Emergency maintenance
To enable administrative API for your Datalore instance, generate a token by providing this environment variable.
warning
Keep this token secure: it provides access to the access permissions management APIs, which, if exposed, can be used for data leakage by malicious users.
DO NOT configure this token unless critically necessary and revoke it as soon as the maintenance is complete.
Read further for a few procedures that may help you when Datalore functionality deviates from the expected.
Normally, a Datalore instance is operated by its administrators. The first registered user of the instance is automatically assigned a super admin and can then can grant admin roles to other users.
This procedure explains how to reset access to the super admin account if it was accidentally lost.
note
Make sure to enable an admin API token prior to performing the steps below.
Identify the ID of the user whose access level you want to alter:
Open the developer console for the Datalore browser tab.
Find the entry that contains the
user=....
part. The value that follows the=
character is the ID of the currently authenticated user. Here is an example of what this line looks like:Client initialized clientId=i9amcJvpqBDoKAWbVc2iOs, user=bKscUiyhbxUNl6a5tTlKq4
Execute the following HTTP request by providing your own values as per the table below:
$curl --request POST \ --url 'https://${host}/api/user_management/v1/admin/user/role?userId=${userId}&role=${role}' \ --header 'Authorization: ${token}'
${host}
Your instance FQDN
${role}
The role you want to assign to the user.
Allowed values:
REGULAR
,SUPER_ADMIN
,ADMIN
See User types and roles for more details about the user types.
${token}
When you export a workspace as described in this procedure, the downloaded .zip file will not contain any sensitive information like database connection objects.
However, there can be a situation where you need to copy another user's workspace with all of its contents (including all the attached files and database connections). For example, that user left the company, and you can no longer administer their workspaces.
Execute the following HTTP request by providing your own values as per the table below:
$curl --request POST \ --url 'https://${host}/api/admin/vfs/clone_workspace/${ownerId}/${workspaceId}?destinationUserId=${destinationUserId} \ --header 'Authorization: ${token}'
${host}
Your instance FQDN
${ownerId}
The workspace owner user ID>
${workspaceId}
Workspace ID
${destinationUserId}
User ID, who this workspace should be cloned to.
${token}
note
This does not transfer the workspace, but creates its full clone: the original workspace will remain intact.
To free up the workspace's resources (like storage space), consider deleting the original owner user from Datalore. Make sure to save all associated data first.
There might be a situation where a full system recovery is necessary, for example, if Datalore's database or internal storage were corrupted.
In this case, we advise that you restore Datalore from backup, provided that it was configured previously. If that is not possible, please, contact our support team for further guidance.
warning
Do not try performing potentially destructive actions on the failed component (database or storage) without backing it up first in whatever state it is. This may aggravate the situation and make recovery impossible.
Thanks for your feedback!