cancel
Showing results for 
Search instead for 
Did you mean: 

Cypher design pattern for web application authorizations

ckichan
Node

I am writing a web application that involves permission or ownership authorizations.
It is not a social media but let's assume it is a forum for the moment.
I do authorization in cypher through zero row mechanism of cypher with this pattern:

MATCH (user:User{userId: $userId})-[:PRIVILEGED_OF]->(:Permission{canComment: true})
WITH DISTINCT user
MATCH (post:Post{postId: $postId})<-[:USER_CREATE]-(author)
WHERE NOT EXISTS((author)-[:USER_BLOCK]->(user))
WITH post, user
MERGE (post)-[:REPLYING]-(reply:Reply{content: $content})<-[:USER_CREATE]-(user)
RETURN reply

No reply will be created if the user don't have such privileged or if the use is blocked by the author.
on the python driver side:

result = tx.run(query, userId=userId, postId=postId, content=content)
try:
    return [
        {"text": record["reply"]["text"], "id": record["reply"].id}
        for record in result
    ]

The bottleneck is about error feedback. How could I tell the user the reason why their operation is rejected?
I currently add a [0] in the returned result, and catch the List index out of range exception and notify the user, but there is no way to tell the violation is about the first or the second regulations.

I know it can easily be done with 2 extra transaction, but it also added 2 extra round trip time between the web server and the neo4j DB.
Is it possible to return an error message if there are zero row in a cypher execution?

0 REPLIES 0