本节为您介绍如何使用Connection对象的方法管理对实例和其中图集的访问,包括权限、策略和用户。
每个示例主要展示如何使用所列方法。点击完整示例查看完整代码示例。
Privilege
ShowPrivilege()
获取全部系统权限和图权限,也就是基于操作范围分类的UQL命令名称。
参数:
RequestConfig(可选):配置请求。
返回值:
List<Privilege>:全部系统权限和图权限。
// 获取全部系统权限和图权限
var res = await ultipa.ShowPrivilege();
var graphL = new List<string>();
var systemL = new List<string>();
foreach (var item in res)
{
if (item.Level == 0)
{
graphL.Add(item.Name);
}
else
{
systemL.Add(item.Name);
}
}
Console.WriteLine("Graph privileges: ");
Console.WriteLine(JsonConvert.SerializeObject(graphL));
Console.WriteLine("System privileges: ");
Console.WriteLine(JsonConvert.SerializeObject(systemL));
Graph privileges:
["TEMPLATE","KHOP","AB","SPREAD","AUTONET","FIND","FIND_NODE","FIND_EDGE","INSERT","EXPORT","UPSERT","UPDATE","DELETE","DELETE_NODE","DELETE_EDGE","CREATE_SCHEMA","DROP_SCHEMA","ALTER_SCHEMA","SHOW_SCHEMA","CREATE_TRIGGER","DROP_TRIGGER","SHOW_TRIGGER","CREATE_BACKUP","RESTORE_BACKUP","SHOW_BACKUP","CREATE_PROPERTY","DROP_PROPERTY","ALTER_PROPERTY","SHOW_PROPERTY","CREATE_FULLTEXT","DROP_FULLTEXT","SHOW_FULLTEXT","CREATE_INDEX","DROP_INDEX","SHOW_INDEX","LTE","UFE","CLEAR_TASK","STOP_TASK","PAUSE_TASK","RESUME_TASK","SHOW_TASK","ALGO","SHOW_ALGO"]
System privileges:
["TRUNCATE","COMPACT","CREATE_GRAPH","SHOW_GRAPH","DROP_GRAPH","ALTER_GRAPH","MOUNT_GRAPH","UNMOUNT_GRAPH","TOP","KILL","STAT","SHOW_POLICY","CREATE_POLICY","DROP_POLICY","ALTER_POLICY","SHOW_USER","CREATE_USER","DROP_USER","ALTER_USER","GRANT","REVOKE","SHOW_PRIVILEGE"]
Policy
ShowPolicy()
获取实例上的全部策略。策略包括系统权限、图权限、属性权限和其他策略。
参数:
RequestConfig(可选):配置请求。
返回值:
List<Policy>:实例上的全部策略列表。
// 获取全部策略并打印其信息
var res = await ultipa.ShowPolicy();
foreach (var item in res)
{
Console.WriteLine($"Policy '{item.Name}' include:");
Console.WriteLine(
"- System privileges: " + JsonConvert.SerializeObject(item.SystemPrivileges)
);
Console.WriteLine(
"- Graph privileges: " + JsonConvert.SerializeObject(item.GraphPrivileges)
);
Console.WriteLine(
"- Property privileges:" + JsonConvert.SerializeObject(item.PropertyPrivileges)
);
Console.WriteLine("- Policies:" + JsonConvert.SerializeObject(item.SubPolicies));
}
Policy 'operator' include:
- System privileges: ["MOUNT_GRAPH","TRUNCATE","SHOW_GRAPH"]
- Graph privileges: {"miniCircle":["UPDATE","INSERT","TEMPLATE","UPSERT","AUTONET"]}
- Property privileges:{"node":{"read":[["*","*","*"]],"write":[["*","*","*"],["miniCircle","account","*"]],"deny":[]},"edge":{"read":[["*","*","*"]],"write":[["*","*","*"]],"deny":[]}}
- Policies:[]
Policy 'manager' include:
- System privileges: ["DROP_POLICY","COMPACT"]
- Graph privileges: {"*":["CREATE_INDEX","DROP_TRIGGER","CREATE_FULLTEXT"]}
- Property privileges:{"node":{"read":[["*","*","*"]],"write":[["*","*","*"]],"deny":[]},"edge":{"read":[["*","*","*"]],"write":[["*","*","*"]],"deny":[]}}
- Policies:["operator"]
GetPolicy()
根据名称获取实例上的策略。
参数:
string:策略名称。RequestConfig(可选):配置请求。
返回值:
Policy:获取到的策略。
// 获取策略operator并打印其信息
var res = await ultipa.GetPolicy("operator");
Console.WriteLine("Policy 'operator' includes:");
Console.WriteLine(
"- System privileges: " + JsonConvert.SerializeObject(res.SystemPrivileges)
);
Console.WriteLine(
"- Graph privileges: " + JsonConvert.SerializeObject(res.GraphPrivileges)
);
Console.WriteLine(
"- Property privileges: " + JsonConvert.SerializeObject(res.PropertyPrivileges)
);
Console.WriteLine("- Policies: " + JsonConvert.SerializeObject(res.SubPolicies));
Policy 'operator' includes:
- System privileges: ["MOUNT_GRAPH","TRUNCATE","SHOW_GRAPH"]
- Graph privileges: {"miniCircle":["UPDATE","INSERT","TEMPLATE","UPSERT","AUTONET"]}
- Property privileges: {"node":{"read":[["*","*","*"]],"write":[["*","*","*"],["miniCircle","account","*"]],"deny":[]},"edge":{"read":[["*","*","*"]],"write":[["*","*","*"]],"deny":[]}}
- Policies: []
CreatePolicy()
在实例中创建一个策略。
参数:
Policy:待创建的策略;必须设置Name字段,SystemPrivileges字段、GraphPrivileges字段、PropertyPrivileges字段和Policies字段可选。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 新建策略sales并获取该策略
Policy policy = new Policy()
{
Name = "sales",
// 系统权限
SystemPrivileges = new List<string> { "SHOW_GRAPH", "TRUNCATE" },
// 图权限
GraphPrivileges = new()
{
{
"miniCircle",
new List<string>
{
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
}
},
{
"lcc",
new List<string> { "UPDATE", "INSERT", "DELETE", "UPSERT" }
},
},
// 属性权限
PropertyPrivileges = new PropertyPrivilegeMap()
{
NodePrivileges = new PropertyPrivilegeMapItem()
{
Read = new List<List<string>>()
{
new() { "miniCircle", "account", "*" },
new() { "miniCircle", "movie", "name" },
},
Write = new List<List<string>>()
{
new() { "lcc", "*", "*" },
},
Deny = new List<List<string>>(),
},
},
// 策略
SubPolicies = new List<string> { "manager", "operator" },
};
var newPol = await ultipa.CreatePolicy(policy);
// 打印新创建的策略'sales'
var res = await ultipa.GetPolicy("sales");
Console.WriteLine($"Policy '{res.Name}' includes:");
Console.WriteLine(
"- System privileges: " + JsonConvert.SerializeObject(res.SystemPrivileges)
);
Console.WriteLine(
"- Graph privileges: " + JsonConvert.SerializeObject(res.GraphPrivileges)
);
Console.WriteLine(
"- Property privileges: " + JsonConvert.SerializeObject(res.PropertyPrivileges)
);
Console.WriteLine("- Policies: " + JsonConvert.SerializeObject(res.SubPolicies));
Policy 'sales' includes:
- System privileges: ["SHOW_GRAPH","TRUNCATE"]
- Graph privileges: {"miniCircle":["SHOW_ALGO","ALGO","RESUME_TASK","CREATE_PROPERTY","UFE"],"lcc":["UPDATE","INSERT","DELETE","UPSERT"]}
- Property privileges: {"node":{"read":[["*","*","*"],["miniCircle","account","*"],["miniCircle","movie","name"]],"write":[["*","*","*"],["lcc","*","*"]],"deny":[]},"edge":{"read":[["*","*","*"],["*","*","*"]],"write":[["*","*","*"],["*","*","*"]],"deny":[]}}
- Policies: ["manager","operator"]
AlterPolicy()
根据名称,修改实例中已有策略的系统权限、图权限、属性权限和其他策略。
参数:
Policy:待修改的策略; 必须设置Name字段,SystemPrivileges字段、GraphPrivileges字段、PropertyPrivileges字段和Policies字段可选。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 修改策略sales并获取该策略
Policy policy = new Policy()
{
Name = "sales",
SystemPrivileges = new List<string> { "SHOW_GRAPH" },
GraphPrivileges = new()
{
{
"miniCircle",
new List<string> { "FIND" }
},
{
"lcc",
new List<string> { "UPDATE" }
},
},
SubPolicies = new List<string> { "operator" },
}
var alterPol = await ultipa.AlterPolicy(policy);
Console.WriteLine(alterPol.Status.ErrorCode);
var res = await ultipa.GetPolicy("sales");
Console.WriteLine($"Policy '{res.Name}' includes:");
Console.WriteLine(
"- System privileges: " + JsonConvert.SerializeObject(res.SystemPrivileges)
);
Console.WriteLine(
"- Graph privileges: " + JsonConvert.SerializeObject(res.GraphPrivileges)
);
Console.WriteLine(
"- Property privileges: " + JsonConvert.SerializeObject(res.PropertyPrivileges)
);
Console.WriteLine("- Policies: " + JsonConvert.SerializeObject(res.SubPolicies));
Success
Policy 'sales' includes:
- System privileges: ["SHOW_GRAPH"]
- Graph privileges: {"miniCircle":["FIND"],"lcc":["UPDATE"]}
- Property privileges: {"node":{"read":[["*","*","*"],["*","*","*"]],"write":[["*","*","*"],["*","*","*"]],"deny":[]},"edge":{"read":[["*","*","*"],["*","*","*"]],"write":[["*","*","*"],["*","*","*"]],"deny":[]}}
- Policies: ["operator"]
DropPolicy()
根据名称删除实例中的一个策略。
参数:
string:策略名称。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 删除策略sales并打印错误代码
var res = await ultipa.DropPolicy("sales");
Console.WriteLine(res.Status.ErrorCode);
Success
User
ShowUser()
获取实例上的全部数据库用户。
参数:
RequestConfig(可选):配置请求。
返回值:
List<User>:实例上的全部用户列表。
// 获取全部用户并打印第一个返回的用户信息
var res = await ultipa.ShowUser();
Console.WriteLine("Username: " + res[0].Username);
Console.WriteLine("Created on: " + res[0].CreatedTime);
Console.WriteLine(
"System privileges: " + JsonConvert.SerializeObject(res[0].SystemPrivileges)
);
Console.WriteLine(
"Graph privileges: " + JsonConvert.SerializeObject(res[0].GraphPrivileges)
);
Console.WriteLine(
"Property privileges: " + JsonConvert.SerializeObject(res[0].GraphPrivileges)
);
Console.WriteLine("Policies: " + JsonConvert.SerializeObject(res[0].Policies));
Username: test006
Created on: 9/1/2023 6:37:56 AM
System privileges: ["SHOW_PRIVILEGE","ALTER_USER","DROP_USER","CREATE_USER","SHOW_GRAPH","ALTER_GRAPH","DROP_GRAPH","COMPACT","MOUNT_GRAPH","TOP","CREATE_GRAPH","STAT","UNMOUNT_GRAPH","SHOW_POLICY","TRUNCATE","KILL","ALTER_POLICY","CREATE_POLICY","DROP_POLICY","SHOW_USER"]
Graph privileges: {}
Property privileges: {}
Policies: ["operator"]
GetUser()
根据用户名获取实例上的数据库用户。
参数:
string:用户名。RequestConfig(可选):配置请求。
返回值:
User:获取到的用户。
// 获取用户test005并打印其访问信息
var res = await ultipa.GetUser("test005");
Console.WriteLine("Username: " + res.Username);
Console.WriteLine("Created on: " + res.CreatedTime);
Console.WriteLine(
"System privileges: " + JsonConvert.SerializeObject(res.SystemPrivileges)
);
Console.WriteLine("Graph privileges: " + JsonConvert.SerializeObject(res.GraphPrivileges));
Console.WriteLine(
"Property privileges: " + JsonConvert.SerializeObject(res.GraphPrivileges)
);
Console.WriteLine("Policies: " + JsonConvert.SerializeObject(res.Policies));
Username: test005
Created on: 8/31/2023 9:15:59 AM
System privileges: ["SHOW_PRIVILEGE","ALTER_USER","DROP_USER","CREATE_USER","SHOW_GRAPH","ALTER_GRAPH","DROP_GRAPH","COMPACT","MOUNT_GRAPH","TOP","CREATE_GRAPH","STAT","UNMOUNT_GRAPH","SHOW_POLICY","TRUNCATE","KILL","ALTER_POLICY","CREATE_POLICY","DROP_POLICY","SHOW_USER"]
Graph privileges: {}
Property privileges: {}
Policies: ["operator"]
CreateUser()
在实例上创建一个数据库用户。
参数:
User:待创建的用户;必须设定Username字段和Password字段,SystemPrivilegess字段、GraphPrivileges字段、PropertyPrivileges字段和Policies字段可选。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 创建用户CSharpUser并打印错误代码
User newUser = new User()
{
Username = "CSharpUser",
Password = "Password",
Privileges = new Policy()
{
GraphPrivileges = new()
{
{
"miniCircle",
new List<string>
{
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
}
},
},
SystemPrivileges = new() { "SHOW_GRAPH", "TRUNCATE" },
PropertyPrivileges = new PropertyPrivilegeMap()
{
NodePrivileges = new PropertyPrivilegeMapItem()
{
Read = new List<List<string>>()
{
new() { "miniCircle", "account", "*" },
new() { "miniCircle", "movie", "name" },
},
Write = new List<List<string>>()
{
new() { "lcc", "*", "*" },
},
Deny = new List<List<string>>(),
},
},
SubPolicies = new() { "manager", "operator" },
},
};
Success
AlterUser()
根据用户名,修改实例中已有数据库用户的密码、系统权限、图权限、属性权限和策略。
参数:
User:待修改的用户;必须设定Username字段和Password字段,SystemPrivilegess字段、GraphPrivileges字段、PropertyPrivileges字段和Policies字段可选。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 修改用户CSharpUser并打印错误代码
User newUser = new User()
{
Username = "CSharpUser",
Password = "Password123",
Privileges = new Policy()
{
GraphPrivileges = new()
{
{
"miniCircle",
new() { "FIND" }
},
{
"lcc",
new() { "UPDATE" }
},
},
SystemPrivileges = new() { "SHOW_GRAPH" },
SubPolicies = new() { "operator" },
},
};
var res = await ultipa.AlterUser(newUser);
Console.WriteLine(res.Status.ErrorCode);
Success
DropUser()
根据用户名从实例中删除数据库用户。
参数:
string:用户名。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 删除用户CSharpUser并打印错误代码
var res = await ultipa.DropUser("CSharpUser");
Console.WriteLine(res.Status.ErrorCode);
Success
GrantPolicy()
为实例中的数据库用户授予策略。
参数:
string:用户名。List<string>:待授予的策略;RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
// 授予用户 'johndoe' 'operator' 和 'manager' 策略,并打印错误代码
var res = await ultipa.GrantPolicy("johndoe", policies: new() { "operator", "manager" });
Console.WriteLine(res.Status.ErrorCode);
Success
RevokePolicy()
撤销实例中的数据库用户的策略。
参数:
string:用户名。List<string>:待撤销的策略。RequestConfig(可选):配置请求。
返回值:
UqlResponse:请求的结果。
var res = await ultipa.RevokePolicy("johndoe", policies: new() { "operator", "manager" });
Console.WriteLine(res.Status.ErrorCode);
Success
完整示例
using System.Data;
using System.Security.Cryptography.X509Certificates;
using System.Xml.Linq;
using Google.Protobuf.WellKnownTypes;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using UltipaService;
using UltipaSharp;
using UltipaSharp.api;
using UltipaSharp.configuration;
using UltipaSharp.connection;
using UltipaSharp.exceptions;
using UltipaSharp.structs;
using UltipaSharp.utils;
using Logger = UltipaSharp.utils.Logger;
using Property = UltipaSharp.structs.Property;
using Schema = UltipaSharp.structs.Schema;
class Program
{
static async Task Main(string[] args)
{
// 设置连接
//URI 示例: Hosts=new[]{"mqj4zouys.us-east-1.cloud.ultipa.com:60010"}
var myconfig = new UltipaConfig()
{
Hosts = new[] { "192.168.1.85:60061", "192.168.1.86:60061", "192.168.1.87:60061" },
Username = "***",
Password = "***",
};
// 建立与数据库的连接
var ultipa = new Ultipa(myconfig);
var isSuccess = ultipa.Test();
Console.WriteLine(isSuccess);
// 配置请求
RequestConfig requestConfig = new RequestConfig()
{
UseMaster = true,
Graph = "miniCircle",
};
// 获取全部策略并打印其信息
var res = await ultipa.ShowPolicy();
foreach (var item in res)
{
Console.WriteLine($"Policy '{item.Name}' include:");
Console.WriteLine(
"- System privileges: " + JsonConvert.SerializeObject(item.SystemPrivileges)
);
Console.WriteLine(
"- Graph privileges: " + JsonConvert.SerializeObject(item.GraphPrivileges)
);
Console.WriteLine(
"- Property privileges:" + JsonConvert.SerializeObject(item.PropertyPrivileges)
);
Console.WriteLine("- Policies:" + JsonConvert.SerializeObject(item.SubPolicies));
}
}
}