Dataset access viewer is primative role READER not VIEWER (#3542)

GoogleCloudPlatform · May 20, 2020 · 3ecd794 · 3ecd794
1 parent 9790ca3
commit 3ecd794
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 5 deletions.
diff --git a/templates/terraform/constants/bigquery_dataset_access.go b/templates/terraform/constants/bigquery_dataset_access.go
@@ -1,7 +1,7 @@
 var bigqueryAccessRoleToPrimitiveMap =  map[string]string {
     "roles/bigquery.dataOwner": "OWNER",
     "roles/bigquery.dataEditor": "WRITER",
-    "roles/bigquery.dataViewer": "VIEWER",
+    "roles/bigquery.dataViewer": "READER",
 }
 
 func resourceBigQueryDatasetAccessRoleDiffSuppress(k, old, new string, d *schema.ResourceData) bool {

diff --git a/third_party/terraform/tests/resource_bigquery_dataset_access_test.go b/third_party/terraform/tests/resource_bigquery_dataset_access_test.go
@@ -118,16 +118,28 @@ func TestAccBigQueryDatasetAccess_predefinedRole(t *testing.T) {
 		"domain": "google.com",
 	}
 
+	expected2 := map[string]interface{}{
+		"role":   "READER",
+		"domain": "google.com",
+	}
+
 	vcrTest(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccBigQueryDatasetAccess_predefinedRole(datasetID),
+				Config: testAccBigQueryDatasetAccess_predefinedRole("roles/bigquery.dataEditor", datasetID),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckBigQueryDatasetAccessPresent(t, "google_bigquery_dataset.dataset", expected1),
 				),
 			},
+			{
+				// Update role
+				Config: testAccBigQueryDatasetAccess_predefinedRole("roles/bigquery.dataViewer", datasetID),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckBigQueryDatasetAccessPresent(t, "google_bigquery_dataset.dataset", expected2),
+				),
+			},
 			{
 				// Destroy step instead of CheckDestroy so we can check the access is removed without deleting the dataset
 				Config: testAccBigQueryDatasetAccess_destroy(datasetID, "dataset"),
@@ -258,16 +270,16 @@ resource "google_bigquery_dataset" "dataset" {
 `, datasetID)
 }
 
-func testAccBigQueryDatasetAccess_predefinedRole(datasetID string) string {
+func testAccBigQueryDatasetAccess_predefinedRole(role, datasetID string) string {
 	return fmt.Sprintf(`
 resource "google_bigquery_dataset_access" "access" {
   dataset_id = google_bigquery_dataset.dataset.dataset_id
-  role       = "roles/bigquery.dataEditor"
+  role       = "%s"
   domain     = "google.com"
 }
 
 resource "google_bigquery_dataset" "dataset" {
   dataset_id = "%s"
 }
-`, datasetID)
+`, role, datasetID)
 }