resource/schema: Add validation to prevent write-only attributes in s…

…ets and set based data (#1095) * Add validation to prevent write-only attributes in sets, set nested blocks, and set nested attributes * Update website documentation
hashicorp · Feb 18, 2025 · ecd80f6 · ecd80f6
1 parent 0724df1
commit ecd80f6
Show file tree

Hide file tree

Showing 12 changed files with 786 additions and 722 deletions.
diff --git a/internal/fwschema/write_only_nested_attribute_validation.go b/internal/fwschema/write_only_nested_attribute_validation.go
@@ -52,6 +52,34 @@ func ContainsAnyWriteOnlyChildAttributes(nestedAttr NestedAttribute) bool {
 	return false
 }
 
+// BlockContainsAnyWriteOnlyChildAttributes will return true if any child attribute for the
+// given nested block has WriteOnly set to true.
+func BlockContainsAnyWriteOnlyChildAttributes(block Block) bool {
+	nestedObjAttrs := block.GetNestedObject().GetAttributes()
+	nestedObjBlocks := block.GetNestedObject().GetBlocks()
+
+	for _, childAttr := range nestedObjAttrs {
+		if childAttr.IsWriteOnly() {
+			return true
+		}
+
+		nestedAttribute, ok := childAttr.(NestedAttribute)
+		if ok {
+			if ContainsAnyWriteOnlyChildAttributes(nestedAttribute) {
+				return true
+			}
+		}
+	}
+
+	for _, childBlock := range nestedObjBlocks {
+		if BlockContainsAnyWriteOnlyChildAttributes(childBlock) {
+			return true
+		}
+	}
+
+	return false
+}
+
 func InvalidWriteOnlyNestedAttributeDiag(attributePath path.Path) diag.Diagnostic {
 	return diag.NewErrorDiagnostic(
 		"Invalid Schema Implementation",
@@ -62,6 +90,26 @@ func InvalidWriteOnlyNestedAttributeDiag(attributePath path.Path) diag.Diagnosti
 	)
 }
 
+func InvalidSetNestedAttributeWithWriteOnlyDiag(attributePath path.Path) diag.Diagnostic {
+	return diag.NewErrorDiagnostic(
+		"Invalid Schema Implementation",
+		"When validating the schema, an implementation issue was found. "+
+			"This is always an issue with the provider and should be reported to the provider developers.\n\n"+
+			fmt.Sprintf("%q is a set nested attribute that contains a WriteOnly child attribute.\n\n", attributePath)+
+			"Every child attribute of a set nested attribute must have WriteOnly set to false.",
+	)
+}
+
+func SetBlockCollectionWithWriteOnlyDiag(attributePath path.Path) diag.Diagnostic {
+	return diag.NewErrorDiagnostic(
+		"Invalid Schema Implementation",
+		"When validating the schema, an implementation issue was found. "+
+			"This is always an issue with the provider and should be reported to the provider developers.\n\n"+
+			fmt.Sprintf("%q is a set nested block that contains a WriteOnly child attribute.\n\n", attributePath)+
+			"Every child attribute within a set nested block must have WriteOnly set to false.",
+	)
+}
+
 func InvalidComputedNestedAttributeWithWriteOnlyDiag(attributePath path.Path) diag.Diagnostic {
 	return diag.NewErrorDiagnostic(
 		"Invalid Schema Implementation",