auth0 · duedares-rvj · Jan 31, 2025
@@ -15,13 +15,24 @@ Data source to retrieve a specific Auth0 user by `user_id`.
 data "auth0_user" "my_user" {
   user_id = "auth0|34fdr23fdsfdfsf"
 }
+
+# An Auth0 User loaded through Lucene query.
+data "auth0_user" "my_user" {
+  query = "email:[email protected]"
+}
+
+# An Auth0 User loaded through Lucene query.
+data "auth0_user" "my_user" {
+  query = "username:johndoe"
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
-### Required
+### Optional
 
+- `query` (String) Lucene Query for retrieving a user.
 - `user_id` (String) ID of the user.
 
 ### Read-Only

@@ -2,3 +2,13 @@
 data "auth0_user" "my_user" {
   user_id = "auth0|34fdr23fdsfdfsf"
 }
+
+# An Auth0 User loaded through Lucene query.
+data "auth0_user" "my_user" {
+  query = "email:[email protected]"
+}
+
+# An Auth0 User loaded through Lucene query.
+data "auth0_user" "my_user" {
+  query = "username:johndoe"
+}
@@ -24,9 +24,17 @@ func dataSourceSchema() map[string]*schema.Schema {
 	dataSourceSchema := internalSchema.TransformResourceToDataSource(internalSchema.Clone(NewResource().Schema))
 
 	dataSourceSchema["user_id"] = &schema.Schema{
-		Type:        schema.TypeString,
-		Required:    true,
-		Description: "ID of the user.",
+		Type:         schema.TypeString,
+		Optional:     true,
+		Description:  "ID of the user.",
+		AtLeastOneOf: []string{"user_id", "query"},
+	}
+
+	dataSourceSchema["query"] = &schema.Schema{
+		Type:         schema.TypeString,
+		Optional:     true,
+		Description:  "Lucene Query for retrieving a user.",
+		AtLeastOneOf: []string{"user_id", "query"},
 	}
 
 	dataSourceSchema["permissions"] = &schema.Schema{
@@ -73,16 +81,30 @@ func dataSourceSchema() map[string]*schema.Schema {
 
 func readUserForDataSource(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	api := meta.(*config.Config).GetAPI()
+	var user *management.User
 
 	userID := data.Get("user_id").(string)
-
-	user, err := api.User.Read(ctx, userID)
-	if err != nil {
-		return diag.FromErr(err)
+	if userID != "" {
+		u, err := api.User.Read(ctx, userID)
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		user = u
+		data.SetId(user.GetID())
+	} else {
+		query := data.Get("query").(string)
+		users, err := api.User.List(ctx, management.Parameter("q", query))
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		if users.Length == 1 {
+			user = users.Users[0]
+			data.SetId(users.Users[0].GetID())
+		} else {
+			return diag.Errorf("Further improve the query to retrieve a single user from the query")
+		}
 	}
 
-	data.SetId(user.GetID())
-
 	var roles []*management.Role
 	var rolesPage int
 	for {

@@ -17,7 +17,7 @@ data "auth0_user" "user" {
 }
 `
 
-const testAccDataSourceUser = `
+const testAccDataSourceUserTemplate = `
 resource "auth0_resource_server" "resource_server" {
 	name       = "Acceptance Test - {{.testName}}"
 	identifier = "https://uat.api.terraform-provider-auth0.com/{{.testName}}"
@@ -97,12 +97,26 @@ resource "auth0_user_roles" "user_roles" {
 
 	user_id = auth0_user.user.id
 	roles   = [ auth0_role.owner.id, auth0_role.admin.id ]
+}`
+
+const testAccDataSourceUserWithID = testAccDataSourceUserTemplate + `
+data "auth0_user" "test" {
+	depends_on = [ auth0_user_roles.user_roles ]
+	user_id = auth0_user.user.id
 }
+`
 
+const testAccDataSourceUserWithQueryUsername = testAccDataSourceUserTemplate + `
 data "auth0_user" "test" {
 	depends_on = [ auth0_user_roles.user_roles ]
+	query = "username:{{.testName}}"
+}
+`
 
-	user_id = auth0_user.user.id
+const testAccDataSourceUserWithQueryEmail = testAccDataSourceUserTemplate + `
+data "auth0_user" "test" {
+	depends_on = [ auth0_user_roles.user_roles ]
+	query = "email:{{.testName}}@acceptance.test.com"
 }
 `
 
@@ -116,7 +130,43 @@ func TestAccDataSourceUser(t *testing.T) {
 				ExpectError: regexp.MustCompile(`Error: 404 Not Found: The user does not exist.`),
 			},
 			{
-				Config: acctest.ParseTestName(testAccDataSourceUser, testName),
+				Config: acctest.ParseTestName(testAccDataSourceUserWithID, testName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.auth0_user.test", "email", fmt.Sprintf("%[email protected]", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "user_id", fmt.Sprintf("auth0|%s", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "username", testName),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "email", fmt.Sprintf("%[email protected]", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "name", "Firstname Lastname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "given_name", "Firstname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "family_name", "Lastname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "nickname", testName),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "picture", "https://www.example.com/picture.jpg"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "roles.#", "2"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "permissions.#", "2"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "user_metadata", `{"baz":"qux","foo":"bar"}`),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "app_metadata", `{"baz":"qux","foo":"bar"}`),
+				),
+			},
+			{
+				Config: acctest.ParseTestName(testAccDataSourceUserWithQueryUsername, testName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.auth0_user.test", "email", fmt.Sprintf("%[email protected]", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "user_id", fmt.Sprintf("auth0|%s", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "username", testName),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "email", fmt.Sprintf("%[email protected]", testName)),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "name", "Firstname Lastname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "given_name", "Firstname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "family_name", "Lastname"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "nickname", testName),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "picture", "https://www.example.com/picture.jpg"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "roles.#", "2"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "permissions.#", "2"),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "user_metadata", `{"baz":"qux","foo":"bar"}`),
+					resource.TestCheckResourceAttr("data.auth0_user.test", "app_metadata", `{"baz":"qux","foo":"bar"}`),
+				),
+			},
+			{
+				Config: acctest.ParseTestName(testAccDataSourceUserWithQueryEmail, testName),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr("data.auth0_user.test", "email", fmt.Sprintf("%[email protected]", testName)),
 					resource.TestCheckResourceAttr("data.auth0_user.test", "user_id", fmt.Sprintf("auth0|%s", testName)),