* Add AUTH system tx deltas
* Add auth data RPC and handlers
* Support multiple system deltas in a single transaction
* Added e2e test
* Bugfix: KVStore segfault after move
---------
Co-authored-by: Gareth Lloyd <gareth.lloyd@memgraph.io>
* Split queries into system and data queries
* System queries are sequentially executed and generate separate transaction deltas
* System transaction try locks for 100ms
* last_commited_system_ts saved to DBMS durability
* Replicating CREATE/DROP DATABASE
* Sending a system snapshot if REPLICA behind
* Passing a copy of the gatekeeper::access as std::any to all functions that could call an async execution
* Removed delete_on_drop flag (we now always delete on drop)
* Using UUID as the directory name for databases
* DBMS durability update (added versioning and salient information)
* Automatic migration from previous version
* Interpreter can run some queries without a target database
* SHOW REPLICA returns the status of the currently active DB
* Returning UUID instead of db name in the RPC responses
* Using UUIDs for database specification in RPC (not name)
* FrequentCheck forces update on reconnect
* TimestampRpc will detect if a replica is behind, and will update client's state
* Safer SLK reads
* Split SHOW DATABASES in two SHOW DATABASES (list of current databases) and SHOW DATABASE a single string naming the current database
---------
Co-authored-by: Gareth Lloyd <gareth.lloyd@memgraph.io>
Single (instance level) connection to a replica (messages from all databases get multiplexed through it)
ReplicationClient split in two: ReplicationClient and ReplicationStorageClient
New ReplicationClient, moved under replication, handles the raw connection, owned by MainRoleData
ReplicationStorageClient handles the storage <-> replica state machine and holds to a stream
Removed epoch and storage from *Clients
rpc::Stream proactively aborts on error and sets itself to a defunct state
Removed HandleRpcFailure, instead we simply log the error and let the FrequentCheck handle re-connection
replica_state is now a synced variable
ReplicaStorageClient state machine bugfixes
Single FrequentCheck that goes through DBMS
Moved ReplicationState under DbmsHandler
Moved some replication startup logic under the DbmsHandler's constructor
Removed InMemoryReplicationClient
CreateReplicationClient has been removed from Storage
Simplified GetRecoverySteps and made safer
---------
Co-authored-by: Gareth Lloyd <gareth.lloyd@memgraph.io>
There might be a performance impect of updating the metadata store on
bulk operations. Hence this flag which is disabling the collection by
default. If the queries to obtain the information are called with this
flag disabled, the database will throw an exception.
* Interpreter transaction ID decoupled from storage transaction ID
* Transactional scope for indices, statistics and constraints
* Storage::Accessor now has 2 modes (unique and shared)
* Introduced ResourceLock to fix pthread mutex problems
* Split InfoQuery in two: non-transactional SystemInfoQuery and transactional DatabaseInfoQuery
* Replicable and durable statistics
* Bumped WAL/Snapshot versions
* Initial implementation of the Lamport clock
---------
Co-authored-by: Andreja Tonev <andreja.tonev@memgraph.io>
Unique/global InterpreterContext that is Storage agnostic (has a reference to the DbmsHandler instead)
* InterpreterContext is no longer the owner of Storage
* New Database structure that handles Storage, Triggers, Streams
* Renamed SessinContextHandler to DbmsHandler and simplified the multi-tenant logic
* Added Gatekeeper and updated handlers to use it
---------
Co-authored-by: Gareth Lloyd <gareth.lloyd@memgraph.io>
* Decouple BoltSession and communication::bolt::Session
* Add CREATE/USE/DROP DATABASE
* Add SHOW DATABASES
* Cover WebSocket session
* Simple session safety implemented via RWLock
* Storage symlinks for backward. compatibility
* Extend the audit log with the DB info
* Add auth part
* Add tenant recovery
* Fix init file startup in community edition
* Add possibility to build binary without MG_ENTERPRISE
* Added trace spdlog for when init file is not present
* Add gqlalchemy and unit tests
* Add init data files which correspond to the right directory by the github actions
* Parallelize edge recovery
* Load vertex labels and properties parallel
* Add parallel connectivity loading
* Add batches information to snapshot
* Introduce `items_per_batch` and `recovery_thread_count` flags
* Make possible to load snapshots with old version
* Add vertex batches to `RecoveryInfo`
* Extend durability integration tests with v15 test cases
* Add `std::vector` based `InitProperties`
* Use `InitProperties` in snapshot loading
* Added enum for more granular access control; Expanded functionality of fine grained access checker; Propagated changes to Edit, Deny and Revoke permissions methods in interpreter
* Introduced Merge method for merging two colle with permissions
* e2e tests implementation started
* Expanded cypher to support fine grained permissions
* ast.lcp::AuthQuery removed labels, added support for label permissions
* promoted label permissions to vector
* removed unnecesary enum value
* expanded glue/auth with LabelPrivilegeToLabelPermission
* added const
* extended Grant Deny and Revoke Privileges with new label privileges
* extended Edit Grant Deny and Revoke Privileges to properly use new model
* Fixed unit tests
* FineGrainedAccessChecker Grant and Deny methods reworked
* Revoke cypher slightly reworked; Revoke for labels works without label permissions
* EditPermission's label_permission lambda now takes two parameters
* constants naming enforced; replaced asterisks with string constant
* removed faulty test addition
* Naming fixes; FineGrainedAccessChecker unit tests introduced
* unnecessary includes removed; minor code improvements
* minor fix
* Access checker reworked; denies and grant merged into single permission object; Created global_permission that applies to all non-created permissions. Grant, Deny and Revoke reworked; Merge method reworked
* Fixed wrong check;
* Fix after merge; renamed constants; removed unused constant
* Fix after merge; workloads.yaml for lbaprocedures e2e tests updated with new grammar
* Fixes after merge
* Fixes after merge
* fixed Revoke that was not fixed after the merge
* updated cypher main visitor tests
* PR review changes; Naming and const fixed, replaced double tertiary with lambda
* unwrapping the iterator fix
* merge 1003 minor fix
* minor spelling fixes
* Introduced visitPrivilegesList because of the doubled code
* const added
* string const to enum
* redundant braces
* added const
* minor code improvement
* e2e tests expanded
* if -> switch
* enum class inherits uint8_t now
* LabelPrililege::EDIT -> LabelPrivilege::UPDATE
* LabelPermission -> EntityPermission; LabelPrivilege -> EntityPrivilege
* EntityPrivilege -> FineGrainedPrivilege; EntityPermission -> FineGrainedPermission
* Added enum for more granular access control; Expanded functionality of fine grained access checker; Propagated changes to Edit, Deny and Revoke permissions methods in interpreter
* Introduced Merge method for merging two colle with permissions
* e2e tests implementation started
* FineGrainedAccessChecker Grant and Deny methods reworked
* removed faulty test addition
* Naming fixes; FineGrainedAccessChecker unit tests introduced
* unnecessary includes removed; minor code improvements
* Access checker reworked; denies and grant merged into single permission object; Created global_permission that applies to all non-created permissions. Grant, Deny and Revoke reworked; Merge method reworked
* Fixed wrong check;
* PR review changes; Naming and const fixed, replaced double tertiary with lambda
* unwrapping the iterator fix
* minor spelling fixes
* GRANT, REVOKE, DENY and access_checker DONE
* Added AccessChecker to ExecutionContext
* grammar expanded; (#462)
* current
* T0954 mg expand user and role to hold permissions on labels (#465)
* added FineGrainedAccessPermissions class to model
* expanded user and role with fine grained access permissions
* fixed grammar
* [E129 < T0953-MG] GRANT, DENY, REVOKE added in interpreter and mainVisitor (#464)
* GRANT, DENY, REVOKE added in interpreter and mainVisitor
* Commented labelPermissons
* remove labelsPermission adding
* Fixed
* Removed extra lambda
* fixed
* [E129<-T0955-MG] Expand ExecutionContext with label related information (#467)
* added
* Added FineGrainedAccessChecker to Context
* fixed
* Added filtering
* testing
* Added edge filtering to storage, need to add filtering in simple Expand in operator.cpp
* Removed storage changes
* MATCH filtering working
* EdgeTypeFiltering working, just need to test everything again
* Removed FineGrainedAccessChecker
* Removed Expand Path
* Fix
* Tested FineGrainedAccessHandler, need to test AuthChecker
* Added integration test for lba
* Fixed merge conflicts
* PR fix
* fixed
* PR fix
* Fix test
* removed .vscode, .cache, .githooks
* githooks
* added tests
* fixed build
* Changed ast.lcp and User pointer to value in context.hpp
* Fixed test
* Remove denies on grant all
* AuthChecker
* Pr fix, auth_checker still not fixed
* Create mg-glue and extract UserBasedAuthChecker from AuthChecker
* Build fixed, need to fix test
* e2e tests
* e2e test working
* Added unit test, e2e and FineGrainedChecker
* Mege E129, auth_checker tests
* Fixed test
* e2e fix
Co-authored-by: Boris Taševski <36607228+BorisTasevski@users.noreply.github.com>
Co-authored-by: josipmrden <josip.mrden@external-basf.com>
Co-authored-by: János Benjamin Antal <benjamin.antal@memgraph.io>
Add a report for the case where a sync replica does not confirm within a timeout:
-Add a new exception: ReplicationException to be returned when one sync replica does not confirm the reception of messages (new data, new constraint/index, or for triggers)
-Update the logic to throw the ReplicationException when needed for insertion of new data, triggers, or creation of new constraint/index
-Add end-to-end tests to cover the loss of connection with sync/async replicas when adding new data, adding new constraint/indexes, and triggers
Add end-to-end tests to cover the creation and drop of indexes, existence constraints, and uniqueness constraints
Improved tooling function mg_sleep_and_assert to also show the last result when duration is exceeded
Add a new command that is able to return the set of configurations that that the
given instance of memgraph was started up with. The returned information
currently consists of the name, the default and the current value of each flag.
The hidden property of three flags were removed, namely --query-cost-planner,
--query-vertex-count-to-expand-existing and --query-max-plans. The flag
--log-link-basename was completely removed since it is not used.
