risingwave_frontend/handler/
drop_secret.rs1use std::sync::Arc;
16
17use pgwire::pg_response::StatementType;
18use risingwave_common::license::Feature;
19use risingwave_sqlparser::ast::ObjectName;
20
21use crate::Binder;
22use crate::catalog::root_catalog::SchemaPath;
23use crate::catalog::secret_catalog::SecretCatalog;
24use crate::catalog::{DatabaseId, SchemaId};
25use crate::error::Result;
26use crate::handler::{HandlerArgs, RwPgResponse};
27use crate::session::SessionImpl;
28
29pub async fn handle_drop_secret(
30 handler_args: HandlerArgs,
31 secret_name: ObjectName,
32 if_exists: bool,
33) -> Result<RwPgResponse> {
34 Feature::SecretManagement.check_available()?;
35
36 let session = handler_args.session;
37
38 if let Some((secret_catalog, _, _)) =
39 fetch_secret_catalog_with_db_schema_id(&session, &secret_name, if_exists)?
40 {
41 let catalog_writer = session.catalog_writer()?;
42 catalog_writer.drop_secret(secret_catalog.id).await?;
43
44 Ok(RwPgResponse::empty_result(StatementType::DROP_SECRET))
45 } else {
46 Ok(RwPgResponse::builder(StatementType::DROP_SECRET)
47 .notice(format!(
48 "secret \"{}\" does not exist, skipping",
49 secret_name
50 ))
51 .into())
52 }
53}
54
55pub fn fetch_secret_catalog_with_db_schema_id(
57 session: &SessionImpl,
58 secret_name: &ObjectName,
59 if_exists: bool,
60) -> Result<Option<(Arc<SecretCatalog>, DatabaseId, SchemaId)>> {
61 let db_name = &session.database();
62 let (schema_name, secret_name) = Binder::resolve_schema_qualified_name(db_name, secret_name)?;
63 let search_path = session.config().search_path();
64 let user_name = &session.user_name();
65
66 let schema_path = SchemaPath::new(schema_name.as_deref(), &search_path, user_name);
67
68 let reader = session.env().catalog_reader().read_guard();
69 match reader.get_secret_by_name(db_name, schema_path, &secret_name) {
70 Ok((catalog, schema_name)) => {
71 session.check_privilege_for_drop_alter(schema_name, &**catalog)?;
72
73 let db = reader.get_database_by_name(db_name)?;
74 let schema = db.get_schema_by_name(schema_name).unwrap();
75
76 Ok(Some((Arc::clone(catalog), db.id(), schema.id())))
77 }
78 Err(e) => {
79 if if_exists {
80 Ok(None)
81 } else {
82 Err(e.into())
83 }
84 }
85 }
86}