From 6ea0366517dc827e6f411bb03552055e87bccc1d Mon Sep 17 00:00:00 2001 From: Vuong Date: Wed, 26 Jun 2024 08:38:14 +0100 Subject: [PATCH 1/2] make principal case sensitive --- catalog/resource_grant.go | 12 ++++++------ catalog/resource_grant_test.go | 6 +++--- catalog/resource_grants.go | 4 ++-- catalog/resource_grants_test.go | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/catalog/resource_grant.go b/catalog/resource_grant.go index ddd3abb08c..f28234b546 100644 --- a/catalog/resource_grant.go +++ b/catalog/resource_grant.go @@ -20,15 +20,15 @@ func diffPermissionsForPrincipal(principal string, desired catalog.PermissionsLi // diffs change sets for principal configured := map[string]*schema.Set{} for _, v := range desired.PrivilegeAssignments { - if strings.EqualFold(v.Principal, principal) { - configured[strings.ToLower(v.Principal)] = permissions.SliceToSet(v.Privileges) + if v.Principal == principal { + configured[v.Principal] = permissions.SliceToSet(v.Privileges) } } // existing permissions that needs removal for principal remote := map[string]*schema.Set{} for _, v := range existing.PrivilegeAssignments { - if strings.EqualFold(v.Principal, principal) { - remote[strings.ToLower(v.Principal)] = permissions.SliceToSet(v.Privileges) + if v.Principal == principal { + remote[v.Principal] = permissions.SliceToSet(v.Privileges) } } // STEP 1: detect overlaps @@ -87,7 +87,7 @@ func filterPermissionsForPrincipal(in catalog.PermissionsList, principal string) grantsForPrincipal := []permissions.UnityCatalogPrivilegeAssignment{} for _, v := range in.PrivilegeAssignments { privileges := []string{} - if strings.EqualFold(v.Principal, principal) { + if v.Principal == principal { for _, p := range v.Privileges { privileges = append(privileges, p.String()) } @@ -122,7 +122,7 @@ func parseSecurableId(d *schema.ResourceData) (string, string, string, error) { func ResourceGrant() common.Resource { s := common.StructToSchema(permissions.UnityCatalogPrivilegeAssignment{}, func(m map[string]*schema.Schema) map[string]*schema.Schema { - common.CustomizeSchemaPath(m, "principal").SetForceNew().SetCustomSuppressDiff(common.EqualFoldDiffSuppress) + common.CustomizeSchemaPath(m, "principal").SetForceNew() // set custom hash function for privileges common.MustSchemaPath(m, "privileges").Set = func(i any) int { diff --git a/catalog/resource_grant_test.go b/catalog/resource_grant_test.go index a51d0b8737..3c745438ea 100644 --- a/catalog/resource_grant_test.go +++ b/catalog/resource_grant_test.go @@ -538,7 +538,7 @@ func TestResourceGrantPermissionsList_Diff_CaseSensitive(t *testing.T) { catalog.PermissionsList{ // config PrivilegeAssignments: []catalog.PrivilegeAssignment{ { - Principal: "a", + Principal: "A", Privileges: []catalog.Privilege{"a"}, }, { @@ -550,7 +550,7 @@ func TestResourceGrantPermissionsList_Diff_CaseSensitive(t *testing.T) { catalog.PermissionsList{ PrivilegeAssignments: []catalog.PrivilegeAssignment{ // platform { - Principal: "A", + Principal: "a", Privileges: []catalog.Privilege{"a"}, }, { @@ -560,7 +560,7 @@ func TestResourceGrantPermissionsList_Diff_CaseSensitive(t *testing.T) { }, }, ) - assert.Len(t, diff, 0) + assert.Len(t, diff, 1) } func TestResourceGrantPermissionsList_Diff_ExternallyAddedPriv(t *testing.T) { diff --git a/catalog/resource_grants.go b/catalog/resource_grants.go index 9831728d40..353e5793dc 100644 --- a/catalog/resource_grants.go +++ b/catalog/resource_grants.go @@ -31,12 +31,12 @@ func diffPermissions(pl catalog.PermissionsList, existing catalog.PermissionsLis // diffs change sets configured := map[string]*schema.Set{} for _, v := range pl.PrivilegeAssignments { - configured[strings.ToLower(v.Principal)] = permissions.SliceToSet(v.Privileges) + configured[v.Principal] = permissions.SliceToSet(v.Privileges) } // existing permissions that needs removal remote := map[string]*schema.Set{} for _, v := range existing.PrivilegeAssignments { - remote[strings.ToLower(v.Principal)] = permissions.SliceToSet(v.Privileges) + remote[v.Principal] = permissions.SliceToSet(v.Privileges) } // STEP 1: detect overlaps for principal, confPrivs := range configured { diff --git a/catalog/resource_grants_test.go b/catalog/resource_grants_test.go index 88b002018e..b0022d8857 100644 --- a/catalog/resource_grants_test.go +++ b/catalog/resource_grants_test.go @@ -437,7 +437,7 @@ func TestPermissionsList_Diff_CaseSensitivePrincipal(t *testing.T) { }, }, ) - assert.Len(t, diff, 0) + assert.Len(t, diff, 2) } func TestPermissionsList_Diff_LocalRemoteDiff(t *testing.T) { From 34013ee3b28a5acf06eec3c590fd40b6a488cf6a Mon Sep 17 00:00:00 2001 From: Vuong Date: Wed, 26 Jun 2024 10:27:58 +0100 Subject: [PATCH 2/2] fix acceptance tests --- internal/acceptance/grant_test.go | 2 +- internal/acceptance/grants_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/acceptance/grant_test.go b/internal/acceptance/grant_test.go index f0c26575d4..f0da0e8f77 100644 --- a/internal/acceptance/grant_test.go +++ b/internal/acceptance/grant_test.go @@ -104,7 +104,7 @@ func TestUcAccGrant(t *testing.T) { }, step{ Template: strings.ReplaceAll(grantTemplate, "%s", "{env.TEST_DATA_SCI_GROUP}"), }, step{ - Template: strings.ReplaceAll(strings.ReplaceAll(grantTemplate, "ALL_PRIVILEGES", "ALL PRIVILEGES"), `"%s"`, `upper("{env.TEST_DATA_SCI_GROUP}")`), + Template: strings.ReplaceAll(strings.ReplaceAll(grantTemplate, "ALL_PRIVILEGES", "ALL PRIVILEGES"), "%s", "{env.TEST_DATA_ENG_GROUP}"), }) } diff --git a/internal/acceptance/grants_test.go b/internal/acceptance/grants_test.go index 4f32dcb8df..251ccb94f3 100644 --- a/internal/acceptance/grants_test.go +++ b/internal/acceptance/grants_test.go @@ -110,7 +110,7 @@ func TestUcAccGrants(t *testing.T) { }, step{ Template: strings.ReplaceAll(grantsTemplate, "%s", "{env.TEST_DATA_SCI_GROUP}"), }, step{ - Template: strings.ReplaceAll(strings.ReplaceAll(grantsTemplate, "ALL_PRIVILEGES", "ALL PRIVILEGES"), `"%s"`, `upper("{env.TEST_DATA_SCI_GROUP}")`), + Template: strings.ReplaceAll(strings.ReplaceAll(grantsTemplate, "ALL_PRIVILEGES", "ALL PRIVILEGES"), "%s", "{env.TEST_DATA_ENG_GROUP}"), }) }