From 74107d8fc469b27f27fac1be63803e9a2a903c93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Cie=C5=9Blak?= Date: Tue, 3 Sep 2024 14:23:18 +0200 Subject: [PATCH] Add user improvements --- MIGRATION_GUIDE.md | 4 ++++ docs/data-sources/users.md | 4 ++-- .../bettertestspoc/assert/objectassert/user_snowflake_ext.go | 2 +- pkg/datasources/users.go | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/MIGRATION_GUIDE.md b/MIGRATION_GUIDE.md index 90a84e5c2b..de776066e7 100644 --- a/MIGRATION_GUIDE.md +++ b/MIGRATION_GUIDE.md @@ -256,6 +256,10 @@ Validation changes: - `default_secondary_roles` - only 1-element lists with `"ALL"` element are now supported. Check [Snowflake docs](https://docs.snowflake.com/en/sql-reference/sql/create-user#optional-object-properties-objectproperties) for more details. #### *(breaking change)* refactored snowflake_users datasource +> **IMPORTANT NOTE:** when querying users you don't have permissions to, the querying options are limited. +You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command cannot be called, so you have to set `with_describe = false`. +Only `parameters` output is not affected by the lack of privileges. + Changes: - account checking logic was entirely removed - `pattern` renamed to `like` diff --git a/docs/data-sources/users.md b/docs/data-sources/users.md index 4332954bda..e59fc18b17 100644 --- a/docs/data-sources/users.md +++ b/docs/data-sources/users.md @@ -2,14 +2,14 @@ page_title: "snowflake_users Data Source - terraform-provider-snowflake" subcategory: "" description: |- - Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for SHOW USERS https://docs.snowflake.com/en/sql-reference/sql/show-users query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. + Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for SHOW USERS https://docs.snowflake.com/en/sql-reference/sql/show-users query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in show_output (only empty or default values), the DESCRIBE command cannot be called, so you have to set with_describe = false. Only parameters output is not affected by the lack of privileges. --- !> **V1 release candidate** This data source was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the data source if needed. Any errors reported will be resolved with a higher priority. We encourage checking this data source out before the V1 release. Please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#v0920--v0930) to use it. # snowflake_users (Data Source) -Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. +Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command cannot be called, so you have to set `with_describe = false`. Only `parameters` output is not affected by the lack of privileges. ## Example Usage diff --git a/pkg/acceptance/bettertestspoc/assert/objectassert/user_snowflake_ext.go b/pkg/acceptance/bettertestspoc/assert/objectassert/user_snowflake_ext.go index 7648c2403e..328f7a7c56 100644 --- a/pkg/acceptance/bettertestspoc/assert/objectassert/user_snowflake_ext.go +++ b/pkg/acceptance/bettertestspoc/assert/objectassert/user_snowflake_ext.go @@ -55,7 +55,7 @@ func (w *UserAssert) HasOwnerNotEmpty() *UserAssert { w.AddAssertion(func(t *testing.T, o *sdk.User) error { t.Helper() if o.Owner == "" { - return fmt.Errorf("expected owner not empty; got: %v", o.Owner) + return fmt.Errorf("expected owner not empty; got empty") } return nil }) diff --git a/pkg/datasources/users.go b/pkg/datasources/users.go index 18fe56371a..a2e576a2ac 100644 --- a/pkg/datasources/users.go +++ b/pkg/datasources/users.go @@ -93,7 +93,7 @@ func Users() *schema.Resource { return &schema.Resource{ ReadContext: ReadUsers, Schema: usersSchema, - Description: "Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection.", + Description: "Datasource used to get details of filtered users. Filtering is aligned with the current possibilities for [SHOW USERS](https://docs.snowflake.com/en/sql-reference/sql/show-users) query. The results of SHOW, DESCRIBE, and SHOW PARAMETERS IN are encapsulated in one output collection. Important note is that when querying users you don't have permissions to, the querying options are limited. You won't get almost any field in `show_output` (only empty or default values), the DESCRIBE command cannot be called, so you have to set `with_describe = false`. Only `parameters` output is not affected by the lack of privileges.", } }