diff --git a/edgraph/alter.go b/edgraph/alter.go index 6801549a01d..d70b38be67f 100644 --- a/edgraph/alter.go +++ b/edgraph/alter.go @@ -108,7 +108,7 @@ func executeDropAllInNs(ctx context.Context, startTs uint64, req *apiv25.AlterRe } err = x.RetryUntilSuccess(10, 100*time.Millisecond, func() error { - return createGuardianAndGroot(x.AttachNamespace(ctx, nsID), nsID, "password") + return createGuardianAndGroot(x.AttachNamespace(ctx, nsID), "password") }) if err != nil { return errors.Wrapf(err, "Failed to create guardian and groot: ") diff --git a/edgraph/multi_tenancy.go b/edgraph/multi_tenancy.go index 0936c3ed8d8..9e24c1d1f86 100644 --- a/edgraph/multi_tenancy.go +++ b/edgraph/multi_tenancy.go @@ -105,18 +105,23 @@ func (s *Server) CreateNamespaceInternal(ctx context.Context, passwd string) (ui } err = x.RetryUntilSuccess(10, 100*time.Millisecond, func() error { - return createGuardianAndGroot(ctx, ids.StartId, passwd) + return createGuardianAndGroot(ctx, passwd) }) if err != nil { return 0, errors.Wrapf(err, "Failed to create guardian and groot: ") } + glog.V(2).Infof("Created namespace: %d", ns) return ns, nil } // This function is used while creating new namespace. New namespace creation is only allowed // by the guardians of the galaxy group. -func createGuardianAndGroot(ctx context.Context, namespace uint64, passwd string) error { +func createGuardianAndGroot(ctx context.Context, passwd string) error { + if !x.WorkerConfig.AclEnabled { + return nil + } + if err := upsertGuardian(ctx); err != nil { return errors.Wrap(err, "While creating Guardian") } diff --git a/edgraph/ns_query_no_acl_test.go b/edgraph/ns_query_no_acl_test.go new file mode 100644 index 00000000000..d35e1eba13a --- /dev/null +++ b/edgraph/ns_query_no_acl_test.go @@ -0,0 +1,87 @@ +//go:build integration2 + +/* + * SPDX-FileCopyrightText: © Hypermode Inc. + * SPDX-License-Identifier: Apache-2.0 + */ + +package edgraph + +import ( + "context" + "testing" + + "github.com/dgraph-io/dgo/v250" + "github.com/stretchr/testify/require" + + "github.com/hypermodeinc/dgraph/v25/dgraphtest" +) + +func TestNamespaces(t *testing.T) { + conf := dgraphtest.NewClusterConfig().WithNumAlphas(1).WithNumZeros(1).WithReplicas(1) + c, err := dgraphtest.NewLocalCluster(conf) + require.NoError(t, err) + defer func() { c.Cleanup(t.Failed()) }() + require.NoError(t, c.Start()) + + // ensure that Open works with no ACL + alphaGrpcPort, err := c.GetAlphaGrpcPublicPort(0) + require.NoError(t, err) + _, err = dgo.Open("dgraph://localhost:" + alphaGrpcPort) + require.NoError(t, err) + + client, cleanup, err := c.Client() + require.NoError(t, err) + defer cleanup() + + // Drop all data + require.NoError(t, client.DropAll()) + + // Create two namespaces + ctx := context.Background() + require.NoError(t, client.CreateNamespace(ctx, "ns1")) + require.NoError(t, client.CreateNamespace(ctx, "ns2")) + + // namespace 1 + require.NoError(t, client.SetSchema(ctx, "ns1", `name: string @index(exact) .`)) + resp, err := client.RunDQL(ctx, "ns1", `{ set {_:a "Alice" .}}`) + require.NoError(t, err) + require.Equal(t, 1, len(resp.BlankUids)) + resp, err = client.RunDQL(ctx, "ns1", `{ q(func: has(name)) { name } }`) + require.NoError(t, err) + require.JSONEq(t, `{"q":[{"name":"Alice"}]}`, string(resp.GetQueryResult())) + + // namespace 2 + require.NoError(t, client.SetSchema(ctx, "ns2", `name: string @index(exact) .`)) + _, err = client.RunDQL(ctx, "ns2", `{ set {_:a "Bob" .}}`) + require.NoError(t, err) + resp, err = client.RunDQL(ctx, "ns2", `{ q(func: has(name)) { name } }`) + require.NoError(t, err) + require.JSONEq(t, `{"q":[{"name":"Bob"}]}`, string(resp.GetQueryResult())) + + // rename ns2 namespace + require.NoError(t, client.RenameNamespace(ctx, "ns2", "ns2-new")) + + // check if the data is still there + resp, err = client.RunDQL(ctx, "ns2-new", `{ q(func: has(name)) { name } }`) + require.NoError(t, err) + require.JSONEq(t, `{"q":[{"name":"Bob"}]}`, string(resp.GetQueryResult())) + + // List Namespaces + nsMaps, err := client.ListNamespaces(ctx) + require.NoError(t, err) + require.Len(t, nsMaps, 3) + + // drop ns2-new namespace + require.NoError(t, client.DropNamespace(ctx, "ns2-new")) + _, err = client.RunDQL(ctx, "ns2-new", `{ q(func: has(name)) { name } }`) + require.ErrorContains(t, err, "namespace \"ns2-new\" not found") + nsMaps, err = client.ListNamespaces(ctx) + require.NoError(t, err) + require.Len(t, nsMaps, 2) + + // drop ns1 namespace + require.NoError(t, client.DropNamespace(ctx, "ns1")) + _, err = client.RunDQL(ctx, "ns1", `{ q(func: has(name)) { name } }`) + require.ErrorContains(t, err, "namespace \"ns1\" not found") +} diff --git a/x/acl_enc_keys.go b/x/acl_enc_keys.go index 6d4a74cdf50..b34602baa84 100644 --- a/x/acl_enc_keys.go +++ b/x/acl_enc_keys.go @@ -139,7 +139,7 @@ func checkAclKeyLength(alg jwt.SigningMethod, key Sensitive) error { // SHA length has to be smaller or equal to the key length if sl > len(key)*8 { - return errors.Errorf("ACL key length [%v <= %v] bits for JWT algorithm [%v]", sl, len(key)*8, alg.Alg()) + return errors.Errorf("ACL key length [%v <= %v] bits for JWT algorithm [%v]", len(key)*8, sl, alg.Alg()) } return nil }