For Dashboard Designers Reference DataManagement
Friday, November 11, 2022 12:54 PMDataManagement
Label: :IA_Function
Property: type: DataManagement
Inherits from: Function
Bundles actions related to managing data (nodes and relations).
Function parameters
Key | Description | Default value | Possible values |
---|---|---|---|
action |
The action to perform. Note: can only be set on the Function node, NOT on incoming Triggers. | string; see below. Should be a static string, without evaluation or templating. | |
params |
The parameters for the given action. See below for possible values. | object; see below | |
allowCoreEntities |
If set to true , will allow the management of core entities (handling them as plain nodes/relations). |
false |
Boolean |
Actions
Each action
requires specific parameters. Below are the possibilities.
action |
Description | params |
---|---|---|
create |
Create an entity | entity : Node to createtype : node (default)/relation |
delete |
Delete an entity | entity : Node to delete (only id , properties.uuid or properties.iaName are used)type : node (default)/relation |
import |
Import a set of nodes and relations. * | nodes : Array of nodes, relations : Array of relationidProperty : (optional) The property by which to match existing entities. If an existing entity is found, it will be updated rather than created. batchSize : (optional) Batch size for database operations. 10000 by default. |
patch |
Patch a node. Changes the given properties only. | entity : Node to patch |
read |
Find a node. | entity : Node to read (only id , properties.uuid or properties.iaName are used). |
read-all |
Find given nodes. | entities : A list of Nodes (only id and meta.store are used). |
read-all-entities |
Find given entities. Filtered by corresponding 'read' permissions. | entities : A list of nodes or relations (only id and meta.store are used).type : node /relation |
read-entity |
Find an entity (e.g. Function/User/Trigger etc). Checks the associated permissions for that Entity type; does not check additional REQUIRE d permissions). |
entity : Node or Relation to read (only id , properties.uuid or properties.iaName are used).type : node (default)/relation |
update |
Update a node. Updates all properties as provided. | entity : Node to update |
* The id
s of nodes in the import
action are only used as reference for relations.
The final id
s depend on the target database. To update existing nodes and relations, they should have a uniquely
identifying propery. This property can then be specified as idProperty
(by default uuid
).
Outgoing triggers
Type: success
Occurrence: When the requested action was performed successfully.
Additional event properties (besides the inherited properties):
Key | Description | Possible values |
---|---|---|
response |
The response from the performed action. | See below |
For each action
, the response
can be different. Below are the possibilities:
action |
response |
---|---|
create |
Created node |
delete |
(empty) |
import |
nodes : (object) created nodes, relations : (object) created relations * |
patch |
The updated node |
read |
Requested node |
read-all |
Found nodes |
read-node |
Requested node |
read-relation |
Requested relation |
update |
Updated node |
* The nodes and relations in the response are both objects, where the keys are the original id
s, and the values the
corresponding entities in the database (note that the final id
s may be different than the id
s specified in the input).
Permissions (beta)
Besides the permissions inherited from Function, the following permissions can be required:
for: action:create
Determines: whether or not a node can be created.
Key | Description | Type |
---|---|---|
entity |
The node to be created. | Node |
for: action:delete
Determines: whether or not a node can be deleted.
Key | Description | Type |
---|---|---|
entity |
The node to be deleted. | Node |
for: action:import
Determines: whether or not a set of nodes and relations can be imported.
Key | Description | Type |
---|---|---|
nodes |
The nodes to be created. | Array of nodes |
relations |
The relations to be created. | Array of relations |
store |
The store to import to. | string |
for: action:read
Determines: whether or not a node can be read.
Key | Description | Type |
---|---|---|
entity |
The node to be read. | Node |
for: action:update
Determines: whether or not a node can be updated. This is checked for the state of the node both before and after update.
Key | Description | Type |
---|---|---|
entity |
The node to be updated. | Node |
Permission Examples
Example 1: Create "Document" nodes only with "document:write" permission.
This example will create any node provided as $params
, as long as it contains the label Document
,
and the user is connected to the document:write
permission node.
{
"nodes": [{
"id": "data-management",
"labels": "IA_Function",
"properties": {
"type": "DataManagement",
"action": "create"
}
}, {
"id": "permission",
"labels": "IA_Permission",
"properties": {
"name": "document:write",
"expression": "includes($entity.labels, 'Document')"
}
}],
"relations": [{
"id": "require-permission",
"type": "REQUIRE",
"source": "data-management",
"target": "permission",
"properties": {
"$entity": "(%).entity"
}
}]
}
Example 2: Edit only user's own documents
This example will update any node provided as $params
, as long as it has a Document
label,
and is executed by a user that has a connection to the document:update
permission AND an OWNS
relation to the
document in question.
{
"nodes": [{
"id": "data-management",
"labels": ["IA_Function"],
"properties": {
"type": "DataManagement",
"action": "update"
}
}, {
"id": "permission",
"labels": ["IA_Permission"],
"properties": {
"name": "document:update",
"cypher": "MATCH (u:IA_User)-[r:OWNS]->(d:Document) WHERE id(u)=$user.id AND id(d)=$entity.id RETURN COUNT(r)>0 AS allow"
}
}],
"relations": [{
"id": "require-permission",
"type": "REQUIRE",
"source": "data-management",
"target": "permission",
"properties": {
"$user": "(@).user",
"$entity": "(%).entity"
}
}]
}