Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
  • Loading branch information
sfc-gh-jcieslak committed Nov 27, 2024
1 parent 3ef49b5 commit ac27823
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 18 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ func TestAcc_GrantPrivilegesToDatabaseRole_OnDatabase(t *testing.T) {
configVariables := config.Variables{
"name": config.StringVariable(databaseRoleId.Name()),
"privileges": config.ListVariable(
config.StringVariable(string(sdk.AccountObjectPrivilegeApplyBudget)),
config.StringVariable(string(sdk.AccountObjectPrivilegeCreateSchema)),
config.StringVariable(string(sdk.AccountObjectPrivilegeModify)),
config.StringVariable(string(sdk.AccountObjectPrivilegeUsage)),
Expand All @@ -53,13 +54,14 @@ func TestAcc_GrantPrivilegesToDatabaseRole_OnDatabase(t *testing.T) {
ConfigVariables: configVariables,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(resourceName, "database_role_name", databaseRoleId.FullyQualifiedName()),
resource.TestCheckResourceAttr(resourceName, "privileges.#", "3"),
resource.TestCheckResourceAttr(resourceName, "privileges.0", string(sdk.AccountObjectPrivilegeCreateSchema)),
resource.TestCheckResourceAttr(resourceName, "privileges.1", string(sdk.AccountObjectPrivilegeModify)),
resource.TestCheckResourceAttr(resourceName, "privileges.2", string(sdk.AccountObjectPrivilegeUsage)),
resource.TestCheckResourceAttr(resourceName, "privileges.#", "4"),
resource.TestCheckResourceAttr(resourceName, "privileges.0", string(sdk.AccountObjectPrivilegeApplyBudget)),
resource.TestCheckResourceAttr(resourceName, "privileges.1", string(sdk.AccountObjectPrivilegeCreateSchema)),
resource.TestCheckResourceAttr(resourceName, "privileges.2", string(sdk.AccountObjectPrivilegeModify)),
resource.TestCheckResourceAttr(resourceName, "privileges.3", string(sdk.AccountObjectPrivilegeUsage)),
resource.TestCheckResourceAttr(resourceName, "on_database", acc.TestClient().Ids.DatabaseId().FullyQualifiedName()),
resource.TestCheckResourceAttr(resourceName, "with_grant_option", "true"),
resource.TestCheckResourceAttr(resourceName, "id", fmt.Sprintf("%s|true|false|CREATE SCHEMA,MODIFY,USAGE|OnDatabase|%s", databaseRoleId.FullyQualifiedName(), acc.TestClient().Ids.DatabaseId().FullyQualifiedName())),
resource.TestCheckResourceAttr(resourceName, "id", fmt.Sprintf("%s|true|false|APPLYBUDGET,CREATE SCHEMA,MODIFY,USAGE|OnDatabase|%s", databaseRoleId.FullyQualifiedName(), acc.TestClient().Ids.DatabaseId().FullyQualifiedName())),
),
},
{
Expand Down
13 changes: 0 additions & 13 deletions pkg/sdk/grants_validations.go
Original file line number Diff line number Diff line change
Expand Up @@ -293,19 +293,6 @@ func (v *DatabaseRoleGrantPrivileges) validate() error {
if !exactlyOneValueSet(v.DatabasePrivileges, v.SchemaPrivileges, v.SchemaObjectPrivileges, v.AllPrivileges) {
errs = append(errs, errExactlyOneOf("DatabaseRoleGrantPrivileges", "DatabasePrivileges", "SchemaPrivileges", "SchemaObjectPrivileges", "AllPrivileges"))
}
if valueSet(v.DatabasePrivileges) {
allowedPrivileges := []AccountObjectPrivilege{
AccountObjectPrivilegeCreateSchema,
AccountObjectPrivilegeModify,
AccountObjectPrivilegeMonitor,
AccountObjectPrivilegeUsage,
}
for _, p := range v.DatabasePrivileges {
if !slices.Contains(allowedPrivileges, p) {
errs = append(errs, fmt.Errorf("privilege %s is not allowed", p.String()))
}
}
}
return errors.Join(errs...)
}

Expand Down

0 comments on commit ac27823

Please sign in to comment.