Visualize your permissions!

Assume you have set up your permission structure like this:

(:User)-[:MEMBERSHIP {level:owner|member}]->(:Team)-[:permission {level:1|2|3}]->(n)<-[*]-(:Project)

Which basically means:

  • Users are a members of Teams
  • Teams have permissions of a certain level to nodes n that are linked to Projects. The nodes n can be linked directly or indirectly to Projects.

In our case we decided that the permission that a User has on a particluar Project is equal to the highest permission to any node n that is linked to the project. Since we have a lot of hiearchical structures, we can now for instance set permissions to all Projects that are somewhere in a specific country of region, just by setting team permissions to the relevant geographical branch.

The picture above gives an example:

  • User1 is a member of Team A and Team B
  • Team A has a level 2 permission to Gitega  (a geographic location), Team B has a level 1 permission to Burundi (also a geographic location) and level 3 permission on Equity Bank Foundation, a particular funding agency.

So, User 1 has a level 1 permission to all projects in Burundi, and a level 2 to projects in the Gitega Province. when the project in funded by the Equity Bank Foundation, , User has even a level 3 permission.

Calculating the highest permission of for a given combination of User and Project is easy:

MATCH (u:User),(p:Project) 
WHERE id(u)={userId} and id(p)={projectId}
WITH u,p
MATCH (u)-[:MEMBERSHIP]->(t)-[perm:PERMISSION]->(n)<-[*]-(p)
RETURN,MAX(perm.level) as permissionLevel

The list of all projects and permissions that a User has access to isn’t a problem either:

MATCH (u:User)-[:MEMBERSHIP]->(t)-[perm:PERMISSION]->(n)<-[*]-(p:Project)
WHERE id(u)={userId}
RETURN id(u), id(p),,MAX(perm.level) as PermissionLevel 

But these queries only give you the end result. If you really want to understand the results of your permission settings, nothing beats a visualization like in the image above, which is produced with this Cypher:

MATCH path=(u)-[:MEMBERSHIP]->(t)-[perm:PERMISSION]->(n)<-[*]-(p)
WHERE id(u)={userId} AND id(p)={projectId}

Yes .. as simple as that.

By the way, the image above is a screenshot of a NetworkView that is part of our InterActor product. You can create dashboards like the one below in under an hour. InterActor helps you to unleash the power of Cypher to your Neo4j graph store and build applications. And you don’t even need to be a developer!

Card image cap
Graphileon to Support DataStax Enterprise Graph

DataStax, the company behind the leading database built on Apache Cassandra™, today announced a technology partnership with Graphileon to include support for DataStax Enterprise Graph (DSE Graph) on Graphileon’s application development platform. Developers using DSE Graph will now be able to leverage Graphileon’s platform for simpler coding and easier visualization of graph data. DSE Graph enables enterprises to extract … Continued

Card image cap
Cambridge Semantics Adds Graphileon to AnzoGraph®

Cambridge Semantics, the leading provider of modern data discovery and integration software for enterprise data fabrics, today announced the integration of Graphileon framework with its stand-alone version of AnzoGraph, a leading graph analytics database. With this integration, AnzoGraph developers and customers benefit from Graphileon’s market-leading ability to navigate, manage and visualize the content of multiple … Continued

Card image cap
Analysis of scenarios demo, installation script and explanation

A while ago, Tom posted a video called Analysis of scenarios in Graphileon. In this video he demonstrates a Graphileon application that takes a network and uses a graph algorithm to find a shortest path between two nodes. While this in itself is not very spectacular -it’s one of the reasons graph databases are used in … Continued

Get started with the Personal Edition

The easiest way to get to know Graphileon is by using the Personal Edition. Build graphy applications and browse your graph stores in a way you never did before.