I am stuck currently trying to figure out how to hook into Neo4j so that I can add an additional step before the query is executed against the database. I want to limit certain users from accessing or updating certain nodes (is this better done on the db framework, or perhaps our api talking to Neo4j through bolt?). I want to gain access to the lifecycle and potentially stop a query from happening or filter the results. What would be the best approach for this? Using graphaware (managed to use the BeforeCommit) or extending Neo4j by overriding one of the methods. If I take this approach of extending Neo4j directly how would I go about doing this with the whole config and packaging?
Asked
Active
Viewed 446 times
1 Answers
2
The Enterprise Edition of neo4j provides fine-grained access control mechanisms.
For instance, you can control access to subgraphs. Basically, you can assign a user to a custom role, and only allow that custom role to call specific procedures that you have written. Those procedures can enforce whatever data access policy that you want.
cybersam
- 63,203
- 6
- 53
- 76
-
If Enterprise is not an option? Is there not a way to extend Neo4j directly for this? – LL. Jun 29 '17 at 09:48