Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
**WORKING WITH CONFLICTING PRIVILEGES
// Fraud database available FROM
// https://drive.google.com/open?id=1jWJrIFdv8tNECLn-nV4HJqotF1db3m6D
//work with a separate user and a role to experiment with conflicting roles
CREATE USER conflicted_user SET PASSWORD "changeme" CHANGE NOT REQUIRED;
CREATE ROLE conflicted_role AS COPY OF reader;
GRANT ROLE conflicted_role TO conflicted_user;
//create conflicting privileges
GRANT MATCH {*} ON GRAPH `fraudgraph` NODES SSN to conflicted_role;
DENY READ {*} ON GRAPH `fraudgraph` NODES SSN to conflicted_role;
SHOW USER conflicted_user PRIVILEGES;
//first remove those privileges
REVOKE GRANT READ {*} ON GRAPH `fraudgraph` NODES SSN from conflicted_role;
REVOKE GRANT TRAVERSE ON GRAPH `fraudgraph` NODES SSN from conflicted_role;
REVOKE DENY READ {*} ON GRAPH `fraudgraph` NODES SSN from conflicted_role;
//then switch them around
DENY MATCH {*} ON GRAPH `fraudgraph` NODES SSN to conflicted_role;
GRANT READ {*} ON GRAPH `fraudgraph` NODES SSN to conflicted_role;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.