Skip to content

Commit 1ef5aef

Browse files
Revert "Fix grant macros SQL quoting: tojson produces identifiers, not string literals (#35)"
This reverts commit 45b2f6c.
1 parent 45b2f6c commit 1ef5aef

6 files changed

Lines changed: 7 additions & 15 deletions

File tree

CHANGELOG.md

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,6 @@
11
# Data Engineers Snowflake DataOps Utils Project Changelog
22
This file contains the changelog for the Data Engineers Snowflake DataOps Utils project, detailing updates, fixes, and enhancements made to the project over time.
33

4-
## v1.0.8 - 2026-06-25 - Grant SQL Quoting Fix
5-
6-
### Fixed
7-
- Fixed SQL compilation error in grant macros caused by `tojson` Jinja filter producing double-quoted strings (`"ROLE_NAME"`) which Snowflake interprets as identifiers instead of string literals. Replaced with `format("'%s'")` to produce correct single-quoted SQL strings (`'ROLE_NAME'`). Affected macros: `grant_schema_read`, `grant_schema_object_privileges`, and `_grants_get_schema_object_privs`.
8-
9-
### Changed
10-
- Bumped version from 1.0.7 to 1.0.8
11-
124
## v1.0.7 - 2026-06-25 - Grant Performance Optimization
135

146
### Changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
A macro-only [dbt](https://github.com/dbt-labs/dbt) package for Snowflake DataOps. Provides utilities for object lifecycle management, RBAC grant orchestration, dimensional modelling helpers, tagging, shares, and more.
44

5-
- **Version**: 1.0.8
5+
- **Version**: 1.0.7
66
- **dbt**: `>=1.3.0, <3.0.0`
77
- **Dependencies**: None (zero external package dependencies)
88
- **dbt Fusion**: Compatible

dbt_project.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
name: 'dbt_dataengineers_utils'
2-
version: '1.0.8'
2+
version: '1.0.7'
33
config-version: 2
44

55
require-dbt-version: [">=1.9.4", "<3.0.0"]

macros/grants/_helpers.sql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -132,10 +132,10 @@ These ideas intentionally deferred to keep current refactor incremental.
132132
from information_schema.object_privileges
133133
where object_schema = '{{ schema }}'
134134
{% if priv_filter | length > 0 %}
135-
and privilege_type in ({{ priv_filter | map("format", "'%s'") | join(', ') }})
135+
and privilege_type in ({{ priv_filter | map('tojson') | join(', ') }})
136136
{% endif %}
137137
{% if grantees_upper | length > 0 %}
138-
and grantee in ({{ grantees_upper | map("format", "'%s'") | join(', ') }})
138+
and grantee in ({{ grantees_upper | map('tojson') | join(', ') }})
139139
{% endif %}
140140
{% if object_type is not none %}
141141
and object_type = '{{ object_type | upper }}'

macros/grants/grant_schema_object_privileges.sql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -80,8 +80,8 @@
8080
select distinct privilege_type, grantee
8181
from information_schema.object_privileges
8282
where object_schema = '{{ schema_name }}'
83-
and privilege_type in ({{ permission_list | map('upper') | map("format", "'%s'") | join(', ') }})
84-
and grantee not in ({{ role_list | map("format", "'%s'") | join(', ') }})
83+
and privilege_type in ({{ permission_list | map('upper') | map('tojson') | join(', ') }})
84+
and grantee not in ({{ role_list | map('tojson') | join(', ') }})
8585
and object_type = '{{ object_type | upper }}'
8686
and grantor is not null
8787
{% endset %}

macros/grants/grant_schema_read.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@
7777
and table_privileges.table_catalog = tables.table_catalog
7878
where tables.table_schema = '{{ schema }}'
7979
and table_privileges.privilege_type in ('SELECT','REFERENCES','REBUILD')
80-
and table_privileges.grantee not in ({{ grant_roles | map("format", "'%s'") | join(', ') }})
80+
and table_privileges.grantee not in ({{ grant_roles | map('tojson') | join(', ') }})
8181
and granted_to = 'ROLE'
8282
{% endset %}
8383
{% set tbl_privs = run_query(revoke_query) %}

0 commit comments

Comments
 (0)