Add tfe_team_project_access data source

Allows reading a team's access level to a workspace.
hashicorp · Jan 23, 2023 · 9eb52a7 · 9eb52a7
1 parent 8ab0334
commit 9eb52a7
Show file tree

Hide file tree

Showing 4 changed files with 171 additions and 0 deletions.
diff --git a/tfe/data_source_team_project_access.go b/tfe/data_source_team_project_access.go
@@ -0,0 +1,75 @@
+package tfe
+
+import (
+	"context"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+
+	tfe "github.com/hashicorp/go-tfe"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceTFETeamProjectAccess() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourceTFETeamProjectAccessRead,
+
+		Schema: map[string]*schema.Schema{
+			"access": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+
+			"team_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"project_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func dataSourceTFETeamProjectAccessRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	tfeClient := meta.(*tfe.Client)
+
+	// Get the team ID.
+	teamID := d.Get("team_id").(string)
+
+	// Get the project
+	projectID := d.Get("project_id").(string)
+	proj, err := tfeClient.Projects.Read(ctx, projectID)
+	if err != nil {
+		return diag.Errorf(
+			"Error retrieving project %s: %v", projectID, err)
+	}
+
+	options := tfe.TeamProjectAccessListOptions{
+		ProjectID: proj.ID,
+	}
+
+	for {
+		l, err := tfeClient.TeamProjectAccess.List(ctx, options)
+		if err != nil {
+			return diag.Errorf("Error retrieving team access list: %v", err)
+		}
+
+		for _, ta := range l.Items {
+			if ta.Team.ID == teamID {
+				d.SetId(ta.ID)
+				return resourceTFETeamProjectAccessRead(ctx, d, meta)
+			}
+		}
+
+		// Exit the loop when we've seen all pages.
+		if l.CurrentPage >= l.TotalPages {
+			break
+		}
+
+		// Update the page number to get the next page.
+		options.PageNumber = l.NextPage
+	}
+
+	return diag.Errorf("could not find team project access for %s and project %s", teamID, proj.Name)
+}
diff --git a/tfe/data_source_team_project_access_test.go b/tfe/data_source_team_project_access_test.go
@@ -0,0 +1,62 @@
+package tfe
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTFETeamProjectAccessDataSource_basic(t *testing.T) {
+	skipUnlessBeta(t)
+
+	tfeClient, err := getClientUsingEnv()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	org, orgCleanup := createBusinessOrganization(t, tfeClient)
+	t.Cleanup(orgCleanup)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccTFETeamProjectAccessDataSourceConfig(org.Name),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(
+						"data.tfe_team_project_access.foobar", "access", "read"),
+					resource.TestCheckResourceAttrSet("data.tfe_team_project_access.foobar", "id"),
+					resource.TestCheckResourceAttrSet("data.tfe_team_project_access.foobar", "team_id"),
+					resource.TestCheckResourceAttrSet("data.tfe_team_project_access.foobar", "project_id"),
+				),
+			},
+		},
+	})
+}
+
+func testAccTFETeamProjectAccessDataSourceConfig(organization string) string {
+	return fmt.Sprintf(`
+resource "tfe_team" "foobar" {
+  name         = "team-test"
+  organization = "%s"
+}
+
+resource "tfe_project" "foobar" {
+  name         = "projecttest"
+  organization = "%s"
+}
+
+resource "tfe_team_project_access" "foobar" {
+  access       = "read"
+  team_id      = tfe_team.foobar.id
+  project_id   = tfe_project.foobar.id
+}
+
+data "tfe_team_project_access" "foobar" {
+  team_id      = tfe_team.foobar.id
+  project_id   = tfe_project.foobar.id
+  depends_on = [tfe_team_project_access.foobar]
+}`, organization, organization)
+}
diff --git a/tfe/provider.go b/tfe/provider.go
@@ -114,6 +114,7 @@ func Provider() *schema.Provider {
 			"tfe_ssh_key":                 dataSourceTFESSHKey(),
 			"tfe_team":                    dataSourceTFETeam(),
 			"tfe_team_access":             dataSourceTFETeamAccess(),
+			"tfe_team_project_access":     dataSourceTFETeamProjectAccess(),
 			"tfe_workspace":               dataSourceTFEWorkspace(),
 			"tfe_workspace_ids":           dataSourceTFEWorkspaceIDs(),
 			"tfe_workspace_run_task":      dataSourceTFEWorkspaceRunTask(),

diff --git a/website/docs/d/team_project_access.html.markdown b/website/docs/d/team_project_access.html.markdown
@@ -0,0 +1,33 @@
+---
+layout: "tfe"
+page_title: "Terraform Enterprise: tfe_team_project_access"
+description: |-
+  Get information on team permissions on a project.
+---
+
+# Data Source: tfe_team_project_access
+
+Use this data source to get information about team permissions for a project.
+
+## Example Usage
+
+```hcl
+data "tfe_team_project_access" "test" {
+  team_id      = "my-team-id"
+  project_id   = "my-project-id"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `team_id` - (Required) ID of the team.
+* `project_id` - (Required) ID of the project.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` The team project access ID.
+* `access` - The type of access granted to the team on the project.