How are roles stored in in noe4J

rushabh02022002 · October 19, 2023, 1:33am

How roles are stored on disk and what happens if user have 2 conflicting roles i.e. role A give access to DB1 and role B deny access on DB1

busymo16 · October 19, 2023, 7:59am

Keep in mind that the denying (blacklisting) will always win and in this case the User to whom that Role is assigned, will not have access to DB1.

dana_canzano · October 19, 2023, 6:21pm

What version of Neo4j?
However for v5, documentation at Managing privileges - Cypher Manual

states

The user will be able to access the resource if they have a GRANT (allowlist)
 and do not have a DENY (denylist) relevant to that resource.

are you seeing where a user has both GRANT and DENY and the user is able to see data?

Topic		Replies	Views
Granting Roles to Users Neo4j Graph Platform migrated	2	328	June 10, 2022
Fine Grained Control - Where User == Resource.User Newbie Questions security , authentication , role	3	402	September 25, 2021
Can I use Native User Role to limit access to a user's 'own' data? Modeling user	6	2002	May 7, 2020
How to assign privileges to users instead of roles Neo4j 4.0 security	1	433	November 14, 2021
How to restrict a few nodes in Neo4j Database Cypher cypher , knowledge-base	7	1597	December 28, 2018

July Summer Fun!