feat: add datasource grafana_folder_permission

Author: fgouteroux

internal/resources/grafana/data_source_folder_permission.go

@@ -0,0 +1,93 @@
+package grafana
+
+import (
+	"context"
+	"strconv"
+
+	"github.com/grafana/grafana-openapi-client-go/models"
+
+	"github.com/grafana/terraform-provider-grafana/v3/internal/common"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func datasourceFolderPermission() *common.DataSource {
+	schema := &schema.Resource{
+		Description: `
+* [Official documentation](https://grafana.com/docs/grafana/latest/dashboards/manage-dashboards/)
+* [HTTP API](https://grafana.com/docs/grafana/latest/developers/http_api/folder_permissions/)
+`,
+		ReadContext: dataSourceFolderPermissionRead,
+		Schema: map[string]*schema.Schema{
+			"org_id": orgIDAttribute(),
+			"folder_uid": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "The UID of the folder.",
+			},
+			"permissions": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"team_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "ID of the team to manage permissions for.",
+						},
+						"user_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "ID of the user or service account to manage permissions for.",
+						},
+						"permission": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Permission to associate with item. Must be one of `View`, `Edit`, or `Admin`.",
+						},
+						"role": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "Role to associate with item. Must be one of `Viewer`, `Editor`, or `Admin`.",
+						},
+					},
+				},
+			},
+		},
+	}
+	return common.NewLegacySDKDataSource(common.CategoryGrafanaOSS, "grafana_folder_permission", schema)
+}
+
+func dataSourceFolderPermissionRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, orgID := OAPIClientFromNewOrgResource(meta, d)
+	uid := d.Get("folder_uid").(string)
+
+	resp, err := client.FolderPermissions.GetFolderPermissionList(uid)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	var resourcePermissions []models.DashboardACLInfoDTO
+	for _, perm := range resp.Payload {
+		resourcePermissions = append(resourcePermissions, *perm)
+	}
+
+	var permissionItems []interface{}
+	for _, permission := range resourcePermissions {
+		permissionItem := make(map[string]interface{})
+		if permission.Role != "" {
+			permissionItem["role"] = permission.Role
+		}
+		permissionItem["team_id"] = permission.TeamUID
+		permissionItem["user_id"] = permission.UserUID
+		permissionItem["permission"] = permission.PermissionName
+
+		permissionItems = append(permissionItems, permissionItem)
+	}
+
+	d.SetId(MakeOrgResourceID(orgID, uid))
+	d.Set("org_id", strconv.FormatInt(orgID, 10))
+	d.Set("permissions", permissionItems)
+
+	return nil
+}

internal/resources/grafana/data_source_folder_permission_test.go

@@ -0,0 +1,55 @@
+package grafana_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/grafana/grafana-openapi-client-go/models"
+	"github.com/grafana/terraform-provider-grafana/v3/internal/testutils"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccDatasourceFolder_permissions(t *testing.T) {
+	testutils.CheckOSSTestsEnabled(t, ">=10.3.0")
+
+	var test models.Folder
+	randomName := acctest.RandStringFromCharSet(6, acctest.CharSetAlpha)
+
+	resource.ParallelTest(t, resource.TestCase{
+		ProtoV5ProviderFactories: testutils.ProtoV5ProviderFactories,
+		CheckDestroy: resource.ComposeTestCheckFunc(
+			folderCheckExists.destroyed(&test, nil),
+		),
+		Steps: []resource.TestStep{
+			{
+				Config: testFolderPermissionData(randomName),
+				Check: resource.ComposeTestCheckFunc(
+					folderCheckExists.exists("grafana_folder.test", &test),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "folder_uid", randomName),
+					resource.TestMatchResourceAttr("data.grafana_folder_permission.test", "id", defaultOrgIDRegexp),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.#", "3"),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.0.permission", "Admin"),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.1.role", "Editor"),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.1.permission", "Edit"),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.2.role", "Viewer"),
+					resource.TestCheckResourceAttr("data.grafana_folder_permission.test", "permissions.2.permission", "View"),
+				),
+			},
+		},
+	})
+}
+
+func testFolderPermissionData(name string) string {
+	return fmt.Sprintf(`
+resource "grafana_folder" "test" {
+	title = "%[1]s"
+	uid   = "%[1]s"
+}
+	
+data "grafana_folder_permission" "test" {
+	folder_uid = grafana_folder.test.uid
+}
+	
+`, name)
+}

internal/resources/grafana/resources.go

@@ -89,6 +89,7 @@ var DataSources = addValidationToDataSources(
 	datasourceDashboards(),
 	datasourceDatasource(),
 	datasourceFolder(),
+	datasourceFolderPermission(),
 	datasourceFolders(),
 	datasourceLibraryPanel(),
 	datasourceLibraryPanels(),