A user is a combination of multiple privileges and policies that has similar organization structure with a policy. User supports convenient operations of granting and revoking privileges which a policy does not support.
Naming Conventions
Username cannot be shared between users in an Ultipa instance.
- 2 ~ 64 characters
- Must start with letters
- Allow to use letters, underscore and numbers ( _ , A-Z, a-z, 0-9)
- Length of password is 6~64 and no constraint on characters used
Show User
Returned table name: _user
Returned table header: username
| create
| lastLogin
| graphPrivileges
| systemPrivileges
| policies
(username, creation time, last login time, graph privileges, system privileges, sub policies)
Syntax:
// To show all users in the current Ultipa instance
show().user()
// To show a certain user in the current Ultipa instance
show().user("<name>")
// To show the current logged-on user
show().self()
Create User
Syntax:
// To create a user in the current Ultipa instance
create().user("<username>", "<password>", <{}graph_privileges?>, <[]system_privileges?>, <[]policies?>)
where the format of <{}graph_privileges>
is:
{
"<graphSet1>":["<graph_privilege>", "<graph_privilege>", ...],
"<graphSet2>":["<graph_privilege>", "<graph_privilege>", ...],
...
}
Note: When using asterisk *
to replace the GraphSet name <graphSet>
, it represents all GraphSets in the current Ultipa instance. When graph privilege or system privilege are not declared in parameter user()
but the items after it are to be declared, use empty braces to represent the omitted item.
Example: Create user "Ultipa" with password "ultipaABC123", grant graph privileges UPDATE, ALGO, LTE and UFE for all GraphSets, system privileges STAT, TOP and KILL, and policy "sales"
create().user(
"Ultipa",
"ultipaABC123",
{"*": ["UPDATE","ALGO","LTE","UFE"]},
["STAT","TOP","KILL"],
["sales"]
)
Alter User
Syntax:
// To modify the a certain user in the current Ultipa instance
alter().user("<username>")
.set({password:"<new?>", graph_privileges:<{}new?>, system_privileges:<[]new?>, policies:<[]new?>})
Example:Modify user Ultipa's password to "ultipaFast"
alter().user("Ultipa")
.set({password: "ultipaFast"})
Example:Modify user Ultipa's privilege and policy, make it only has graph privilege UPDATE against GraphSet "default"
alter().user("Ultipa")
.set({graph_privileges: {"default": ["UPDATE"]}})
Grant Privileges/Polices
Syntax:
// To grant privileges and policies from a certain user in the current Ultipa instance
grant().user("<username>")
.params({graph_privileges:<{}new?>, system_privileges:<[]new?>, policies:<[]new?>})
Example: Grant privilege UPDATE against all GraphSets for user "Ultipa", as well as system privileges TOP and KILL
grant().user("Ultipa")
.params({graph_privileges: {"*": ["UPDATE"]}, system_privileges: ["TOP", "KILL"]})
Revoke Privileges/Polices
Syntax:
// To revoke privileges and policies from a certain user in the current Ultipa instance
revoke().user("<username>")
.params({graph_privileges:<{}old?>, system_privileges:<[]old?>, policies:<[]old?>})
Example: Remove privilege DELETE against GraphSet "default" from user "Ultipa"
revoke().user("Ultipa")
.params({graph_privileges: {"default": ["DELETE"]}})
Drop User
Syntax:
// To delete a certain user from the current Ultipa instance
drop().user("<name>")
Reset Admin User
Resetting admin user needs to be done on Ultipa Server with ultipa-reset-user
tool, which is not in the scope of UQL operation.