fix(tco): [126935803] tencentcloud_organization_org_member add new params force_delete_account (#3497)

* add

* add

Author: SevenEarth

.changelog/3497.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_organization_org_member: add new params `force_delete_account`
+```

tencentcloud/services/tco/resource_tc_organization_org_member.go

@@ -17,8 +17,8 @@ import (
 
 func ResourceTencentCloudOrganizationOrgMember() *schema.Resource {
 	return &schema.Resource{
-		Read:   resourceTencentCloudOrganizationOrgMemberRead,
 		Create: resourceTencentCloudOrganizationOrgMemberCreate,
+		Read:   resourceTencentCloudOrganizationOrgMemberRead,
 		Update: resourceTencentCloudOrganizationOrgMemberUpdate,
 		Delete: resourceTencentCloudOrganizationOrgMemberDelete,
 		Importer: &schema.ResourceImporter{
@@ -70,6 +70,20 @@ func ResourceTencentCloudOrganizationOrgMember() *schema.Resource {
 				Description: "The uin which is payment account on behalf.When `PermissionIds` contains 7, is required.",
 			},
 
+			"tags": {
+				Type:        schema.TypeMap,
+				Optional:    true,
+				Description: "Tag description list.",
+			},
+
+			"force_delete_account": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Whether to force delete the member account when deleting the organization member. It is only applicable to member accounts of the creation type, not to member accounts of the invitation type. Default is false.",
+			},
+
+			// computed
 			"node_name": {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -131,11 +145,6 @@ func ResourceTencentCloudOrganizationOrgMember() *schema.Resource {
 				Computed:    true,
 				Description: "The member name which is payment account on behalf.",
 			},
-			"tags": {
-				Type:        schema.TypeMap,
-				Optional:    true,
-				Description: "Tag description list.",
-			},
 		},
 	}
 }
@@ -144,9 +153,8 @@ func resourceTencentCloudOrganizationOrgMemberCreate(d *schema.ResourceData, met
 	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_member.create")()
 	defer tccommon.InconsistentCheck(d, meta)()
 
-	logId := tccommon.GetLogId(tccommon.ContextNil)
-
 	var (
+		logId    = tccommon.GetLogId(tccommon.ContextNil)
 		request  = organization.NewCreateOrganizationMemberRequest()
 		response *organization.CreateOrganizationMemberResponse
 		uin      int64
@@ -169,15 +177,15 @@ func resourceTencentCloudOrganizationOrgMemberCreate(d *schema.ResourceData, met
 		}
 	}
 
-	if v, _ := d.GetOk("node_id"); v != nil {
+	if v, ok := d.GetOkExists("node_id"); ok {
 		request.NodeId = helper.IntInt64(v.(int))
 	}
 
 	if v, ok := d.GetOk("remark"); ok {
 		request.Remark = helper.String(v.(string))
 	}
 
-	if v, _ := d.GetOk("record_id"); v != nil {
+	if v, ok := d.GetOkExists("record_id"); ok {
 		request.RecordId = helper.IntInt64(v.(int))
 	}
 
@@ -201,9 +209,13 @@ func resourceTencentCloudOrganizationOrgMemberCreate(d *schema.ResourceData, met
 		if e != nil {
 			return tccommon.RetryError(e)
 		} else {
-			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
-				logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
 		}
+
+		if result == nil || result.Response == nil {
+			return resource.NonRetryableError(fmt.Errorf("Create organization orgMember failed, Response is nil."))
+		}
+
 		response = result
 		return nil
 	})
@@ -213,8 +225,11 @@ func resourceTencentCloudOrganizationOrgMemberCreate(d *schema.ResourceData, met
 		return err
 	}
 
-	uin = *response.Response.Uin
+	if response.Response.Uin == nil {
+		return fmt.Errorf("Uin is nil.")
+	}
 
+	uin = *response.Response.Uin
 	d.SetId(helper.Int64ToStr(uin))
 	return resourceTencentCloudOrganizationOrgMemberRead(d, meta)
 }
@@ -223,22 +238,21 @@ func resourceTencentCloudOrganizationOrgMemberRead(d *schema.ResourceData, meta
 	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_member.read")()
 	defer tccommon.InconsistentCheck(d, meta)()
 
-	logId := tccommon.GetLogId(tccommon.ContextNil)
-	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
-
-	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
-
-	orgMemberId := d.Id()
+	var (
+		logId       = tccommon.GetLogId(tccommon.ContextNil)
+		ctx         = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+		service     = OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+		orgMemberId = d.Id()
+	)
 
 	orgMember, err := service.DescribeOrganizationOrgMember(ctx, orgMemberId)
-
 	if err != nil {
 		return err
 	}
 
 	if orgMember == nil {
 		d.SetId("")
-		return fmt.Errorf("resource `orgMember` %s does not exist", orgMemberId)
+		return fmt.Errorf("resource `tencentcloud_organization_org_member` %s does not exist", orgMemberId)
 	}
 
 	if orgMember.Name != nil {
@@ -256,6 +270,7 @@ func resourceTencentCloudOrganizationOrgMemberRead(d *schema.ResourceData, meta
 				orgPermissionIds = append(orgPermissionIds, *orgPermission.Id)
 			}
 		}
+
 		_ = d.Set("permission_ids", orgPermissionIds)
 	}
 
@@ -290,12 +305,14 @@ func resourceTencentCloudOrganizationOrgMemberRead(d *schema.ResourceData, meta
 			if orgPermission.Id != nil {
 				orgPermissionMap["id"] = orgPermission.Id
 			}
+
 			if orgPermission.Name != nil {
 				orgPermissionMap["name"] = orgPermission.Name
 			}
 
 			orgPermissionList = append(orgPermissionList, orgPermissionMap)
 		}
+
 		_ = d.Set("org_permission", orgPermissionList)
 	}
 
@@ -320,6 +337,7 @@ func resourceTencentCloudOrganizationOrgMemberRead(d *schema.ResourceData, meta
 		for _, tag := range orgMember.Tags {
 			tags[*tag.TagKey] = *tag.TagValue
 		}
+
 		_ = d.Set("tags", tags)
 	}
 
@@ -330,103 +348,119 @@ func resourceTencentCloudOrganizationOrgMemberUpdate(d *schema.ResourceData, met
 	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_member.update")()
 	defer tccommon.InconsistentCheck(d, meta)()
 
-	logId := tccommon.GetLogId(tccommon.ContextNil)
-	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
-
-	request := organization.NewMoveOrganizationNodeMembersRequest()
-	updateRequest := organization.NewUpdateOrganizationMemberRequest()
+	var (
+		logId       = tccommon.GetLogId(tccommon.ContextNil)
+		ctx         = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+		orgMemberId = d.Id()
+		needChange  bool
+	)
 
-	orgMemberId := d.Id()
+	if d.HasChange("record_id") {
+		return fmt.Errorf("`record_id` do not support change now.")
+	}
 
-	request.MemberUin = []*int64{helper.Int64(helper.StrToInt64(orgMemberId))}
-	updateRequest.MemberUin = helper.Uint64(helper.StrToUInt64(orgMemberId))
 	if d.HasChange("node_id") {
-		if v, _ := d.GetOk("node_id"); v != nil {
+		request := organization.NewMoveOrganizationNodeMembersRequest()
+		if v, ok := d.GetOkExists("node_id"); ok {
 			request.NodeId = helper.IntInt64(v.(int))
 		}
+
+		request.MemberUin = []*int64{helper.Int64(helper.StrToInt64(orgMemberId))}
 		err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
 			result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().MoveOrganizationNodeMembers(request)
 			if e != nil {
 				return tccommon.RetryError(e)
 			} else {
-				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
-					logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
 			}
+
 			return nil
 		})
 
 		if err != nil {
-			log.Printf("[CRITAL]%s create organization orgMember failed, reason:%+v", logId, err)
+			log.Printf("[CRITAL]%s move organization node members failed, reason:%+v", logId, err)
 			return err
 		}
 	}
 
-	if d.HasChange("name") {
-		if v, _ := d.GetOk("name"); v != nil {
-			updateRequest.Name = helper.String(v.(string))
+	mutableArgs := []string{"name", "remark", "policy_type", "permission_ids", "is_allow_quit", "pay_uin"}
+	for _, v := range mutableArgs {
+		if d.HasChange(v) {
+			needChange = true
+			break
 		}
 	}
 
-	if d.HasChange("remark") {
-		if v, _ := d.GetOk("remark"); v != nil {
-			updateRequest.Remark = helper.String(v.(string))
+	if needChange {
+		request := organization.NewUpdateOrganizationMemberRequest()
+		if d.HasChange("name") {
+			if v, ok := d.GetOk("name"); ok {
+				request.Name = helper.String(v.(string))
+			}
 		}
-	}
 
-	if d.HasChange("policy_type") {
-		if v, _ := d.GetOk("policy_type"); v != nil {
-			updateRequest.PolicyType = helper.String(v.(string))
+		if d.HasChange("remark") {
+			if v, ok := d.GetOk("remark"); ok {
+				request.Remark = helper.String(v.(string))
+			}
 		}
-		if v, _ := d.GetOk("permission_ids"); v != nil {
-			ids := v.(*schema.Set).List()
-			for i := range ids {
-				id := ids[i].(int)
-				updateRequest.PermissionIds = append(updateRequest.PermissionIds, helper.IntUint64(id))
+
+		if d.HasChange("policy_type") {
+			if v, ok := d.GetOk("policy_type"); ok {
+				request.PolicyType = helper.String(v.(string))
+			}
+
+			if v, ok := d.GetOk("permission_ids"); ok {
+				ids := v.(*schema.Set).List()
+				for i := range ids {
+					id := ids[i].(int)
+					request.PermissionIds = append(request.PermissionIds, helper.IntUint64(id))
+				}
 			}
 		}
-	}
 
-	if d.HasChange("permission_ids") {
-		if v, _ := d.GetOk("permission_ids"); v != nil {
-			ids := v.(*schema.Set).List()
-			for i := range ids {
-				id := ids[i].(int)
-				updateRequest.PermissionIds = append(updateRequest.PermissionIds, helper.IntUint64(id))
+		if d.HasChange("permission_ids") {
+			if v, ok := d.GetOk("permission_ids"); ok {
+				ids := v.(*schema.Set).List()
+				for i := range ids {
+					id := ids[i].(int)
+					request.PermissionIds = append(request.PermissionIds, helper.IntUint64(id))
+				}
+			}
+
+			if v, ok := d.GetOk("policy_type"); ok {
+				request.PolicyType = helper.String(v.(string))
 			}
 		}
-		if v, _ := d.GetOk("policy_type"); v != nil {
-			updateRequest.PolicyType = helper.String(v.(string))
+
+		if d.HasChange("is_allow_quit") {
+			if v, ok := d.GetOk("is_allow_quit"); ok {
+				request.IsAllowQuit = helper.String(v.(string))
+			}
 		}
-	}
 
-	if d.HasChange("is_allow_quit") {
-		if v, _ := d.GetOk("is_allow_quit"); v != nil {
-			updateRequest.IsAllowQuit = helper.String(v.(string))
+		if d.HasChange("pay_uin") {
+			if v, ok := d.GetOk("pay_uin"); ok {
+				request.PayUin = helper.String(v.(string))
+			}
 		}
-	}
 
-	if d.HasChange("record_id") {
-		return fmt.Errorf("`record_id` do not support change now.")
-	}
+		request.MemberUin = helper.Uint64(helper.StrToUInt64(orgMemberId))
+		UpdateErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
+			result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().UpdateOrganizationMember(request)
+			if e != nil {
+				return tccommon.RetryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			}
 
-	if d.HasChange("pay_uin") {
-		if v, _ := d.GetOk("pay_uin"); v != nil {
-			updateRequest.PayUin = helper.String(v.(string))
-		}
-	}
+			return nil
+		})
 
-	UpdateErr := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
-		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseOrganizationClient().UpdateOrganizationMember(updateRequest)
-		if e != nil {
-			return tccommon.RetryError(e)
-		} else {
-			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, updateRequest.GetAction(), updateRequest.ToJsonString(), result.ToJsonString())
+		if UpdateErr != nil {
+			log.Printf("[CRITAL]%s update organization member failed, reason:%+v", logId, UpdateErr)
+			return UpdateErr
 		}
-		return nil
-	})
-	if UpdateErr != nil {
-		log.Printf("[CRITAL]%s update organization orgMember failed, reason:%+v", logId, UpdateErr)
-		return UpdateErr
 	}
 
 	if d.HasChange("tags") {
@@ -439,22 +473,34 @@ func resourceTencentCloudOrganizationOrgMemberUpdate(d *schema.ResourceData, met
 			return err
 		}
 	}
+
 	return resourceTencentCloudOrganizationOrgMemberRead(d, meta)
 }
 
 func resourceTencentCloudOrganizationOrgMemberDelete(d *schema.ResourceData, meta interface{}) error {
 	defer tccommon.LogElapsed("resource.tencentcloud_organization_org_member.delete")()
 	defer tccommon.InconsistentCheck(d, meta)()
 
-	logId := tccommon.GetLogId(tccommon.ContextNil)
-	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
-
-	service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+	var (
+		logId              = tccommon.GetLogId(tccommon.ContextNil)
+		ctx                = context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+		service            = OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+		orgMemberId        = d.Id()
+		forceDeleteAccount bool
+	)
 
-	orgMemberId := d.Id()
+	if v, ok := d.GetOkExists("force_delete_account"); ok {
+		forceDeleteAccount = v.(bool)
+	}
 
-	if err := service.DeleteOrganizationOrgMemberById(ctx, orgMemberId); err != nil {
-		return err
+	if forceDeleteAccount {
+		if err := service.DeleteOrganizationAccountById(ctx, orgMemberId); err != nil {
+			return err
+		}
+	} else {
+		if err := service.DeleteOrganizationOrgMemberById(ctx, orgMemberId); err != nil {
+			return err
+		}
 	}
 
 	return nil