PATCH
/
v1
/
risks
/
{risk}
{
  "name": "<string>",
  "source": "SOURCE_UNSPECIFIED",
  "title": "<string>",
  "level": 123,
  "active": true,
  "condition": {
    "id": "<string>",
    "constExpr": {
      "nullValue": "NULL_VALUE",
      "boolValue": true,
      "int64Value": "<string>",
      "uint64Value": "<string>",
      "doubleValue": 123,
      "stringValue": "<string>",
      "bytesValue": "<string>",
      "durationValue": "<string>",
      "timestampValue": "2023-11-07T05:31:56Z"
    },
    "identExpr": {
      "name": "<string>"
    },
    "selectExpr": {
      "operand": {},
      "field": "<string>",
      "testOnly": true
    },
    "callExpr": {
      "target": {},
      "function": "<string>",
      "args": [
        {}
      ]
    },
    "listExpr": {
      "elements": [
        {}
      ],
      "optionalIndices": [
        123
      ]
    },
    "structExpr": {
      "messageName": "<string>",
      "entries": [
        {
          "id": "<string>",
          "fieldKey": "<string>",
          "mapKey": {},
          "value": {},
          "optionalEntry": true
        }
      ]
    },
    "comprehensionExpr": {
      "iterVar": "<string>",
      "iterVar2": "<string>",
      "iterRange": {},
      "accuVar": "<string>",
      "accuInit": {},
      "loopCondition": {},
      "loopStep": {},
      "result": {}
    }
  }
}

Path Parameters

risk
string
required

The risk id.

Query Parameters

updateMask
string<field-mask>

The list of fields to update.

allowMissing
boolean

If set to true, and the risk is not found, a new risk will be created. In this situation, update_mask is ignored.

Body

application/json
name
string

Format: risks/{risk}

source
enum<string>
Available options:
SOURCE_UNSPECIFIED,
DDL,
DML,
CREATE_DATABASE,
DATA_EXPORT,
REQUEST_ROLE
title
string
level
integer
active
boolean
condition
object

The condition that is associated with the risk. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec

All supported variables: affected_rows: affected row count in the DDL/DML, support "==", "!=", "<", "<=", ">", ">=" operations. table_rows: table row count number, support "==", "!=", "<", "<=", ">", ">=" operations. environment_id: the environment resource id, support "==", "!=", "in [xx]", "!(in [xx])" operations. project_id: the project resource id, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. db_engine: the database engine type, support "==", "!=", "in [xx]", "!(in [xx])" operations. Check the Engine enum for the values. sql_type: the SQL type, support "==", "!=", "in [xx]", "!(in [xx])" operations. when the risk source is DDL, check https://github.com/bytebase/bytebase/blob/main/frontend/src/plugins/cel/types/values.ts#L70 for supported values. when the risk source is DML, check https://github.com/bytebase/bytebase/blob/main/frontend/src/plugins/cel/types/values.ts#L71 for supported values. database_name: the database name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. schema_name: the schema name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. table_name: the table name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. sql_statement: the SQL statement, support "contains()", "matches()", "startsWith()", "endsWith()" operations. export_rows: export data count, support "==", "!=", "<", "<=", ">", ">=" operations. expiration_days: the role expiration days for the request, support "==", "!=", "<", "<=", ">", ">=" operations. role: the request role full name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations.

When the risk source is DDL/DML, support following variables: affected_rows table_rows environment_id project_id db_engine sql_type database_name schema_name table_name sql_statement

When the risk source is CREATE_DATABASE, support following variables: environment_id project_id db_engine database_name

When the risk source is DATA_EXPORT, support following variables: environment_id project_id db_engine database_name schema_name table_name export_rows

When the risk source is REQUEST_QUERY, support following variables: environment_id project_id db_engine database_name schema_name table_name expiration_days

When the risk source is REQUEST_EXPORT, support following variables: environment_id project_id db_engine database_name schema_name table_name expiration_days export_rows

When the risk source is REQUEST_ROLE, support following variables: project_id expiration_days role An abstract representation of a common expression.

Expressions are abstractly represented as a collection of identifiers, select statements, function calls, literals, and comprehensions. All operators with the exception of the '.' operator are modelled as function calls. This makes it easy to represent new operators into the existing AST.

All references within expressions must resolve to a [Decl][google.api.expr.v1alpha1.Decl] provided at type-check for an expression to be valid. A reference may either be a bare identifier name or a qualified identifier google.api.name. References may either refer to a value or a function declaration.

For example, the expression google.api.name.startsWith('expr') references the declaration google.api.name within a [Expr.Select][google.api.expr.v1alpha1.Expr.Select] expression, and the function declaration startsWith.

Response

OK

name
string

Format: risks/{risk}

source
enum<string>
Available options:
SOURCE_UNSPECIFIED,
DDL,
DML,
CREATE_DATABASE,
DATA_EXPORT,
REQUEST_ROLE
title
string
level
integer
active
boolean
condition
object

The condition that is associated with the risk. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec

All supported variables: affected_rows: affected row count in the DDL/DML, support "==", "!=", "<", "<=", ">", ">=" operations. table_rows: table row count number, support "==", "!=", "<", "<=", ">", ">=" operations. environment_id: the environment resource id, support "==", "!=", "in [xx]", "!(in [xx])" operations. project_id: the project resource id, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. db_engine: the database engine type, support "==", "!=", "in [xx]", "!(in [xx])" operations. Check the Engine enum for the values. sql_type: the SQL type, support "==", "!=", "in [xx]", "!(in [xx])" operations. when the risk source is DDL, check https://github.com/bytebase/bytebase/blob/main/frontend/src/plugins/cel/types/values.ts#L70 for supported values. when the risk source is DML, check https://github.com/bytebase/bytebase/blob/main/frontend/src/plugins/cel/types/values.ts#L71 for supported values. database_name: the database name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. schema_name: the schema name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. table_name: the table name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations. sql_statement: the SQL statement, support "contains()", "matches()", "startsWith()", "endsWith()" operations. export_rows: export data count, support "==", "!=", "<", "<=", ">", ">=" operations. expiration_days: the role expiration days for the request, support "==", "!=", "<", "<=", ">", ">=" operations. role: the request role full name, support "==", "!=", "in [xx]", "!(in [xx])", "contains()", "matches()", "startsWith()", "endsWith()" operations.

When the risk source is DDL/DML, support following variables: affected_rows table_rows environment_id project_id db_engine sql_type database_name schema_name table_name sql_statement

When the risk source is CREATE_DATABASE, support following variables: environment_id project_id db_engine database_name

When the risk source is DATA_EXPORT, support following variables: environment_id project_id db_engine database_name schema_name table_name export_rows

When the risk source is REQUEST_QUERY, support following variables: environment_id project_id db_engine database_name schema_name table_name expiration_days

When the risk source is REQUEST_EXPORT, support following variables: environment_id project_id db_engine database_name schema_name table_name expiration_days export_rows

When the risk source is REQUEST_ROLE, support following variables: project_id expiration_days role An abstract representation of a common expression.

Expressions are abstractly represented as a collection of identifiers, select statements, function calls, literals, and comprehensions. All operators with the exception of the '.' operator are modelled as function calls. This makes it easy to represent new operators into the existing AST.

All references within expressions must resolve to a [Decl][google.api.expr.v1alpha1.Decl] provided at type-check for an expression to be valid. A reference may either be a bare identifier name or a qualified identifier google.api.name. References may either refer to a value or a function declaration.

For example, the expression google.api.name.startsWith('expr') references the declaration google.api.name within a [Expr.Select][google.api.expr.v1alpha1.Expr.Select] expression, and the function declaration startsWith.