MCPcopy
hub / github.com/dgraph-io/dgraph / AlterNoAuth

Method AlterNoAuth

edgraph/server.go:368–373  ·  view source on GitHub ↗

AlterNoAuth is Alter without the admin-IP-whitelist and ACL authorization checks. It mirrors QueryNoAuth and is intended only for trusted in-process callers that run with a context.Background() and therefore carry no gRPC peer for x.HasWhitelistedIP to inspect — under the regular Alter path such cal

(ctx context.Context, op *api.Operation)

Source from the content-addressed store, hash-verified

366// It is restricted to schema operations: drop requests are refused so that
367// bypassing auth can never be used to remove data.
368func (s *Server) AlterNoAuth(ctx context.Context, op *api.Operation) (*api.Payload, error) {
369 if isDropOperation(op) {
370 return nil, errors.New("AlterNoAuth only supports schema operations, not drops")
371 }
372 return s.alter(ctx, op, NoAuthorize)
373}
374
375func (s *Server) alter(ctx context.Context, op *api.Operation, doAuth AuthMode) (*api.Payload, error) {
376 ctx, span := otel.Tracer("").Start(ctx, "Server.Alter")

Callers 1

Calls 2

alterMethod · 0.95
isDropOperationFunction · 0.85

Tested by 1