Privileges are the basic content of user permission management. Each privilege allows user to execute one or multiple corresponding UQL commands. With Ultipa graph system, privileges can be classified into 4 categories:
- User related privilege
- Graph model related privilege
- Graph data related privilege
- Advanced privilege
Or into 2 levels regarding the scope:
- Graph privilege. For a specific GraphSet:
- User may operate on its schema, property, index, metadata, path, algorithm and backend task
- GraphSet name should be appointed when granting graph privileges
- Commands of graph privilege can only be executed after switching to the target GraphSet
- System privilege. For an Ultipa Graph database:
- User is authorized to operate on its privilege, policy, user, GraphSet and UQL process
- No specific GraphSet has to be appointed when granting system privileges
Show Privilege
Returned table name: _privilege
Returned table header: graphPrivileges
| systemPrivileges
(graph privileges, system privileges)
Syntax:
// To list all privileges supported by Ultipa system
show().privilege()
Table of Privileges
User Related Privileges
Privilege | Level | Legal Command |
---|---|---|
SHOW_PRIVILEGE | system | show().privilege() |
SHOW_POLICY | system | show().policy() |
CREATE_POLICY | system | create().policy() |
ALTER_POLICY | system | alter().policy() |
DROP_POLICY | system | drop().policy() |
SHOW_USER | system | show().user() |
CREATE_USER | system | create().user() |
ALTER_USER | system | alter().user() |
GRANT_USER | system | grant().user() |
REVOKE_USER | system | revoke().user() |
DROP_USER | system | drop().user() |
Note: Command show().self()
can be legally used by any user without authorization.
Graph Model Related Privileges
Privilege | Level | Legal Command |
---|---|---|
STAT | system | stats() |
SHOW_GRAPH | system | show().graph() |
CREATE_GRAPH | system | create().graph() |
ALTER_GRAPH | system | alter().graph() |
DROP_GRAPH | system | drop().graph() |
MOUNT_GRAPH | system | mount.graph() |
UNMOUNT_GRAPH | system | unmount.graph() |
SHOW_SCHEMA | graph | show().schema() , show().node_schema() , show().edge_schema() |
CREATE_SCHEMA | graph | create().node_schema() , create().edge_schema() |
ALTER_SCHEMA | graph | alter().node_schema() , alter().edge_schema() |
DROP_SCHEMA | graph | drop().node_schema() , drop().edge_schema() |
SHOW_PROPERTY | graph | show().property() , show().node_property() , show().edge_property() |
CREATE_PROPERTY | graph | create().node_property() , create().edge_property() |
ALTER_PROPERTY | graph | alter().node_property() , alter().edge_property() |
DROP_PROPERTY | graph | drop().node_property() , drop().edge_property() |
SHOW_FULLTEXT | graph | show().fulltext() , show().node_fulltext() , show().edge_fulltext() |
CREATE_FULLTEXT | graph | create().node_fulltext() , create().edge_fulltext() |
DROP_FULLTEXT | graph | drop().node_fulltext() , drop().edge_fulltext() |
SHOW_INDEX | graph | show().index() , show().node_index() , show().edge_index() |
CREATE_INDEX | graph | create().node_index() , create().edge_index() |
DROP_INDEX | graph | drop().node_index() , drop().edge_index() |
LTE | graph | LTE().node_property() , LTE().edge_property() |
UFE | graph | UFE().node_property() , UFE().edge_property() |
TRUNCATE | system | truncate().graph() |
COMPACT | system | compact().graph() |
Graph Data Related Privileges
Privilege | Level | Legal Command |
---|---|---|
INSERT | graph | insert() , insert().overwrite() |
UPSERT | graph | upsert() |
UPDATE | graph | update() |
DELETE | graph | delete() |
TEMPLATE | graph | n() , e() , re() , le() , nf() , graph() |
KHOP | graph | khop() |
AB | graph | ab() |
SPREAD | graph | spread() |
AUTONET | graph | autonet() |
FIND | graph | find() |
Advanced Privileges
Privilege | Level | Legal Command |
---|---|---|
ALGO | graph | algo() |
ALGO_DV | graph | algo_dv() |
SHOW_ALGO | graph | show().algo() |
SHOW_TASK | graph | show().task() |
CLEAR_TASK | graph | clear() |
STOP_TASK | graph | stop() |
TOP | system | top() |
KILL | system | kill() |