From 7717bb8d89bd2585748f6f32268ba7f85bfc6bf0 Mon Sep 17 00:00:00 2001 From: Lasse Heemann Date: Mon, 10 Nov 2025 14:27:50 +0100 Subject: [PATCH 1/2] Add AUTH RULE notifications --- .../notifications/all-notifications.adoc | 88 +++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/modules/ROOT/pages/notifications/all-notifications.adoc b/modules/ROOT/pages/notifications/all-notifications.adoc index ca73dbbe..17f6e186 100644 --- a/modules/ROOT/pages/notifications/all-notifications.adoc +++ b/modules/ROOT/pages/notifications/all-notifications.adoc @@ -2956,6 +2956,7 @@ a|`` has no effect.* |Descriptions a| - The user does not have the role. See Status Codes documentation for more information. +- The auth rule does not have the role. See Status Codes documentation for more information. - The role does not have the privilege. See Status Codes documentation for more information. |Category m|SECURITY @@ -3017,6 +3018,49 @@ Verify that this is the intended role and user. ====== ===== +.Revoking a role from an auth rule that is not assigned to this role +[.tabbed-example] +===== +[.include-with-GQLSTATUS-code] +====== +Command:: ++ +[source, cypher] +---- +REVOKE ROLE admin, reader FROM AUTH RULE authrule +---- + +Returned GQLSTATUS code:: +00N71 + +Returned status description:: +note: successful completion - role or privilege not assigned. +`REVOKE ROLE reader FROM AUTH RULE authrule` has no effect. +The role or privilege is not assigned. + +Suggestions for improvement:: +Verify that this is the intended role and auth rule. +====== +[.include-with-neo4j-code] +====== +Command:: ++ +[source, cypher] +---- +REVOKE ROLE admin, reader FROM AUTH RULE authrule +---- + +Title of the returned code:: +`REVOKE ROLE reader FROM AUTH RULE` has no effect. + +Description of the returned code:: +The auth rule does not have the role. See Status Codes documentation for more information. + +Suggestions for improvement:: +Verify that this is the intended role and auth rule. +====== +===== + .Revoking a privilege from a role that does not have that privilege [.tabbed-example] ===== @@ -3076,6 +3120,7 @@ a|`` has no effect.* |Descriptions a| - The user already has the role. See Status Codes documentation for more information. +- The auth rule already has the role. See Status Codes documentation for more information. - The role already has the privilege. See Status Codes documentation for more information. |Category m|SECURITY @@ -3138,6 +3183,49 @@ Verify that this is the intended role and user. ====== ===== +.Granting a role to an auth rule which already is assigned to that role +[.tabbed-example] +===== +[.include-with-GQLSTATUS-code] +====== +Command:: ++ +[source,cypher] +---- +GRANT ROLE admin TO AUTH RULE authrule +---- + +Returned GQLSTATUS code:: +00N70 + +Returned status description:: +note: successful completion - role or privilege already assigned. +`GRANT ROLE admin TO AUTH RULE authrule` has no effect. +The role or privilege is already assigned. + +Suggestions for improvement:: +Verify that this is the intended role and auth rule. + +====== +[.include-with-neo4j-code] +====== +Command:: ++ +[source,cypher] +---- +GRANT ROLE admin TO AUTH RULE authrule +---- +Title of the returned code:: +`GRANT ROLE admin TO AUTH RULE authrule` has no effect. + +Description of the returned code:: +The auth rule already has the role. See Status Codes documentation for more information. + +Suggestions for improvement:: +Verify that this is the intended role and auth rule. + +====== +===== .Granting or denying a privilege to a role that already has that privilege // This command returns 2 notifications, one for NODES and one for RELATIONSHIPS. From 36109618018cba46e3a675985309fafc2ea1ed38 Mon Sep 17 00:00:00 2001 From: Lasse Heemann <7661319+l-heemann@users.noreply.github.com> Date: Wed, 12 Nov 2025 17:08:10 +0100 Subject: [PATCH 2/2] Apply suggestions from code review Co-authored-by: Therese Magnusson --- modules/ROOT/pages/notifications/all-notifications.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/ROOT/pages/notifications/all-notifications.adoc b/modules/ROOT/pages/notifications/all-notifications.adoc index 17f6e186..8839f92c 100644 --- a/modules/ROOT/pages/notifications/all-notifications.adoc +++ b/modules/ROOT/pages/notifications/all-notifications.adoc @@ -3018,7 +3018,7 @@ Verify that this is the intended role and user. ====== ===== -.Revoking a role from an auth rule that is not assigned to this role +.Revoking a role from an auth rule that does not have that role [.tabbed-example] ===== [.include-with-GQLSTATUS-code] @@ -3051,7 +3051,7 @@ REVOKE ROLE admin, reader FROM AUTH RULE authrule ---- Title of the returned code:: -`REVOKE ROLE reader FROM AUTH RULE` has no effect. +`REVOKE ROLE reader FROM AUTH RULE authrule` has no effect. Description of the returned code:: The auth rule does not have the role. See Status Codes documentation for more information. @@ -3183,7 +3183,7 @@ Verify that this is the intended role and user. ====== ===== -.Granting a role to an auth rule which already is assigned to that role +.Granting a role to an auth rule that already has that role [.tabbed-example] ===== [.include-with-GQLSTATUS-code]