Permifrost is not generating grants with `ALL tables in SCHEMA` syntax

Describe the bug

Permifrost is not generating grants with ALL <object_type>s in SCHEMA syntax even though * is being used.

Spec file:

version: "1.0"

databases:
    - admin:
        shared: no

roles:
- role_test:
    warehouses:
        - compute_wh   
    privileges:
        databases:
            read:
                - admin
        schemas:
            read:
                - admin.sandbox
        tables:
            read:
                - admin.sandbox.*

warehouses:
    - compute_wh:
        size: x-small

Permifrost Output:

Confirming spec loads successfully
Loading spec file
Checking spec file for errors
Checking permissions on current snowflake connection
  Current user is: permifrost.
  Current role is: securityadmin.
Checking that all entities in the spec file are defined in Snowflake
Fetching granted privileges from Snowflake

Snowflake specs successfully loaded
Generating permission Queries:
     Processing role role_test

SQL Commands generated for given spec file:

[PENDING] GRANT usage ON warehouse compute_wh TO ROLE role_test;
[PENDING] GRANT operate ON warehouse compute_wh TO ROLE role_test;
[PENDING] GRANT monitor ON warehouse compute_wh TO ROLE role_test;
[PENDING] GRANT usage ON database admin TO ROLE role_test;
[PENDING] GRANT usage ON schema admin.sandbox TO ROLE role_test;
[PENDING] GRANT select ON FUTURE tables IN schema admin.sandbox TO ROLE role_test;
[PENDING] GRANT select ON FUTURE views IN schema admin.sandbox TO ROLE role_test;
[PENDING] GRANT select ON table admin.sandbox.test TO ROLE role_test;
[PENDING] GRANT select ON table admin.sandbox.test_2 TO ROLE role_test;

In the schema used as an example, there are 2 tables test and test_2, which have individual grant statements for each, instead of having:

GRANT select on ALL tables IN schema admin.sandbox TO ROLE role_test;

Steps To Reproduce

  • Create a new role
  • Configure permissions to all tables in a schema using <database>.<schema>.*
  • Run Permifrost

Expected behavior

Permifrost should generate a grant statement with ALL <object_type>s in SCHEMA syntax. This is a problem for schemas with many tables, which causes Permifrost to take a very long time to run. In our case, instead of running a couple of statements for each schema and role, it's running thousands.

Screenshots and log output

See above.

The output of permifrost --version:

permifrost, version 0.14.0

The operating system you're using:

Mac OS Monterey

The output of python --version:

Python 3.9.14

Additional context

Edited by GilM-SX