在OrientDB中创建具有最低权限的Java用户 [英] Create a user with Java with lowest rights in OrientDB

问题描述

我通过以下方式创建了具有最低权限的用户：

I create a user with lowest rights in the following way:

            db.command(new OCommandScript("sql", "insert into orole set name = 'ardaRole', mode = 0")).execute();
            db.command(new OCommandScript("sql", "update orole put rules = 'database.class', 2 where name = 'ardaRole'")).execute();
            db.command(new OCommandScript("sql", "update orole put rules = 'database.function', 2 where name = 'ardaRole'")).execute();
            db.command(new OCommandScript("sql", "update orole put rules = 'database.cluster', 2 where name = 'ardaRole'")).execute();
            db.command(new OCommandScript("sql", "insert into ouser set name = 'arda', password = 'arda', status = 'ACTIVE', roles = (select from ORole where name = 'ardaRole')"))
                    .execute();

如果您想检查我的专案检查权限： http://arda-maps.org:2480 。

That works pretty well. If you want to check the rights in my project check out: http://arda-maps.org:2480 with arda arda.

所以我的问题是，这些权限仍然允许更改顶点的名称（所以我把LOVES改为LOVESd）。但是这是杀死整个数据库结构和功能！

So my issue is that these rights still allow things like changing the name of a vertex (so I changed LOVES to LOVESd). But that is killing the whole database structure and functions!

那么如何才能限制权限呢？这真的很糟糕，因为我想给任何人访问数据库。但是没有人应该能够改变任何正在读的东西...必须有一种方法...

So how can I restrict the rights even more? This is really bad, because I want to give anyone access to the database. But noone should be able to change anything there just read... There must be a way...

推荐答案

它工作在上面的方式。这只是特定用户的错误或暂时的更改，并不会进一步损害数据库。所以代码是完全正确的。

It seems that it works in the way above. This is just a bug or a temporarly change for the specific user and isn't further harming the database. So the code is totally fine.

这篇关于在OrientDB中创建具有最低权限的Java用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！