基于角色的访问控制

AuraDB Business CriticalAuraDB Virtual Dedicated Cloud企业版

命令

GRANT ... ON ... TO ...

语法

描述

命令

DENY ... ON ... TO ...

语法

描述

命令

REVOKE GRANT ... ON ... FROM ...

语法

描述

命令

REVOKE DENY ... ON ... FROM ...

语法

描述

命令

REVOKE ... ON ... FROM ...

语法

描述

从一个或多个角色中撤销已授予或拒绝的权限。

"write"（写入）

NULL

"graph"（图）

NULL

"允许整个图上的所有 WRITE 操作"

"user management"（用户管理）

NULL

"dbms"

NULL

"使指定的角色能够创建、删除、修改和列出用户"

"traverse"（遍历）

NULL

"graph"（图）

["elements", "nodes", "pattern", "relationships"]

"使指定的实体能够被找到"

"transaction management"（事务管理）

"username"

"database"

NULL

"允许在指定数据库上为指定用户列出和结束事务及查询"

"terminate transactions"（终止事务）

"username"

"database"

NULL

"允许在指定数据库上为指定用户结束事务和查询"

"stop"（停止）

NULL

"database"

NULL

"允许停止指定的数据库"

"start"（启动）

NULL

"database"

NULL

"允许启动指定的数据库"

"show user"（显示用户）

NULL

"dbms"

NULL

"使指定的角色能够列出用户"

"show transactions"（显示事务）

"username"

"database"

NULL

"允许在指定数据库上为指定用户列出事务和查询"

"show settings"（显示设置）

"setting"

"dbms"

NULL

"使指定的角色能够查询给定的配置设置"

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"FUNCTION(*)"

"PUBLIC"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"PROCEDURE(*)"

"PUBLIC"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"DEFAULT"

"database"

"PUBLIC"

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"NODE(*)"

"admin"（管理员）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"NODE(*)"

"admin"（管理员）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"RELATIONSHIP(*)"

"admin"（管理员）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"RELATIONSHIP(*)"

"admin"（管理员）

false

"GRANTED"（已授予）

"transaction_management"（事务管理）

"database"

"*"

"USER(*)"

"admin"（管理员）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"constraint"（约束）

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"dbms_actions"

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"index"（索引）

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"start_database"

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"stop_database"

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"token"

"database"

"*"

"database"

"admin"（管理员）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"NODE(*)"

"architect"（架构师）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"NODE(*)"

"architect"（架构师）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"RELATIONSHIP(*)"

"architect"（架构师）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"RELATIONSHIP(*)"

"architect"（架构师）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"*"

"database"

"architect"（架构师）

false

"GRANTED"（已授予）

"constraint"（约束）

"database"

"*"

"database"

"architect"（架构师）

false

"GRANTED"（已授予）

"index"（索引）

"database"

"*"

"database"

"architect"（架构师）

false

"GRANTED"（已授予）

"token"

"database"

"*"

"database"

"architect"（架构师）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"NODE(*)"

"editor"（编辑）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"NODE(*)"

"editor"（编辑）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"RELATIONSHIP(*)"

"editor"（编辑）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"RELATIONSHIP(*)"

"editor"（编辑）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"*"

"database"

"editor"（编辑）

false

"DENIED"（已拒绝）

"access"（访问）

"database"

"neo4j"

"database"

"noAccessUsers"

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"NODE(*)"

"publisher"（发布者）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"NODE(*)"

"publisher"（发布者）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"RELATIONSHIP(*)"

"publisher"（发布者）

false

"GRANTED"（已授予）

"write"（写入）

"graph"（图）

"*"

"RELATIONSHIP(*)"

"publisher"（发布者）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"*"

"database"

"publisher"（发布者）

false

"GRANTED"（已授予）

"token"

"database"

"*"

"database"

"publisher"（发布者）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"NODE(*)"

"reader"（读者）

false

"GRANTED"（已授予）

"match"（匹配）

"all_properties"

"*"

"RELATIONSHIP(*)"

"reader"（读者）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"*"

"database"

"reader"（读者）

false

"GRANTED"（已授予）

"access"（访问）

"database"

"neo4j"

"database"

"regularUsers"

false

"admin"（管理员）

"GRANTED"（已授予）

"access"（访问）

"database"

"admin"（管理员）

"GRANTED"（已授予）

"constraint"（约束）

"database"

"admin"（管理员）

"GRANTED"（已授予）

"dbms_actions"

"database"

"admin"（管理员）

"GRANTED"（已授予）

"index"（索引）

"database"

"admin"（管理员）

"GRANTED"（已授予）

"match"（匹配）

"NODE(*)"

"admin"（管理员）

"GRANTED"（已授予）

"match"（匹配）

"RELATIONSHIP(*)"

"admin"（管理员）

"GRANTED"（已授予）

"start_database"

"database"

"admin"（管理员）

"GRANTED"（已授予）

"stop_database"

"database"

"admin"（管理员）

"GRANTED"（已授予）

"token"

"database"

"admin"（管理员）

"GRANTED"（已授予）

"transaction_management"（事务管理）

"USER(*)"

"admin"（管理员）

"GRANTED"（已授予）

"write"（写入）

"NODE(*)"

"admin"（管理员）

"GRANTED"（已授予）

"write"（写入）

"RELATIONSHIP(*)"

"GRANTED"（已授予）

"access"（访问）

"DEFAULT"

"database"

"PUBLIC"

"database"

"DENIED"（已拒绝）

"access"（访问）

"neo4j"

"database"

"noAccessUsers"

"database"

"GRANTED"（已授予）

"access"（访问）

"neo4j"

"database"

"regularUsers"

"database"

"PUBLIC"

"GRANTED"（已授予）

[["*","database","FUNCTION(*)","execute"],["*","database","PROCEDURE(*)","execute"],["DEFAULT","database","database","access"]]

"admin"（管理员）

"GRANTED"（已授予）

[["*","all_properties","NODE(*)","match"],["*","graph","NODE(*)","write"],["*","all_properties","RELATIONSHIP(*)","match"],["*","graph","RELATIONSHIP(*)","write"],["*","database","USER(*)","transaction_management"],["*","database","database","access"],["*","database","database","constraint"],["*","database","database","dbms_actions"],["*","database","database","index"],["*","database","database","start_database"],["*","database","database","stop_database"],["*","database","database","token"]]

"architect"（架构师）

"GRANTED"（已授予）

[["*","all_properties","NODE(*)","match"],["*","graph","NODE(*)","write"],["*","all_properties","RELATIONSHIP(*)","match"],["*","graph","RELATIONSHIP(*)","write"],["*","database","database","access"],["*","database","database","constraint"],["*","database","database","index"],["*","database","database","token"]]

"editor"（编辑）

"GRANTED"（已授予）

[["*","all_properties","NODE(*)","match"],["*","graph","NODE(*)","write"],["*","all_properties","RELATIONSHIP(*)","match"],["*","graph","RELATIONSHIP(*)","write"],["*","database","database","access"]]

"noAccessUsers"

"DENIED"（已拒绝）

[["neo4j","database","database","access"]]

"publisher"（发布者）

"GRANTED"（已授予）

[["*","all_properties","NODE(*)","match"],["*","graph","NODE(*)","write"],["*","all_properties","RELATIONSHIP(*)","match"],["*","graph","RELATIONSHIP(*)","write"],["*","database","database","access"],["*","database","database","token"]]

"reader"（读者）

"GRANTED"（已授予）

[["*","all_properties","NODE(*)","match"],["*","all_properties","RELATIONSHIP(*)","match"],["*","database","database","access"]]

"regularUsers"

"GRANTED"（已授予）

[["neo4j","database","database","access"]]

"GRANTED"（已授予）

"match"（匹配）

"*"

"all_properties"

"admin"（管理员）

"RELATIONSHIP(*)"

false

"GRANTED"（已授予）

"write"（写入）

"*"

"graph"（图）

"admin"（管理员）

"RELATIONSHIP(*)"

false

"GRANTED"（已授予）

"transaction_management"（事务管理）

"*"

"database"

"admin"（管理员）

"USER(*)"

false

"GRANTED"（已授予）

"access"（访问）

"*"

"database"

"admin"（管理员）

"database"

false

"GRANTED"（已授予）

"constraint"（约束）

"*"

"database"

"admin"（管理员）

"database"

false

"DENY ACCESS ON DATABASE neo4j TO `noAccessUsers`"

"GRANT ACCESS ON DATABASE * TO `admin`"

"GRANT ACCESS ON DATABASE * TO `architect`"

"GRANT ACCESS ON DATABASE * TO `editor`"

"GRANT ACCESS ON DATABASE * TO `publisher`"

"GRANT ACCESS ON DATABASE * TO `reader`"

"GRANT ACCESS ON DATABASE neo4j TO `regularUsers`"

"GRANT ACCESS ON HOME DATABASE TO `PUBLIC`"

"GRANT ALL DBMS PRIVILEGES ON DBMS TO `admin`"

"GRANT CONSTRAINT MANAGEMENT ON DATABASE * TO `admin`"

"GRANT CONSTRAINT MANAGEMENT ON DATABASE * TO `architect`"

"GRANT EXECUTE FUNCTION * ON DBMS TO `PUBLIC`"

"GRANT EXECUTE PROCEDURE * ON DBMS TO `PUBLIC`"

"GRANT INDEX MANAGEMENT ON DATABASE * TO `admin`"

"GRANT INDEX MANAGEMENT ON DATABASE * TO `architect`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `admin`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `architect`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `editor`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `publisher`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `reader`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `admin`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `architect`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `editor`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `publisher`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `reader`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `admin`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `architect`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `publisher`"

"GRANT START ON DATABASE * TO `admin`"

"GRANT STOP ON DATABASE * TO `admin`"

"GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * TO `admin`"

"GRANT WRITE ON GRAPH * TO `admin`"

"GRANT WRITE ON GRAPH * TO `architect`"

"GRANT WRITE ON GRAPH * TO `editor`"

"GRANT WRITE ON GRAPH * TO `publisher`"

"GRANT CONSTRAINT MANAGEMENT ON DATABASE * TO `admin`"

"GRANT CONSTRAINT MANAGEMENT ON DATABASE * TO `architect`"

"GRANT INDEX MANAGEMENT ON DATABASE * TO `admin`"

"GRANT INDEX MANAGEMENT ON DATABASE * TO `architect`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `admin`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `architect`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `publisher`"

"GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * TO `admin`"

"REVOKE DENY ACCESS ON DATABASE neo4j FROM `noAccessUsers`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `admin`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `architect`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `editor`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `publisher`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `reader`"

"REVOKE GRANT ACCESS ON DATABASE neo4j FROM `regularUsers`"

"REVOKE GRANT ACCESS ON HOME DATABASE FROM `PUBLIC`"

"REVOKE GRANT ALL DBMS PRIVILEGES ON DBMS FROM `admin`"

"REVOKE GRANT CONSTRAINT MANAGEMENT ON DATABASE * FROM `admin`"

"REVOKE GRANT CONSTRAINT MANAGEMENT ON DATABASE * FROM `architect`"

"REVOKE GRANT EXECUTE FUNCTION * ON DBMS FROM `PUBLIC`"

"REVOKE GRANT EXECUTE PROCEDURE * ON DBMS FROM `PUBLIC`"

"REVOKE GRANT INDEX MANAGEMENT ON DATABASE * FROM `admin`"

"REVOKE GRANT INDEX MANAGEMENT ON DATABASE * FROM `architect`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `admin`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `architect`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `editor`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `publisher`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `reader`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `admin`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `architect`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `editor`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `publisher`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `reader`"

"REVOKE GRANT NAME MANAGEMENT ON DATABASE * FROM `admin`"

"REVOKE GRANT NAME MANAGEMENT ON DATABASE * FROM `architect`"

"REVOKE GRANT NAME MANAGEMENT ON DATABASE * FROM `publisher`"

"REVOKE GRANT START ON DATABASE * FROM `admin`"

"REVOKE GRANT STOP ON DATABASE * FROM `admin`"

"REVOKE GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * FROM `admin`"

"REVOKE GRANT WRITE ON GRAPH * FROM `admin`"

"REVOKE GRANT WRITE ON GRAPH * FROM `architect`"

"REVOKE GRANT WRITE ON GRAPH * FROM `editor`"

"REVOKE GRANT WRITE ON GRAPH * FROM `publisher`"

"GRANTED"（已授予）

"access"（访问）

"database"

"neo4j"

"database"

"regularUsers"

false

"DENIED"（已拒绝）

"access"（访问）

"database"

"neo4j"

"database"

"noAccessUsers"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"neo4j"

"database"

"regularUsers"

false

"GRANT ACCESS ON DATABASE * TO `admin`"

"GRANT ALL DBMS PRIVILEGES ON DBMS TO `admin`"

"GRANT CONSTRAINT MANAGEMENT ON DATABASE * TO `admin`"

"GRANT INDEX MANAGEMENT ON DATABASE * TO `admin`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `admin`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `admin`"

"GRANT NAME MANAGEMENT ON DATABASE * TO `admin`"

"GRANT START ON DATABASE * TO `admin`"

"GRANT STOP ON DATABASE * TO `admin`"

"GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * TO `admin`"

"GRANT WRITE ON GRAPH * TO `admin`"

"GRANT MATCH {*} ON GRAPH * NODE * TO `architect`"

"GRANT MATCH {*} ON GRAPH * RELATIONSHIP * TO `architect`"

"REVOKE GRANT ACCESS ON DATABASE * FROM `reader`"

"REVOKE GRANT MATCH {*} ON GRAPH * NODE * FROM `reader`"

"REVOKE GRANT MATCH {*} ON GRAPH * RELATIONSHIP * FROM `reader`"

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"FUNCTION(*)"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"PROCEDURE(*)"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"DEFAULT"

"database"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"neo4j"

"database"

"regularUsers"

"jake"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"FUNCTION(*)"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"PROCEDURE(*)"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"DEFAULT"

"database"

"PUBLIC"

"jake"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"neo4j"

"database"

"regularUsers"

"jake"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"FUNCTION(*)"

"PUBLIC"

"joe"

false

"GRANTED"（已授予）

"execute"（执行）

"database"

"*"

"PROCEDURE(*)"

"PUBLIC"

"joe"

false

"GRANTED"（已授予）

"access"（访问）

"database"

"DEFAULT"

"database"

"PUBLIC"

"joe"

false

"DENIED"（已拒绝）

"access"（访问）

"database"

"neo4j"

"database"

"noAccessUsers"

"joe"

false

"GRANT ACCESS ON DATABASE neo4j TO $role"

"GRANT ACCESS ON HOME DATABASE TO $role"

"GRANT EXECUTE FUNCTION * ON DBMS TO $role"

"GRANT EXECUTE PROCEDURE * ON DBMS TO $role"

"REVOKE GRANT EXECUTE FUNCTION * ON DBMS FROM $role"

"REVOKE GRANT EXECUTE PROCEDURE * ON DBMS FROM $role"