Skip to content

Commit 71a1157

Browse files
yoavshemesh-riskifiedyoavshemesh-riskified
authored
Merge pull request #25 from Riskified/DEV-101495-fix-public-bug
fix bug in show grants for schema and database
2 parents 7ffebfa + 84137dd commit 71a1157

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

postgresql/resource_cockroachdb_changefeed.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,7 @@ func resourceCockroachDBChangefeedCreate(db *DBConnection, d *schema.ResourceDat
113113
}
114114

115115
d.SetId(jobID)
116-
d.Set(CDCAvroSchemaPrefix, fmt.Sprintf("%s", avroSchemaPrefix))
116+
d.Set(CDCAvroSchemaPrefix, avroSchemaPrefix)
117117
d.Set(CDCRegistryConnectionName, registryConnectionName)
118118
d.Set(CDCKafkaConnectionName, kafkaConnectionName)
119119
d.Set(CDCtableList, tableList)
@@ -151,7 +151,7 @@ func resourceCockroachDBChangefeedReadImpl(db *DBConnection, d *schema.ResourceD
151151
d.Set(CDCKafkaConnectionName, strings.TrimPrefix(sinkUri, "external://"))
152152
// setting the avro schema prefix and confluent schema registry
153153
avroSchemaPrefix, confluentSchemaRegistry, initialScanValue, cursorValue := extractDetails(description)
154-
d.Set(CDCAvroSchemaPrefix, fmt.Sprintf("%s", strings.TrimSuffix(avroSchemaPrefix, "_")))
154+
d.Set(CDCAvroSchemaPrefix, strings.TrimSuffix(avroSchemaPrefix, "_"))
155155
d.Set(CDCRegistryConnectionName, confluentSchemaRegistry)
156156
if initialScanValue == "yes" {
157157
d.Set(CDCInitialScan, "yes")

postgresql/resource_postgresql_grant.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -272,7 +272,7 @@ func readDatabaseRolePriviges(txn *sql.Tx, db *DBConnection, d *schema.ResourceD
272272
var privileges pq.ByteaArray
273273
//cockroachdb does not support aclexplode
274274
if !db.featureSupported(fetureAclExplode) {
275-
query = fmt.Sprintf(`with a as (show grants on database %s for %s) select array_agg(privilege_type) from a`, dbName, role)
275+
query = fmt.Sprintf(`with a as (show grants on database %s for %s) select array_agg(privilege_type) from a where grantee='%s'`, dbName, role, role)
276276
if err := txn.QueryRow(query).Scan(&privileges); err != nil {
277277
return fmt.Errorf("could not read privileges for database %s: %w", dbName, err)
278278
}
@@ -301,7 +301,7 @@ func readSchemaRolePriviges(txn *sql.Tx, db *DBConnection, d *schema.ResourceDat
301301
dbName = "\"" + dbName + "\""
302302
}
303303
if !db.featureSupported(fetureAclExplode) {
304-
query = fmt.Sprintf(`with a as ( show grants on schema %s for %s) select array_agg(privilege_type) from a;`, dbName, role)
304+
query = fmt.Sprintf(`with a as ( show grants on schema %s for %s) select array_agg(privilege_type) from a where grantee='%s';`, dbName, role, role)
305305
if err := txn.QueryRow(query).Scan(&privileges); err != nil {
306306
return fmt.Errorf("could not read privileges for database %s: %w", dbName, err)
307307
}

0 commit comments

Comments
 (0)