Graphileon Documentation
Graphileon.com
For Dashboard Designers Reference DataManagement
Wednesday, May 17, 2023 12:20 PMDataManagement
Label: :IA_Function
Property: type: DataManagement
Inherits from: Function
Bundles actions related to managing data (nodes and relations).
Function parameters
| Key | Description | Default value | Possible values |
|---|---|---|---|
action |
The action to perform. Note: can only be set on the Function node, NOT on incoming Triggers. | string; see below. Should be a static string, without evaluation or templating. | |
params |
The parameters for the given action. See below for possible values. | object; see below | |
allowCoreEntities |
If set to true, will allow the management of core entities (handling them as plain nodes/relations). |
false |
Boolean |
Actions
Each action requires specific parameters. Below are the possibilities.
action |
Description | params |
|---|---|---|
create |
Create an entity | entity: Node to createtype: node(default)/relation |
delete |
Delete an entity | entity: Node to delete (only id, properties.uuid or properties.iaName are used)type: node(default)/relation |
import |
Import a set of nodes and relations. * | nodes: Array of nodes, relations: Array of relationidProperty: (optional) The property by which to match existing entities. If an existing entity is found, it will be updated rather than created. batchSize: (optional) Batch size for database operations. 10000 by default. |
patch |
Patch a node. Changes the given properties only. | entity: Node to patch |
read |
Find a node. | entity: Node to read (only id, properties.uuid or properties.iaName are used). |
read-all |
Find given nodes. | entities: A list of Nodes (only id and meta.store are used). |
read-all-entities |
Find given entities. Filtered by corresponding 'read' permissions. | entities: A list of nodes or relations (only id and meta.store are used).type: node/relation |
read-entity |
Find an entity (e.g. Function/User/Trigger etc). Checks the associated permissions for that Entity type; does not check additional REQUIREd permissions). |
entity: Node or Relation to read (only id, properties.uuid or properties.iaName are used).type: node(default)/relation |
update |
Update a node. Updates all properties as provided. | entity: Node to update |
* The ids of nodes in the import action are only used as reference for relations.
The final ids depend on the target database. To update existing nodes and relations, they should have a uniquely
identifying propery. This property can then be specified as idProperty (by default uuid).
Outgoing triggers
Type: success
Occurrence: When the requested action was performed successfully.
Additional event properties (besides the inherited properties):
| Key | Description | Possible values |
|---|---|---|
response |
The response from the performed action. | See below |
For each action, the response can be different. Below are the possibilities:
action |
response |
|---|---|
create |
Created node |
delete |
(empty) |
import |
nodes: (object) created nodes, relations: (object) created relations * |
patch |
The updated node |
read |
Requested node |
read-all |
Found nodes |
read-node |
Requested node |
read-relation |
Requested relation |
update |
Updated node |
* The nodes and relations in the response are both objects, where the keys are the original ids, and the values the
corresponding entities in the database (note that the final ids may be different than the ids specified in the input).
Permissions (beta)
Besides the permissions inherited from Function, the following permissions can be required:
for: action:create
Determines: whether or not a node can be created.
| Key | Description | Type |
|---|---|---|
entity |
The node to be created. | Node |
for: action:delete
Determines: whether or not a node can be deleted.
| Key | Description | Type |
|---|---|---|
entity |
The node to be deleted. | Node |
for: action:import
Determines: whether or not a set of nodes and relations can be imported.
| Key | Description | Type |
|---|---|---|
nodes |
The nodes to be created. | Array of nodes |
relations |
The relations to be created. | Array of relations |
store |
The store to import to. | string |
for: action:read
Determines: whether or not a node can be read.
| Key | Description | Type |
|---|---|---|
entity |
The node to be read. | Node |
for: action:update
Determines: whether or not a node can be updated. This is checked for the state of the node both before and after update.
| Key | Description | Type |
|---|---|---|
entity |
The node to be updated. | Node |
Permission Examples
Example 1: Create "Document" nodes only with "document:write" permission.
This example will create any node provided as $params, as long as it contains the label Document,
and the user is connected to the document:write permission node.
{
"nodes": [{
"id": "data-management",
"labels": "IA_Function",
"properties": {
"type": "DataManagement",
"action": "create"
}
}, {
"id": "permission",
"labels": "IA_Permission",
"properties": {
"name": "document:write",
"expression": "includes($entity.labels, 'Document')"
}
}],
"relations": [{
"id": "require-permission",
"type": "REQUIRE",
"source": "data-management",
"target": "permission",
"properties": {
"$entity": "(%).entity"
}
}]
}
Example 2: Edit only user's own documents
This example will update any node provided as $params, as long as it has a Document label,
and is executed by a user that has a connection to the document:update permission AND an OWNS relation to the
document in question.
{
"nodes": [{
"id": "data-management",
"labels": ["IA_Function"],
"properties": {
"type": "DataManagement",
"action": "update"
}
}, {
"id": "permission",
"labels": ["IA_Permission"],
"properties": {
"name": "document:update",
"cypher": "MATCH (u:IA_User)-[r:OWNS]->(d:Document) WHERE id(u)=$user.id AND id(d)=$entity.id RETURN COUNT(r)>0 AS allow"
}
}],
"relations": [{
"id": "require-permission",
"type": "REQUIRE",
"source": "data-management",
"target": "permission",
"properties": {
"$user": "(@).user",
"$entity": "(%).entity"
}
}]
}