diff --git a/src/query/service/src/interpreters/interpreter_privilege_grant.rs b/src/query/service/src/interpreters/interpreter_privilege_grant.rs
index e453849dd5ce..6cc1d6f17aa9 100644
--- a/src/query/service/src/interpreters/interpreter_privilege_grant.rs
+++ b/src/query/service/src/interpreters/interpreter_privilege_grant.rs
@@ -24,7 +24,6 @@ use databend_common_meta_app::principal::UserPrivilegeType::Ownership;
 use databend_common_sql::plans::GrantPrivilegePlan;
 use databend_common_users::RoleCacheManager;
 use databend_common_users::UserApiProvider;
-use databend_common_users::BUILTIN_ROLE_ACCOUNT_ADMIN;
 use log::debug;
 use log::error;
 use log::info;
diff --git a/src/query/users/src/role_mgr.rs b/src/query/users/src/role_mgr.rs
index 43ed4ae4e241..e1e871189444 100644
--- a/src/query/users/src/role_mgr.rs
+++ b/src/query/users/src/role_mgr.rs
@@ -165,17 +165,17 @@ impl UserApiProvider {
             .get_ownership(object)
             .await
             .map_err(|e| e.add_message_back("(while get ownership)"))?;
-        if let Some(owenr) = ownership {
+        if let Some(owner) = ownership {
             // if object has ownership, but the owner role is not exists, set owner role to ACCOUNT_ADMIN,
             // only account_admin can access this object.
             if !self.exists_role(tenant, owner.role.clone()).await? {
                 Ok(Some(OwnershipInfo {
                     role: BUILTIN_ROLE_ACCOUNT_ADMIN.to_string(),
-                    object: *object,
+                    object: object.clone(),
                 }))
             } else {
                 Ok(Some(owner))
-            };
+            }
         } else {
             Ok(None)
         }