diff --git a/integration/role.tf b/integration/role.tf index c71ab58c..a217e7e5 100644 --- a/integration/role.tf +++ b/integration/role.tf @@ -1,9 +1,9 @@ resource "materialize_role" "role_1" { - name = "role_1" + name = "role-1" } resource "materialize_role" "role_2" { - name = "role_2" + name = "role-2" } resource "materialize_grant_system_privilege" "role_1_system_createrole" { diff --git a/pkg/materialize/privilege.go b/pkg/materialize/privilege.go index 17be8c8d..5f0c2de2 100644 --- a/pkg/materialize/privilege.go +++ b/pkg/materialize/privilege.go @@ -145,9 +145,17 @@ func (i *PrivilegeObjectStruct) QualifiedName() string { } // DDL +type MaterializeRole struct { + name string +} + +func (b *MaterializeRole) QualifiedName() string { + return QualifiedName(b.name) +} + type PrivilegeBuilder struct { ddl Builder - role string + role MaterializeRole privilege string object PrivilegeObjectStruct } @@ -155,7 +163,7 @@ type PrivilegeBuilder struct { func NewPrivilegeBuilder(conn *sqlx.DB, role, privilege string, object PrivilegeObjectStruct) *PrivilegeBuilder { return &PrivilegeBuilder{ ddl: Builder{conn, Privilege}, - role: role, + role: MaterializeRole{name: role}, privilege: privilege, object: object, } @@ -175,13 +183,13 @@ func objectCompatibility(objectType string) string { func (b *PrivilegeBuilder) Grant() error { t := objectCompatibility(b.object.Type) - q := fmt.Sprintf(`GRANT %s ON %s %s TO %s;`, b.privilege, t, b.object.QualifiedName(), b.role) + q := fmt.Sprintf(`GRANT %s ON %s %s TO %s;`, b.privilege, t, b.object.QualifiedName(), b.role.QualifiedName()) return b.ddl.exec(q) } func (b *PrivilegeBuilder) Revoke() error { t := objectCompatibility(b.object.Type) - q := fmt.Sprintf(`REVOKE %s ON %s %s FROM %s;`, b.privilege, t, b.object.QualifiedName(), b.role) + q := fmt.Sprintf(`REVOKE %s ON %s %s FROM %s;`, b.privilege, t, b.object.QualifiedName(), b.role.QualifiedName()) return b.ddl.exec(q) } diff --git a/pkg/materialize/privilege_default_privilege.go b/pkg/materialize/privilege_default_privilege.go index 781045f1..793fdfa5 100644 --- a/pkg/materialize/privilege_default_privilege.go +++ b/pkg/materialize/privilege_default_privilege.go @@ -10,10 +10,10 @@ import ( type DefaultPrivilegeBuilder struct { ddl Builder - grantee string + grantee MaterializeRole objectType string privilege string - targetRole string + targetRole MaterializeRole schemaName string databaseName string } @@ -23,12 +23,12 @@ func NewDefaultPrivilegeBuilder(conn *sqlx.DB, objectType, grantee, privilege st ddl: Builder{conn, Privilege}, objectType: objectType, privilege: privilege, - grantee: grantee, + grantee: MaterializeRole{name: grantee}, } } func (b *DefaultPrivilegeBuilder) TargetRole(c string) *DefaultPrivilegeBuilder { - b.targetRole = c + b.targetRole = MaterializeRole{name: c} return b } @@ -47,11 +47,11 @@ func (b *DefaultPrivilegeBuilder) baseQuery(action string) error { q.WriteString(`ALTER DEFAULT PRIVILEGES`) // role - if b.targetRole != "" && b.targetRole != "ALL" { - q.WriteString(fmt.Sprintf(` FOR ROLE %s`, b.targetRole)) + if b.targetRole.name != "" && b.targetRole.name != "ALL" { + q.WriteString(fmt.Sprintf(` FOR ROLE %s`, b.targetRole.QualifiedName())) } - if b.targetRole == "ALL" { + if b.targetRole.name == "ALL" { q.WriteString(" FOR ALL ROLES") } @@ -71,7 +71,7 @@ func (b *DefaultPrivilegeBuilder) baseQuery(action string) error { grantDirection = "FROM" } - q.WriteString(fmt.Sprintf(` %[1]s %[2]s ON %[3]sS %[4]s %[5]s`, action, b.privilege, b.objectType, grantDirection, b.grantee)) + q.WriteString(fmt.Sprintf(` %[1]s %[2]s ON %[3]sS %[4]s %[5]s`, action, b.privilege, b.objectType, grantDirection, b.grantee.QualifiedName())) q.WriteString(`;`) return b.ddl.exec(q.String()) diff --git a/pkg/materialize/privilege_default_privilege_test.go b/pkg/materialize/privilege_default_privilege_test.go index 3faddc57..2b0834aa 100644 --- a/pkg/materialize/privilege_default_privilege_test.go +++ b/pkg/materialize/privilege_default_privilege_test.go @@ -113,7 +113,7 @@ func TestDefaultPrivilegeIdRoleQualified(t *testing.T) { func TestDefaultPrivilegeGrantSimple(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES GRANT SELECT ON TABLES TO joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES GRANT SELECT ON TABLES TO "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewDefaultPrivilegeBuilder(db, "TABLE", "joe", "SELECT") if err := b.Grant(); err != nil { @@ -124,7 +124,7 @@ func TestDefaultPrivilegeGrantSimple(t *testing.T) { func TestDefaultPrivilegeGrantComplex(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE interns IN DATABASE "dev" GRANT ALL PRIVILEGES ON TABLES TO intern_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "interns" IN DATABASE "dev" GRANT ALL PRIVILEGES ON TABLES TO "intern_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewDefaultPrivilegeBuilder(db, "TABLE", "intern_managers", "ALL PRIVILEGES") b.TargetRole("interns") @@ -137,7 +137,7 @@ func TestDefaultPrivilegeGrantComplex(t *testing.T) { func TestDefaultPrivilegeRevokeSimple(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON SECRETS FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON SECRETS FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewDefaultPrivilegeBuilder(db, "SECRET", "project_managers", "USAGE") b.TargetRole("developers") @@ -149,7 +149,7 @@ func TestDefaultPrivilegeRevokeSimple(t *testing.T) { func TestDefaultPrivilegeGrantAllRoles(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ALL ROLES GRANT SELECT ON TABLES TO managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ALL ROLES GRANT SELECT ON TABLES TO "managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewDefaultPrivilegeBuilder(db, "TABLE", "managers", "SELECT") b.TargetRole("ALL") diff --git a/pkg/materialize/privilege_role.go b/pkg/materialize/privilege_role.go index f8416447..26f92950 100644 --- a/pkg/materialize/privilege_role.go +++ b/pkg/materialize/privilege_role.go @@ -9,25 +9,25 @@ import ( type RolePrivilegeBuilder struct { ddl Builder - role string - member string + role MaterializeRole + member MaterializeRole } func NewRolePrivilegeBuilder(conn *sqlx.DB, role, member string) *RolePrivilegeBuilder { return &RolePrivilegeBuilder{ ddl: Builder{conn, Privilege}, - role: role, - member: member, + role: MaterializeRole{name: role}, + member: MaterializeRole{name: member}, } } func (b *RolePrivilegeBuilder) Grant() error { - q := fmt.Sprintf(`GRANT %s TO %s;`, b.role, b.member) + q := fmt.Sprintf(`GRANT %s TO %s;`, b.role.QualifiedName(), b.member.QualifiedName()) return b.ddl.exec(q) } func (b *RolePrivilegeBuilder) Revoke() error { - q := fmt.Sprintf(`REVOKE %s FROM %s;`, b.role, b.member) + q := fmt.Sprintf(`REVOKE %s FROM %s;`, b.role.QualifiedName(), b.member.QualifiedName()) return b.ddl.exec(q) } diff --git a/pkg/materialize/privilege_role_test.go b/pkg/materialize/privilege_role_test.go index 1eb34fe1..f93400df 100644 --- a/pkg/materialize/privilege_role_test.go +++ b/pkg/materialize/privilege_role_test.go @@ -43,7 +43,7 @@ func TestParseRolePrivileges(t *testing.T) { func TestRolePrivilegeGrant(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`GRANT dev_role TO user;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`GRANT "dev_role" TO "user";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewRolePrivilegeBuilder(db, "dev_role", "user") if err := b.Grant(); err != nil { @@ -54,7 +54,7 @@ func TestRolePrivilegeGrant(t *testing.T) { func TestRolePrivilegeRevoke(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE dev_role FROM user;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE "dev_role" FROM "user";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewRolePrivilegeBuilder(db, "dev_role", "user") if err := b.Revoke(); err != nil { diff --git a/pkg/materialize/privilege_system_privilege.go b/pkg/materialize/privilege_system_privilege.go index e226f088..dc844bb0 100644 --- a/pkg/materialize/privilege_system_privilege.go +++ b/pkg/materialize/privilege_system_privilege.go @@ -10,25 +10,25 @@ import ( type SystemPrivilegeBuilder struct { ddl Builder - role string + role MaterializeRole privilege string } func NewSystemPrivilegeBuilder(conn *sqlx.DB, role, privilege string) *SystemPrivilegeBuilder { return &SystemPrivilegeBuilder{ ddl: Builder{conn, Privilege}, - role: role, + role: MaterializeRole{name: role}, privilege: privilege, } } func (b *SystemPrivilegeBuilder) Grant() error { - q := fmt.Sprintf(`GRANT %s ON SYSTEM TO %s;`, b.privilege, b.role) + q := fmt.Sprintf(`GRANT %s ON SYSTEM TO %s;`, b.privilege, b.role.QualifiedName()) return b.ddl.exec(q) } func (b *SystemPrivilegeBuilder) Revoke() error { - q := fmt.Sprintf(`REVOKE %s ON SYSTEM FROM %s;`, b.privilege, b.role) + q := fmt.Sprintf(`REVOKE %s ON SYSTEM FROM %s;`, b.privilege, b.role.QualifiedName()) return b.ddl.exec(q) } diff --git a/pkg/materialize/privilege_system_privilege_test.go b/pkg/materialize/privilege_system_privilege_test.go index 9656e78e..04b468a9 100644 --- a/pkg/materialize/privilege_system_privilege_test.go +++ b/pkg/materialize/privilege_system_privilege_test.go @@ -33,7 +33,7 @@ func TestParseSystemPrivileges(t *testing.T) { func TestSystemPrivilegeGrant(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`GRANT CREATEDB ON SYSTEM TO joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`GRANT CREATEDB ON SYSTEM TO "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewSystemPrivilegeBuilder(db, "joe", "CREATEDB") if err := b.Grant(); err != nil { @@ -44,7 +44,7 @@ func TestSystemPrivilegeGrant(t *testing.T) { func TestSystemPrivilegeRevoke(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATEDB ON SYSTEM FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATEDB ON SYSTEM FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewSystemPrivilegeBuilder(db, "joe", "CREATEDB") if err := b.Revoke(); err != nil { diff --git a/pkg/materialize/privilege_test.go b/pkg/materialize/privilege_test.go index e724d655..eecf6475 100644 --- a/pkg/materialize/privilege_test.go +++ b/pkg/materialize/privilege_test.go @@ -45,7 +45,7 @@ func TestObjectCompatibility(t *testing.T) { func TestPrivilegeGrant(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`GRANT CREATE ON DATABASE "materialize" TO joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`GRANT CREATE ON DATABASE "materialize" TO "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewPrivilegeBuilder(db, "joe", "CREATE", PrivilegeObjectStruct{Type: "DATABASE", Name: "materialize"}) if err := b.Grant(); err != nil { @@ -56,7 +56,7 @@ func TestPrivilegeGrant(t *testing.T) { func TestPrivilegeRevoke(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATE ON DATABASE "materialize" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATE ON DATABASE "materialize" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) b := NewPrivilegeBuilder(db, "joe", "CREATE", PrivilegeObjectStruct{Type: "DATABASE", Name: "materialize"}) if err := b.Revoke(); err != nil { diff --git a/pkg/resources/resource_grant_cluster_default_privilege_test.go b/pkg/resources/resource_grant_cluster_default_privilege_test.go index ebeadff0..3b3ec4ec 100644 --- a/pkg/resources/resource_grant_cluster_default_privilege_test.go +++ b/pkg/resources/resource_grant_cluster_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantClusterDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON CLUSTERS TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON CLUSTERS TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantClusterDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON CLUSTERS FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON CLUSTERS FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantClusterDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_cluster_test.go b/pkg/resources/resource_grant_cluster_test.go index f7bfea81..baa78820 100644 --- a/pkg/resources/resource_grant_cluster_test.go +++ b/pkg/resources/resource_grant_cluster_test.go @@ -25,7 +25,7 @@ func TestResourceGrantClusterCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT CREATE ON CLUSTER "materialize" TO joe;`, + `GRANT CREATE ON CLUSTER "materialize" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -62,7 +62,7 @@ func TestResourceGrantClusterDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATE ON CLUSTER "materialize" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATE ON CLUSTER "materialize" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantClusterDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_connection_default_privilege_test.go b/pkg/resources/resource_grant_connection_default_privilege_test.go index c64809b2..e5c28c76 100644 --- a/pkg/resources/resource_grant_connection_default_privilege_test.go +++ b/pkg/resources/resource_grant_connection_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantConnectionDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON CONNECTIONS TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON CONNECTIONS TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantConnectionDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON CONNECTIONS FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON CONNECTIONS FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantConnectionDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_connection_test.go b/pkg/resources/resource_grant_connection_test.go index 4a13baa7..36c9657b 100644 --- a/pkg/resources/resource_grant_connection_test.go +++ b/pkg/resources/resource_grant_connection_test.go @@ -27,7 +27,7 @@ func TestResourceGrantConnectionCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT USAGE ON CONNECTION "database"."schema"."conn" TO joe;`, + `GRANT USAGE ON CONNECTION "database"."schema"."conn" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantConnectionDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE USAGE ON CONNECTION "database"."schema"."conn" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE USAGE ON CONNECTION "database"."schema"."conn" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantConnectionDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_database_default_privilege_test.go b/pkg/resources/resource_grant_database_default_privilege_test.go index 8d4086c5..0093d653 100644 --- a/pkg/resources/resource_grant_database_default_privilege_test.go +++ b/pkg/resources/resource_grant_database_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantDatabaseDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON DATABASES TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON DATABASES TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantDatabaseDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON DATABASES FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON DATABASES FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantDatabaseDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_database_test.go b/pkg/resources/resource_grant_database_test.go index 0302967e..dada2f13 100644 --- a/pkg/resources/resource_grant_database_test.go +++ b/pkg/resources/resource_grant_database_test.go @@ -25,7 +25,7 @@ func TestResourceGrantDatabaseCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT CREATE ON DATABASE "materialize" TO joe;`, + `GRANT CREATE ON DATABASE "materialize" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -62,7 +62,7 @@ func TestResourceGrantDatabaseDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATE ON DATABASE "materialize" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATE ON DATABASE "materialize" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantDatabaseDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_materialized_view_test.go b/pkg/resources/resource_grant_materialized_view_test.go index cd31e40c..5f69736e 100644 --- a/pkg/resources/resource_grant_materialized_view_test.go +++ b/pkg/resources/resource_grant_materialized_view_test.go @@ -27,7 +27,7 @@ func TestResourceGrantMaterializedViewCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT SELECT ON TABLE "database"."schema"."mview" TO joe;`, + `GRANT SELECT ON TABLE "database"."schema"."mview" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantMaterializedViewDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."mview" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."mview" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantMaterializedViewDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_role_test.go b/pkg/resources/resource_grant_role_test.go index b8e6e87f..6846f253 100644 --- a/pkg/resources/resource_grant_role_test.go +++ b/pkg/resources/resource_grant_role_test.go @@ -24,7 +24,7 @@ func TestResourceGrantRolePrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT role TO member;`, + `GRANT "role" TO "member";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // RolePrivilegeId - Query role @@ -59,7 +59,7 @@ func TestResourceGrantRolePrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE role FROM member;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE "role" FROM "member";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantRoleDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_schema_default_privilege_test.go b/pkg/resources/resource_grant_schema_default_privilege_test.go index fa21b40d..ffbdb276 100644 --- a/pkg/resources/resource_grant_schema_default_privilege_test.go +++ b/pkg/resources/resource_grant_schema_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantSchemaDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON SCHEMAS TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON SCHEMAS TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantSchemaDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON SCHEMAS FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON SCHEMAS FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSchemaDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_schema_test.go b/pkg/resources/resource_grant_schema_test.go index 8f2ee637..3aa4ee45 100644 --- a/pkg/resources/resource_grant_schema_test.go +++ b/pkg/resources/resource_grant_schema_test.go @@ -26,7 +26,7 @@ func TestResourceGrantSchemaCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT CREATE ON SCHEMA "database"."schema" TO joe;`, + `GRANT CREATE ON SCHEMA "database"."schema" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -64,7 +64,7 @@ func TestResourceGrantSchemaDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATE ON SCHEMA "database"."schema" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATE ON SCHEMA "database"."schema" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSchemaDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_secret_default_privilege_test.go b/pkg/resources/resource_grant_secret_default_privilege_test.go index bef38a85..eb8f1829 100644 --- a/pkg/resources/resource_grant_secret_default_privilege_test.go +++ b/pkg/resources/resource_grant_secret_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantSecretDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON SECRETS TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON SECRETS TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantSecretDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON SECRETS FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON SECRETS FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSecretDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_secret_test.go b/pkg/resources/resource_grant_secret_test.go index e0e36060..55664d30 100644 --- a/pkg/resources/resource_grant_secret_test.go +++ b/pkg/resources/resource_grant_secret_test.go @@ -27,7 +27,7 @@ func TestResourceGrantSecretCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT USAGE ON SECRET "database"."schema"."secret" TO joe;`, + `GRANT USAGE ON SECRET "database"."schema"."secret" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantSecretDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE USAGE ON SECRET "database"."schema"."secret" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE USAGE ON SECRET "database"."schema"."secret" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSecretDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_source_test.go b/pkg/resources/resource_grant_source_test.go index d4ab3cbb..4cef6aa4 100644 --- a/pkg/resources/resource_grant_source_test.go +++ b/pkg/resources/resource_grant_source_test.go @@ -27,7 +27,7 @@ func TestResourceGrantSourceCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT SELECT ON TABLE "database"."schema"."source" TO joe;`, + `GRANT SELECT ON TABLE "database"."schema"."source" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantSourceDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."source" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."source" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSourceDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_system_privilege_test.go b/pkg/resources/resource_grant_system_privilege_test.go index 379f759d..dfd598c8 100644 --- a/pkg/resources/resource_grant_system_privilege_test.go +++ b/pkg/resources/resource_grant_system_privilege_test.go @@ -24,7 +24,7 @@ func TestResourceGrantSystemPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT CREATEDB ON SYSTEM TO role;`, + `GRANT CREATEDB ON SYSTEM TO "role";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // SystemPrivilegeId - Query role @@ -55,7 +55,7 @@ func TestResourceGrantSystemPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE CREATEDB ON SYSTEM FROM role;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE CREATEDB ON SYSTEM FROM "role";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantSystemPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_table_default_privilege_test.go b/pkg/resources/resource_grant_table_default_privilege_test.go index c51d388e..ea822516 100644 --- a/pkg/resources/resource_grant_table_default_privilege_test.go +++ b/pkg/resources/resource_grant_table_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantTableDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON TABLES TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON TABLES TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantTableDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON TABLES FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON TABLES FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantTableDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_table_test.go b/pkg/resources/resource_grant_table_test.go index 2c0c2221..2e7010ea 100644 --- a/pkg/resources/resource_grant_table_test.go +++ b/pkg/resources/resource_grant_table_test.go @@ -27,7 +27,7 @@ func TestResourceGrantTableCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT INSERT ON TABLE "database"."schema"."table" TO joe;`, + `GRANT INSERT ON TABLE "database"."schema"."table" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantTableDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE INSERT ON TABLE "database"."schema"."table" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE INSERT ON TABLE "database"."schema"."table" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantTableDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_type_default_privilege_test.go b/pkg/resources/resource_grant_type_default_privilege_test.go index 4d34ab82..0fb1be42 100644 --- a/pkg/resources/resource_grant_type_default_privilege_test.go +++ b/pkg/resources/resource_grant_type_default_privilege_test.go @@ -25,7 +25,7 @@ func TestResourceGrantTypeDefaultPrivilegeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `ALTER DEFAULT PRIVILEGES FOR ROLE developers GRANT USAGE ON TYPES TO project_managers;`, + `ALTER DEFAULT PRIVILEGES FOR ROLE "developers" GRANT USAGE ON TYPES TO "project_managers";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // DefaultPrivilegeId - Query grantee role @@ -65,7 +65,7 @@ func TestResourceGrantTypeDefaultPrivilegeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE developers REVOKE USAGE ON TYPES FROM project_managers;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`ALTER DEFAULT PRIVILEGES FOR ROLE "developers" REVOKE USAGE ON TYPES FROM "project_managers";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantTypeDefaultPrivilegeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_grant_type_test.go b/pkg/resources/resource_grant_type_test.go index a518ba46..ba092672 100644 --- a/pkg/resources/resource_grant_type_test.go +++ b/pkg/resources/resource_grant_type_test.go @@ -27,7 +27,7 @@ func TestResourceGrantTypeCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT USAGE ON TYPE "database"."schema"."type" TO joe;`, + `GRANT USAGE ON TYPE "database"."schema"."type" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantTypeDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE USAGE ON TYPE "database"."schema"."type" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE USAGE ON TYPE "database"."schema"."type" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantTypeDelete(context.TODO(), d, db); err != nil { t.Fatal(err) diff --git a/pkg/resources/resource_view_grant_test.go b/pkg/resources/resource_view_grant_test.go index 803144a0..bc4c9a5e 100644 --- a/pkg/resources/resource_view_grant_test.go +++ b/pkg/resources/resource_view_grant_test.go @@ -27,7 +27,7 @@ func TestResourceGrantViewCreate(t *testing.T) { testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { // Create mock.ExpectExec( - `GRANT SELECT ON TABLE "database"."schema"."view" TO joe;`, + `GRANT SELECT ON TABLE "database"."schema"."view" TO "joe";`, ).WillReturnResult(sqlmock.NewResult(1, 1)) // Query Role Id @@ -66,7 +66,7 @@ func TestResourceGrantViewDelete(t *testing.T) { r.NotNil(d) testhelpers.WithMockDb(t, func(db *sqlx.DB, mock sqlmock.Sqlmock) { - mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."view" FROM joe;`).WillReturnResult(sqlmock.NewResult(1, 1)) + mock.ExpectExec(`REVOKE SELECT ON TABLE "database"."schema"."view" FROM "joe";`).WillReturnResult(sqlmock.NewResult(1, 1)) if err := grantViewDelete(context.TODO(), d, db); err != nil { t.Fatal(err)