Skip to content

Prevent dropping or altering of reserved predicates. #2967

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Feb 8, 2019
Merged

Prevent dropping or altering of reserved predicates. #2967

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
991238c
Prevent dropping or altering of reserved predicates.
martinmr Feb 1, 2019
3903f54
Fix formatting
martinmr Feb 1, 2019
d007d1d
Address review comments.
martinmr Feb 4, 2019
9201035
Merge remote-tracking branch 'origin/master' into martinmr/reserved-p…
martinmr Feb 4, 2019
66e7203
Merge remote-tracking branch 'origin/master' into martinmr/reserved-p…
martinmr Feb 5, 2019
7543356
Merge remote-tracking branch 'origin/master' into martinmr/reserved-p…
martinmr Feb 6, 2019
d0154c6
Fix test and add new test to verify reserved predicates.
martinmr Feb 6, 2019
6e3c8fe
Merge remote-tracking branch 'origin/master' into martinmr/reserved-p…
martinmr Feb 8, 2019
3dc9315
x/keys.go: added IsPredicateReserved to replace x.InitialPreds (#2992)
srfrog Feb 8, 2019
118020c
Merge branch 'martinmr/reserved-preds' of github.com:dgraph-io/dgraph…
martinmr Feb 8, 2019
460cd18
Rename IsPredicateReserved to IsReservedPredicate.
martinmr Feb 8, 2019
89b35d1
Remove type pred from schema
martinmr Feb 8, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 19 additions & 2 deletions edgraph/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -304,9 +304,8 @@ func (s *Server) Alter(ctx context.Context, op *api.Operation) (*api.Payload, er
return nil, err
}

// All checks done.

defer glog.Infof("ALTER op: %+v done", op)

// StartTs is not needed if the predicate to be dropped lies on this server but is required
// if it lies on some other machine. Let's get it for safety.
m := &pb.Mutations{StartTs: State.getTimestamp(false)}
Expand All @@ -318,7 +317,15 @@ func (s *Server) Alter(ctx context.Context, op *api.Operation) (*api.Payload, er
ResetAcl()
return empty, err
}

if len(op.DropAttr) > 0 {
// Reserved predicates cannot be dropped.
if _, ok := x.InitialPreds[op.DropAttr]; ok {
err := fmt.Errorf("predicate %s is reserved and is not allowed to be dropped",
op.DropAttr)
return nil, err
}

nq := &api.NQuad{
Subject: x.Star,
Predicate: op.DropAttr,
Expand All @@ -339,6 +346,16 @@ func (s *Server) Alter(ctx context.Context, op *api.Operation) (*api.Payload, er
if err != nil {
return empty, err
}

// Reserved predicates cannot be altered.
for _, update := range result.Schemas {
if _, ok := x.InitialPreds[update.Predicate]; ok {
err := fmt.Errorf("predicate %s is reserved and is not allowed to be modified",
update.Predicate)
return nil, err
}
}

glog.Infof("Got schema: %+v\n", result.Schemas)
// TODO: Maybe add some checks about the schema.
m.Schema = result.Schemas
Expand Down
52 changes: 46 additions & 6 deletions ee/acl/acl_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,27 @@ func resetUser(t *testing.T) {
glog.Infof("created user")
}

func TestReservedPredicates(t *testing.T) {
// This test uses the groot account to ensure that reserved predicates
// cannot be altered even if the permissions allow it.
ctx := context.Background()

dg1, cancel1 := x.GetDgraphClientOnPort(9180)
defer cancel1()
if err := dg1.Login(ctx, x.GrootId, "password"); err != nil {
t.Fatalf("unable to login using the groot account:%v", err)
}
defer cancel1()
alterReservedPredicates(t, dg1)

dg2, cancel2 := x.GetDgraphClientOnPort(9180)
defer cancel2()
if err := dg2.Login(ctx, x.GrootId, "password"); err != nil {
t.Fatalf("unable to login using the groot account:%v", err)
}
alterReservedPredicates(t, dg2)
}

func TestAuthorization(t *testing.T) {
glog.Infof("testing with port 9180")
dg1, cancel := x.GetDgraphClientOnPort(9180)
Expand All @@ -110,10 +131,12 @@ func testAuthorization(t *testing.T, dg *dgo.Dgraph) {
queryPredicateWithUserAccount(t, dg, true)
mutatePredicateWithUserAccount(t, dg, true)
alterPredicateWithUserAccount(t, dg, true)

createGroupAndAcls(t)
// wait for 35 seconds to ensure the new acl have reached all acl caches
log.Println("Sleeping for 35 seconds for acl to catch up")
time.Sleep(35 * time.Second)

queryPredicateWithUserAccount(t, dg, false)
// sleep long enough (10s per the docker-compose.yml in this directory)
// for the accessJwt to expire in order to test auto login through refresh jwt
Expand All @@ -132,6 +155,23 @@ var predicateToAlter = "predicate_to_alter"
var group = "dev"
var rootDir = filepath.Join(os.TempDir(), "acl_test")

func alterReservedPredicates(t *testing.T, dg *dgo.Dgraph) {
ctx := context.Background()
err := dg.Alter(ctx, &api.Operation{
Schema: "dgraph.xid: int .",
})
require.Error(t, err)
require.Contains(t, err.Error(),
"predicate dgraph.xid is reserved and is not allowed to be modified")

err = dg.Alter(ctx, &api.Operation{
DropAttr: "dgraph.xid",
})
require.Error(t, err)
require.Contains(t, err.Error(),
"predicate dgraph.xid is reserved and is not allowed to be dropped")
}

func queryPredicateWithUserAccount(t *testing.T, dg *dgo.Dgraph, shouldFail bool) {
// login with alice's account
ctx := context.Background()
Expand Down Expand Up @@ -213,7 +253,7 @@ func createGroupAndAcls(t *testing.T) {
"-d", dgraphEndpoint,
"-g", group, "-x", "password")
if err := createGroupCmd.Run(); err != nil {
t.Fatalf("Unable to create group:%v", err)
t.Fatalf("Unable to create group: %v", err)
}

// add the user to the group
Expand All @@ -222,7 +262,7 @@ func createGroupAndAcls(t *testing.T) {
"-d", dgraphEndpoint,
"-u", userid, "-g", group, "-x", "password")
if err := addUserToGroupCmd.Run(); err != nil {
t.Fatalf("Unable to add user %s to group %s:%v", userid, group, err)
t.Fatalf("Unable to add user %s to group %s: %v", userid, group, err)
}

// add READ permission on the predicateToRead to the group
Expand All @@ -232,7 +272,7 @@ func createGroupAndAcls(t *testing.T) {
"-g", group, "-p", predicateToRead, "-P", strconv.Itoa(int(Read.Code)), "-x",
"password")
if err := addReadPermCmd1.Run(); err != nil {
t.Fatalf("Unable to add READ permission on %s to group %s:%v",
t.Fatalf("Unable to add READ permission on %s to group %s: %v",
predicateToRead, group, err)
}

Expand All @@ -243,7 +283,7 @@ func createGroupAndAcls(t *testing.T) {
"-g", group, "-p", queryAttr, "-P", strconv.Itoa(int(Read.Code)), "-x",
"password")
if err := addReadPermCmd2.Run(); err != nil {
t.Fatalf("Unable to add READ permission on %s to group %s:%v", queryAttr, group, err)
t.Fatalf("Unable to add READ permission on %s to group %s: %v", queryAttr, group, err)
}

// add WRITE permission on the predicateToWrite
Expand All @@ -253,7 +293,7 @@ func createGroupAndAcls(t *testing.T) {
"-g", group, "-p", predicateToWrite, "-P", strconv.Itoa(int(Write.Code)), "-x",
"password")
if err := addWritePermCmd.Run(); err != nil {
t.Fatalf("Unable to add permission on %s to group %s:%v", predicateToWrite, group, err)
t.Fatalf("Unable to add permission on %s to group %s: %v", predicateToWrite, group, err)
}

// add MODIFY permission on the predicateToAlter
Expand All @@ -263,6 +303,6 @@ func createGroupAndAcls(t *testing.T) {
"-g", group, "-p", predicateToAlter, "-P", strconv.Itoa(int(Modify.Code)), "-x",
"password")
if err := addModifyPermCmd.Run(); err != nil {
t.Fatalf("Unable to add permission on %s to group %s:%v", predicateToAlter, group, err)
t.Fatalf("Unable to add permission on %s to group %s: %v", predicateToAlter, group, err)
}
}