Fix granting privileges

admin/roles.sql

@@ -63,26 +63,27 @@ TO ROLE recover_data_analytics;
 
 // AD
 USE ROLE USERADMIN;
-CREATE ROLE IF NOT EXISTS ad_team;
+CREATE ROLE IF NOT EXISTS AD;
 USE ROLE SECURITYADMIN;
-GRANT ROLE ad_team
+GRANT ROLE AD
 TO ROLE useradmin;
-GRANT ROLE ad_team
+GRANT ROLE AD
 TO USER "[email protected]";
 GRANT USAGE ON DATABASE sage
-TO ROLE ad_team;
+TO ROLE AD;
 
 // Public role
 // Synapse data warehouse
 // GRANT SELECT ON ALL TABLES IN SCHEMA synapse_data_warehouse.synapse TO ROLE PUBLIC;
-GRANT SELECT ON FUTURE TABLES IN SCHEMA synapse_data_warehouse.synapse
-TO ROLE PUBLIC;
-GRANT USAGE ON FUTURE SCHEMAS IN DATABASE sage
-TO ROLE PUBLIC;
-GRANT SELECT ON FUTURE TABLES IN DATABASE sage
-TO ROLE PUBLIC;
-GRANT USAGE ON DATABASE sage
-TO ROLE PUBLIC;
+-- TODO: Add these back in after governance
+-- GRANT SELECT ON FUTURE TABLES IN SCHEMA synapse_data_warehouse.synapse
+-- TO ROLE PUBLIC;
+-- GRANT USAGE ON FUTURE SCHEMAS IN DATABASE sage
+-- TO ROLE PUBLIC;
+-- GRANT SELECT ON FUTURE TABLES IN DATABASE sage
+-- TO ROLE PUBLIC;
+-- GRANT USAGE ON DATABASE sage
+-- TO ROLE PUBLIC;
 
 USE ROLE USERADMIN;
 CREATE ROLE IF NOT EXISTS masking_admin;

elt/AD_setup.sql

@@ -1,36 +1,10 @@
 use role sysadmin;
-use database sage;
+use database SAGE;
 
-create or replace schema ad_team
+create schema IF NOT EXISTS AD
     WITH MANAGED ACCESS;
 
 use role securityadmin;
-grant ALL PRIVILEGES on schema sage_test.ad_team to role ad_team;
-grant ALL PRIVILEGES on future tables in schema sage_test.ad_team to role sysadmin;
+grant ALL PRIVILEGES on schema SAGE.AD to role ad_team;
+grant ALL PRIVILEGES on future tables in schema SAGE.ad_team to role sysadmin;
 -- grant all privileges on table sage_test.ad_team.diverse_cohorts_fileview to role sysadmin;
-
-use role ad_team;
-use database sage;
-use schema ad_team;
-COPY INTO "SAGE"."AD_TEAM"."DIVERSE_COHORTS_FILEVIEW"
-FROM '@"SAGE"."AD_TEAM"."%DIVERSE_COHORTS_FILEVIEW"/__snowflake_temp_import_files__/'
-FILES = ('Job-301735543709776341820576351.csv')
-FILE_FORMAT = (
-    TYPE=CSV,
-    SKIP_HEADER=1,
-    FIELD_DELIMITER=',',
-    TRIM_SPACE=FALSE,
-    FIELD_OPTIONALLY_ENCLOSED_BY='"',
-    DATE_FORMAT=AUTO,
-    TIME_FORMAT=AUTO,
-    TIMESTAMP_FORMAT=AUTO
-)
-ON_ERROR=ABORT_STATEMENT
-PURGE=TRUE;
-
-SELECT *
-FROM sage.ad_team.diverse_cohorts_fileview
-limit 10;
-
-SELECT distinct("study")
-FROM sage.portal_raw.AD;

elt/synapse_gold.sql

@@ -1,13 +1,7 @@
 USE ROLE SYSADMIN;
 use database synapse_data_warehouse;
 use schema synapse;
-use role securityadmin;
-// GRANT SELECT ON ALL TABLES IN SCHEMA synapse_data_warehouse.synapse TO ROLE PUBLIC;
-REVOKE SELECT ON ALL TABLES IN SCHEMA synapse_data_warehouse.synapse
-FROM ROLE PUBLIC;
-REVOKE SELECT ON FUTURE TABLES IN SCHEMA synapse_data_warehouse.synapse
-FROM ROLE PUBLIC;
--- GRANT SELECT ON FUTURE TABLES IN SCHEMA synapse_data_warehouse.synapse TO ROLE PUBLIC;
+
 // Create certified quiz question latest
 CREATE TABLE IF NOT EXISTS synapse_data_warehouse.synapse.certifiedquizquestion_latest AS
     select distinct * from synapse_data_warehouse.synapse_raw.certifiedquizquestion