fix: Added Missing Account Privileges (#635)

Snowflake-Labs · Aug 12, 2021 · c9cc806 · c9cc806
1 parent 869ff75
commit c9cc806
Show file tree

Hide file tree

Showing 6 changed files with 66 additions and 44 deletions.
diff --git a/Makefile b/Makefile
@@ -6,6 +6,7 @@ export BASE_BINARY_NAME=terraform-provider-snowflake_v$(VERSION)
 export GO111MODULE=on
 export TF_ACC_TERRAFORM_VERSION=0.13.0
 export SKIP_EXTERNAL_TABLE_TESTS=true
+export SKIP_SCIM_INTEGRATION_TESTS=true
 
 go_test ?= -
 ifeq (, $(shell which gotest))

diff --git a/pkg/datasources/system_generate_scim_access_token_acceptance_test.go b/pkg/datasources/system_generate_scim_access_token_acceptance_test.go
@@ -2,6 +2,7 @@ package datasources_test
 
 import (
 	"fmt"
+	"os"
 	"strings"
 	"testing"
 
@@ -10,6 +11,10 @@ import (
 )
 
 func TestAcc_SystemGenerateSCIMAccessToken(t *testing.T) {
+	if _, ok := os.LookupEnv("SKIP_SCIM_INTEGRATION_TESTS"); ok {
+		t.Skip("Skipping TestAccScimIntegration")
+	}
+
 	scimIntName := strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha))
 	resource.ParallelTest(t, resource.TestCase{
 		Providers: providers(),

diff --git a/pkg/resources/account_grant.go b/pkg/resources/account_grant.go
@@ -7,18 +7,25 @@ import (
 )
 
 var validAccountPrivileges = NewPrivilegeSet(
+	privilegeApplyMaskingPolicy,
+	privilegeApplyRowAccessPolicy,
+	privilegeApplyTag,
+	privilegeAttachPolicy,
+	privilegeCreateAccount,
+	privilegeCreateDatabase,
+	privilegeCreateDataExchangeListing,
+	privilegeCreateIntegration,
+	privilegeCreateNetworkPolicy,
 	privilegeCreateRole,
+	privilegeCreateShare,
 	privilegeCreateUser,
 	privilegeCreateWarehouse,
-	privilegeCreateDatabase,
-	privilegeCreateIntegration,
+	privilegeExecuteTask,
+	privilegeImportShare,
 	privilegeManageGrants,
 	privilegeMonitorUsage,
 	privilegeMonitorExecution,
-	privilegeExecuteTask,
-	privilegeApplyMaskingPolicy,
-	privilegeCreateShare,
-	privilegeImportShare,
+	privilegeOverrideShareRestrictions,
 )
 
 var accountGrantSchema = map[string]*schema.Schema{

diff --git a/pkg/resources/external_table_grant.go b/pkg/resources/external_table_grant.go
@@ -9,6 +9,7 @@ import (
 
 var validExternalTablePrivileges = NewPrivilegeSet(
 	privilegeOwnership,
+	privilegeReferences,
 	privilegeSelect,
 )
 

diff --git a/pkg/resources/privileges.go b/pkg/resources/privileges.go
@@ -7,43 +7,50 @@ func (p Privilege) String() string {
 }
 
 const (
-	privilegeSelect                 Privilege = "SELECT"
-	privilegeInsert                 Privilege = "INSERT"
-	privilegeUpdate                 Privilege = "UPDATE"
-	privilegeDelete                 Privilege = "DELETE"
-	privilegeTruncate               Privilege = "TRUNCATE"
-	privilegeReferences             Privilege = "REFERENCES"
-	privilegeRebuild                Privilege = "REBUILD"
-	privilegeCreateSchema           Privilege = "CREATE SCHEMA"
-	privilegeImportedPrivileges     Privilege = "IMPORTED PRIVILEGES"
-	privilegeModify                 Privilege = "MODIFY"
-	privilegeOperate                Privilege = "OPERATE"
-	privilegeMonitor                Privilege = "MONITOR"
-	privilegeOwnership              Privilege = "OWNERSHIP"
-	privilegeRead                   Privilege = "READ"
-	privilegeReferenceUsage         Privilege = "REFERENCE_USAGE"
-	privilegeUsage                  Privilege = "USAGE"
-	privilegeWrite                  Privilege = "WRITE"
-	privilegeCreateTable            Privilege = "CREATE TABLE"
-	privilegeCreateView             Privilege = "CREATE VIEW"
-	privilegeCreateFileFormat       Privilege = "CREATE FILE FORMAT"
-	privilegeCreateStage            Privilege = "CREATE STAGE"
-	privilegeCreatePipe             Privilege = "CREATE PIPE"
-	privilegeCreateStream           Privilege = "CREATE STREAM"
-	privilegeCreateTask             Privilege = "CREATE TASK"
-	privilegeCreateSequence         Privilege = "CREATE SEQUENCE"
-	privilegeCreateFunction         Privilege = "CREATE FUNCTION"
-	privilegeCreateProcedure        Privilege = "CREATE PROCEDURE"
-	privilegeCreateExternalTable    Privilege = "CREATE EXTERNAL TABLE"
-	privilegeCreateMaterializedView Privilege = "CREATE MATERIALIZED VIEW"
-	privilegeCreateRowAccessPolicy  Privilege = "CREATE ROW ACCESS POLICY"
-	privilegeCreateTemporaryTable   Privilege = "CREATE TEMPORARY TABLE"
-	privilegeCreateMaskingPolicy    Privilege = "CREATE MASKING POLICY"
-	privilegeCreateShare            Privilege = "CREATE SHARE"
-	privilegeImportShare            Privilege = "IMPORT SHARE"
-	privilegeAddSearchOptimization  Privilege = "ADD SEARCH OPTIMIZATION"
-	privilegeApplyMaskingPolicy     Privilege = "APPLY MASKING POLICY"
-	privilegeApply                  Privilege = "APPLY"
+	privilegeSelect                    Privilege = "SELECT"
+	privilegeInsert                    Privilege = "INSERT"
+	privilegeUpdate                    Privilege = "UPDATE"
+	privilegeDelete                    Privilege = "DELETE"
+	privilegeTruncate                  Privilege = "TRUNCATE"
+	privilegeReferences                Privilege = "REFERENCES"
+	privilegeRebuild                   Privilege = "REBUILD"
+	privilegeCreateSchema              Privilege = "CREATE SCHEMA"
+	privilegeImportedPrivileges        Privilege = "IMPORTED PRIVILEGES"
+	privilegeModify                    Privilege = "MODIFY"
+	privilegeOperate                   Privilege = "OPERATE"
+	privilegeMonitor                   Privilege = "MONITOR"
+	privilegeOwnership                 Privilege = "OWNERSHIP"
+	privilegeRead                      Privilege = "READ"
+	privilegeReferenceUsage            Privilege = "REFERENCE_USAGE"
+	privilegeUsage                     Privilege = "USAGE"
+	privilegeWrite                     Privilege = "WRITE"
+	privilegeCreateTable               Privilege = "CREATE TABLE"
+	privilegeCreateView                Privilege = "CREATE VIEW"
+	privilegeCreateFileFormat          Privilege = "CREATE FILE FORMAT"
+	privilegeCreateStage               Privilege = "CREATE STAGE"
+	privilegeCreatePipe                Privilege = "CREATE PIPE"
+	privilegeCreateStream              Privilege = "CREATE STREAM"
+	privilegeCreateTask                Privilege = "CREATE TASK"
+	privilegeCreateSequence            Privilege = "CREATE SEQUENCE"
+	privilegeCreateFunction            Privilege = "CREATE FUNCTION"
+	privilegeCreateProcedure           Privilege = "CREATE PROCEDURE"
+	privilegeCreateExternalTable       Privilege = "CREATE EXTERNAL TABLE"
+	privilegeCreateMaterializedView    Privilege = "CREATE MATERIALIZED VIEW"
+	privilegeCreateRowAccessPolicy     Privilege = "CREATE ROW ACCESS POLICY"
+	privilegeCreateTemporaryTable      Privilege = "CREATE TEMPORARY TABLE"
+	privilegeCreateMaskingPolicy       Privilege = "CREATE MASKING POLICY"
+	privilegeCreateNetworkPolicy       Privilege = "CREATE NETWORK POLICY"
+	privilegeCreateDataExchangeListing Privilege = "CREATE DATA EXCHANGE LISTING"
+	privilegeCreateAccount             Privilege = "CREATE ACCOUNT"
+	privilegeCreateShare               Privilege = "CREATE SHARE"
+	privilegeImportShare               Privilege = "IMPORT SHARE"
+	privilegeOverrideShareRestrictions Privilege = "OVERRIDE SHARE RESTRICTIONS"
+	privilegeAddSearchOptimization     Privilege = "ADD SEARCH OPTIMIZATION"
+	privilegeApplyMaskingPolicy        Privilege = "APPLY MASKING POLICY"
+	privilegeApplyRowAccessPolicy      Privilege = "APPLY ROW ACCESS POLICY"
+	privilegeApplyTag                  Privilege = "APPLY TAG"
+	privilegeApply                     Privilege = "APPLY"
+	privilegeAttachPolicy              Privilege = "ATTACH POLICY"
 
 	privilegeCreateRole        Privilege = "CREATE ROLE"
 	privilegeCreateUser        Privilege = "CREATE USER"

diff --git a/pkg/resources/view_grant.go b/pkg/resources/view_grant.go
@@ -8,8 +8,9 @@ import (
 )
 
 var validViewPrivileges = NewPrivilegeSet(
-	privilegeSelect,
 	privilegeOwnership,
+	privilegeReferences,
+	privilegeSelect,
 )
 
 var viewGrantSchema = map[string]*schema.Schema{