Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Identity and Access Management
// What is related, and how
MATCH (a)-[r]->(b)
WHERE labels(a) <> [] AND labels(b) <> []
RETURN DISTINCT head(labels(a)) AS This, type(r) as To, head(labels(b)) AS That
LIMIT 20
//show me NeoTech
match (n:Company {name:"Neo Technology"}) return n
//show me NeoTech (excl Partners)
match (n:Company {name:"Neo Technology"})-[r]-()
where type(r) <> "PARTNER_OF"
return n,r;
//Show a file
match (f:File)-[r]-(n)
return f,r,n
limit 1;
//Questions to ask
//How many files can a person see
match (p:Person {first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f:File)
return count(f);
//give me 10 files that Rik has access to
match (p:Person {first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f:File)
return f.name, id(f)
limit 10;
//can a person access a file
//this is a file that
match (f:File)
where id(f)=72977
with f
match (p:Person {first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return count(*) > 0 as hasAccess;
match (f:File)
where id(f)=129283
with f
match (p:Person {first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return count(*) > 0 as hasAccess;
//here's a list of files that Rik has / does not have access to
match (f:File),(p:Person {first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d:Department)-[r:HAS_ACCESS]->(n)
where not((f)-[:PART_OF*..3]->(n))
return id(f)
limit 10
//how many people can see a File: follow PART_OF relationship to FileShare, and then check which department owns the Fileshare, and how many people work for that department
match (f:File)
where id(f)=72977
with f
match (p:Person)-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return f.name, d.name, p.first_name, p.last_name;
match (f:File)
where id(f)=129283
with f
match (p:Person)-[:IS_MEMBER]->(d:Department)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return f.name, d.name, p.first_name, p.last_name;
//find the partners
match (n:Company {name:"Neo Technology"})-[:PARTNER_OF]-(m) return m limit 5
//what files of Neo Technology do its partners have access to
match (neo:Company {name:"Neo Technology"})<-[:PARTNER_OF]-(partner:Company)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f:File)
with f,neo
match (f)-[:PART_OF*..4]-(n:Asset {name:"Files"})-[:ASSET_OF]->(neo)
return f.name, id(f)
limit 10;
//what files of Neo Technology do its partners NOT have access to
match (neo:Company {name:"Neo Technology"})<-[:PARTNER_OF]-(partner:Company),
(f:File)-[:PART_OF*..4]-(n:Asset {name:"Files"})-[:ASSET_OF]->(neo)
where(partner)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
with f,neo
match (f)-[:PART_OF*..4]-(n:Asset {name:"Files"})-[:ASSET_OF]->(neo)
return f.name, id(f)
limit 10;
//does a partner of Neo Technology have access to a certain file?
match (f:File)
where id(f)=369283
with f
match (neo:Company {name:"Neo Technology"})<-[:PARTNER_OF]-(partner:Company)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return count(*) > 0 as hasAccess;
match (f:File)
where id(f)=2000000
with f
match (neo:Company {name:"Neo Technology"})<-[:PARTNER_OF]-(partner:Company)-[:HAS_ACCESS]->(n)<-[:PART_OF*..3]-(f)
return count(*) > 0 as hasAccess;
//Run this file in the Neo4j Shell
//Create the companies
create (c1:Company:Group {id:1, name:'Acme, inc.'}),
(c2:Company:Group {id:2, name:'Widget Corp'}),
(c3:Company:Group {id:3, name:'123 Warehousing'}),
(c4:Company:Group {id:4, name:'Demo Company'}),
(c5:Company:Group {id:5, name:'Smith and Co.'}),
(c6:Company:Group {id:6, name:'Foo Bars'}),
(c7:Company:Group {id:7, name:'ABC Telecom'}),
(c8:Company:Group {id:8, name:'Fake Brothers'}),
(c9:Company:Group {id:9, name:'QWERTY Logistics'}),
(c10:Company:Group {id:10, name:'Demo, inc.'}),
(c11:Company:Group {id:11, name:'Sample Company'}),
(c12:Company:Group {id:12, name:'Sample, inc'}),
(c13:Company:Group {id:13, name:'Acme Corp'}),
(c14:Company:Group {id:14, name:'Allied Biscuit'}),
(c15:Company:Group {id:15, name:'Ankh-Sto Associates'}),
(c16:Company:Group {id:16, name:'Extensive Enterprise'}),
(c17:Company:Group {id:17, name:'Galaxy Corp'}),
(c18:Company:Group {id:18, name:'Globo-Chem'}),
(c19:Company:Group {id:19, name:'Mr. Sparkle'}),
(c20:Company:Group {id:20, name:'Globex Corporation'}),
(c21:Company:Group {id:21, name:'LexCorp'}),
(c22:Company:Group {id:22, name:'LuthorCorp'}),
(c23:Company:Group {id:23, name:'North Central Positronics'}),
(c24:Company:Group {id:24, name:'Omni Consimer Products'}),
(c25:Company:Group {id:25, name:'Praxis Corporation'}),
(c26:Company:Group {id:26, name:'Sombra Corporation'}),
(c27:Company:Group {id:27, name:'Sto Plains Holdings'}),
(c28:Company:Group {id:28, name:'Tessier-Ashpool'}),
(c29:Company:Group {id:29, name:'Wayne Enterprises'}),
(c30:Company:Group {id:30, name:'Wentworth Industries'}),
(c31:Company:Group {id:31, name:'ZiffCorp'}),
(c32:Company:Group {id:32, name:'Bluth Company'}),
(c33:Company:Group {id:33, name:'Strickland Propane'}),
(c34:Company:Group {id:34, name:'Thatherton Fuels'}),
(c35:Company:Group {id:35, name:'Three Waters'}),
(c36:Company:Group {id:36, name:'Water and Power'}),
(c37:Company:Group {id:37, name:'Western Gas & Electric'}),
(c38:Company:Group {id:38, name:'Mammoth Pictures'}),
(c39:Company:Group {id:39, name:'Mooby Corp'}),
(c40:Company:Group {id:40, name:'Gringotts'}),
(c41:Company:Group {id:41, name:'Thrift Bank'}),
(c42:Company:Group {id:42, name:'Flowers By Irene'}),
(c43:Company:Group {id:43, name:'The Legitimate Businessmens Club'}),
(c44:Company:Group {id:44, name:'Osato Chemicals'}),
(c45:Company:Group {id:45, name:'Transworld Consortium'}),
(c46:Company:Group {id:46, name:'Universal Export'}),
(c47:Company:Group {id:47, name:'United Fried Chicken'}),
(c48:Company:Group {id:48, name:'Virtucon'}),
(c49:Company:Group {id:49, name:'Kumatsu Motors'}),
(c50:Company:Group {id:50, name:'Keedsler Motors'}),
(c51:Company:Group {id:51, name:'Powell Motors'}),
(c52:Company:Group {id:52, name:'Industrial Automation'}),
(c53:Company:Group {id:53, name:'Sirius Cybernetics Corporation'}),
(c54:Company:Group {id:54, name:'U.S. Robotics and Mechanical Men'}),
(c55:Company:Group {id:55, name:'Colonial Movers'}),
(c56:Company:Group {id:56, name:'Corellian Engineering Corporation'}),
(c57:Company:Group {id:57, name:'Incom Corporation'}),
(c58:Company:Group {id:58, name:'General Products'}),
(c59:Company:Group {id:59, name:'Leeding Engines Ltd.'}),
(c60:Company:Group {id:60, name:'Blammo'}),
(c61:Company:Group {id:61, name:'Input, Inc.'}),
(c62:Company:Group {id:62, name:'Mainway Toys'}),
(c63:Company:Group {id:63, name:'Videlectrix'}),
(c64:Company:Group {id:64, name:'Zevo Toys'}),
(c65:Company:Group {id:65, name:'Ajax'}),
(c66:Company:Group {id:66, name:'Axis Chemical Co.'}),
(c67:Company:Group {id:67, name:'Barrytron'}),
(c68:Company:Group {id:68, name:'Carrys Candles'}),
(c69:Company:Group {id:69, name:'Cogswell Cogs'}),
(c70:Company:Group {id:70, name:'Spacely Sprockets'}),
(c71:Company:Group {id:71, name:'General Forge and Foundry'}),
(c72:Company:Group {id:72, name:'Duff Brewing Company'}),
(c73:Company:Group {id:73, name:'Dunder Mifflin'}),
(c74:Company:Group {id:74, name:'General Services Corporation'}),
(c75:Company:Group {id:75, name:'Monarch Playing Card Co.'}),
(c76:Company:Group {id:76, name:'Krustyco'}),
(c77:Company:Group {id:77, name:'Initech'}),
(c78:Company:Group {id:78, name:'Roboto Industries'}),
(c79:Company:Group {id:79, name:'Primatech'}),
(c80:Company:Group {id:80, name:'Sonky Rubber Goods'}),
(c81:Company:Group {id:81, name:'St. Anky Beer'}),
(c82:Company:Group {id:82, name:'Stay Puft Corporation'}),
(c83:Company:Group {id:83, name:'Vandelay Industries'}),
(c84:Company:Group {id:84, name:'Wernham Hogg'}),
(c85:Company:Group {id:85, name:'Gadgetron'}),
(c86:Company:Group {id:86, name:'Burleigh and Stronginthearm'}),
(c87:Company:Group {id:87, name:'BLAND Corporation'}),
(c88:Company:Group {id:88, name:'Nordyne Defense Dynamics'}),
(c89:Company:Group {id:89, name:'Petrox Oil Company'}),
(c90:Company:Group {id:90, name:'Roxxon'}),
(c91:Company:Group {id:91, name:'McMahon and Tate'}),
(c92:Company:Group {id:92, name:'Sixty Second Avenue'}),
(c93:Company:Group {id:93, name:'Charles Townsend Agency'}),
(c94:Company:Group {id:94, name:'Spade and Archer'}),
(c95:Company:Group {id:95, name:'Megadodo Publications'}),
(c96:Company:Group {id:96, name:'Rouster and Sideways'}),
(c97:Company:Group {id:97, name:'C.H. Lavatory and Sons'}),
(c98:Company:Group {id:98, name:'Globo Gym American Corp'}),
(c99:Company:Group {id:99, name:'The New Firm'}),
(c100:Company:Group {id:100, name:'SpringShield'}),
(c101:Company:Group {id:101, name:'Neo Technology'});
//For each company, create the departments
match (c:Company) create (d101:Department:Group {id:101, name:'Sales'})-[:DEPT_OF]->(c),
(d102:Department:Group {id:102, name:'Marketing'})-[:DEPT_OF]->(c),
(d103:Department:Group {id:103, name:'Finance'})-[:DEPT_OF]->(c),
(d104:Department:Group {id:104, name:'HR'})-[:DEPT_OF]->(c),
(d105:Department:Group {id:105, name:'Operations'})-[:DEPT_OF]->(c),
(d106:Department:Group {id:106, name:'IT'})-[:DEPT_OF]->(c);
//For each company, create the Assets
match (c:Company) create (d1001:Asset {id:1001, name:'ERP system'})-[:ASSET_OF]->(c),
(d1002:Asset {id:1002, name:'CRM system'})-[:ASSET_OF]->(c),
(d1003:Asset {id:1003, name:'Website CMS'})-[:ASSET_OF]->(c),
(d1004:Asset {id:1004, name:'Intranet CMS'})-[:ASSET_OF]->(c),
(d1005:Asset {id:1005, name:'Email'})-[:ASSET_OF]->(c),
(d1006:Asset {id:1006, name:'Calendaring'})-[:ASSET_OF]->(c),
(d1007:Asset {id:1007, name:'Files'})-[:ASSET_OF]->(c);
//departments have access to Assets
match (d:Department {id:101})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:103})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:104})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:105})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:106})-[:DEPT_OF]->(c:Company), (r:Asset {id:1001})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:101})-[:DEPT_OF]->(c:Company), (r:Asset {id:1002})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1002})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1003})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1004})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:104})-[:DEPT_OF]->(c:Company), (r:Asset {id:1004})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:101})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:103})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:104})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:105})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:106})-[:DEPT_OF]->(c:Company), (r:Asset {id:1005})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:101})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:102})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:103})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:104})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:105})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
match (d:Department {id:106})-[:DEPT_OF]->(c:Company), (r:Asset {id:1006})-[:ASSET_OF]->(c) create (d)-[:HAS_ACCESS]->(r);
//Create the file tree structure
//Let's create a share for every department, and give them access
match (r:Asset {id:1007})-[:ASSET_OF]-(c:Company)<-[:DEPT_OF]-(d:Department)
with d,r, "Share of "+d.name as DepartmentName
create (f:FileShare:Asset {id:d.id, name:DepartmentName})-[:PART_OF]->(r), (d)-[:HAS_ACCESS]->(f);
//for every share, connect 10 folders in every Share
match (n2:FileShare)
with range(1,10) as RANGE, n2
foreach (r in RANGE | create (n3:Folder {id:r, name:"Folder"+" "+r})-[:PART_OF]->(n2) );
//for every folder, connect 10 subfolders
match (n3:Folder)
with range(1,10) as RANGE, n3
foreach (r in RANGE | create (n4:SubFolder {id:r, name:"Sub Folder"+" "+r})-[:PART_OF]->(n3) );
//for every folder, connect 10 .pptx files
match (n4:Folder)
with range(1,10) as RANGE, n4
foreach (r in RANGE | create (n5:File {id:r, name:"File"+" "+r+".pptx", type:"Powerpoint"})-[:PART_OF]->(n4) );
//for every subfolder, connect 10 .txt files (batching up!)
match (n4:SubFolder)
with range(1,4) as RANGE, n4
foreach (r in RANGE | create (n5:File {id:r, name:"File"+" "+r+".txt", type:"Text"})-[:PART_OF]->(n4) );
match (n4:SubFolder)
with range(5,7) as RANGE, n4
foreach (r in RANGE | create (n5:File {id:r, name:"File"+" "+r+".txt", type:"Text"})-[:PART_OF]->(n4) );
match (n4:SubFolder)
with range(8,10) as RANGE, n4
foreach (r in RANGE | create (n5:File {id:r, name:"File"+" "+r+".txt", type:"Text"})-[:PART_OF]->(n4) );
//add indexes
create index on :Department(id);
create index on :Company(id);
create index on :Person(first_name);
create index on :Person(last_name);
create index on :File(type);
create index on :Asset(name);
//add people to departments
load csv with headers from "https://docs.google.com/a/neotechnology.com/spreadsheets/d/1mSZKvPh7dzBnSIPkboKTEkGHEqDMjA3gGxZpx7Y4Zws/export?format=csv&id=1mSZKvPh7dzBnSIPkboKTEkGHEqDMjA3gGxZpx7Y4Zws&gid=1411338621" as csv
match (d:Department {id:toInt(csv.Department)})-[:DEPT_OF]->(c:Company {id:toInt(csv.Company)})
merge (p:Person {id:toInt(csv.Id), first_name:csv.FirstName, last_name:csv.LastName})-[:IS_MEMBER]->(d);
//add Rik
match (d:Department {name:"Sales"})-[:DEPT_OF]->(c:Company {name:"Neo Technology"})
merge (p:Person {id:9999, first_name:"Rik", last_name:"Van Bruggen"})-[:IS_MEMBER]->(d);
//add a Partners for Neo Technology
load csv with headers from "https://docs.google.com/a/neotechnology.com/spreadsheets/d/1mSZKvPh7dzBnSIPkboKTEkGHEqDMjA3gGxZpx7Y4Zws/export?format=csv&id=1mSZKvPh7dzBnSIPkboKTEkGHEqDMjA3gGxZpx7Y4Zws&gid=1115294362" as csv
match (neo:Company {name:"Neo Technology"})<-[:DEPT_OF]-(neosales:Department {name:"Sales"})-[:HAS_ACCESS]->(a:Asset {name:"Share of Sales"})<-[:PART_OF]-(f:Folder {name:"Folder 1"})
merge (partner:Company {name:csv.Partner, region:csv.Region, country:csv.Country, country:csv.City})-[:PARTNER_OF]->(neo)
merge (partner)-[:HAS_ACCESS]->(f)
create (d101:Department:Group {id:101, name:'Sales'})-[:DEPT_OF]->(partner),
(d102:Department:Group {id:102, name:'Marketing'})-[:DEPT_OF]->(partner),
(d103:Department:Group {id:103, name:'Finance'})-[:DEPT_OF]->(partner),
(d104:Department:Group {id:104, name:'HR'})-[:DEPT_OF]->(partner),
(d105:Department:Group {id:105, name:'Operations'})-[:DEPT_OF]->(partner),
(d106:Department:Group {id:106, name:'IT'})-[:DEPT_OF]->(partner)
create (p:Person {name:csv.Contact, email:csv.Email})-[:IS_MEMBER]->(d101);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.