Fix ACCOUNTADMIN role issue in grants verification

sfc-gh-daniszewski · sfc-gh-daniszewski · commit a1e5f5968ac9 · 2025-09-26T12:30:17.000+02:00
- Remove hardcoded ACCOUNTADMIN role switching in verify_grants_applied
- Simplify verification by not switching back to original role
- Fixes CI error: 'ACCOUNTADMIN role is not assigned to executing user'
- Tests now pass locally with proper role handling
diff --git a/tests_integration/testing_utils/streamlit_utils.py b/tests_integration/testing_utils/streamlit_utils.py
@@ -184,16 +184,15 @@ def assert_proper_url_is_returned(
         assert message.endswith(create_expected_url_suffix(entity_id, session))
 
     def verify_grants_applied(self, entity_id: str, test_role: str):
-        try:
-            self.setup.sql_test_helper.execute_single_sql(f"USE ROLE {test_role}")
-            streamlits_with_role = self.setup.sql_test_helper.execute_single_sql(
-                f"SHOW STREAMLITS LIKE '{entity_id}'"
-            )
-            assert (
-                len(streamlits_with_role) == 1
-            ), f"Role {test_role} should have USAGE access to the streamlit"
-        finally:
-            self.setup.sql_test_helper.execute_single_sql("USE ROLE ACCOUNTADMIN")
+        # Switch to test role and verify grants work
+        self.setup.sql_test_helper.execute_single_sql(f"USE ROLE {test_role}")
+        streamlits_with_role = self.setup.sql_test_helper.execute_single_sql(
+            f"SHOW STREAMLITS LIKE '{entity_id}'"
+        )
+        assert (
+            len(streamlits_with_role) == 1
+        ), f"Role {test_role} should have USAGE access to the streamlit"
+        # No need to switch back since this is at the end of the test
 
 
 def create_expected_url_suffix(entity_id: str, session: SnowflakeConnection):
