Skip to content

Remove mentions of aliases from DBMS privileges (#2376) #2384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

Remove mentions of aliases from DBMS privileges (#2376) #2384

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 13 additions & 13 deletions modules/ROOT/pages/authentication-authorization/dbms-administration.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ CREATE ROLE customAdministrator
----
GRANT ALL DBMS PRIVILEGES ON DBMS TO customAdministrator
----
. And explicitly deny the privilege to manage databases and aliases:
. And explicitly deny the privilege to manage databases:
+
[source, cypher, role=noplay]
----
Expand All @@ -172,7 +172,7 @@ DENY DATABASE MANAGEMENT ON DBMS TO customAdministrator
GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * TO customAdministrator
----

The resulting role has privileges that include all DBMS privileges except creating, dropping, and modifying databases and aliases, as well as managing transactions.
The resulting role has privileges that include all DBMS privileges except creating, dropping, and modifying databases, as well as managing transactions.
Use the following query to list all privileges for the role `customAdministrator` as commands:

[source, cypher, role=noplay]
Expand Down Expand Up @@ -864,19 +864,19 @@ For more details about the syntax descriptions, see xref:database-administration
GRANT [IMMUTABLE] CREATE DATABASE
ON DBMS
TO role[, ...]
| Enables the specified roles to create new standard databases and aliases.
| Enables the specified roles to create new standard databases.

| [source, syntax, role=noheader]
GRANT [IMMUTABLE] DROP DATABASE
ON DBMS
TO role[, ...]
| Enables the specified roles to delete standard databases and aliases.
| Enables the specified roles to delete standard databases.

| [source, syntax, role=noheader]
GRANT [IMMUTABLE] ALTER DATABASE
ON DBMS
TO role[, ...]
| Enables the specified roles to modify standard databases and aliases.
| Enables the specified roles to modify standard databases.

| [source, syntax, role=noheader]
GRANT [IMMUTABLE] SET DATABASE ACCESS
Expand Down Expand Up @@ -906,20 +906,20 @@ GRANT COMPOSITE DATABASE MANAGEMENT
GRANT [IMMUTABLE] DATABASE MANAGEMENT
ON DBMS
TO role[, ...]
| Enables the specified roles to create, delete, and modify databases and aliases.
| Enables the specified roles to create, delete, and modify databases.

|===


The ability to create standard databases and aliases can be granted via the `CREATE DATABASE` privilege.
The ability to create standard databases can be granted via the `CREATE DATABASE` privilege.
See an example:

[source, cypher, role=noplay]
----
GRANT CREATE DATABASE ON DBMS TO databaseAdder
----

The resulting role has privileges that only allow creating standard databases and aliases.
The resulting role has privileges that only allow creating standard databases.
List all privileges for the role `databaseAdder` as commands by using the following query:

[source, cypher, role=noplay]
Expand Down Expand Up @@ -959,15 +959,15 @@ SHOW ROLE compositeDatabaseAdder PRIVILEGES AS COMMANDS
a|Rows: 1
|===

The ability to delete standard databases and aliases can be granted via the `DROP DATABASE` privilege.
The ability to delete standard databases can be granted via the `DROP DATABASE` privilege.
See an example:

[source, cypher, role=noplay]
----
GRANT DROP DATABASE ON DBMS TO databaseDropper
----

The resulting role has privileges that only allow deleting standard databases and aliases.
The resulting role has privileges that only allow deleting standard databases.
List all privileges for the role `databaseDropper` as commands by using the following query:

[source, cypher, role=noplay]
Expand Down Expand Up @@ -1007,15 +1007,15 @@ SHOW ROLE compositeDatabaseDropper PRIVILEGES AS COMMANDS
a|Rows: 1
|===

The ability to modify standard databases and aliases can be granted via the `ALTER DATABASE` privilege.
The ability to modify standard databases can be granted via the `ALTER DATABASE` privilege.
See an example:

[source, cypher, role=noplay]
----
GRANT ALTER DATABASE ON DBMS TO databaseModifier
----

The resulting role has privileges that only allow modifying standard databases and aliases.
The resulting role has privileges that only allow modifying standard databases.
List all privileges for the role `databaseModifier` as commands by using the following query:

[source, cypher, role=noplay]
Expand Down Expand Up @@ -1079,7 +1079,7 @@ SHOW ROLE compositeDatabaseManager PRIVILEGES AS COMMANDS
a|Rows: 1
|===

The ability to create, delete, and modify databases and aliases can be granted via the `DATABASE MANAGEMENT` privilege.
The ability to create, delete, and modify databases can be granted via the `DATABASE MANAGEMENT` privilege.
See an example:

[source, cypher, role=noplay]
Expand Down