(ctx context.Context, op *api.Operation, doAuth AuthMode)
| 373 | } |
| 374 | |
| 375 | func (s *Server) alter(ctx context.Context, op *api.Operation, doAuth AuthMode) (*api.Payload, error) { |
| 376 | ctx, span := otel.Tracer("").Start(ctx, "Server.Alter") |
| 377 | defer span.End() |
| 378 | |
| 379 | ctx = x.AttachJWTNamespace(ctx) |
| 380 | span.AddEvent("Alter operation", trace.WithAttributes(attribute.String("op", op.String()))) |
| 381 | |
| 382 | // Always print out Alter operations because they are important and rare. |
| 383 | glog.Infof("Received ALTER op: %+v", op) |
| 384 | |
| 385 | // check if the operation is valid |
| 386 | if err := validateAlterOperation(ctx, op, doAuth); err != nil { |
| 387 | return nil, err |
| 388 | } |
| 389 | |
| 390 | defer glog.Infof("ALTER op: %+v done", op) |
| 391 | |
| 392 | empty := &api.Payload{} |
| 393 | namespace, err := x.ExtractNamespace(ctx) |
| 394 | if err != nil { |
| 395 | return nil, errors.Wrapf(err, "While altering") |
| 396 | } |
| 397 | |
| 398 | // StartTs is not needed if the predicate to be dropped lies on this server but is required |
| 399 | // if it lies on some other machine. Let's get it for safety. |
| 400 | m := &pb.Mutations{StartTs: worker.State.GetTimestamp(false)} |
| 401 | if isDropAll(op) { |
| 402 | if x.Config.BlockClusterWideDrop { |
| 403 | glog.V(2).Info("Blocked drop-all because it is not permitted.") |
| 404 | return empty, errors.New("Drop all operation is not permitted.") |
| 405 | } |
| 406 | if err := AuthSuperAdmin(ctx); err != nil { |
| 407 | s := status.Convert(err) |
| 408 | return empty, status.Error(s.Code(), |
| 409 | "Drop all can only be called by the guardian of the galaxy. "+s.Message()) |
| 410 | } |
| 411 | if len(op.DropValue) > 0 { |
| 412 | return empty, errors.Errorf("If DropOp is set to ALL, DropValue must be empty") |
| 413 | } |
| 414 | |
| 415 | m.DropOp = pb.Mutations_ALL |
| 416 | _, err := query.ApplyMutations(ctx, m) |
| 417 | if err != nil { |
| 418 | return empty, err |
| 419 | } |
| 420 | |
| 421 | // insert a helper record for backup & restore, indicating that drop_all was done |
| 422 | err = InsertDropRecord(ctx, "DROP_ALL;") |
| 423 | if err != nil { |
| 424 | return empty, err |
| 425 | } |
| 426 | |
| 427 | // insert empty GraphQL schema, so all alphas get notified to |
| 428 | // reset their in-memory GraphQL schema |
| 429 | _, err = UpdateGQLSchema(ctx, "", "") |
| 430 | // recreate the admin account after a drop all operation |
| 431 | InitializeAcl(nil) |
| 432 | return empty, err |
no test coverage detected