-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introducing protocol 4.4 and User Impersonation #784
Introducing protocol 4.4 and User Impersonation #784
Conversation
24194d3
to
38577dc
Compare
Users can, when they have been granted explicit permission, run transactions against the database as different users. When impersonating a user, the query is run as the complete security context of the impersonated user and not the authenticated user (e.g. home database, permissions etc). - [x] Create protocol 4.4 version - [ ] Add protocol to the handshake - [ ] Change the messages RUN, BEGIN and ROUTE to support the impersonation parameter - [ ] Add support to the impersonation into the driver surface - [ ] Add special treatments for the default/home database
38577dc
to
d5bf0cc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly formatting and typos.
However, there are some behavioral concerns. Great PR 🎸
packages/bolt-connection/src/connection-provider/connection-provider-direct.js
Outdated
Show resolved
Hide resolved
packages/neo4j-driver/test/internal/node/direct.driver.boltkit.test.js
Outdated
Show resolved
Hide resolved
Co-authored-by: Robsdedude <[email protected]>
….test.js Co-authored-by: Robsdedude <[email protected]>
Co-authored-by: Robsdedude <[email protected]>
Co-authored-by: Robsdedude <[email protected]>
Co-authored-by: Robsdedude <[email protected]>
Co-authored-by: Robsdedude <[email protected]>
836159b
to
ae5a8bf
Compare
…ovider-direct.js Co-authored-by: Robsdedude <[email protected]>
…rovider-routing.test.js Co-authored-by: Robsdedude <[email protected]>
…ovider-routing.js Co-authored-by: Robsdedude <[email protected]>
…rovider-routing.test.js Co-authored-by: Robsdedude <[email protected]>
Co-authored-by: Robsdedude <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Some minor comments.
packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js
Outdated
Show resolved
Hide resolved
packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js
Outdated
Show resolved
Hide resolved
packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js
Outdated
Show resolved
Hide resolved
…rovider-routing.test.js Co-authored-by: Robsdedude <[email protected]>
…rovider-routing.test.js Co-authored-by: Robsdedude <[email protected]>
…rovider-routing.test.js Co-authored-by: Robsdedude <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😈
Users can, when they have been granted explicit permission, run transactions against the database as different users. When impersonating a user, the query is run as the complete security context of the impersonated user and not the authenticated user (e.g. home database, permissions etc).