本节为您介绍如何使用Connection对象的方法管理对实例和其中图集的访问,包括权限、策略和用户。
每个示例主要展示如何使用所列方法。点击完整示例查看完整代码示例。
Privilege
showPrivilege()
获取全部系统权限和图权限,也就是基于操作范围分类的UQL命令名称。
参数:
RequestConfig(可选):配置请求。
返回值:
Privilege:全部系统权限和图权限。
// 获取全部系统权限和图权限
let resp = await conn.showPrivilege();
console.log(resp);
{
graph_privileges: [
'TEMPLATE', 'KHOP', 'AB',
'SPREAD', 'AUTONET', 'FIND',
'FIND_NODE', 'FIND_EDGE', 'INSERT',
'EXPORT', 'UPSERT', 'UPDATE',
'DELETE', 'DELETE_NODE', 'DELETE_EDGE',
'CREATE_SCHEMA', 'DROP_SCHEMA', 'ALTER_SCHEMA',
'SHOW_SCHEMA', 'CREATE_TRIGGER', 'DROP_TRIGGER',
'SHOW_TRIGGER', 'CREATE_BACKUP', 'RESTORE_BACKUP',
'SHOW_BACKUP', 'CREATE_PROPERTY', 'DROP_PROPERTY',
'ALTER_PROPERTY', 'SHOW_PROPERTY', 'CREATE_FULLTEXT',
'DROP_FULLTEXT', 'SHOW_FULLTEXT', 'CREATE_INDEX',
'DROP_INDEX', 'SHOW_INDEX', 'LTE',
'UFE', 'CLEAR_TASK', 'STOP_TASK',
'PAUSE_TASK', 'RESUME_TASK', 'SHOW_TASK',
'ALGO', 'SHOW_ALGO'
],
system_privileges: [
'TRUNCATE', 'COMPACT',
'CREATE_GRAPH', 'SHOW_GRAPH',
'DROP_GRAPH', 'ALTER_GRAPH',
'MOUNT_GRAPH', 'UNMOUNT_GRAPH',
'TOP', 'KILL',
'STAT', 'SHOW_POLICY',
'CREATE_POLICY', 'DROP_POLICY',
'ALTER_POLICY', 'SHOW_USER',
'CREATE_USER', 'DROP_USER',
'ALTER_USER', 'GRANT',
'REVOKE', 'SHOW_PRIVILEGE'
]
}
Policy
showPolicy()
获取实例上的全部策略。策略包括系统权限、图权限、属性权限和其他策略。
参数:
RequestConfig(可选):配置请求。
返回值:
Policy[]:实例上的全部策略列表。
// 获取全部策略并打印其信息
let resp = await conn.showPolicy();
for (let i of resp.data) {
console.log("Policy ", i.name, " includes: "),
console.log("- System privileges: ", i.system_privileges),
console.log("- Graph privileges: ", i.graph_privileges),
console.log("- Property privileges: ", i.property_privileges),
console.log("- Policies: ", i.policies);
}
Policy manager includes:
- System privileges: [ 'DROP_POLICY', 'COMPACT' ]
- Graph privileges: { '*': [ 'CREATE_INDEX', 'DROP_TRIGGER', 'CREATE_FULLTEXT' ] }
- Property privileges: {
node: { read: [], write: [], deny: [] },
edge: { read: [], write: [], deny: [] }
}
- Policies: [ 'operator' ]
Policy operator includes:
- System privileges: [ 'MOUNT_GRAPH', 'TRUNCATE', 'SHOW_GRAPH' ]
- Graph privileges: { miniCircle: [ 'UPDATE', 'INSERT', 'TEMPLATE', 'UPSERT', 'AUTONET' ] }
- Property privileges: {
node: { read: [], write: [ [Array] ], deny: [] },
edge: { read: [], write: [], deny: [] }
}
- Policies: []
getPolicy()
根据名称获取实例上的策略。
参数:
string:策略名称。RequestConfig(可选):配置请求。
返回值:
Policy:获取到的策略。
// 获取策略operator并打印其信息
let resp = await conn.getPolicy("operator");
console.log("Policy ", resp.data.name, " includes: "),
console.log("- System privileges: ", resp.data.system_privileges),
console.log("- Graph privileges: ", resp.data.graph_privileges),
console.log("- Property privileges: ", resp.data.property_privileges),
console.log("- Policies: ", resp.data.policies);
Policy operator includes:
- System privileges: [ 'MOUNT_GRAPH', 'TRUNCATE', 'SHOW_GRAPH' ]
- Graph privileges: { miniCircle: [ 'UPDATE', 'INSERT', 'TEMPLATE', 'UPSERT', 'AUTONET' ] }
- Property privileges: {
node: { read: [], write: [ [Array] ], deny: [] },
edge: { read: [], write: [], deny: [] }
}
- Policies: []
createPolicy()
在实例中创建一个策略。
参数:
Policy:待创建的策略;必须设置name字段,system_privileges字段、graph_privileges字段、property_privileges字段和policies字段可选。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 新建策略sales并获取该策略
let myCreate = await conn.createPolicy({
name: "sales",
system_privileges: ["SHOW_GRAPH", "TRUNCATE"],
graph_privileges: {
miniCircle: [
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
],
},
property_privileges: {
node: {
read: [],
write: [],
deny: [],
},
edge: {
read: [],
write: [],
deny: [],
},
},
policies: ["manager", "operator"],
});
// 打印新创建的策略'sales'
let resp = await conn.getPolicy("sales");
console.log("Policy", resp.data.name, "includes: "),
console.log("- System privileges: ", resp.data.system_privileges),
console.log("- Graph privileges: ", resp.data.graph_privileges),
console.log("- Property privileges: ", resp.data.property_privileges),
console.log("- Policies: ", resp.data.policies);
Policy sales includes:
- System privileges: [ 'SHOW_GRAPH', 'TRUNCATE' ]
- Graph privileges: {
'*': [ 'SHOW_ALGO', 'ALGO', 'RESUME_TASK', 'CREATE_PROPERTY', 'UFE' ]
}
- Property privileges: {
node: { read: [ [Array] ], write: [], deny: [] },
edge: { read: [ [Array] ], write: [], deny: [] }
}
- Policies: [ 'manager', 'operator' ]
alterPolicy()
根据名称,修改实例中已有策略的系统权限、图权限、属性权限和其他策略。
参数:
Policy: The policy to be altered; 必须设置name字段,system_privileges字段、graph_privileges字段、property_privileges字段和policies字段可选。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 修改策略sales并获取该策略
let myCreate = await conn.alterPolicy({
name: "sales",
system_privileges: ["SHOW_GRAPH"],
graph_privileges: {
miniCircle: [
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
"FIND",
],
lcc: ["UPDATE"],
},
policies: ["operator"],
});
let resp = await conn.getPolicy("sales");
console.log("Policy", resp.data.name, "includes: "),
console.log("- System privileges: ", resp.data.system_privileges),
console.log("- Graph privileges: ", resp.data.graph_privileges),
console.log("- Property privileges: ", resp.data.property_privileges),
console.log("- Policies: ", resp.data.policies);
Policy sales includes:
- System privileges: [ 'SHOW_GRAPH' ]
- Graph privileges: {
miniCircle: [
'SHOW_ALGO',
'ALGO',
'RESUME_TASK',
'FIND',
'UFE',
'CREATE_PROPERTY'
],
lcc: [ 'UPDATE' ]
}
- Property privileges: {
node: { read: [ [Array] ], write: [], deny: [] },
edge: { read: [ [Array] ], write: [], deny: [] }
}
- Policies: [ 'operator' ]
dropPolicy()
根据名称删除实例中的一个策略。
参数:
string:策略名称。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 删除策略sales并打印错误代码
let resp = await conn.dropPolicy("sales");
console.log(resp.status.code_desc);
SUCCESS
User
showUser()
获取实例上的全部数据库用户。
参数:
RequestConfig(可选):配置请求。
返回值:
User[]:实例上的全部用户列表。
// 获取全部用户并打印第一个返回的用户访问信息
let resp = await conn.showUser();
let user1 = resp.data[0];
console.log("Username:", user1.username);
console.log("Creation timestamp:", user1.create.valueOf());
console.log("System privileges:", user1.system_privileges);
console.log("Graph privileges:", user1.graph_privileges);
console.log("Property privileges:", user1.property_privileges);
console.log("Policies:", user1.policies);
Username: test006
Creation timestamp: 1693550276
System privileges: [
'SHOW_PRIVILEGE', 'ALTER_USER',
'DROP_USER', 'CREATE_USER',
'SHOW_GRAPH', 'ALTER_GRAPH',
'DROP_GRAPH', 'COMPACT',
'MOUNT_GRAPH', 'TOP',
'CREATE_GRAPH', 'STAT',
'UNMOUNT_GRAPH', 'SHOW_POLICY',
'TRUNCATE', 'KILL',
'ALTER_POLICY', 'CREATE_POLICY',
'DROP_POLICY', 'SHOW_USER'
]
Graph privileges: {}
Property privileges: {
node: { read: [], write: [], deny: [ [Array] ] },
edge: { read: [], write: [], deny: [ [Array] ] }
}
Policies: [ 'operator' ]
getUser()
根据用户名获取实例上的数据库用户。
参数:
string:用户名。RequestConfig(可选):配置请求。
返回值:
User:获取到的用户。
// 获取用户test005并打印其访问信息
let resp = await conn.getUser("test005");
console.log("Username:", resp.data.username);
console.log("Creation timestamp:", resp.data.create.valueOf());
console.log("System privileges:", resp.data.system_privileges);
console.log("Graph privileges:", resp.data.graph_privileges);
console.log("Property privileges:", resp.data.property_privileges);
console.log("Policies:", resp.data.policies);
Username: test005
Creation timestamp: 1693473359
System privileges: [
'SHOW_PRIVILEGE', 'ALTER_USER',
'DROP_USER', 'CREATE_USER',
'SHOW_GRAPH', 'ALTER_GRAPH',
'DROP_GRAPH', 'COMPACT',
'MOUNT_GRAPH', 'TOP',
'CREATE_GRAPH', 'STAT',
'UNMOUNT_GRAPH', 'SHOW_POLICY',
'TRUNCATE', 'KILL',
'ALTER_POLICY', 'CREATE_POLICY',
'DROP_POLICY', 'SHOW_USER'
]
Graph privileges: {}
Property privileges: {
node: { read: [], write: [], deny: [] },
edge: { read: [], write: [], deny: [] }
}
Policies: [ 'operator' ]
createUser()
在实例上创建一个数据库用户。
参数:
CreateUser: The user to be created; 必须设置username字段和password字段,system_privileges字段、graph_privileges字段、property_privileges字段和policies字段可选。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 创建用户NodeJsUser并打印错误代码
let resp = await conn.createUser({
username: "NodeJsUser",
password: "Password",
system_privileges: ["SHOW_GRAPH", "TRUNCATE"],
graph_privileges: {
miniCircle: [
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
"FIND",
],
},
property_privileges: {
node: {
read: [],
write: [],
deny: [],
},
edge: {
read: [],
write: [],
deny: [],
},
},
policies: ["manager"],
});
console.log(resp.status.code_desc);
SUCCESS
alterUser()
根据用户名,修改实例中已有数据库用户的密码、系统权限、图权限、属性权限和策略。
参数:
AlterUser: The user to be altered; 必须设置username字段,password字段、system_privileges字段、graph_privileges字段、property_privileges字段和policies字段可选。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 修改用户NodeJsUser并打印错误代码
let resp = await conn.alterUser({
username: "NodeJsUser",
system_privileges: ["SHOW_GRAPH"],
graph_privileges: {
miniCircle: ["FIND"],
},
policies: ["operator"],
});
console.log(resp.status.code_desc);
SUCCESS
dropUser()
根据用户名从实例中删除数据库用户。
参数:
string:用户名。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 删除用户NodeJsUser并打印错误代码
let resp = await conn.dropUser("NodeJsUser");
console.log(resp.status.code_desc);
SUCCESS
grantPolicy()
为实例中的数据库用户授予系统权限、图权限、属性权限和策略。
参数:
string:用户名。GraphPrivilege:待授予的图权限;设定为null可跳过图权限授予。string[]:待授予的系统权限;设定为null可跳过系统权限授予。string[]:待授予的策略;设定为null可跳过策略授予。PropertyPrivilege:待授予的属性权限;设定为null可跳过属性权限授予。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
// 为用户'johndoe'授予权限和策略,并打印错误代码
let resp = await conn.grantPolicy(
"johndoe",
{
miniCircle: [
"SHOW_ALGO",
"ALGO",
"RESUME_TASK",
"UFE",
"CREATE_PROPERTY",
"FIND",
],
},
null,
["manager"],
null
);
console.log(resp.status.code_desc);
SUCCESS
revokePolicy()
撤销实例中的数据库用户的系统权限、图权限、属性权限和策略。
参数:
string:用户名。GraphPrivilege:待撤销的图权限;设定为null可跳过图权限撤销。string[]:待撤销的系统权限;设定为null可跳过系统权限撤销。string[]:待撤销的策略;设定为null可跳过策略撤销。PropertyPrivilege:待撤销的属性权限;设定为null可跳过属性权限撤销。RequestConfig(可选):配置请求。
返回值:
Response:请求的结果。
let resp = await conn.revokePolicy(
"johndoe",
{
miniCircle: ["SHOW_ALGO", "ALGO", "RESUME_TASK"],
},
null,
["manager"],
null
);
console.log(resp.status.code_desc);
SUCCESS
完整示例
import { ConnectionPool, ULTIPA } from "@ultipa-graph/ultipa-node-sdk";
import { GraphExra } from "@ultipa-graph/ultipa-node-sdk/dist/connection/extra/graph.extra";
import { getEdgesPrintInfo } from "@ultipa-graph/ultipa-node-sdk/dist/printers/edge";
import { RequestType } from "@ultipa-graph/ultipa-node-sdk/dist/types";
import { ListFormat } from "typescript";
let sdkUsage = async () => {
// 设置连接
// URI示例:hosts="mqj4zouys.us-east-1.cloud.ultipa.com:60010"
let hosts = [
"192.168.1.85:60061",
"192.168.1.86:60061",
"192.168.1.87:60061",
];
let username = "***";
let password = "***";
let connPool = new ConnectionPool(hosts, username, password);
// 建立与数据库的连接
let conn = await connPool.getActive();
let isSuccess = await conn.test();
console.log(isSuccess);
// 配置请求
let requestConfig = <RequestType.RequestConfig>{
useMaster: true,
};
// 获取全部策略并打印其信息
let resp = await conn.showPolicy();
for (let i of resp.data) {
console.log("Policy ", i.name, " includes: "),
console.log("- System privileges: ", i.system_privileges),
console.log("- Graph privileges: ", i.graph_privileges),
console.log("- Property privileges: ", i.property_privileges),
console.log("- Policies: ", i.policies);
}
};
sdkUsage().then(console.log).catch(console.log);