Skip to content

Commit

Permalink
Revert "Add client config and permissions to google_identity_platform…
Browse files Browse the repository at this point in the history
…_config" (#9447)

[upstream:a3c5d4620635ef4d327b21ed01c878640433cf94]

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
modular-magician committed Nov 10, 2023
1 parent 0f04b08 commit 61e31b5
Show file tree
Hide file tree
Showing 4 changed files with 3 additions and 219 deletions.
2 changes: 2 additions & 0 deletions .changelog/9447.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
```release-note:none
```
Original file line number Diff line number Diff line change
Expand Up @@ -125,47 +125,6 @@ func ResourceIdentityPlatformConfig() *schema.Resource {
},
},
},
"client": {
Type: schema.TypeList,
Optional: true,
Description: `Options related to how clients making requests on behalf of a project should be configured.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"permissions": {
Type: schema.TypeList,
Optional: true,
Description: `Configuration related to restricting a user's ability to affect their account.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"disabled_user_deletion": {
Type: schema.TypeBool,
Optional: true,
Description: `When true, end users cannot delete their account on the associated project through any of our API methods`,
},
"disabled_user_signup": {
Type: schema.TypeBool,
Optional: true,
Description: `When true, end users cannot sign up for a new account on the associated project through any of our API methods`,
},
},
},
},
"api_key": {
Type: schema.TypeString,
Computed: true,
Description: `API key that can be used when making requests for this project.`,
Sensitive: true,
},
"firebase_subdomain": {
Type: schema.TypeString,
Computed: true,
Description: `Firebase subdomain.`,
},
},
},
},
"quota": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -491,9 +450,6 @@ func resourceIdentityPlatformConfigRead(d *schema.ResourceData, meta interface{}
if err := d.Set("sms_region_config", flattenIdentityPlatformConfigSmsRegionConfig(res["smsRegionConfig"], d, config)); err != nil {
return fmt.Errorf("Error reading Config: %s", err)
}
if err := d.Set("client", flattenIdentityPlatformConfigClient(res["client"], d, config)); err != nil {
return fmt.Errorf("Error reading Config: %s", err)
}

return nil
}
Expand Down Expand Up @@ -550,12 +506,6 @@ func resourceIdentityPlatformConfigUpdate(d *schema.ResourceData, meta interface
} else if v, ok := d.GetOkExists("sms_region_config"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, smsRegionConfigProp)) {
obj["smsRegionConfig"] = smsRegionConfigProp
}
clientProp, err := expandIdentityPlatformConfigClient(d.Get("client"), d, config)
if err != nil {
return err
} else if v, ok := d.GetOkExists("client"); !tpgresource.IsEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, clientProp)) {
obj["client"] = clientProp
}

url, err := tpgresource.ReplaceVars(d, config, "{{IdentityPlatformBasePath}}projects/{{project}}/config")
if err != nil {
Expand Down Expand Up @@ -588,10 +538,6 @@ func resourceIdentityPlatformConfigUpdate(d *schema.ResourceData, meta interface
if d.HasChange("sms_region_config") {
updateMask = append(updateMask, "smsRegionConfig")
}

if d.HasChange("client") {
updateMask = append(updateMask, "client")
}
// updateMask is a URL parameter but not present in the schema, so ReplaceVars
// won't set it
url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
Expand Down Expand Up @@ -995,54 +941,6 @@ func flattenIdentityPlatformConfigSmsRegionConfigAllowlistOnlyAllowedRegions(v i
return v
}

func flattenIdentityPlatformConfigClient(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["permissions"] =
flattenIdentityPlatformConfigClientPermissions(original["permissions"], d, config)
transformed["api_key"] =
flattenIdentityPlatformConfigClientApiKey(original["apiKey"], d, config)
transformed["firebase_subdomain"] =
flattenIdentityPlatformConfigClientFirebaseSubdomain(original["firebaseSubdomain"], d, config)
return []interface{}{transformed}
}
func flattenIdentityPlatformConfigClientPermissions(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["disabled_user_signup"] =
flattenIdentityPlatformConfigClientPermissionsDisabledUserSignup(original["disabledUserSignup"], d, config)
transformed["disabled_user_deletion"] =
flattenIdentityPlatformConfigClientPermissionsDisabledUserDeletion(original["disabledUserDeletion"], d, config)
return []interface{}{transformed}
}
func flattenIdentityPlatformConfigClientPermissionsDisabledUserSignup(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func flattenIdentityPlatformConfigClientPermissionsDisabledUserDeletion(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func flattenIdentityPlatformConfigClientApiKey(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func flattenIdentityPlatformConfigClientFirebaseSubdomain(v interface{}, d *schema.ResourceData, config *transport_tpg.Config) interface{} {
return v
}

func expandIdentityPlatformConfigAutodeleteAnonymousUsers(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
Expand Down Expand Up @@ -1513,78 +1411,3 @@ func expandIdentityPlatformConfigSmsRegionConfigAllowlistOnly(v interface{}, d t
func expandIdentityPlatformConfigSmsRegionConfigAllowlistOnlyAllowedRegions(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}

func expandIdentityPlatformConfigClient(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})

transformedPermissions, err := expandIdentityPlatformConfigClientPermissions(original["permissions"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPermissions); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["permissions"] = transformedPermissions
}

transformedApiKey, err := expandIdentityPlatformConfigClientApiKey(original["api_key"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedApiKey); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["apiKey"] = transformedApiKey
}

transformedFirebaseSubdomain, err := expandIdentityPlatformConfigClientFirebaseSubdomain(original["firebase_subdomain"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedFirebaseSubdomain); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["firebaseSubdomain"] = transformedFirebaseSubdomain
}

return transformed, nil
}

func expandIdentityPlatformConfigClientPermissions(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
l := v.([]interface{})
if len(l) == 0 || l[0] == nil {
return nil, nil
}
raw := l[0]
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})

transformedDisabledUserSignup, err := expandIdentityPlatformConfigClientPermissionsDisabledUserSignup(original["disabled_user_signup"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDisabledUserSignup); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["disabledUserSignup"] = transformedDisabledUserSignup
}

transformedDisabledUserDeletion, err := expandIdentityPlatformConfigClientPermissionsDisabledUserDeletion(original["disabled_user_deletion"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedDisabledUserDeletion); val.IsValid() && !tpgresource.IsEmptyValue(val) {
transformed["disabledUserDeletion"] = transformedDisabledUserDeletion
}

return transformed, nil
}

func expandIdentityPlatformConfigClientPermissionsDisabledUserSignup(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}

func expandIdentityPlatformConfigClientPermissionsDisabledUserDeletion(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}

func expandIdentityPlatformConfigClientApiKey(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}

func expandIdentityPlatformConfigClientFirebaseSubdomain(v interface{}, d tpgresource.TerraformResourceData, config *transport_tpg.Config) (interface{}, error) {
return v, nil
}
Original file line number Diff line number Diff line change
Expand Up @@ -171,12 +171,7 @@ resource "google_project_service" "identitytoolkit" {
resource "google_identity_platform_config" "default" {
project = google_project.default.project_id
client {
permissions {
disabled_user_deletion = false
disabled_user_signup = true
}
}
depends_on = [
google_project_service.identitytoolkit
]
Expand Down
36 changes: 0 additions & 36 deletions website/docs/r/identity_platform_config.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,6 @@ To get more information about Config, see:
* How-to Guides
* [Official Documentation](https://cloud.google.com/identity-platform/docs)

~> **Warning:** All arguments including the following potentially sensitive
values will be stored in the raw state as plain text: `client.api_key`.
[Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data).

## Example Usage - Identity Platform Config Basic


Expand Down Expand Up @@ -148,11 +144,6 @@ The following arguments are supported:
Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.
Structure is [documented below](#nested_sms_region_config).

* `client` -
(Optional)
Options related to how clients making requests on behalf of a project should be configured.
Structure is [documented below](#nested_client).

* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.

Expand Down Expand Up @@ -320,33 +311,6 @@ The following arguments are supported:
(Optional)
Two letter unicode region codes to allow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json

<a name="nested_client"></a>The `client` block supports:

* `permissions` -
(Optional)
Configuration related to restricting a user's ability to affect their account.
Structure is [documented below](#nested_permissions).

* `api_key` -
(Output)
API key that can be used when making requests for this project.
**Note**: This property is sensitive and will not be displayed in the plan.

* `firebase_subdomain` -
(Output)
Firebase subdomain.


<a name="nested_permissions"></a>The `permissions` block supports:

* `disabled_user_signup` -
(Optional)
When true, end users cannot sign up for a new account on the associated project through any of our API methods

* `disabled_user_deletion` -
(Optional)
When true, end users cannot delete their account on the associated project through any of our API methods

## Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:
Expand Down

0 comments on commit 61e31b5

Please sign in to comment.