Export endpoint doesn't require authentication #4758
Labels
area/graphql
Issues related to GraphQL support on Dgraph.
area/operations
Related to operational aspects of the DB, including signals, flags, env vars, etc.
kind/enhancement
Something could be better.
status/accepted
We accept to investigate/work on it.
Comments
MichelDiz
added
area/operations
|
We need to check if this is also true via GraphQL Admin operations. |
|
This is a prevalent issue with the GraphQL endpoint although DGraph has some mechanism to restrict admin & mutation operations through IP whitelisting and you can do some TLS stuff, if you really want. Beyond that, you have a few options:
Eventually, I ended up with a combination of 1 & 2 due to time constraints. At least token authentication would be great to see in the Dgraph GraphQL endpoint |
lgalatin
added
area/graphql
abhimanyusinghgaur
added a commit
that referenced
this issue
May 19, 2020
Fixes #4758. This PR adds authentication to following endpoints: /admin/backup (http & graphql) /admin/config/lru_mb (http [GET & PUT] & graphql [query & mutation]) /admin/draining (http & graphql) /admin/export (http & graphql) /admin/shutdown (http & graphql) /admin/restore (graphql only) /admin/listBackups (graphql only) Now, all the above http endpoints and their corresponding graphql versions have following kinds of auth: IP White-listing, if --whitelist flag is passed to alpha Poor-man's auth, if --auth_token flag is passed to alpha Guardian only access, if ACL is enabled This PR also adds query for config in graphql admin, as it was missing earlier. In addition to above points: All the /admin endpoints apply Poor-man's auth check at http level itself, while other auth checks are routed through graphql resolvers. GraphQL Resolvers for health/state and the ones related to ACL User/Group have IP whitelisting middleware applied, while dgraph handles Guardian auth for them. /alter has the existing behaviour of checking only Poor-man's and Guardian auth. GraphQL Resolvers related to schema don't apply IP whitelisting as to keep them in sync with /alter. They do apply Guardian auth. Any GraphQL admin introspection queries don't require IP whitelisting or Guardian auth.
dna2github
pushed a commit
to dna2fork/dgraph
that referenced
this issue
Jul 18, 2020
Fixes hypermodeinc#4758. This PR adds authentication to following endpoints: /admin/backup (http & graphql) /admin/config/lru_mb (http [GET & PUT] & graphql [query & mutation]) /admin/draining (http & graphql) /admin/export (http & graphql) /admin/shutdown (http & graphql) /admin/restore (graphql only) /admin/listBackups (graphql only) Now, all the above http endpoints and their corresponding graphql versions have following kinds of auth: IP White-listing, if --whitelist flag is passed to alpha Poor-man's auth, if --auth_token flag is passed to alpha Guardian only access, if ACL is enabled This PR also adds query for config in graphql admin, as it was missing earlier. In addition to above points: All the /admin endpoints apply Poor-man's auth check at http level itself, while other auth checks are routed through graphql resolvers. GraphQL Resolvers for health/state and the ones related to ACL User/Group have IP whitelisting middleware applied, while dgraph handles Guardian auth for them. /alter has the existing behaviour of checking only Poor-man's and Guardian auth. GraphQL Resolvers related to schema don't apply IP whitelisting as to keep them in sync with /alter. They do apply Guardian auth. Any GraphQL admin introspection queries don't require IP whitelisting or Guardian auth.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What version of Dgraph are you using?
v2.0.0-beta1-26-g2ad482aff
Have you tried reproducing the issue with the latest release?
Yes
Steps to reproduce the issue (command/config used to run Dgraph).
Just send request to export endopoint, it will start export.
Expected behaviour and actual result.
It should require authentication.
The text was updated successfully, but these errors were encountered: