feat: add SSL inspection resource support with unifi_setting_ssl_inspection resource (#38)

* feat: add SSL inspection resource support with `unifi_setting_ssl_inspection` resource

* add version contstraint

internal/provider/acctest/resource_setting_ssl_inspection_test.go

@@ -0,0 +1,57 @@
+package acctest
+
+import (
+	"fmt"
+	pt "github.com/filipowm/terraform-provider-unifi/internal/provider/testing"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-plugin-testing/plancheck"
+	"sync"
+	"testing"
+)
+
+var settingSslInspectionLock = &sync.Mutex{}
+
+func TestAccSettingSslInspection(t *testing.T) {
+	AcceptanceTest(t, AcceptanceTestCase{
+		VersionConstraint: ">= 8.2",
+		Lock:              settingSslInspectionLock,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSettingSslInspectionConfig("off"),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("unifi_setting_ssl_inspection.test", "id"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "site", "default"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "state", "off"),
+				),
+				ConfigPlanChecks: pt.CheckResourceActions("unifi_setting_ssl_inspection.test", plancheck.ResourceActionCreate),
+			},
+			pt.ImportStepWithSite("unifi_setting_ssl_inspection.test"),
+			{
+				Config: testAccSettingSslInspectionConfig("simple"),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("unifi_setting_ssl_inspection.test", "id"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "site", "default"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "state", "simple"),
+				),
+				ConfigPlanChecks: pt.CheckResourceActions("unifi_setting_ssl_inspection.test", plancheck.ResourceActionUpdate),
+			},
+			{
+				Config: testAccSettingSslInspectionConfig("advanced"),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("unifi_setting_ssl_inspection.test", "id"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "site", "default"),
+					resource.TestCheckResourceAttr("unifi_setting_ssl_inspection.test", "state", "advanced"),
+				),
+				ConfigPlanChecks: pt.CheckResourceActions("unifi_setting_ssl_inspection.test", plancheck.ResourceActionUpdate),
+			},
+		},
+	})
+}
+
+func testAccSettingSslInspectionConfig(state string) string {
+	return fmt.Sprintf(`
+resource "unifi_setting_ssl_inspection" "test" {
+	state = "%s"
+}
+`, state)
+}

internal/provider/provider_v2.go

@@ -180,6 +180,7 @@ func (p *unifiProvider) Resources(_ context.Context) []func() resource.Resource
 		settings.NewMagicSiteToSiteVpnResource,
 		settings.NewNetworkOptimizationResource,
 		settings.NewNtpResource,
+		settings.NewSslInspectionResource,
 	}
 }
 

internal/provider/settings/resource_setting_ssl_inspection.go

@@ -0,0 +1,88 @@
+package settings
+
+import (
+	"context"
+
+	"github.com/filipowm/go-unifi/unifi"
+	"github.com/filipowm/terraform-provider-unifi/internal/provider/base"
+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+type sslInspectionModel struct {
+	base.Model
+	State types.String `tfsdk:"state"`
+}
+
+func (d *sslInspectionModel) AsUnifiModel() (interface{}, diag.Diagnostics) {
+	diags := diag.Diagnostics{}
+
+	model := &unifi.SettingSslInspection{
+		ID:    d.ID.ValueString(),
+		State: d.State.ValueString(),
+	}
+
+	return model, diags
+}
+
+func (d *sslInspectionModel) Merge(other interface{}) diag.Diagnostics {
+	diags := diag.Diagnostics{}
+
+	model, ok := other.(*unifi.SettingSslInspection)
+	if !ok {
+		diags.AddError("Cannot merge", "Cannot merge type that is not *unifi.SettingSslInspection")
+		return diags
+	}
+
+	d.ID = types.StringValue(model.ID)
+	d.State = types.StringValue(model.State)
+
+	return diags
+}
+
+var (
+	_ base.ResourceModel               = &sslInspectionModel{}
+	_ resource.Resource                = &sslInspectionResource{}
+	_ resource.ResourceWithConfigure   = &sslInspectionResource{}
+	_ resource.ResourceWithImportState = &sslInspectionResource{}
+)
+
+type sslInspectionResource struct {
+	*BaseSettingResource[*sslInspectionModel]
+}
+
+func (r *sslInspectionResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		MarkdownDescription: "Manages SSL Inspection settings for a UniFi site. SSL inspection is a security feature that allows the UniFi Security Gateway (USG) to inspect encrypted traffic for security threats.",
+		Attributes: map[string]schema.Attribute{
+			"id":   base.ID(),
+			"site": base.SiteAttribute(),
+			"state": schema.StringAttribute{
+				MarkdownDescription: "The mode of SSL inspection. Valid values are: `off`, `simple`, or `advanced`.",
+				Required:            true,
+				Validators: []validator.String{
+					stringvalidator.OneOf("off", "simple", "advanced"),
+				},
+			},
+		},
+	}
+}
+
+func NewSslInspectionResource() resource.Resource {
+	r := &sslInspectionResource{}
+	r.BaseSettingResource = NewBaseSettingResource(
+		"unifi_setting_ssl_inspection",
+		func() *sslInspectionModel { return &sslInspectionModel{} },
+		func(ctx context.Context, client *base.Client, site string) (interface{}, error) {
+			return client.GetSettingSslInspection(ctx, site)
+		},
+		func(ctx context.Context, client *base.Client, site string, body interface{}) (interface{}, error) {
+			return client.UpdateSettingSslInspection(ctx, site, body.(*unifi.SettingSslInspection))
+		},
+	)
+	return r
+}