Add a Connection to a Pre-Existing User

[bamhm182]

Hello, I am attempting to use terracorm-provider-guacamole to create a new connection which is automatically available to a Pre-Existing user. The problem is, it seems all currently available paths lead to terraform wanting to fully create and later fully destroy a user, and there is no path to modify. I understand that this is generally how terraform works, but it kind of kills the utility of this provider for me if I can't use it to assign connections to users.

Terraform Configuration Files

This is the relevant parts of my terraform config, snipped for brevity and sanitized.

terraform {
  required_providers {
    coder = { source = "coder/coder" }
    libvirt = { source = "dmacvicar/libvirt" }
    guacamole = { source = "techBeck03/guacamole" }
  }
}

...snip...

data "coder_workspace" "me" {}

resource "libvirt_domain" "domain" {
  name = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
  ...snip...
}

data "guacamole_connection_group" "group" {
  path = data.coder_workspace.me.owner
}

resource "guacamole_connection_rdp" "rdp" {
  name = data.coder_workspace.me.name
  parent_identifier = data.guacamole_connection_group.group.identifier
  parameters {
    hostname = "127.0.0.1"
    username = "user"
    password = "password"
  }
}

Expected Behavior

There should be some way to add a connection to a Pre-Existing user.

Actual Behavior

Unless I'm missing something (very possible), there is no way to add a connection to a Pre-Existing user.

Steps to Reproduce

1. Create a no-privileges Guacamole User manually
2. Use this terraform provider to create a connection
3. Try to use terraform to give access to the connection for user in step 1.

If it would be an acceptable PR, I would gladly spend the time to figure out how to add an assigned_users attribute to the various connection types, and implement code that adds the connection to a list of usernames, and deletes it when the connection should be deleted (though I believe this last step would be automatic and perhaps better left undone).

Thank you for your hard work on this project, techBeck03!

[techBeck03]

@bamhm182 have you considered importing the users into your terraform configuration?

[bamhm182]

@techBeck03 , the problem with that is that I am trying to use Coder to manage the capability to spin an arbitrary number of VMs up at the same time with the ability to add or remove more as I see fit. With that model, no one terraform config can be responsible for the user.

[bamhm182]

I said I was using it with Coder, but honestly, this applies to anything that uses Guacamole for more than one set of VMs, which I feel like would be most cases. The only time this feels like it wouldn't apply is when you would be also deploying the entire guacamole stack alongside the VMs.

[bamhm182]

Sorry I have gone silent on this. I finally found time to get back into it this morning and have been reviewing your guacamole-api-client and terraform-provider-guacamole projects, as well as exploring the API calls the default guacamole client itself makes, and I think I have a solid way forward. It seems like User Groups have both the ability to define connections they permit access to, as well as the users they control. Your api client has this functionality built already, but it is not utilized within the terraform provider.

I intend to add a member_users property to the guacamoleUserGroup object, and have that set when the user group is created.

EDIT: Digging further in, I found artifacts of a guacamole_user_group.member_groups, which was intended to be a "list of user group identifiers that are members of this group", but it doesn't actually appear to exist. That would have been a useful stop-gap, as I would have been able to just create a group for each user, but it doesn't look like that's actually implemented. I will take a look at implementing that as well. It looks like member_groups was in the data object for a moment, but then it got removed. Is there a reason why you decided not to further pursue this path?