provider/resource/project_role_resource.go
index fef8747..b171089 100644
--- a/internal/provider/resource/project_role_resource.go
+++ b/internal/provider/resource/project_role_resource.go
@@ -301,13 +301,21 @@ func (r *projectRoleResource) Read(ctx context.Context, req resource.ReadRequest
 			}
 		}
 
-		permissionPlan = append(permissionPlan, projectRoleResourcePermissions{
-			Action:  types.StringValue(action),
-			Subject: types.StringValue(subject),
-			Conditions: &projectRoleResourcePermissionCondition{
+		conditions := &projectRoleResourcePermissionCondition{}
+
+		if environment != "" || secretPath != "" {
+			conditions = &projectRoleResourcePermissionCondition{
 				Environment: types.StringValue(environment),
 				SecretPath:  types.StringValue(secretPath),
-			},
+			}
+		} else if el["conditions"] == nil {
+			conditions = nil
+		}
+
+		permissionPlan = append(permissionPlan, projectRoleResourcePermissions{
+			Action:     types.StringValue(action),
+			Subject:    types.StringValue(subject),
+			Conditions: conditions,
 		})
 	}
 

From 4e90e8bc0a55a10e9c336da57c2157babfc2d723 Mon Sep 17 00:00:00 2001
From: Daniel Hougaard <daniel@infisical.com>
Date: Thu, 10 Oct 2024 02:39:49 +0400
Subject: [PATCH 2/3] Update project_role_resource.go

---
 internal/provider/resource/project_role_resource.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/provider/resource/project_role_resource.go b/internal/provider/resource/project_role_resource.go
index b171089..c0b2e87 100644
--- a/internal/provider/resource/project_role_resource.go
+++ b/internal/provider/resource/project_role_resource.go
@@ -303,13 +303,13 @@ func (r *projectRoleResource) Read(ctx context.Context, req resource.ReadRequest
 
 		conditions := &projectRoleResourcePermissionCondition{}
 
-		if environment != "" || secretPath != "" {
+		if el["conditions"] == nil {
+			conditions = nil
+		} else {
 			conditions = &projectRoleResourcePermissionCondition{
 				Environment: types.StringValue(environment),
 				SecretPath:  types.StringValue(secretPath),
 			}
-		} else if el["conditions"] == nil {
-			conditions = nil
 		}
 
 		permissionPlan = append(permissionPlan, projectRoleResourcePermissions{

From aca6fe96536d78a5cd53476722d162393abe7cd4 Mon Sep 17 00:00:00 2001
From: Daniel Hougaard <daniel@infisical.com>
Date: Thu, 10 Oct 2024 02:42:52 +0400
Subject: [PATCH 3/3] chore: lint

---
 internal/provider/resource/project_role_resource.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/provider/resource/project_role_resource.go b/internal/provider/resource/project_role_resource.go
index c0b2e87..b2c4614 100644
--- a/internal/provider/resource/project_role_resource.go
+++ b/internal/provider/resource/project_role_resource.go
@@ -301,7 +301,7 @@ func (r *projectRoleResource) Read(ctx context.Context, req resource.ReadRequest
 			}
 		}
 
-		conditions := &projectRoleResourcePermissionCondition{}
+		var conditions *projectRoleResourcePermissionCondition
 
 		if el["conditions"] == nil {
 			conditions = nil