AlterNoAuth is Alter without the admin-IP-whitelist and ACL authorization checks. It mirrors QueryNoAuth and is intended only for trusted in-process callers that run with a context.Background() and therefore carry no gRPC peer for x.HasWhitelistedIP to inspect — under the regular Alter path such cal
(ctx context.Context, op *api.Operation)
| 366 | // It is restricted to schema operations: drop requests are refused so that |
| 367 | // bypassing auth can never be used to remove data. |
| 368 | func (s *Server) AlterNoAuth(ctx context.Context, op *api.Operation) (*api.Payload, error) { |
| 369 | if isDropOperation(op) { |
| 370 | return nil, errors.New("AlterNoAuth only supports schema operations, not drops") |
| 371 | } |
| 372 | return s.alter(ctx, op, NoAuthorize) |
| 373 | } |
| 374 | |
| 375 | func (s *Server) alter(ctx context.Context, op *api.Operation, doAuth AuthMode) (*api.Payload, error) { |
| 376 | ctx, span := otel.Tracer("").Start(ctx, "Server.Alter") |