You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Role identifiers are not quoted for Snowflake, which has case-sensitive object naming conventions. For example, Snowflake can have a role with the identifier "test" which Metabase cannot use. This is because when it runs the use role command in Snowflake, it will run use role test which does not exist since, per Snowflake docs, "Unquoted identifiers are stored and resolved in uppercase".
Logs
N/A
To Reproduce
Steps to reproduce the behavior:
Create a case-sensitive identifier in a connected snowflake instance (ex. create role "test";)
In Metabase, attempt to use the role "test". In our example, we attempted to use the role with Impersonation with test as a user attribute.
Fail to properly authenticate with the role.
Expected behavior
A feature flag for a Snowflake connection, similar to DB quoting behavior, that enables always-on identifier quoting for roles (either default or impersonated).
Screenshots
N/A
Severity
This is blocking our roll out of Metabase to our entire user base because it prevents RLS from working from Snowflake. Changing our permissions model is not an option due to the way we have RLS configured and working in Snowflake.
The thought is to add a checkbox (default to off) when entering the role to enable case sensitive role or somehow indicate that we will use quotes to pass through their value verbatim.
Describe the bug
Role identifiers are not quoted for Snowflake, which has case-sensitive object naming conventions. For example, Snowflake can have a role with the identifier "test" which Metabase cannot use. This is because when it runs the
use role
command in Snowflake, it will runuse role test
which does not exist since, per Snowflake docs, "Unquoted identifiers are stored and resolved in uppercase".Logs
N/A
To Reproduce
Steps to reproduce the behavior:
create role "test";
)test
as a user attribute.Expected behavior
A feature flag for a Snowflake connection, similar to DB quoting behavior, that enables always-on identifier quoting for roles (either default or impersonated).
Screenshots
N/A
Severity
This is blocking our roll out of Metabase to our entire user base because it prevents RLS from working from Snowflake. Changing our permissions model is not an option due to the way we have RLS configured and working in Snowflake.
Additional context
N/A
Metabase Diagnostic Info
The text was updated successfully, but these errors were encountered: