fix: add dynamic tables to grants (#2059)

* fix: add dynamic tables to grants

* fix linting errors

* fix int tests

* fix int tests

* fix int tests

* fix int tests

docs/resources/grant_privileges_to_role.md

@@ -219,14 +219,14 @@ Optional:
 - `all` (Block List, Max: 1) Configures the privilege to be granted on all objects in eihter a database or schema. (see [below for nested schema](#nestedblock--on_schema_object--all))
 - `future` (Block List, Max: 1) Configures the privilege to be granted on future objects in eihter a database or schema. (see [below for nested schema](#nestedblock--on_schema_object--future))
 - `object_name` (String) The fully qualified name of the object on which privileges will be granted.
-- `object_type` (String) The object type of the schema object on which privileges will be granted. Valid values are: ALERT | EVENT TABLE | FILE FORMAT | FUNCTION | PROCEDURE | SECRET | SEQUENCE | PIPE | MASKING POLICY | PASSWORD POLICY | ROW ACCESS POLICY | SESSION POLICY | TAG | STAGE | STREAM | TABLE | EXTERNAL TABLE | TASK | VIEW | MATERIALIZED VIEW
+- `object_type` (String) The object type of the schema object on which privileges will be granted. Valid values are: ALERT | DYNAMIC TABLE | EVENT TABLE | FILE FORMAT | FUNCTION | PROCEDURE | SECRET | SEQUENCE | PIPE | MASKING POLICY | PASSWORD POLICY | ROW ACCESS POLICY | SESSION POLICY | TAG | STAGE | STREAM | TABLE | EXTERNAL TABLE | TASK | VIEW | MATERIALIZED VIEW
 
 <a id="nestedblock--on_schema_object--all"></a>
 ### Nested Schema for `on_schema_object.all`
 
 Required:
 
-- `object_type_plural` (String) The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS
+- `object_type_plural` (String) The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | DYNAMIC TABLES | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS
 
 Optional:
 
@@ -239,7 +239,7 @@ Optional:
 
 Required:
 
-- `object_type_plural` (String) The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS
+- `object_type_plural` (String) The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | DYNAMIC TABLES | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS
 
 Optional:
 

pkg/resources/grant_privileges_to_role.go

@@ -119,12 +119,13 @@ var grantPrivilegesToRoleSchema = map[string]*schema.Schema{
 				"object_type": {
 					Type:          schema.TypeString,
 					Optional:      true,
-					Description:   "The object type of the schema object on which privileges will be granted. Valid values are: ALERT | EVENT TABLE | FILE FORMAT | FUNCTION | PROCEDURE | SECRET | SEQUENCE | PIPE | MASKING POLICY | PASSWORD POLICY | ROW ACCESS POLICY | SESSION POLICY | TAG | STAGE | STREAM | TABLE | EXTERNAL TABLE | TASK | VIEW | MATERIALIZED VIEW",
+					Description:   "The object type of the schema object on which privileges will be granted. Valid values are: ALERT | DYNAMIC TABLE | EVENT TABLE | FILE FORMAT | FUNCTION | PROCEDURE | SECRET | SEQUENCE | PIPE | MASKING POLICY | PASSWORD POLICY | ROW ACCESS POLICY | SESSION POLICY | TAG | STAGE | STREAM | TABLE | EXTERNAL TABLE | TASK | VIEW | MATERIALIZED VIEW",
 					RequiredWith:  []string{"on_schema_object.0.object_name"},
 					ConflictsWith: []string{"on_schema_object.0.all", "on_schema_object.0.future"},
 					ForceNew:      true,
 					ValidateFunc: validation.StringInSlice([]string{
 						"ALERT",
+						"DYNAMIC TABLE",
 						"EVENT TABLE",
 						"FILE FORMAT",
 						"FUNCTION",
@@ -165,10 +166,11 @@ var grantPrivilegesToRoleSchema = map[string]*schema.Schema{
 							"object_type_plural": {
 								Type:        schema.TypeString,
 								Required:    true,
-								Description: "The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS",
+								Description: "The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | DYNAMIC TABLES | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS",
 								ForceNew:    true,
 								ValidateFunc: validation.StringInSlice([]string{
 									"ALERTS",
+									"DYNAMIC TABLES",
 									"EVENT TABLES",
 									"FILE FORMATS",
 									"FUNCTIONS",
@@ -218,10 +220,11 @@ var grantPrivilegesToRoleSchema = map[string]*schema.Schema{
 							"object_type_plural": {
 								Type:        schema.TypeString,
 								Required:    true,
-								Description: "The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS",
+								Description: "The plural object type of the schema object on which privileges will be granted. Valid values are: ALERTS | DYNAMIC TABLES | EVENT TABLES | FILE FORMATS | FUNCTIONS | PROCEDURES | SECRETS | SEQUENCES | PIPES | MASKING POLICIES | PASSWORD POLICIES | ROW ACCESS POLICIES | SESSION POLICIES | TAGS | STAGES | STREAMS | TABLES | EXTERNAL TABLES | TASKS | VIEWS | MATERIALIZED VIEWS",
 								ForceNew:    true,
 								ValidateFunc: validation.StringInSlice([]string{
 									"ALERTS",
+									"DYNAMIC TABLES",
 									"EVENT TABLES",
 									"FILE FORMATS",
 									"FUNCTIONS",

pkg/resources/password_policy_acceptance_test.go

@@ -31,12 +31,16 @@ func TestAcc_PasswordPolicy(t *testing.T) {
 					resource.TestCheckResourceAttr("snowflake_password_policy.pa", "max_length", "50"),
 				),
 			},
-			{
-				Config: passwordPolicyConfig(accName, 20, 50, ""),
-				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("snowflake_password_policy.pa", "comment", ""),
-				),
-			},
+			/*
+					todo: fix once comments are working again for password policies
+					query CREATE PASSWORD POLICY IF NOT EXISTS "T_Kn1bY6?2kx"."}k*3DrsXP:w9TRK#4wtS"."9ec016f6-ce74-0c94-2bd5-dc46547dbeff" PASSWORD_MIN_LENGTH = 10 PASSWORD_MAX_LENGTH = 20 PASSWORD_MIN_UPPER_CASE_CHARS = 5 COMMENT = 'test comment' err 001420 (22023): SQL compilation error: invalid property 'COMMENT' for 'PASSWORD_POLICY'
+				{
+					Config: passwordPolicyConfig(accName, 20, 50, ""),
+					Check: resource.ComposeTestCheckFunc(
+						resource.TestCheckResourceAttr("snowflake_password_policy.pa", "comment", ""),
+					),
+				},
+			*/
 			{
 				ResourceName:      "snowflake_password_policy.pa",
 				ImportState:       true,
@@ -65,10 +69,9 @@ func passwordPolicyConfig(s string, minLength int, maxLength int, comment string
 		name       = "%v"
 		min_length = %d
 		max_length = %d
-		comment    = "%s"
 		or_replace = true
 	}
-	`, s, s, s, minLength, maxLength, comment)
+	`, s, s, s, minLength, maxLength)
 }
 
 func TestAcc_PasswordPolicyMaxAgeDays(t *testing.T) {

pkg/sdk/password_policy_integration_test.go

@@ -104,13 +104,15 @@ func TestInt_PasswordPolicyCreate(t *testing.T) {
 			PasswordMaxAgeDays:        Int(30),
 			PasswordMaxRetries:        Int(5),
 			PasswordLockoutTimeMins:   Int(30),
-			Comment:                   String("test comment"),
+			// todo: uncomment this once comments are working again
+			// Comment:                   String("test comment"),
 		})
 		require.NoError(t, err)
 		passwordPolicyDetails, err := client.PasswordPolicies.Describe(ctx, id)
 		require.NoError(t, err)
 		assert.Equal(t, name, passwordPolicyDetails.Name.Value)
-		assert.Equal(t, "test comment", passwordPolicyDetails.Comment.Value)
+		// todo: uncomment this once comments are working again
+		// assert.Equal(t, "test comment", passwordPolicyDetails.Comment.Value)
 		assert.Equal(t, 10, *passwordPolicyDetails.PasswordMinLength.Value)
 		assert.Equal(t, 20, *passwordPolicyDetails.PasswordMaxLength.Value)
 		assert.Equal(t, 1, *passwordPolicyDetails.PasswordMinUpperCaseChars.Value)
@@ -131,13 +133,15 @@ func TestInt_PasswordPolicyCreate(t *testing.T) {
 			PasswordMinLength:         Int(10),
 			PasswordMaxLength:         Int(20),
 			PasswordMinUpperCaseChars: Int(5),
-			Comment:                   String("test comment"),
+			// todo: uncomment this once comments are working again
+			// Comment:                   String("test comment"),
 		})
 		require.NoError(t, err)
 		passwordPolicyDetails, err := client.PasswordPolicies.Describe(ctx, id)
 		require.NoError(t, err)
 		assert.Equal(t, name, passwordPolicyDetails.Name.Value)
-		assert.Equal(t, "test comment", passwordPolicyDetails.Comment.Value)
+		// todo: uncomment this once comments are working again
+		// assert.Equal(t, "test comment", passwordPolicyDetails.Comment.Value)
 		assert.Equal(t, 10, *passwordPolicyDetails.PasswordMinLength.Value)
 		assert.Equal(t, 20, *passwordPolicyDetails.PasswordMaxLength.Value)
 		assert.Equal(t, 5, *passwordPolicyDetails.PasswordMinUpperCaseChars.Value)

pkg/sdk/poc/example/database_role_impl_gen.go

@@ -51,7 +51,6 @@ func (r *AlterDatabaseRoleRequest) toOpts() *AlterDatabaseRoleOptions {
 				Field: r.Set.NestedThirdLevel.Field,
 			}
 		}
-
 	}
 
 	if r.Unset != nil {

pkg/sdk/poc/example/sdk_definitions.go

@@ -30,16 +30,19 @@ type (
 )
 
 func randomAccountObjectIdentifier(t *testing.T) AccountObjectIdentifier {
+	t.Helper()
 	_ = t
 	return AccountObjectIdentifier{}
 }
 
 func randomDatabaseObjectIdentifier(t *testing.T) DatabaseObjectIdentifier {
+	t.Helper()
 	_ = t
 	return DatabaseObjectIdentifier{}
 }
 
 func randomSchemaObjectIdentifier(t *testing.T) SchemaObjectIdentifier {
+	t.Helper()
 	_ = t
 	return SchemaObjectIdentifier{}
 }

pkg/sdk/poc/generator/poc.go

@@ -117,23 +117,23 @@ func (field *Field) DtoKind() string {
 	if field.IsRoot() {
 		withoutSuffix, _ := strings.CutSuffix(field.Kind, "Options")
 		return fmt.Sprintf("%sRequest", withoutSuffix)
-	} else if field.IsStruct() {
+	}
+	if field.IsStruct() {
 		return fmt.Sprintf("%sRequest", field.Kind)
-	} else {
-		return field.Kind
 	}
+	return field.Kind
 }
 
 // DtoDecl returns how struct should be declared in generated DTO (e.g. definition is without a pointer)
 func (field *Field) DtoDecl() string {
 	if field.Parent == nil {
 		withoutSuffix, _ := strings.CutSuffix(field.KindNoPtr(), "Options")
 		return fmt.Sprintf("%sRequest", withoutSuffix)
-	} else if field.IsStruct() {
+	}
+	if field.IsStruct() {
 		return fmt.Sprintf("%sRequest", field.KindNoPtr())
-	} else {
-		return field.KindNoPtr()
 	}
+	return field.KindNoPtr()
 }
 
 // ValidationType contains all handled validation types. Below validations are marked to be contained here or not:
@@ -152,7 +152,7 @@ const (
 	AtLeastOneValueSet
 )
 
-type Validation struct {
+type Validation struct { //nolint
 	Type       ValidationType
 	FieldNames []string
 }
@@ -190,7 +190,7 @@ func (v *Validation) Condition(field *Field) string {
 func (v *Validation) Error() string {
 	switch v.Type {
 	case ValidIdentifier:
-		return fmt.Sprintf("ErrInvalidObjectIdentifier")
+		return fmt.Sprintf("ErrInvalidObjectIdentifier") //nolint
 	case ConflictingFields:
 		return fmt.Sprintf("errOneOf(%s)", strings.Join(v.paramsQuoted(), ","))
 	case ExactlyOneValueSet:

pkg/sdk/poc/generator/poc_builders.go

@@ -1,80 +1,80 @@
 package generator
 
 func NewInterface(
-	Name string,
-	NameSingular string,
-	IdentifierKind string,
+	name string,
+	nameSingular string,
+	identifierKind string,
 ) *Interface {
 	s := Interface{}
-	s.Name = Name
-	s.NameSingular = NameSingular
-	s.IdentifierKind = IdentifierKind
+	s.Name = name
+	s.NameSingular = nameSingular
+	s.IdentifierKind = identifierKind
 	return &s
 }
 
-func (i *Interface) WithOperations(Operations []*Operation) *Interface {
-	i.Operations = Operations
+func (i *Interface) WithOperations(operations []*Operation) *Interface {
+	i.Operations = operations
 	return i
 }
 
 func NewOperation(
-	Name string,
-	Doc string,
+	name string,
+	doc string,
 ) *Operation {
 	s := Operation{}
-	s.Name = Name
-	s.Doc = Doc
+	s.Name = name
+	s.Doc = doc
 	return &s
 }
 
-func (s *Operation) WithObjectInterface(ObjectInterface *Interface) *Operation {
-	s.ObjectInterface = ObjectInterface
+func (s *Operation) WithObjectInterface(objectInterface *Interface) *Operation {
+	s.ObjectInterface = objectInterface
 	return s
 }
 
-func (s *Operation) WithOptsField(OptsField *Field) *Operation {
-	s.OptsField = OptsField
+func (s *Operation) WithOptsField(optsField *Field) *Operation {
+	s.OptsField = optsField
 	return s
 }
 
 func NewField(
-	Name string,
-	Kind string,
-	Tags map[string][]string,
+	name string,
+	kind string,
+	tags map[string][]string,
 ) *Field {
 	s := Field{}
-	s.Name = Name
-	s.Kind = Kind
-	s.Tags = Tags
+	s.Name = name
+	s.Kind = kind
+	s.Tags = tags
 	return &s
 }
 
-func (field *Field) WithParent(Parent *Field) *Field {
-	field.Parent = Parent
+func (field *Field) WithParent(parent *Field) *Field {
+	field.Parent = parent
 	return field
 }
 
-func (field *Field) WithFields(Fields []*Field) *Field {
-	field.Fields = Fields
+func (field *Field) WithFields(fields []*Field) *Field {
+	field.Fields = fields
 	return field
 }
 
-func (field *Field) WithValidations(Validations []*Validation) *Field {
-	field.Validations = Validations
+func (field *Field) WithValidations(validations []*Validation) *Field {
+	field.Validations = validations
 	return field
 }
 
-func (field *Field) WithRequired(Required bool) *Field {
-	field.Required = Required
+func (field *Field) WithRequired(required bool) *Field {
+	field.Required = required
 	return field
 }
 
 func NewValidation(
-	Type ValidationType,
-	FieldNames []string,
+	vType ValidationType,
+	fieldNames []string,
 ) *Validation {
 	s := Validation{}
-	s.Type = Type
-	s.FieldNames = FieldNames
+	s.Type = vType
+	s.FieldNames = fieldNames
 	return &s
 }

pkg/sdk/privileges.go

@@ -159,6 +159,11 @@ const (
 	// OPERATE [ , ... ]
 	SchemaObjectPrivilegeOperate SchemaObjectPrivilege = "OPERATE"
 
+	// -- FOR DYNAMIC TABLE
+	//  OPERATE, SELECT [ , ...]
+	// SchemaObjectPrivilegeOperate SchemaObjectPrivilege = "OPERATE" (duplicate)
+	// SchemaObjectPrivilegeSelect SchemaObjectPrivilege = "SELECT" (duplicate)
+
 	// -- For EVENT TABLE
 	// { SELECT | INSERT } [ , ... ]
 	SchemaObjectPrivilegeSelect SchemaObjectPrivilege = "SELECT"

pkg/sdk/sweepers.go

@@ -145,7 +145,7 @@ func getShareSweeper(client *Client, prefix string) func() error {
 		}
 		for _, share := range shares {
 			if (share.Kind == ShareKindOutbound) && (prefix == "" || strings.HasPrefix(share.Name.Name(), prefix)) {
-				log.Printf("[DEBUG] Dropping share %s", share.Name.Name())
+				log.Printf("[DEBUG] Dropping share %s", share.ID().Name())
 				if err := client.Shares.Drop(ctx, share.ID()); err != nil {
 					return err
 				}