brainly · winglot · Sep 23, 2021 · Sep 23, 2021
diff --git a/redshift/resource_redshift_grant.go b/redshift/resource_redshift_grant.go
@@ -184,8 +184,8 @@ func readGroupDatabaseGrants(db *DBConnection, d *schema.ResourceData) error {
 
 	query := `
   SELECT
-    decode(charindex('C',split_part(split_part(array_to_string(db.datacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as create,
-    decode(charindex('T',split_part(split_part(array_to_string(db.datacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as temporary
+    decode(charindex('C',split_part(split_part(array_to_string(db.datacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as create,
+    decode(charindex('T',split_part(split_part(array_to_string(db.datacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as temporary
   FROM pg_database db, pg_group gr
   WHERE
     db.datname=$1 
@@ -215,8 +215,8 @@ func readGroupSchemaGrants(db *DBConnection, d *schema.ResourceData) error {
 
 	query := `
   SELECT
-    decode(charindex('C',split_part(split_part(array_to_string(ns.nspacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as create,
-    decode(charindex('U',split_part(split_part(array_to_string(ns.nspacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as usage
+    decode(charindex('C',split_part(split_part(array_to_string(ns.nspacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as create,
+    decode(charindex('U',split_part(split_part(array_to_string(ns.nspacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as usage
   FROM pg_namespace ns, pg_group gr
   WHERE
     ns.nspname=$1 
@@ -242,11 +242,11 @@ func readGroupTableGrants(db *DBConnection, d *schema.ResourceData) error {
 	query := `
   SELECT
     relname,
-    decode(charindex('r',split_part(split_part(array_to_string(relacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as select,
-    decode(charindex('w',split_part(split_part(array_to_string(relacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as update,
-    decode(charindex('a',split_part(split_part(array_to_string(relacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as insert,
-    decode(charindex('d',split_part(split_part(array_to_string(relacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as delete,
-    decode(charindex('x',split_part(split_part(array_to_string(relacl, '|'),gr.groname,2 ) ,'/',1)), 0,0,1) as references
+    decode(charindex('r',split_part(split_part(array_to_string(relacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as select,
+    decode(charindex('w',split_part(split_part(array_to_string(relacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as update,
+    decode(charindex('a',split_part(split_part(array_to_string(relacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as insert,
+    decode(charindex('d',split_part(split_part(array_to_string(relacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as delete,
+    decode(charindex('x',split_part(split_part(array_to_string(relacl, '|'),'group ' || gr.groname,2 ) ,'/',1)), 0,0,1) as references
   FROM pg_group gr, pg_class cl
   JOIN pg_namespace nsp ON nsp.oid = cl.relnamespace
   WHERE

diff --git a/redshift/resource_redshift_grant_test.go b/redshift/resource_redshift_grant_test.go
@@ -137,3 +137,54 @@ resource "redshift_grant" "grant" {
 }
 `, groupName)
 }
+
+func TestAccRedshiftGrant_Regression_GH_Issue_24(t *testing.T) {
+	userName := strings.ReplaceAll(acctest.RandomWithPrefix("tf_acc_user_grant"), "-", "_")
+	schemaName := strings.ReplaceAll(acctest.RandomWithPrefix("tf_acc_schema_grant"), "-", "_")
+	dbName := strings.ReplaceAll(acctest.RandomWithPrefix("tf_acc_db_grant"), "-", "_")
+	config := fmt.Sprintf(`
+resource "redshift_user" "user" {
+  name = %[1]q
+}
+
+# Create a group named the same as user
+resource "redshift_group" "group" {
+  name = %[1]q
+}
+
+# Create a schema and set user as owner
+resource "redshift_schema" "schema" {
+  name = %[2]q
+
+  owner = redshift_user.user.name
+}
+
+# The schema owner user will have all (create, usage) privileges on the schema
+# Set only 'create' privilege to a group with the same name as user. In previous versions this would trigger a permanent diff in plan.
+resource "redshift_grant" "schema" {
+  group = redshift_group.group.name
+  schema = redshift_schema.schema.name
+
+  object_type = "schema"
+  privileges = ["create"]
+}
+`, userName, schemaName, dbName)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: func(s *terraform.State) error { return nil },
+		Steps: []resource.TestStep{
+			{
+				Config: config,
+				Check:  resource.ComposeTestCheckFunc(),
+			},
+			// The 'ExpectNonEmptyPlan: false' option will fail the test if second run on the same config  will show any changes
+			{
+				Config:             config,
+				Check:              resource.ComposeTestCheckFunc(),
+				ExpectNonEmptyPlan: false,
+			},
+		},
+	})
+}