Add page-permissions resource (#107)

Author: Tankilevitch

docs/resources/port_page_permissions.md

@@ -0,0 +1,123 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "port_page_permissions Resource - terraform-provider-port-labs"
+subcategory: ""
+description: |-
+  Page Permissions resource
+  Docs about page permissions can be found here https://docs.getport.io/customize-pages-dashboards-and-plugins/page/page-permissions?view-permissions=api.
+  Example Usage
+  Allow read access to all members:
+  hcl
+  resource "port_page_permissions" "microservices_permissions" {
+    page_identifier = "microservices"
+    read = {
+      "roles": ["Member"],
+      "users": [],
+      "teams": [],
+    }
+  }
+  
+  Allow read access to all admins and a specific user and team:
+  hcl
+  resource "port_page_permissions" "microservices_permissions" {
+    page_identifier = "microservices"
+    read = {
+      "roles": [
+        "Admin",
+      ],
+      "users": ["[email protected]"],
+      "teams": ["Team Spiderman"],
+    }
+  }
+  
+  Allow read access to specific users and teams:
+  hcl
+  resource "port_page_permissions" "microservices_permissions" {
+    page_identifier = "microservices"
+    read = {
+      "roles": [],
+      "users": ["[email protected]"],
+      "teams": ["Team Spiderman"],
+    }
+  }
+  
+  Disclaimer
+  Page permissions are created by default when page is first created, this means that you should use this resource when you want to change the default permissions of a page.When deleting a page permissions resource using terraform, the page permissions will not be deleted from Port, as they are required for the action to work, instead, the page permissions will be removed from the terraform state.
+---
+
+# port_page_permissions (Resource)
+
+# Page Permissions resource
+
+Docs about page permissions can be found [here](https://docs.getport.io/customize-pages-dashboards-and-plugins/page/page-permissions?view-permissions=api).
+
+## Example Usage
+
+### Allow read access to all members:
+
+```hcl
+resource "port_page_permissions" "microservices_permissions" {
+  page_identifier = "microservices"
+  read = {
+    "roles": ["Member"],
+    "users": [],
+    "teams": [],
+  }
+}
+```
+
+### Allow read access to all admins and a specific user and team:
+
+```hcl
+resource "port_page_permissions" "microservices_permissions" {
+  page_identifier = "microservices"
+  read = {
+    "roles": [
+      "Admin",
+    ],
+    "users": ["[email protected]"],
+    "teams": ["Team Spiderman"],
+  }
+}
+```
+
+### Allow read access to specific users and teams:
+
+```hcl
+resource "port_page_permissions" "microservices_permissions" {
+  page_identifier = "microservices"
+  read = {
+    "roles": [],
+    "users": ["[email protected]"],
+    "teams": ["Team Spiderman"],
+  }
+}
+```
+
+## Disclaimer 
+
+- Page permissions are created by default when page is first created, this means that you should use this resource when you want to change the default permissions of a page.
+- When deleting a page permissions resource using terraform, the page permissions will not be deleted from Port, as they are required for the action to work, instead, the page permissions will be removed from the terraform state.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `page_identifier` (String)
+- `read` (Attributes) The permission to read the page (see [below for nested schema](#nestedatt--read))
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+<a id="nestedatt--read"></a>
+### Nested Schema for `read`
+
+Optional:
+
+- `roles` (List of String) The roles with read permission
+- `teams` (List of String) The teams with read permission
+- `users` (List of String) The users with read permission

go.mod

@@ -13,6 +13,7 @@ require (
 require (
 	github.com/ProtonMail/go-crypto v0.0.0-20230626094100-7e9e0395ebec // indirect
 	github.com/cloudflare/circl v1.3.3 // indirect
+	github.com/gertd/go-pluralize v0.2.1 // indirect
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect

go.sum

@@ -33,6 +33,8 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
 github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY=
+github.com/gertd/go-pluralize v0.2.1 h1:M3uASbVjMnTsPb0PNqg+E/24Vwigyo/tvyMTtAlLgiA=
+github.com/gertd/go-pluralize v0.2.1/go.mod h1:rbYaKDbsXxmRfr8uygAEKhOWsjyrrqrkHVpZvoOp8zk=
 github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
 github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4=
 github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk=

internal/cli/models.go

@@ -235,6 +235,16 @@ type (
 		Widgets    *[]map[string]any `json:"widgets,omitempty"`
 	}
 
+	PageReadPermissions struct {
+		Users []string `json:"users"`
+		Roles []string `json:"roles"`
+		Teams []string `json:"teams"`
+	}
+
+	PagePermissions struct {
+		Read PageReadPermissions `json:"read"`
+	}
+
 	Relation struct {
 		Identifier *string `json:"identifier,omitempty"`
 		Title      *string `json:"title,omitempty"`
@@ -337,6 +347,11 @@ type PortBody struct {
 	Migration         Migration         `json:"migration"`
 }
 
+type PortPagePermissionsBody struct {
+	OK              bool            `json:"ok"`
+	PagePermissions PagePermissions `json:"permissions"`
+}
+
 type TeamUserBody struct {
 	Email string `json:"email"`
 }

internal/cli/pagePermissions.go

@@ -0,0 +1,48 @@
+package cli
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+)
+
+func (c *PortClient) GetPagePermissions(ctx context.Context, pageID string) (*PagePermissions, int, error) {
+	pppb := &PortPagePermissionsBody{}
+	url := "v1/pages/{page_identifier}/permissions"
+	resp, err := c.Client.R().
+		SetContext(ctx).
+		SetHeader("Accept", "application/json").
+		SetResult(pppb).
+		SetPathParam("page_identifier", pageID).
+		Get(url)
+	if err != nil {
+		return nil, resp.StatusCode(), err
+	}
+	if !pppb.OK {
+		return nil, resp.StatusCode(), fmt.Errorf("failed to get page permissions, got: %s", resp.Body())
+	}
+	return &pppb.PagePermissions, resp.StatusCode(), nil
+
+}
+
+func (c *PortClient) UpdatePagePermissions(ctx context.Context, pageID string, permissions *PagePermissions) (*PagePermissions, error) {
+	url := "v1/pages/{page_identifier}/permissions"
+
+	resp, err := c.Client.R().
+		SetBody(permissions).
+		SetContext(ctx).
+		SetPathParam("page_identifier", pageID).
+		Patch(url)
+	if err != nil {
+		return nil, err
+	}
+	var pppb PortPagePermissionsBody
+	err = json.Unmarshal(resp.Body(), &pppb)
+	if err != nil {
+		return nil, err
+	}
+	if !pppb.OK {
+		return nil, fmt.Errorf("failed to update page permissions, got: %s", resp.Body())
+	}
+	return &pppb.PagePermissions, nil
+}

port/page-permissions/model.go

@@ -0,0 +1,15 @@
+package page_permissions
+
+import "github.com/hashicorp/terraform-plugin-framework/types"
+
+type ReadPagePermissionsModel struct {
+	Users []types.String `tfsdk:"users"`
+	Roles []types.String `tfsdk:"roles"`
+	Teams []types.String `tfsdk:"teams"`
+}
+
+type PagePermissionsModel struct {
+	ID             types.String             `tfsdk:"id"`
+	PageIdentifier types.String             `tfsdk:"page_identifier"`
+	Read           ReadPagePermissionsModel `tfsdk:"read"`
+}

port/page-permissions/pagePermissionToPortBody.go

@@ -0,0 +1,21 @@
+package page_permissions
+
+import (
+	"github.com/port-labs/terraform-provider-port-labs/internal/cli"
+	"github.com/port-labs/terraform-provider-port-labs/internal/flex"
+)
+
+func pagePermissionsToPortBody(state *PagePermissionsModel) (*cli.PagePermissions, error) {
+	if state == nil {
+		return nil, nil
+	}
+
+	pagePermissions := cli.PagePermissions{
+		Read: cli.PageReadPermissions{
+			Users: flex.TerraformStringListToGoArray(state.Read.Users),
+			Roles: flex.TerraformStringListToGoArray(state.Read.Roles),
+			Teams: flex.TerraformStringListToGoArray(state.Read.Teams),
+		},
+	}
+	return &pagePermissions, nil
+}

port/page-permissions/refreshPagePermissionsToState.go

@@ -0,0 +1,29 @@
+package page_permissions
+
+import (
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/port-labs/terraform-provider-port-labs/internal/cli"
+)
+
+func refreshPagePermissionsState(state *PagePermissionsModel, a *cli.PagePermissions, pageId string) error {
+	state.ID = types.StringValue(pageId)
+	state.PageIdentifier = types.StringValue(pageId)
+	state.Read = ReadPagePermissionsModel{}
+
+	state.Read.Users = make([]types.String, len(a.Read.Users))
+	for i, u := range a.Read.Users {
+		state.Read.Users[i] = types.StringValue(u)
+	}
+
+	state.Read.Roles = make([]types.String, len(a.Read.Roles))
+	for i, u := range a.Read.Roles {
+		state.Read.Roles[i] = types.StringValue(u)
+	}
+
+	state.Read.Teams = make([]types.String, len(a.Read.Teams))
+	for i, u := range a.Read.Teams {
+		state.Read.Teams[i] = types.StringValue(u)
+	}
+
+	return nil
+}