-
Notifications
You must be signed in to change notification settings - Fork 399
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #13 from Viostream/feature/warehouse-grant
Feature/warehouse grant
- Loading branch information
Showing
9 changed files
with
271 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
package resources | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/hashicorp/terraform/helper/schema" | ||
"github.com/hashicorp/terraform/helper/validation" | ||
|
||
"github.com/chanzuckerberg/terraform-provider-snowflake/pkg/snowflake" | ||
) | ||
|
||
var validWarehousePrivileges = []string{ | ||
"ALL", "MODIFY", "MONITOR", "OPERATE", "OWNERSHIP", "USAGE", | ||
} | ||
|
||
var warehouseGrantSchema = map[string]*schema.Schema{ | ||
"warehouse_name": &schema.Schema{ | ||
Type: schema.TypeString, | ||
Required: true, | ||
Description: "The name of the warehouse on which to grant privileges.", | ||
ForceNew: true, | ||
}, | ||
"privilege": &schema.Schema{ | ||
Type: schema.TypeString, | ||
Optional: true, | ||
Description: "The privilege to grant on the warehouse.", | ||
Default: "USAGE", | ||
ValidateFunc: validation.StringInSlice(validWarehousePrivileges, true), | ||
ForceNew: true, | ||
}, | ||
"roles": &schema.Schema{ | ||
Type: schema.TypeSet, | ||
Elem: &schema.Schema{Type: schema.TypeString}, | ||
Optional: true, | ||
Description: "Grants privilege to these roles.", | ||
ForceNew: true, | ||
}, | ||
} | ||
|
||
// WarehouseGrant returns a pointer to the resource representing a view grant | ||
func WarehouseGrant() *schema.Resource { | ||
return &schema.Resource{ | ||
Create: CreateWarehouseGrant, | ||
Read: ReadWarehouseGrant, | ||
Delete: DeleteWarehouseGrant, | ||
|
||
Schema: warehouseGrantSchema, | ||
Importer: &schema.ResourceImporter{ | ||
State: schema.ImportStatePassthrough, | ||
}, | ||
} | ||
} | ||
|
||
// CreateWarehouseGrant implements schema.CreateFunc | ||
func CreateWarehouseGrant(data *schema.ResourceData, meta interface{}) error { | ||
w := data.Get("warehouse_name").(string) | ||
priv := data.Get("privilege").(string) | ||
builder := snowflake.WarehouseGrant(w) | ||
|
||
err := createGenericGrant(data, meta, builder) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// ID format is <warehouse_name>|||<privilege> | ||
data.SetId(fmt.Sprintf("%v|||%v", w, priv)) | ||
|
||
return ReadWarehouseGrant(data, meta) | ||
} | ||
|
||
// ReadWarehouseGrant implements schema.ReadFunc | ||
func ReadWarehouseGrant(data *schema.ResourceData, meta interface{}) error { | ||
w, _, _, priv, err := splitGrantID(data.Id()) | ||
if err != nil { | ||
return err | ||
} | ||
err = data.Set("warehouse_name", w) | ||
if err != nil { | ||
return err | ||
} | ||
err = data.Set("privilege", priv) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
builder := snowflake.WarehouseGrant(w) | ||
|
||
return readGenericGrant(data, meta, builder) | ||
} | ||
|
||
// DeleteWarehouseGrant implements schema.DeleteFunc | ||
func DeleteWarehouseGrant(data *schema.ResourceData, meta interface{}) error { | ||
w, _, _, _, err := splitGrantID(data.Id()) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
builder := snowflake.WarehouseGrant(w) | ||
|
||
return deleteGenericGrant(data, meta, builder) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
package resources_test | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform/helper/acctest" | ||
"github.com/hashicorp/terraform/helper/resource" | ||
) | ||
|
||
func TestAccWarehouseGrant(t *testing.T) { | ||
wName := acctest.RandStringFromCharSet(10, acctest.CharSetAlpha) | ||
roleName := acctest.RandStringFromCharSet(10, acctest.CharSetAlpha) | ||
|
||
resource.Test(t, resource.TestCase{ | ||
Providers: providers(), | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: warehouseGrantConfig(wName, roleName), | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttr("snowflake_warehouse_grant.test", "warehouse_name", wName), | ||
resource.TestCheckResourceAttr("snowflake_warehouse_grant.test", "privilege", "USAGE"), | ||
), | ||
}, | ||
// IMPORT | ||
{ | ||
ResourceName: "snowflake_warehouse_grant.test", | ||
ImportState: true, | ||
ImportStateVerify: true, | ||
}, | ||
}, | ||
}) | ||
} | ||
|
||
func warehouseGrantConfig(n, role string) string { | ||
return fmt.Sprintf(` | ||
resource "snowflake_warehouse" "test" { | ||
name = "%v" | ||
} | ||
resource "snowflake_role" "test" { | ||
name = "%v" | ||
} | ||
resource "snowflake_warehouse_grant" "test" { | ||
warehouse_name = snowflake_warehouse.test.name | ||
roles = [snowflake_role.test.name] | ||
} | ||
`, n, role) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package resources_test | ||
|
||
import ( | ||
"database/sql" | ||
"testing" | ||
"time" | ||
|
||
sqlmock "github.com/DATA-DOG/go-sqlmock" | ||
"github.com/stretchr/testify/assert" | ||
"github.com/stretchr/testify/require" | ||
|
||
"github.com/hashicorp/terraform/helper/schema" | ||
|
||
"github.com/chanzuckerberg/terraform-provider-snowflake/pkg/provider" | ||
"github.com/chanzuckerberg/terraform-provider-snowflake/pkg/resources" | ||
. "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/testhelpers" | ||
) | ||
|
||
func TestWarehouseGrant(t *testing.T) { | ||
r := require.New(t) | ||
err := resources.WarehouseGrant().InternalValidate(provider.Provider().Schema, true) | ||
r.NoError(err) | ||
} | ||
|
||
func TestWarehouseGrantCreate(t *testing.T) { | ||
a := assert.New(t) | ||
|
||
in := map[string]interface{}{ | ||
"warehouse_name": "test-warehouse", | ||
"privilege": "USAGE", | ||
"roles": []string{"test-role-1", "test-role-2"}, | ||
} | ||
d := schema.TestResourceDataRaw(t, resources.WarehouseGrant().Schema, in) | ||
a.NotNil(d) | ||
|
||
WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { | ||
mock.ExpectExec(`^GRANT USAGE ON WAREHOUSE "test-warehouse" TO ROLE "test-role-1"$`).WillReturnResult(sqlmock.NewResult(1, 1)) | ||
mock.ExpectExec(`^GRANT USAGE ON WAREHOUSE "test-warehouse" TO ROLE "test-role-2"$`).WillReturnResult(sqlmock.NewResult(1, 1)) | ||
expectReadWarehouseGrant(mock) | ||
err := resources.CreateWarehouseGrant(d, db) | ||
a.NoError(err) | ||
}) | ||
} | ||
|
||
func expectReadWarehouseGrant(mock sqlmock.Sqlmock) { | ||
rows := sqlmock.NewRows([]string{ | ||
"created_on", "privilege", "granted_on", "name", "granted_to", "grantee_name", "grant_option", "granted_by", | ||
}).AddRow( | ||
time.Date(2000, 1, 1, 0, 0, 0, 0, time.UTC), "USAGE", "WAREHOUSE", "test-warehouse", "ROLE", "test-role-1", false, "bob", | ||
).AddRow( | ||
time.Date(2000, 1, 1, 0, 0, 0, 0, time.UTC), "USAGE", "WAREHOUSE", "test-warehouse", "ROLE", "test-role-2", false, "bob", | ||
) | ||
mock.ExpectQuery(`^SHOW GRANTS ON WAREHOUSE "test-warehouse"$`).WillReturnRows(rows) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters