Merge pull request #1544 from okta/hot-fix

add fix for terraform acc test

okta/config.go

@@ -71,7 +71,7 @@ func (c *Config) loadAndValidate(ctx context.Context) error {
 		// NOTE: validate credentials during initial config with a call to
 		// /api/v1/users/me
 		if c.apiToken != "" {
-			if _, _, err := c.oktaClient.User.GetUser(ctx, "me"); err != nil {
+			if _, _, err := client.User.GetUser(ctx, "me"); err != nil {
 				return err
 			}
 		}

okta/data_source_okta_user.go

@@ -71,6 +71,18 @@ func dataSourceUser() *schema.Resource {
 				Optional:    true,
 				Description: "Force delay of the user read by N seconds. Useful when eventual consistency of user information needs to be allowed for.",
 			},
+			"skip_groups": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Do not populate user groups information (prevents additional API call)",
+			},
+			"skip_roles": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Do not populate user roles information (prevents additional API call)",
+			},
 		}),
 	}
 }
@@ -115,9 +127,26 @@ func dataSourceUserRead(ctx context.Context, d *schema.ResourceData, m interface
 	if err != nil {
 		return diag.Errorf("failed to set user's properties: %v", err)
 	}
-	err = setRoles(ctx, d, m)
-	if err != nil {
-		return diag.Errorf("failed to set user's roles: %v", err)
+	if val := d.Get("skip_roles"); val != nil {
+		if skip, ok := val.(bool); ok && !skip {
+			err = setAdminRoles(ctx, d, m)
+			if err != nil {
+				return diag.Errorf("failed to set user's admin roles: %v", err)
+			}
+			err = setRoles(ctx, d, m)
+			if err != nil {
+				return diag.Errorf("failed to set user's roles: %v", err)
+			}
+		}
+	}
+
+	if val := d.Get("skip_groups"); val != nil {
+		if skip, ok := val.(bool); ok && !skip {
+			err = setAllGroups(ctx, d, client)
+			if err != nil {
+				return diag.Errorf("failed to set user's groups: %v", err)
+			}
+		}
 	}
 
 	return nil

okta/data_source_okta_user_test.go

@@ -150,9 +150,6 @@ resource "okta_user" "testAcc-replace_with_uuid" {
   last_name  = "Smith"
   login      = "testAcc-replace_with_uuid@example.com"
   email      = "testAcc-replace_with_uuid@example.com"
-  lifecycle {
-    ignore_changes = [admin_roles]
-  }
 }
 resource "okta_user_admin_roles" "test" {
   user_id     = okta_user.testAcc-replace_with_uuid.id

okta/data_source_okta_users_test.go

@@ -218,9 +218,6 @@ resource "okta_user" "testAcc-replace_with_uuid" {
   last_name  = "Smith"
   login      = "testAcc-replace_with_uuid@example.com"
   email      = "testAcc-replace_with_uuid@example.com"
-  lifecycle {
-    ignore_changes = [admin_roles]
-  }
 }
 resource "okta_user_admin_roles" "test" {
   user_id     = okta_user.testAcc-replace_with_uuid.id

okta/user.go

@@ -292,6 +292,18 @@ func listUserOnlyRoles(ctx context.Context, c *sdk.Client, userID string) (userO
 	return
 }
 
+// set all groups currently attached to the user
+func setAllGroups(ctx context.Context, d *schema.ResourceData, c *sdk.Client) error {
+	groupIDs, err := getGroupsForUser(ctx, d.Id(), c)
+	if err != nil {
+		return err
+	}
+	gids := convertStringSliceToInterfaceSlice(groupIDs)
+	return setNonPrimitives(d, map[string]interface{}{
+		"group_memberships": schema.NewSet(schema.HashString, gids),
+	})
+}
+
 func getAdminRoles(ctx context.Context, id string, c *sdk.Client) ([]interface{}, *sdk.Response, error) {
 	roleTypes := make([]interface{}, 0)
 	roles, resp, err := listUserOnlyRoles(ctx, c, id)