func expandKibanaRoleElasticsearch()

in internal/kibana/role.go [380:524]

• 125 lines of code
• 29 McCabe index (conditional complexity)

func expandKibanaRoleElasticsearch(v interface{}, serverVersion *version.Version) (*kbapi.KibanaRoleElasticsearch, diag.Diagnostics) {
	elasticConfig := &kbapi.KibanaRoleElasticsearch{}
	var diags diag.Diagnostics

	if definedElasticConfigs := v.(*schema.Set); definedElasticConfigs.Len() > 0 {
		userElasticConfig := definedElasticConfigs.List()[0].(map[string]interface{})
		if v, ok := userElasticConfig["cluster"]; ok {
			definedCluster := v.(*schema.Set)
			cls := make([]string, definedCluster.Len())
			for i, cl := range definedCluster.List() {
				cls[i] = cl.(string)
			}
			elasticConfig.Cluster = cls

			if v, ok := userElasticConfig["indices"]; ok {
				definedIndices := v.(*schema.Set)
				indices := make([]kbapi.KibanaRoleElasticsearchIndice, definedIndices.Len())
				for i, idx := range definedIndices.List() {
					index := idx.(map[string]interface{})

					definedNames := index["names"].(*schema.Set)
					names := make([]string, definedNames.Len())
					for i, name := range definedNames.List() {
						names[i] = name.(string)
					}
					definedPrivileges := index["privileges"].(*schema.Set)
					privileges := make([]string, definedPrivileges.Len())
					for i, pr := range definedPrivileges.List() {
						privileges[i] = pr.(string)
					}

					newIndex := kbapi.KibanaRoleElasticsearchIndice{
						Names:      names,
						Privileges: privileges,
					}

					if query := index["query"].(string); query != "" {
						newIndex.Query = &query
					}
					if fieldSec := index["field_security"].([]interface{}); len(fieldSec) > 0 {
						fieldSecurity := map[string]interface{}{}
						// there must be only 1 entry
						definedFieldSec := fieldSec[0].(map[string]interface{})

						// grants
						if gr := definedFieldSec["grant"].(*schema.Set); gr != nil {
							grants := make([]string, gr.Len())
							for i, grant := range gr.List() {
								grants[i] = grant.(string)
							}
							fieldSecurity["grant"] = grants
						}
						// except
						if exp := definedFieldSec["except"].(*schema.Set); exp != nil {
							excepts := make([]string, exp.Len())
							for i, except := range exp.List() {
								excepts[i] = except.(string)
							}
							fieldSecurity["except"] = excepts
						}
						newIndex.FieldSecurity = fieldSecurity
					}

					indices[i] = newIndex
				}
				elasticConfig.Indices = indices
			}

			if v, ok := userElasticConfig["remote_indices"]; ok {
				definedRemoteIndices := v.(*schema.Set)
				if definedRemoteIndices.Len() > 0 {
					if serverVersion.LessThan(minSupportedRemoteIndicesVersion) {
						return nil, diag.FromErr(fmt.Errorf("'remote_indices' is supported only for Kibana v%s and above", minSupportedRemoteIndicesVersion.String()))
					}
				}
				remote_indices := make([]kbapi.KibanaRoleElasticsearchRemoteIndice, definedRemoteIndices.Len())
				for i, idx := range definedRemoteIndices.List() {
					index := idx.(map[string]interface{})

					definedNames := index["names"].(*schema.Set)
					names := make([]string, definedNames.Len())
					for i, name := range definedNames.List() {
						names[i] = name.(string)
					}
					definedClusters := index["clusters"].(*schema.Set)
					clusters := make([]string, definedClusters.Len())
					for i, cluster := range definedClusters.List() {
						clusters[i] = cluster.(string)
					}
					definedPrivileges := index["privileges"].(*schema.Set)
					privileges := make([]string, definedPrivileges.Len())
					for i, pr := range definedPrivileges.List() {
						privileges[i] = pr.(string)
					}

					newRemoteIndex := kbapi.KibanaRoleElasticsearchRemoteIndice{
						Names:      names,
						Clusters:   clusters,
						Privileges: privileges,
					}

					if query := index["query"].(string); query != "" {
						newRemoteIndex.Query = &query
					}
					if fieldSec := index["field_security"].([]interface{}); len(fieldSec) > 0 {
						fieldSecurity := map[string]interface{}{}
						// there must be only 1 entry
						definedFieldSec := fieldSec[0].(map[string]interface{})

						// grants
						if gr := definedFieldSec["grant"].(*schema.Set); gr != nil {
							grants := make([]string, gr.Len())
							for i, grant := range gr.List() {
								grants[i] = grant.(string)
							}
							fieldSecurity["grant"] = grants
						}
						// except
						if exp := definedFieldSec["except"].(*schema.Set); exp != nil {
							excepts := make([]string, exp.Len())
							for i, except := range exp.List() {
								excepts[i] = except.(string)
							}
							fieldSecurity["except"] = excepts
						}
						newRemoteIndex.FieldSecurity = fieldSecurity
					}

					remote_indices[i] = newRemoteIndex
				}
				elasticConfig.RemoteIndices = remote_indices
			}

			if v, ok := userElasticConfig["run_as"]; ok {
				definedRuns := v.(*schema.Set)
				runs := make([]string, definedRuns.Len())
				for i, run := range definedRuns.List() {
					runs[i] = run.(string)
				}
				elasticConfig.RunAs = runs
			}
		}
	}
	return elasticConfig, diags
}