|
| 1 | +============================================================================================================================================== |
| 2 | +THIS EXAMPLE IS USED IN THE DOCUMENTATION ONLY AS A REFERENCE AND AS BASIS FOR THE ACCESS CONTROL TUTORIAL (see xref:tutorial/access-control.adoc). |
| 3 | +IT IS NOT INTENDED TO BE USED NEITHER IN PRODUCTION NOR FOR ANY OTHER PURPOSES. |
| 4 | +============================================================================================================================================== |
| 5 | + |
| 6 | + |
| 7 | + |
| 8 | +Hospital Database With Security |
| 9 | +=============================== |
| 10 | + |
| 11 | +This model is for an example hospital database with fine-grained sub-graph |
| 12 | +security used to control access to parts of the data based on roles and |
| 13 | +privileges. |
| 14 | + |
| 15 | +This forms the background data model for the documentation found at |
| 16 | +https://neo4j.com/docs/operations-manual/5/authentication-authorization/ |
| 17 | + |
| 18 | +Cypher Scripts |
| 19 | +-------------- |
| 20 | + |
| 21 | +There are two main types of scripts, those running against `system` used to |
| 22 | +setup the users, roles and security privileges, and those running against |
| 23 | +the `healthcare` database for setting up the data model itself. These |
| 24 | +scripts do not include the queries used by the different users to query the |
| 25 | +database. See the docs at |
| 26 | +https://neo4j.com/docs/operations-manual/current/authentication-authorization/ |
| 27 | +for example queries. |
| 28 | + |
| 29 | +Run as `neo4j` against the `system` database: |
| 30 | + |
| 31 | +* setup_healthcare.cypher |
| 32 | +* setup_healthcare_privileges.cypher |
| 33 | + |
| 34 | +Run as `neo4j` against the `healthcare` database: |
| 35 | + |
| 36 | +* make_healthcare.cypher |
| 37 | +* make_healthcare_meta.cypher |
| 38 | + |
| 39 | +The easiest way to run all scripts is to run the two shell scripts: |
| 40 | + |
| 41 | +* ./setup_healthcare.sh |
| 42 | +* ./run_roles.sh |
| 43 | + |
| 44 | +The first will run all the setup and make scripts on the system and |
| 45 | +healthcare database to create a complete working model with users, roles and |
| 46 | +privileges in the system database, and patients, diseases and symptoms in |
| 47 | +the healthcare database. |
| 48 | + |
| 49 | +The second script will run through a set of roles, and for each use a |
| 50 | +pre-defined user, grant it the role, find a file named |
| 51 | +healthcare_queries_$role.cypher and as that user it will run all commands in |
| 52 | +that file against the healthcare database. This allows you to test |
| 53 | +everything required in the above mentioned chapter and copy and paste all |
| 54 | +query results directly into the chapter contents. |
| 55 | + |
| 56 | +Setting up Neo4j |
| 57 | +---------------- |
| 58 | + |
| 59 | +Note that the above script assume that the Neo4j server has been configured |
| 60 | +to run on non startard ports so that it does not conflict with the documentation build itself. |
| 61 | +In particular the bolt port is 7688. |
| 62 | +See the contents of the file healthcare_config.sh for the settings, and change any |
| 63 | +that you feel are more appropriate to your server configuration (or change your server to match |
| 64 | +this configurations). |
| 65 | + |
0 commit comments