Access control management

This extension lets you manage access control for roles and users, letting you assign users to roles as well as controlling which node labels can be read by a user.

This extension is only visible to users with the role of "Administrator" or "Super User". Enabling this extension allows the admin user to manage the labels of the roles in the database and then attach them to the users.

Using the extension

If you are logged in to NeoDash as an admin user, you can enable the extension in the extensions menu. Doing so adds a new button for the user next to the settings button in the dashboard header. If the user clicks the button, a window with all the roles in the database appears.

The user can then click on any role and a window appears with the role’s context:

User list - This is a list of users from your database. You can select multiple users from the list and the role will be added to all the selected users.
Allow list - This is a list of labels that the role is granted to read. You can select multiple labels from the list or if you want every label to be granted, you can select "*" from the list (this requires a database to be selected).
Deny list - This is a list of labels that the role is denied to read. You can select multiple labels from the list or if you want every label to be denied, you can select "*" from the list (this requires a database to be selected).

Finally when the admin user clicks on Save button, the role is updated in the database and the labels will be granted or denied to the users that were selected for the specific role and database.

Universal (cross-database) GRANT and DENY privileges are not supported by this extension. Privileges must be added on a database-specific level. See the Neo4j documentation on read privileges for more information.