diff --git a/dbt_project.yml b/dbt_project.yml index c1bb8e3..6055048 100644 --- a/dbt_project.yml +++ b/dbt_project.yml @@ -1,6 +1,6 @@ name: 'dbt_constraints' -version: '0.6.2' +version: '0.6.3' config-version: 2 # These macros depend on the results and graph objects in dbt >=0.19.0 diff --git a/macros/create_constraints.sql b/macros/create_constraints.sql index faf6299..eb9f8fe 100644 --- a/macros/create_constraints.sql +++ b/macros/create_constraints.sql @@ -175,7 +175,8 @@ and ( res.failures == 0 or res.node.config.get("always_create_constraint", false) ) and ( res.node.config.where is none or - res.node.config.get("always_create_constraint", false) ) -%} + res.node.config.get("always_create_constraint", false) ) + and res.node.config.get("dbt_constraints_enabled", true) -%} {%- set test_model = res.node -%} {%- set test_parameters = test_model.test_metadata.kwargs -%} diff --git a/macros/snowflake__create_constraints.sql b/macros/snowflake__create_constraints.sql index b1822b9..9026f87 100644 --- a/macros/snowflake__create_constraints.sql +++ b/macros/snowflake__create_constraints.sql @@ -272,23 +272,10 @@ SHOW IMPORTED KEYS IN TABLE {{ table_relation }} upper(tp.table_name) as "table_name", tp.privilege_type as "privilege_type" from {{ table_relation.database }}.information_schema.table_privileges tp - where is_role_in_session(tp.grantee) + where (is_role_in_session(tp.grantee) or is_database_role_in_session(tp.grantee)) and tp.privilege_type in ('OWNERSHIP', 'REFERENCES') {%- endset -%} - {%- set role_privilege_list = run_query(lookup_query) -%} - - {%- set lookup_query -%} - select distinct - upper(tp.table_schema) as "table_schema", - upper(tp.table_name) as "table_name", - tp.privilege_type as "privilege_type" - from {{ table_relation.database }}.information_schema.table_privileges tp - where is_database_role_in_session(tp.grantee) - and tp.privilege_type in ('OWNERSHIP', 'REFERENCES') - {%- endset -%} - {%- set db_role_privilege_list = run_query(lookup_query) -%} - - {%- set privilege_list = role_privilege_list.merge([role_privilege_list, db_role_privilege_list]).distinct() -%} + {%- set privilege_list = run_query(lookup_query) -%} {%- do lookup_cache.table_privileges.update({ table_relation.database: privilege_list }) -%} {%- endif -%}