feat(secmaster): add version activing check logic in the deleting fun…

…c(playbook version and playbook action) (#5530)
huaweicloud · Sep 10, 2024 · f50480a · f50480a
1 parent b8cac8e
commit f50480a
Show file tree

Hide file tree

Showing 2 changed files with 92 additions and 43 deletions.
diff --git a/huaweicloud/services/secmaster/resource_huaweicloud_secmaster_playbook_action.go b/huaweicloud/services/secmaster/resource_huaweicloud_secmaster_playbook_action.go
@@ -26,6 +26,8 @@ import (
 // @API SecMaster POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions
 // @API SecMaster DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{id}
 // @API SecMaster PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{id}
+// @API SecMaster GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}
+// @API SecMaster PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{id}
 func ResourcePlaybookAction() *schema.Resource {
 	return &schema.Resource{
 		CreateContext: resourcePlaybookActionCreate,
@@ -284,31 +286,44 @@ func resourcePlaybookActionDelete(_ context.Context, d *schema.ResourceData, met
 	cfg := meta.(*config.Config)
 	region := cfg.GetRegion(d)
 
-	// deletePlaybookAction: Delete an existing SecMaster playbook action
-	var (
-		deletePlaybookActionHttpUrl = "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{id}"
-		deletePlaybookActionProduct = "secmaster"
-	)
-	deletePlaybookActionClient, err := cfg.NewServiceClient(deletePlaybookActionProduct, region)
+	workspaceID := d.Get("workspace_id").(string)
+	versionID := d.Get("version_id").(string)
+
+	client, err := cfg.NewServiceClient("secmaster", region)
 	if err != nil {
 		return diag.Errorf("error creating SecMaster client: %s", err)
 	}
 
-	deletePlaybookActionPath := deletePlaybookActionClient.Endpoint + deletePlaybookActionHttpUrl
-	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{project_id}", deletePlaybookActionClient.ProjectID)
-	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{workspace_id}", d.Get("workspace_id").(string))
-	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{version_id}", d.Get("version_id").(string))
+	// Check whether the version is enabled.
+	// Before deleting this version, you need to ensure that the version is not enabled.
+	playbookVersion, err := GetPlaybookVersion(client, workspaceID, versionID)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	if utils.PathSearch("enabled", playbookVersion, false).(bool) {
+		bodyParams := backfillUpdateBodyParams(playbookVersion)
+		bodyParams["enabled"] = false
+		err = updatePlaybookVersion(client, workspaceID, versionID, bodyParams)
+		if err != nil {
+			return diag.Errorf("error disabling SecMaster playbook version: %s", err)
+		}
+	}
+
+	// deletePlaybookAction: Delete an existing SecMaster playbook action
+	deletePlaybookActionHttpUrl := "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{id}"
+	deletePlaybookActionPath := client.Endpoint + deletePlaybookActionHttpUrl
+	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{project_id}", client.ProjectID)
+	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{workspace_id}", workspaceID)
+	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{version_id}", versionID)
 	deletePlaybookActionPath = strings.ReplaceAll(deletePlaybookActionPath, "{id}", d.Id())
 
 	deletePlaybookActionOpt := golangsdk.RequestOpts{
 		KeepResponseBody: true,
-		OkCodes: []int{
-			200,
-		},
-		MoreHeaders: map[string]string{"Content-Type": "application/json"},
+		MoreHeaders:      map[string]string{"Content-Type": "application/json"},
 	}
 
-	_, err = deletePlaybookActionClient.Request("DELETE", deletePlaybookActionPath, &deletePlaybookActionOpt)
+	_, err = client.Request("DELETE", deletePlaybookActionPath, &deletePlaybookActionOpt)
 	if err != nil {
 		return diag.Errorf("error deleting PlaybookAction: %s", err)
 	}

diff --git a/huaweicloud/services/secmaster/resource_huaweicloud_secmaster_playbook_version.go b/huaweicloud/services/secmaster/resource_huaweicloud_secmaster_playbook_version.go
@@ -262,28 +262,14 @@ func resourcePlaybookVersionUpdate(ctx context.Context, d *schema.ResourceData,
 	cfg := meta.(*config.Config)
 	region := cfg.GetRegion(d)
 
-	// updatePlaybookVersion: Update the configuration of SecMaster playbook version
-	var (
-		updatePlaybookVersionHttpUrl = "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{id}"
-		updatePlaybookVersionProduct = "secmaster"
-	)
-	updatePlaybookVersionClient, err := cfg.NewServiceClient(updatePlaybookVersionProduct, region)
+	client, err := cfg.NewServiceClient("secmaster", region)
 	if err != nil {
 		return diag.Errorf("error creating SecMaster client: %s", err)
 	}
 
-	updatePlaybookVersionPath := updatePlaybookVersionClient.Endpoint + updatePlaybookVersionHttpUrl
-	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{project_id}", updatePlaybookVersionClient.ProjectID)
-	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{workspace_id}", d.Get("workspace_id").(string))
-	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{id}", d.Id())
-
-	updatePlaybookVersionOpt := golangsdk.RequestOpts{
-		KeepResponseBody: true,
-		MoreHeaders:      map[string]string{"Content-Type": "application/json"},
-	}
-
-	updatePlaybookVersionOpt.JSONBody = utils.RemoveNil(buildUpdatePlaybookVersionBodyParams(d))
-	_, err = updatePlaybookVersionClient.Request("PUT", updatePlaybookVersionPath, &updatePlaybookVersionOpt)
+	// updatePlaybookVersion: Update the configuration of SecMaster playbook version
+	bodyParams := utils.RemoveNil(buildUpdatePlaybookVersionBodyParams(d))
+	err = updatePlaybookVersion(client, d.Get("workspace_id").(string), d.Id(), bodyParams)
 	if err != nil {
 		return diag.Errorf("error updating SecMaster playbook version: %s", err)
 	}
@@ -311,19 +297,31 @@ func buildUpdatePlaybookVersionBodyParams(d *schema.ResourceData) map[string]int
 func resourcePlaybookVersionDelete(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	cfg := meta.(*config.Config)
 	region := cfg.GetRegion(d)
-
-	// deletePlaybookVersion: Delete an existing SecMaster playbook version
-	var (
-		deletePlaybookVersionHttpUrl = "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{id}"
-		deletePlaybookVersionProduct = "secmaster"
-	)
-	deletePlaybookVersionClient, err := cfg.NewServiceClient(deletePlaybookVersionProduct, region)
+	client, err := cfg.NewServiceClient("secmaster", region)
 	if err != nil {
 		return diag.Errorf("error creating SecMaster client: %s", err)
 	}
 
-	deletePlaybookVersionPath := deletePlaybookVersionClient.Endpoint + deletePlaybookVersionHttpUrl
-	deletePlaybookVersionPath = strings.ReplaceAll(deletePlaybookVersionPath, "{project_id}", deletePlaybookVersionClient.ProjectID)
+	// Check whether the version is enabled.
+	// Before deleting this version, you need to ensure that it is not enabled.
+	playbookVersion, err := GetPlaybookVersion(client, d.Get("workspace_id").(string), d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	if utils.PathSearch("enabled", playbookVersion, false).(bool) {
+		bodyParams := backfillUpdateBodyParams(playbookVersion)
+		bodyParams["enabled"] = false
+		err = updatePlaybookVersion(client, d.Get("workspace_id").(string), d.Id(), bodyParams)
+		if err != nil {
+			return diag.Errorf("error disabling SecMaster playbook version: %s", err)
+		}
+	}
+
+	// deletePlaybookVersion: Delete an existing SecMaster playbook version
+	deletePlaybookVersionHttpUrl := "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{id}"
+	deletePlaybookVersionPath := client.Endpoint + deletePlaybookVersionHttpUrl
+	deletePlaybookVersionPath = strings.ReplaceAll(deletePlaybookVersionPath, "{project_id}", client.ProjectID)
 	deletePlaybookVersionPath = strings.ReplaceAll(deletePlaybookVersionPath, "{workspace_id}", d.Get("workspace_id").(string))
 	deletePlaybookVersionPath = strings.ReplaceAll(deletePlaybookVersionPath, "{id}", d.Id())
 
@@ -332,7 +330,7 @@ func resourcePlaybookVersionDelete(_ context.Context, d *schema.ResourceData, me
 		MoreHeaders:      map[string]string{"Content-Type": "application/json"},
 	}
 
-	_, err = deletePlaybookVersionClient.Request("DELETE", deletePlaybookVersionPath, &deletePlaybookVersionOpt)
+	_, err = client.Request("DELETE", deletePlaybookVersionPath, &deletePlaybookVersionOpt)
 	if err != nil {
 		// SecMaster.20048004：the version ID not found
 		// SecMaster.20010001: the workspace ID not found
@@ -344,6 +342,25 @@ func resourcePlaybookVersionDelete(_ context.Context, d *schema.ResourceData, me
 	return nil
 }
 
+func backfillUpdateBodyParams(playbookVersion interface{}) map[string]interface{} {
+	bodyParam := map[string]interface{}{
+		"description":       utils.PathSearch("description", playbookVersion, "").(string),
+		"dataclass_id":      utils.PathSearch("dataclass_id", playbookVersion, nil).(string),
+		"rule_enable":       utils.PathSearch("rule_enable", playbookVersion, false).(bool),
+		"rule_id":           utils.PathSearch("rule_id", playbookVersion, "").(string),
+		"trigger_type":      utils.PathSearch("trigger_type", playbookVersion, "").(string),
+		"dataobject_create": utils.PathSearch("dataobject_create", playbookVersion, false).(bool),
+		"dataobject_delete": utils.PathSearch("dataobject_delete", playbookVersion, false).(bool),
+		"dataobject_update": utils.PathSearch("dataobject_update", playbookVersion, false).(bool),
+		"action_strategy":   utils.PathSearch("action_strategy", playbookVersion, "").(string),
+		"playbook_id":       utils.PathSearch("playbook_id", playbookVersion, "").(string),
+		"enabled":           utils.PathSearch("enabled", playbookVersion, false).(bool),
+		"status":            utils.PathSearch("status", playbookVersion, "").(string),
+	}
+
+	return bodyParam
+}
+
 func GetPlaybookVersion(client *golangsdk.ServiceClient, workspaceId, id string) (interface{}, error) {
 	getPlaybookVersionHttpUrl := "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}"
 	getPlaybookVersionPath := client.Endpoint + getPlaybookVersionHttpUrl
@@ -374,6 +391,23 @@ func GetPlaybookVersion(client *golangsdk.ServiceClient, workspaceId, id string)
 	return playbookVersion, nil
 }
 
+func updatePlaybookVersion(client *golangsdk.ServiceClient, workspaceId, id string, bodyParam interface{}) error {
+	updatePlaybookVersionHttpUrl := "v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{id}"
+	updatePlaybookVersionPath := client.Endpoint + updatePlaybookVersionHttpUrl
+	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{project_id}", client.ProjectID)
+	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{workspace_id}", workspaceId)
+	updatePlaybookVersionPath = strings.ReplaceAll(updatePlaybookVersionPath, "{id}", id)
+
+	updatePlaybookVersionOpt := golangsdk.RequestOpts{
+		KeepResponseBody: true,
+		MoreHeaders:      map[string]string{"Content-Type": "application/json"},
+		JSONBody:         bodyParam,
+	}
+
+	_, err := client.Request("PUT", updatePlaybookVersionPath, &updatePlaybookVersionOpt)
+	return err
+}
+
 func resourcePlaybookVersionImportState(_ context.Context, d *schema.ResourceData, _ interface{}) ([]*schema.ResourceData, error) {
 	parts := strings.Split(d.Id(), "/")
 	if len(parts) != 3 {