* Decouple BoltSession and communication::bolt::Session
* Add CREATE/USE/DROP DATABASE
* Add SHOW DATABASES
* Cover WebSocket session
* Simple session safety implemented via RWLock
* Storage symlinks for backward. compatibility
* Extend the audit log with the DB info
* Add auth part
* Add tenant recovery
* Added enum for more granular access control; Expanded functionality of fine grained access checker; Propagated changes to Edit, Deny and Revoke permissions methods in interpreter
* Introduced Merge method for merging two colle with permissions
* e2e tests implementation started
* Expanded cypher to support fine grained permissions
* ast.lcp::AuthQuery removed labels, added support for label permissions
* promoted label permissions to vector
* removed unnecesary enum value
* expanded glue/auth with LabelPrivilegeToLabelPermission
* added const
* extended Grant Deny and Revoke Privileges with new label privileges
* extended Edit Grant Deny and Revoke Privileges to properly use new model
* Fixed unit tests
* FineGrainedAccessChecker Grant and Deny methods reworked
* Revoke cypher slightly reworked; Revoke for labels works without label permissions
* EditPermission's label_permission lambda now takes two parameters
* constants naming enforced; replaced asterisks with string constant
* removed faulty test addition
* Naming fixes; FineGrainedAccessChecker unit tests introduced
* unnecessary includes removed; minor code improvements
* minor fix
* Access checker reworked; denies and grant merged into single permission object; Created global_permission that applies to all non-created permissions. Grant, Deny and Revoke reworked; Merge method reworked
* Fixed wrong check;
* Fix after merge; renamed constants; removed unused constant
* Fix after merge; workloads.yaml for lbaprocedures e2e tests updated with new grammar
* Fixes after merge
* Fixes after merge
* fixed Revoke that was not fixed after the merge
* updated cypher main visitor tests
* PR review changes; Naming and const fixed, replaced double tertiary with lambda
* unwrapping the iterator fix
* merge 1003 minor fix
* minor spelling fixes
* Introduced visitPrivilegesList because of the doubled code
* const added
* string const to enum
* redundant braces
* added const
* minor code improvement
* e2e tests expanded
* if -> switch
* enum class inherits uint8_t now
* LabelPrililege::EDIT -> LabelPrivilege::UPDATE
* LabelPermission -> EntityPermission; LabelPrivilege -> EntityPrivilege
* EntityPrivilege -> FineGrainedPrivilege; EntityPermission -> FineGrainedPermission
* Added enum for more granular access control; Expanded functionality of fine grained access checker; Propagated changes to Edit, Deny and Revoke permissions methods in interpreter
* Introduced Merge method for merging two colle with permissions
* e2e tests implementation started
* FineGrainedAccessChecker Grant and Deny methods reworked
* removed faulty test addition
* Naming fixes; FineGrainedAccessChecker unit tests introduced
* unnecessary includes removed; minor code improvements
* Access checker reworked; denies and grant merged into single permission object; Created global_permission that applies to all non-created permissions. Grant, Deny and Revoke reworked; Merge method reworked
* Fixed wrong check;
* PR review changes; Naming and const fixed, replaced double tertiary with lambda
* unwrapping the iterator fix
* minor spelling fixes
* GRANT, REVOKE, DENY and access_checker DONE
* Added AccessChecker to ExecutionContext
* grammar expanded; (#462)
* current
* T0954 mg expand user and role to hold permissions on labels (#465)
* added FineGrainedAccessPermissions class to model
* expanded user and role with fine grained access permissions
* fixed grammar
* [E129 < T0953-MG] GRANT, DENY, REVOKE added in interpreter and mainVisitor (#464)
* GRANT, DENY, REVOKE added in interpreter and mainVisitor
* Commented labelPermissons
* remove labelsPermission adding
* Fixed
* Removed extra lambda
* fixed
* [E129<-T0955-MG] Expand ExecutionContext with label related information (#467)
* added
* Added FineGrainedAccessChecker to Context
* fixed
* Added filtering
* testing
* Added edge filtering to storage, need to add filtering in simple Expand in operator.cpp
* Removed storage changes
* MATCH filtering working
* EdgeTypeFiltering working, just need to test everything again
* Removed FineGrainedAccessChecker
* Removed Expand Path
* Fix
* Tested FineGrainedAccessHandler, need to test AuthChecker
* Added integration test for lba
* Fixed merge conflicts
* PR fix
* fixed
* PR fix
* Fix test
* removed .vscode, .cache, .githooks
* githooks
* added tests
* fixed build
* Changed ast.lcp and User pointer to value in context.hpp
* Fixed test
* Remove denies on grant all
* AuthChecker
* Pr fix, auth_checker still not fixed
* Create mg-glue and extract UserBasedAuthChecker from AuthChecker
* Build fixed, need to fix test
* e2e tests
* e2e test working
* Added unit test, e2e and FineGrainedChecker
* Mege E129, auth_checker tests
* Fixed test
* e2e fix
Co-authored-by: Boris Taševski <36607228+BorisTasevski@users.noreply.github.com>
Co-authored-by: josipmrden <josip.mrden@external-basf.com>
Co-authored-by: János Benjamin Antal <benjamin.antal@memgraph.io>
* grammar expanded; (#462)
* T0954 mg expand user and role to hold permissions on labels (#465)
* added FineGrainedAccessPermissions class to model
* expanded user and role with fine grained access permissions
* fixed grammar
* [E129 < T0953-MG] GRANT, DENY, REVOKE added in interpreter and mainVisitor (#464)
* GRANT, DENY, REVOKE added in interpreter and mainVisitor
* Commented labelPermissons
* remove labelsPermission adding
* Removed extra lambda
* [E129<-T0955-MG] Expand ExecutionContext with label related information (#467)
* Added FineGrainedAccessChecker to Context
* fixed failing tests for label based authorization (#480)
* Marked FineGrainedAccessChecker ctor explicit; Introduced change to clang-tidy; (#483)
Co-authored-by: niko4299 <51059248+niko4299@users.noreply.github.com>
* Add CREATE, START, STOP and DROP queries
* Fix definition of port in replica query
* Explicitly stop the consumer before removing
* Fix offset committing in Consumer
* Add tests for basic stream queries
* Remove unnecessary WITH keywords from CREATE query
* Add tests
* Add STREAM privilege
* Disable not working test
The functionality is tested manually, but I couldn't make it work with
the mock kafka cluster.
* Add support for multiple topic names
* Replace skiplist by synchronized map
* Make Consumer::Test const and improve error handling
The improvement in the error handling is mostly done regarding to the
Test function. Instead of trying to revert the assignments, Test just
stores the last commited assignment. When Start or Test is called, they
check for the last commited assignments, and if it is saved, then they
try to restore it. This way:
1. All the failures are returned to the user (failed to save/restore)
2. Failed assignment cannot terminate Memgraph
* Make Test do not block creating/droping other streams
This PR introduces READ COMMITTED and READ UNCOMMITTED isolation levels.
The isolation level can be set with a config or with a query for different scopes.
* Add LOAD CSV clause infrastructure
* Add LoadCsv operator
* Update csv::Reader class
* Support csv files with and without header
Co-authored-by: jseljan <josip.seljan@memgraph.io>
Summary:
This diff adds support for an auth module. The module is used to provide
authentication and authorization (only user to role mappings). The module can
be written in any language and uses a simple protocol to communicate with
Memgraph.
Reviewers: teon.banek, buda
Reviewed By: teon.banek
Subscribers: pullbot
Differential Revision: https://phabricator.memgraph.io/D2359
