diff --git a/docs/resources/address.md b/docs/resources/address.md index ae054f4..cfccbdd 100644 --- a/docs/resources/address.md +++ b/docs/resources/address.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `address` stored in Keeper Vault - **address** (Block List, Max: 1) Address field data. (see [below for nested schema](#nestedblock--address)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **notes** (String) The secret notes. - **title** (String) The secret title. - **uid** (String) The UID of the new secret (using RFC4648 URL and Filename Safe Alphabet). diff --git a/docs/resources/bank_account.md b/docs/resources/bank_account.md index 3e02e9c..d298c73 100644 --- a/docs/resources/bank_account.md +++ b/docs/resources/bank_account.md @@ -9,7 +9,7 @@ Use this resource to access secrets of type `bankAccount` stored in Keeper Vault - **bank_account** (Block List, Max: 1) Bank account field data. (see [below for nested schema](#nestedblock--bank_account)) - **card_ref** (Block List, Max: 1) CardRef field data. (see [below for nested schema](#nestedblock--card_ref)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **login** (Block List, Max: 1) Login field data. (see [below for nested schema](#nestedblock--login)) - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) diff --git a/docs/resources/bank_card.md b/docs/resources/bank_card.md index 8bb77af..ae6c5bd 100644 --- a/docs/resources/bank_card.md +++ b/docs/resources/bank_card.md @@ -9,7 +9,7 @@ Use this resource to access secrets of type `bankCard` stored in Keeper Vault - **address_ref** (Block List, Max: 1) AddressRef field data. (see [below for nested schema](#nestedblock--address_ref)) - **cardholder_name** (Block List, Max: 1) Text field data. (see [below for nested schema](#nestedblock--cardholder_name)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **notes** (String) The secret notes. - **payment_card** (Block List, Max: 1) Payment card field data. (see [below for nested schema](#nestedblock--payment_card)) diff --git a/docs/resources/birth_certificate.md b/docs/resources/birth_certificate.md index 49007c0..e28028e 100644 --- a/docs/resources/birth_certificate.md +++ b/docs/resources/birth_certificate.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `birthCertificate` stored in Keeper - **birth_date** (Block List, Max: 1) Birth date field data. (see [below for nested schema](#nestedblock--birth_date)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) - **notes** (String) The secret notes. diff --git a/docs/resources/contact.md b/docs/resources/contact.md index df9b571..8b81c42 100644 --- a/docs/resources/contact.md +++ b/docs/resources/contact.md @@ -10,7 +10,7 @@ Use this resource to access secrets of type `contact` stored in Keeper Vault - **company** (Block List, Max: 1) Text field data. (see [below for nested schema](#nestedblock--company)) - **email** (Block List, Max: 1) Email field data. (see [below for nested schema](#nestedblock--email)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) - **notes** (String) The secret notes. diff --git a/docs/resources/database_credentials.md b/docs/resources/database_credentials.md index fe6895f..b2dba28 100644 --- a/docs/resources/database_credentials.md +++ b/docs/resources/database_credentials.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `databaseCredentials` stored in Keep - **db_type** (Block List, Max: 1) Text field data. (see [below for nested schema](#nestedblock--db_type)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **host** (Block List, Max: 1) Host field data. (see [below for nested schema](#nestedblock--host)) - **id** (String) The ID of this resource. - **login** (Block List, Max: 1) Login field data. (see [below for nested schema](#nestedblock--login)) diff --git a/docs/resources/driver_license.md b/docs/resources/driver_license.md index 891901a..7ab184b 100644 --- a/docs/resources/driver_license.md +++ b/docs/resources/driver_license.md @@ -11,7 +11,7 @@ Use this resource to access secrets of type `driverLicense` stored in Keeper Vau - **driver_license_number** (Block List, Max: 1) Account number field data. (see [below for nested schema](#nestedblock--driver_license_number)) - **expiration_date** (Block List, Max: 1) Expiration date field data. (see [below for nested schema](#nestedblock--expiration_date)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) - **notes** (String) The secret notes. diff --git a/docs/resources/encrypted_notes.md b/docs/resources/encrypted_notes.md index 0e47481..4e7ea0d 100644 --- a/docs/resources/encrypted_notes.md +++ b/docs/resources/encrypted_notes.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `encryptedNotes` stored in Keeper Va - **date** (Block List, Max: 1) Date field data. (see [below for nested schema](#nestedblock--date)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **note** (Block List, Max: 1) Secure note field data. (see [below for nested schema](#nestedblock--note)) - **notes** (String) The secret notes. diff --git a/docs/resources/file.md b/docs/resources/file.md index 660c51f..5b77ac5 100644 --- a/docs/resources/file.md +++ b/docs/resources/file.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `file` stored in Keeper Vault ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **notes** (String) The secret notes. - **title** (String) The secret title. diff --git a/docs/resources/health_insurance.md b/docs/resources/health_insurance.md index 480c797..f9f769e 100644 --- a/docs/resources/health_insurance.md +++ b/docs/resources/health_insurance.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `healthInsurance` stored in Keeper V - **account_number** (Block List, Max: 1) Account number field data. (see [below for nested schema](#nestedblock--account_number)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **login** (Block List, Max: 1) Login field data. (see [below for nested schema](#nestedblock--login)) - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) diff --git a/docs/resources/login.md b/docs/resources/login.md index ddc6780..5d088f3 100644 --- a/docs/resources/login.md +++ b/docs/resources/login.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `login` stored in Keeper Vault ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **login** (Block List, Max: 1) Login field data. (see [below for nested schema](#nestedblock--login)) - **notes** (String) The secret notes. diff --git a/docs/resources/membership.md b/docs/resources/membership.md index de5ac23..285d479 100644 --- a/docs/resources/membership.md +++ b/docs/resources/membership.md @@ -8,7 +8,7 @@ Use this resource to access secrets of type `membership` stored in Keeper Vault - **account_number** (Block List, Max: 1) Account number field data. (see [below for nested schema](#nestedblock--account_number)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) - **notes** (String) The secret notes. diff --git a/docs/resources/passport.md b/docs/resources/passport.md index 4221eca..bfd8343 100644 --- a/docs/resources/passport.md +++ b/docs/resources/passport.md @@ -11,7 +11,7 @@ Use this resource to access secrets of type `passport` stored in Keeper Vault - **date_issued** (Block List, Max: 1) Date field data. (see [below for nested schema](#nestedblock--date_issued)) - **expiration_date** (Block List, Max: 1) Expiration date field data. (see [below for nested schema](#nestedblock--expiration_date)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) - **notes** (String) The secret notes. diff --git a/docs/resources/photo.md b/docs/resources/photo.md index a3f526c..affbd0f 100644 --- a/docs/resources/photo.md +++ b/docs/resources/photo.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `photo` stored in Keeper Vault ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **notes** (String) The secret notes. - **title** (String) The secret title. diff --git a/docs/resources/server_credentials.md b/docs/resources/server_credentials.md index 0312acf..23f0a38 100644 --- a/docs/resources/server_credentials.md +++ b/docs/resources/server_credentials.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `serverCredentials` stored in Keeper ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **host** (Block List, Max: 1) Host field data. (see [below for nested schema](#nestedblock--host)) - **id** (String) The ID of this resource. - **login** (Block List, Max: 1) Login field data. (see [below for nested schema](#nestedblock--login)) diff --git a/docs/resources/software_license.md b/docs/resources/software_license.md index 518fc44..3b17621 100644 --- a/docs/resources/software_license.md +++ b/docs/resources/software_license.md @@ -9,7 +9,7 @@ Use this resource to access secrets of type `softwareLicense` stored in Keeper V - **activation_date** (Block List, Max: 1) Date field data. (see [below for nested schema](#nestedblock--activation_date)) - **expiration_date** (Block List, Max: 1) Expiration date field data. (see [below for nested schema](#nestedblock--expiration_date)) - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **license_number** (Block List, Max: 1) License number field data. (see [below for nested schema](#nestedblock--license_number)) - **notes** (String) The secret notes. diff --git a/docs/resources/ssh_keys.md b/docs/resources/ssh_keys.md index 4aa31bb..685e6f1 100644 --- a/docs/resources/ssh_keys.md +++ b/docs/resources/ssh_keys.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `sshKeys` stored in Keeper Vault ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **host** (Block List, Max: 1) Host field data. (see [below for nested schema](#nestedblock--host)) - **id** (String) The ID of this resource. - **key_pair** (Block List, Max: 1) Key pair field data. (see [below for nested schema](#nestedblock--key_pair)) diff --git a/docs/resources/ssn_card.md b/docs/resources/ssn_card.md index 6c8030e..e4ad478 100644 --- a/docs/resources/ssn_card.md +++ b/docs/resources/ssn_card.md @@ -7,7 +7,7 @@ Use this resource to access secrets of type `ssnCard` stored in Keeper Vault ### Optional - **file_ref** (Block List, Max: 1) FileRef field data. (see [below for nested schema](#nestedblock--file_ref)) -- **folder_uid** (String) The folder UID where the secret is stored. The shared folder must be non empty. +- **folder_uid** (String) The folder UID where the secret is stored. The parent shared folder must be non empty. - **id** (String) The ID of this resource. - **identity_number** (Block List, Max: 1) Account number field data. (see [below for nested schema](#nestedblock--identity_number)) - **name** (Block List, Max: 1) Name field data. (see [below for nested schema](#nestedblock--name)) diff --git a/secretsmanager/provider.go b/secretsmanager/provider.go index 3544edf..2ae4bb1 100644 --- a/secretsmanager/provider.go +++ b/secretsmanager/provider.go @@ -748,7 +748,11 @@ func createRecord(recordUid string, folderUid string, record *core.RecordCreate, } }() - ruid, err := client.CreateSecretWithRecordData(recordUid, folderUid, record) + co, err := buildCreateOptions(folderUid, client, nil) + if err != nil { + return "", err + } + ruid, err := client.CreateSecretWithRecordDataUidAndOptions(recordUid, co, record, nil) return ruid, err } @@ -898,6 +902,90 @@ func getTemplateFolder(folderUid string, client core.SecretsManager) (fuid strin return fuid, e } +// getSharedFolder tries to find closest parent shared folder +func getSharedFolder(folderUid string, client core.SecretsManager, folders []*core.KeeperFolder) (fuid string, e error) { + defer func() { + if r := recover(); r != nil { + fuid = "" + switch x := r.(type) { + case string: + e = errors.New(x) + case error: + e = x + default: + e = fmt.Errorf("error in provider - getSharedFolder: %v", r) + } + } + }() + + folderUid = strings.TrimSpace(folderUid) + if len(folders) == 0 { + if folders, e = client.GetFolders(); e != nil { + return "", e + } + } + + fldr := struct { + ParentUid string + FolderUid string + }{ + ParentUid: "", + FolderUid: "", + } + // initial lookup + for _, f := range folders { + if f.FolderUid == folderUid { + fldr.ParentUid = f.ParentUid + fldr.FolderUid = f.FolderUid + break + } + } + if fldr.FolderUid == "" { + return "", fmt.Errorf("folder not found: %v", folderUid) + } else if fldr.ParentUid == "" { + return fldr.FolderUid, nil + } + //main lookup + for { + tmpf := fldr.FolderUid + for _, f := range folders { + if f.FolderUid == fldr.ParentUid { + fldr.ParentUid = f.ParentUid + fldr.FolderUid = f.FolderUid + break + } + } + if fldr.ParentUid == "" || tmpf == fldr.FolderUid { + break + } + } + if fldr.ParentUid == "" { + return fldr.FolderUid, nil + } else { + return "", fmt.Errorf("unable to find parent folder for: %v, lookup stopped at: %v", folderUid, fldr.ParentUid) + } +} + +// buildCreateOptions finds parent shared folder and returns CreateOptions +func buildCreateOptions(folderUid string, client core.SecretsManager, folders []*core.KeeperFolder) (co *core.CreateOptions, e error) { + if len(folders) == 0 { + if folders, e = client.GetFolders(); e != nil { + return nil, e + } + } + + fuid, err := getSharedFolder(folderUid, client, folders) + if err != nil { + return nil, err + } + + copt := core.CreateOptions{FolderUid: fuid, SubFolderUid: folderUid} + if fuid == folderUid { + copt.SubFolderUid = "" + } + return &copt, nil +} + // getStringListData splits a string into list using the separator and skipping empty parts func GetStringListData(data string, separator string) []interface{} { if data == "" { diff --git a/secretsmanager/resource_address.go b/secretsmanager/resource_address.go index 65ad827..3532366 100644 --- a/secretsmanager/resource_address.go +++ b/secretsmanager/resource_address.go @@ -26,7 +26,7 @@ func resourceAddress() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -165,9 +165,15 @@ func resourceAddressRead(ctx context.Context, d *schema.ResourceData, m interfac return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_bank_account.go b/secretsmanager/resource_bank_account.go index ec44795..ddfdfa6 100644 --- a/secretsmanager/resource_bank_account.go +++ b/secretsmanager/resource_bank_account.go @@ -26,7 +26,7 @@ func resourceBankAccount() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -238,9 +238,15 @@ func resourceBankAccountRead(ctx context.Context, d *schema.ResourceData, m inte return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_bank_card.go b/secretsmanager/resource_bank_card.go index 973e6af..b1c355a 100644 --- a/secretsmanager/resource_bank_card.go +++ b/secretsmanager/resource_bank_card.go @@ -26,7 +26,7 @@ func resourceBankCard() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -198,9 +198,15 @@ func resourceBankCardRead(ctx context.Context, d *schema.ResourceData, m interfa return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_birth_certificate.go b/secretsmanager/resource_birth_certificate.go index 455276c..d7bbe2c 100644 --- a/secretsmanager/resource_birth_certificate.go +++ b/secretsmanager/resource_birth_certificate.go @@ -26,7 +26,7 @@ func resourceBirthCertificate() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -176,9 +176,15 @@ func resourceBirthCertificateRead(ctx context.Context, d *schema.ResourceData, m return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_contact.go b/secretsmanager/resource_contact.go index eee6d4d..5c5dc84 100644 --- a/secretsmanager/resource_contact.go +++ b/secretsmanager/resource_contact.go @@ -26,7 +26,7 @@ func resourceContact() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -209,9 +209,15 @@ func resourceContactRead(ctx context.Context, d *schema.ResourceData, m interfac return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_database_credentials.go b/secretsmanager/resource_database_credentials.go index da16dcd..cd2bea6 100644 --- a/secretsmanager/resource_database_credentials.go +++ b/secretsmanager/resource_database_credentials.go @@ -26,7 +26,7 @@ func resourceDatabaseCredentials() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -205,9 +205,15 @@ func resourceDatabaseCredentialsRead(ctx context.Context, d *schema.ResourceData return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_driver_license.go b/secretsmanager/resource_driver_license.go index f975081..cdcd8a7 100644 --- a/secretsmanager/resource_driver_license.go +++ b/secretsmanager/resource_driver_license.go @@ -26,7 +26,7 @@ func resourceDriverLicense() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -209,9 +209,15 @@ func resourceDriverLicenseRead(ctx context.Context, d *schema.ResourceData, m in return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_encrypted_notes.go b/secretsmanager/resource_encrypted_notes.go index 37b5c43..cb535ea 100644 --- a/secretsmanager/resource_encrypted_notes.go +++ b/secretsmanager/resource_encrypted_notes.go @@ -26,7 +26,7 @@ func resourceEncryptedNotes() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -176,9 +176,15 @@ func resourceEncryptedNotesRead(ctx context.Context, d *schema.ResourceData, m i return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_file.go b/secretsmanager/resource_file.go index 6bfe6c5..c0d1496 100644 --- a/secretsmanager/resource_file.go +++ b/secretsmanager/resource_file.go @@ -26,7 +26,7 @@ func resourceFile() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -153,9 +153,15 @@ func resourceFileRead(ctx context.Context, d *schema.ResourceData, m interface{} return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_health_insurance.go b/secretsmanager/resource_health_insurance.go index 368057c..96b2392 100644 --- a/secretsmanager/resource_health_insurance.go +++ b/secretsmanager/resource_health_insurance.go @@ -26,7 +26,7 @@ func resourceHealthInsurance() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -216,9 +216,15 @@ func resourceHealthInsuranceRead(ctx context.Context, d *schema.ResourceData, m return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_login.go b/secretsmanager/resource_login.go index 84e7555..00c8631 100644 --- a/secretsmanager/resource_login.go +++ b/secretsmanager/resource_login.go @@ -26,7 +26,7 @@ func resourceLogin() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -205,9 +205,15 @@ func resourceLoginRead(ctx context.Context, d *schema.ResourceData, m interface{ return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_membership.go b/secretsmanager/resource_membership.go index 5690b34..e103d38 100644 --- a/secretsmanager/resource_membership.go +++ b/secretsmanager/resource_membership.go @@ -26,7 +26,7 @@ func resourceMembership() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -194,9 +194,15 @@ func resourceMembershipRead(ctx context.Context, d *schema.ResourceData, m inter return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_passport.go b/secretsmanager/resource_passport.go index 3e4e9c2..8780639 100644 --- a/secretsmanager/resource_passport.go +++ b/secretsmanager/resource_passport.go @@ -26,7 +26,7 @@ func resourcePassport() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -238,9 +238,15 @@ func resourcePassportRead(ctx context.Context, d *schema.ResourceData, m interfa return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_photo.go b/secretsmanager/resource_photo.go index 152a7a6..53e07b0 100644 --- a/secretsmanager/resource_photo.go +++ b/secretsmanager/resource_photo.go @@ -26,7 +26,7 @@ func resourcePhoto() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -153,9 +153,15 @@ func resourcePhotoRead(ctx context.Context, d *schema.ResourceData, m interface{ return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_server_credentials.go b/secretsmanager/resource_server_credentials.go index 75bd818..98afeae 100644 --- a/secretsmanager/resource_server_credentials.go +++ b/secretsmanager/resource_server_credentials.go @@ -26,7 +26,7 @@ func resourceServerCredentials() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -194,9 +194,15 @@ func resourceServerCredentialsRead(ctx context.Context, d *schema.ResourceData, return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_software_license.go b/secretsmanager/resource_software_license.go index 6ab6312..a3f8e8f 100644 --- a/secretsmanager/resource_software_license.go +++ b/secretsmanager/resource_software_license.go @@ -26,7 +26,7 @@ func resourceSoftwareLicense() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -187,9 +187,15 @@ func resourceSoftwareLicenseRead(ctx context.Context, d *schema.ResourceData, m return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_ssh_keys.go b/secretsmanager/resource_ssh_keys.go index 5b3f4ca..11bea5a 100644 --- a/secretsmanager/resource_ssh_keys.go +++ b/secretsmanager/resource_ssh_keys.go @@ -26,7 +26,7 @@ func resourceSshKeys() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -205,9 +205,15 @@ func resourceSshKeysRead(ctx context.Context, d *schema.ResourceData, m interfac return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) } diff --git a/secretsmanager/resource_ssn_card.go b/secretsmanager/resource_ssn_card.go index 227c32c..59da5f7 100644 --- a/secretsmanager/resource_ssn_card.go +++ b/secretsmanager/resource_ssn_card.go @@ -26,7 +26,7 @@ func resourceSsnCard() *schema.Resource { Computed: true, Optional: true, AtLeastOneOf: []string{"folder_uid", "uid"}, - Description: "The folder UID where the secret is stored. The shared folder must be non empty.", + Description: "The folder UID where the secret is stored. The parent shared folder must be non empty.", }, "uid": { Type: schema.TypeString, @@ -176,9 +176,15 @@ func resourceSsnCardRead(ctx context.Context, d *schema.ResourceData, m interfac return diag.FromErr(err) } } - if err = d.Set("folder_uid", secret.FolderUid()); err != nil { - return diag.FromErr(err) + fuid := secret.InnerFolderUid() // in subfolder + if fuid == "" { // directly in shared folder + fuid = secret.FolderUid() } + if fuid != "" { + if err = d.Set("folder_uid", fuid); err != nil { + return diag.FromErr(err) + } + } // else - directly shared to the KSM App (not through shared folder) if err = d.Set("type", recordType); err != nil { return diag.FromErr(err) }