OrientDB Tutorial
OrientDB Database Commands
OrientDB Record Commands
OrientDB Class Commands
OrientDB Cluster Commands
OrientDB Property Commands
OrientDB Vertex Commands
OrientDB Edge Commands
OrientDB Advanced Concepts
OrientDB Interfaces
OrientDB Useful Resources
Selected Reading
- OrientDB - Console Modes
- OrientDB - Data Types
- OrientDB - Basic Concepts
- OrientDB - Installation
- OrientDB - Overview
- OrientDB - Home
OrientDB Database Commands
- OrientDB - Drop Database
- OrientDB - Optimize Database
- OrientDB - Rollback Database
- OrientDB - Commit Database
- OrientDB - Import Database
- OrientDB - Export Database
- OrientDB - Config Database
- OrientDB - Release Database
- OrientDB - Freeze Database
- OrientDB - List Database
- OrientDB - Info Database
- OrientDB - Disconnect Database
- OrientDB - Connect Database
- OrientDB - Restore Database
- OrientDB - Backup Database
- OrientDB - Alter Database
- OrientDB - Create Database
OrientDB Record Commands
- OrientDB - Delete Record
- OrientDB - Truncate Record
- OrientDB - Update Record
- OrientDB - Export Record
- OrientDB - Reload Record
- OrientDB - Load Record
- OrientDB - Display Records
- OrientDB - Insert Record
OrientDB Class Commands
OrientDB Cluster Commands
- OrientDB - Drop Cluster
- OrientDB - Truncate Cluster
- OrientDB - Alter Cluster
- OrientDB - Create Cluster
OrientDB Property Commands
OrientDB Vertex Commands
OrientDB Edge Commands
OrientDB Advanced Concepts
- OrientDB - Studio
- OrientDB - Security
- OrientDB - Upgrading
- OrientDB - Performance Tuning
- OrientDB - Logging
- OrientDB - Caching
- OrientDB - Hooks
- OrientDB - Transactions
- OrientDB - Indexes
- OrientDB - Sequences
- OrientDB - Functions
OrientDB Interfaces
OrientDB Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
OrientDB - Security
OrientDB - Security
Like RDBMS, OrientDB also provides security based on well-known concepts, users, and roles. Each database has its own users and each user has one or more roles. Roles are the combination of working modes and set of permissions.
Users
By default OrientDB maintains three different users for all database in the server −
Admin − This user has access to all functions on the database without pmitation.
Reader − This user is a read-only user. The reader can query any records in the database, but can t modify or delete them. It has no access to internal information, such as the users and roles themselves.
Writer − This user is the same as the user reader, but it can also create, update, and delete records.
Working with Users
When you are connected to a database, you can query the current users on the database by using SELECT queries on the OUser class.
orientdb> SELECT RID, name, status FROM OUser
If the above query is executed successfully, you will get the following output.
---+--------+--------+-------- # | @CLASS | name | status ---+--------+--------+-------- 0 | null | admin | ACTIVE 1 | null | reader | ACTIVE 2 | null | writer | ACTIVE ---+--------+--------+-------- 3 item(s) found. Query executed in 0.005 sec(s).
Creating a New User
To create a new user, use the INSERT command. Remember, in doing so, you must set the status to ACTIVE and give it a vapd role.
orientdb> INSERT INTO OUser SET
name = jay ,
password = JaY ,
status = ACTIVE ,
roles = (SELECT FROM ORole WHERE name = reader )
Updating Users
You can change the name for the user with the UPDATE statement.
orientdb> UPDATE OUser SET name = jay WHERE name = reader
In the same way, you can also change the password for the user.
orientdb> UPDATE OUser SET password = hello WHERE name = reader
OrientDB saves the password in a hash format. The trigger OUserTrigger encrypts the password transparently before it saves the record.
Disabpng Users
To disable a user, use UPDATE to switch its status from ACTIVE to SUSPENDED. For instance, if you want to disable all users except for admin, use the following command −
orientdb> UPDATE OUser SET status = SUSPENDED WHERE name <> admin
Roles
A role determines what operations a user can perform against a resource. Mainly, this decision depends on the working mode and the rules. The rules themselves work differently, depending on the working mode.
Working with Roles
When you are connected to a database, you can query the current roles on the database using SELECT queries on the ORole class.
orientdb> SELECT RID, mode, name, rules FROM ORole
If the above query is executed successfully, you will get the following output.
--+------+----+--------+-------------------------------------------------------
# |@CLASS|mode| name | rules
--+------+----+--------+-------------------------------------------------------
0 | null | 1 | admin | {database.bypassRestricted = 15}
1 | null | 0 | reader | {database.cluster.internal = 2, database.cluster.orole = 0...
2 | null | 0 | writer | {database.cluster.internal = 2, database.cluster.orole = 0...
--+------+----+--------+-------------------------------------------------------
3 item(s) found. Query executed in 0.002 sec(s).
Creating New Roles
To create a new role, use the INSERT statement.
orientdb> INSERT INTO ORole SET name = developer , mode = 0
Working with Modes
Where rules determine what users belonging to certain roles can do on the databases, working modes determine how OrientDB interprets these rules. There are two types of working modes, designated by 1 and 0.
Allow All But (Rules) − By default it is the super user mode. Specify exceptions to this using the rules. If OrientDB finds no rules for a requested resource, then it allows the user to execute the operation. Use this mode mainly for power users and administrators. The default role admin uses this mode by default and has no exception rules. It is written as 1 in the database.
Deny All But (Rules) − By default this mode allows nothing. Specify exceptions to this using the rules. If OrientDB finds rules for a requested resource, then it allows the user to execute the operation. Use this mode as the default for all classic users. The default roles, reader and writer, use this mode. It is written as 0 in the database.