Add a ressource to manage group memberships

[SebastianJ91]

As the group membership can only be managed via nexus_security_user ressource for now, it's not possible to add existing LDAP users to groups.

So please create a ressource to map existing users from data source to groups.

[github-actions]

This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 7 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

[xgcssch]

Hello!
There is a source field in the Nexus API for Users, which is not reflected in the Resource nor Data Source of nexus_security_user.

If set to LDAP it is possible to configure a LDAP user with roles.

E. g.

curl -v -X PUT \
  -d '{"userId": "johndoe","source": "LDAP","firstName": "ignored","lastName": "ignored","emailAddress": "[email protected]","status": "active","roles": ["BIA-Write"]}' https://artefact-repo.al-h-konzern.de/service/rest/v1/security/users/johndoe \
  -H "accept: application/json"  -H "Content-Type: application/json"`

Wouldn't that do the job if supported by the provider?

Best regards
Sönke

[joeyaurel]

@SebastianJ91 What do you mean by "groups"? Do you mean repository groups? And would a new nexus_security_users data source be enough that enables you to query and list existing users?

[joeyaurel]

@xgcssch The API does not offer the ability to create users with a source field (the field will be ignored and the "default" source gets assigned). We could add the source field to the existing nexus_security_user data source and also add the mentioned nexus_security_users data source to query for existing users.