Skip to content

Commit

Permalink
add grant_usage option
Browse files Browse the repository at this point in the history
  • Loading branch information
@nicklausroach
nicklausroach committed Apr 9, 2024
1 parent da5203b commit f584fac
Show file tree
Hide file tree
Showing 5 changed files with 18 additions and 3 deletions.
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

[project]
name = "sprocketship"
version = "0.5.0"
version = "0.6.0"
authors = [
{ name="Nicklaus Roach", email="[email protected]" },
]
Expand Down
6 changes: 5 additions & 1 deletion sprocketship/cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from absql import render_file
from pathlib import Path

from .utils import extract_configs, create_javascript_stored_procedure
from .utils import extract_configs, create_javascript_stored_procedure, grant_usage


@click.group()
Expand Down Expand Up @@ -40,11 +40,15 @@ def liftoff(dir, show):
else:
con.cursor().execute(f"USE ROLE {data['snowflake']['role']}")
con.cursor().execute(rendered_proc)
if 'grant_usage' in proc.keys():
grant_usage(proc, con)

msg = click.style(f"{proc['name']} ", fg="green", bold=True)
msg += click.style(f"launched into schema ", fg="white", bold=True)
msg += click.style(
f"{proc['database']}.{proc['schema']}", fg="blue", bold=True
)

click.echo(msg)
if show:
click.echo(rendered_proc)
Expand Down
3 changes: 3 additions & 0 deletions sprocketship/example/.sprocketship.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ procedures:
returns: varchar
comment: |
Allows the caller to make a temporary development database that cleans up after a designated amount of time.
grant_usage:
role:
- data_engineer

- name: drop_database_if_expired
database: !env_var SNOWFLAKE_DATABASE
Expand Down
2 changes: 1 addition & 1 deletion sprocketship/example/procedures/development/create_temp_database.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ var sqlCommands = [
`CALL SANDBOX.NICKROACH.CREATE_DATABASE_WRITER('${databaseName}');`,
`CALL SANDBOX.NICKROACH.CREATE_DATABASE_READER('${databaseName}');`,
`GRANT ROLE ${databaseName}_READER, ${databaseName}_WRITER TO USER ${currentUser};`,
`GRANT ROLE ${databaseName}_READER, ${databaseName}_WRITER TO ROLE ACCOUNTADMIN;`,
`GRANT ROLE ${databaseName}_READER, ${databaseName}_WRITER TO ROLE SYSADMIN;`,
`
CREATE OR REPLACE TASK ${databaseName}.PUBLIC.DROP_${databaseName}_TASK
WAREHOUSE = PURINA
Expand Down
8 changes: 8 additions & 0 deletions sprocketship/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,3 +35,11 @@ def create_javascript_stored_procedure(**kwargs):
**kwargs,
**procedure_def_dict,
)

def grant_usage(proc, con):
types = [arg['type'] for arg in proc['args']]
types_str = f"({','.join(types)})"
for grantee_type in proc['grant_usage']:
for grantee in proc['grant_usage'][grantee_type]:
query = f"GRANT USAGE ON PROCEDURE {proc['database']}.{proc['schema']}.{proc['name']}{types_str} TO {grantee_type} {grantee}"
con.cursor().execute(query)

0 comments on commit f584fac

Please sign in to comment.