Class SecureTransaction
- java.lang.Object
-
- org.neo4j.graphalgo.core.SecureTransaction
-
- All Implemented Interfaces:
java.lang.AutoCloseable
public final class SecureTransaction extends java.lang.Object implements java.lang.AutoCloseable
Manage transactions by making sure that the correctSecurityContext
is applied.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static interface
SecureTransaction.TxConsumer<E extends java.lang.Exception>
static interface
SecureTransaction.TxFunction<T,E extends java.lang.Exception>
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description <E extends java.lang.Exception>
voidaccept(SecureTransaction.TxConsumer<E> block)
Run some code within a newTransaction
under the managedSecurityContext
.<T,E extends java.lang.Exception>
Tapply(SecureTransaction.TxFunction<T,E> block)
Run some code within a newTransaction
under the managedSecurityContext
.void
close()
Closing thisSecureTransaction
only has an effect if it owns a top-levelTransaction
, in which caseTransaction.close()
will be called, without callingTransaction.commit()
.org.neo4j.graphdb.GraphDatabaseService
db()
Returns theGraphDatabaseService
provided to this instance.SecureTransaction
fork()
Return a newSecureTransaction
that owns a newly created top-levelTransaction
.static SecureTransaction
of(org.neo4j.graphdb.GraphDatabaseService db)
Creates a newSecureTransaction
withAccessMode.Static.FULL
access.static SecureTransaction
of(org.neo4j.graphdb.GraphDatabaseService db, @Nullable org.neo4j.graphdb.Transaction top)
Creates a newSecureTransaction
with the sameSecurityContext
as the providedTransaction
.static SecureTransaction
of(org.neo4j.graphdb.GraphDatabaseService db, @Nullable org.neo4j.graphdb.Transaction transaction, org.neo4j.internal.kernel.api.security.SecurityContext securityContext)
Creates a newSecureTransaction
with the givenSecurityContext
, ignoring the context within theTransaction
.static SecureTransaction
of(org.neo4j.graphdb.GraphDatabaseService db, org.neo4j.internal.kernel.api.security.SecurityContext securityContext)
Creates a newSecureTransaction
with the givenSecurityContext
.java.util.Optional<org.neo4j.kernel.api.KernelTransaction>
topLevelKernelTransaction()
Returns theKernelTransaction
for the provided top-levelTransaction
.SecureTransaction
withRestrictedAccess(org.neo4j.internal.kernel.api.security.AccessMode accessMode)
Returns a newSecureTransaction
restricted by the providedAccessMode
.
-
-
-
Method Detail
-
of
public static SecureTransaction of(org.neo4j.graphdb.GraphDatabaseService db)
Creates a newSecureTransaction
withAccessMode.Static.FULL
access. This mirrors the default behavior of creating new transactions withGraphDatabaseService.beginTx()
.
-
of
public static SecureTransaction of(org.neo4j.graphdb.GraphDatabaseService db, @Nullable @Nullable org.neo4j.graphdb.Transaction top)
Creates a newSecureTransaction
with the sameSecurityContext
as the providedTransaction
. If this instance isclosed
, the supplied transaction will beclosed
as well.The
Transaction
can be null, in which case this method behaves the same asof(GraphDatabaseService)
.
-
of
public static SecureTransaction of(org.neo4j.graphdb.GraphDatabaseService db, org.neo4j.internal.kernel.api.security.SecurityContext securityContext)
Creates a newSecureTransaction
with the givenSecurityContext
.
-
of
public static SecureTransaction of(org.neo4j.graphdb.GraphDatabaseService db, @Nullable @Nullable org.neo4j.graphdb.Transaction transaction, org.neo4j.internal.kernel.api.security.SecurityContext securityContext)
Creates a newSecureTransaction
with the givenSecurityContext
, ignoring the context within theTransaction
. If this instance isclosed
, the supplied transaction will beclosed
as well.The
Transaction
can be null, in which case this method behaves the same asof(GraphDatabaseService, SecurityContext)
.
-
apply
public <T,E extends java.lang.Exception> T apply(SecureTransaction.TxFunction<T,E> block) throws E extends java.lang.Exception
Run some code within a newTransaction
under the managedSecurityContext
. The new transaction is closed afterwards and any resource that is tied to the lifecycle of that transaction will throw aNotInTransactionException
upon access.- Throws:
E extends java.lang.Exception
-
accept
public <E extends java.lang.Exception> void accept(SecureTransaction.TxConsumer<E> block) throws E extends java.lang.Exception
Run some code within a newTransaction
under the managedSecurityContext
. The new transaction is closed afterwards.- Throws:
E extends java.lang.Exception
-
db
public org.neo4j.graphdb.GraphDatabaseService db()
Returns theGraphDatabaseService
provided to this instance.
-
topLevelKernelTransaction
public java.util.Optional<org.neo4j.kernel.api.KernelTransaction> topLevelKernelTransaction()
Returns theKernelTransaction
for the provided top-levelTransaction
. This is only present if this instance was created with eitherof(GraphDatabaseService, Transaction)
orof(GraphDatabaseService, Transaction, SecurityContext)
with a non-null
value for theTransaction
parameter.
-
withRestrictedAccess
public SecureTransaction withRestrictedAccess(org.neo4j.internal.kernel.api.security.AccessMode accessMode)
Returns a newSecureTransaction
restricted by the providedAccessMode
. The mode only restricts does not override the givenSecurityContext
, i.e. you cannot grant more access.One use-case is to restrict the access to
AccessMode.Static.READ
to make sure that only read-only queries can be executed.A new instance is returned,
this
instance remains untouched. However, the new instance has ownership of the same top-levelTransaction
withinthis
instance. Closing it would also closethis
instance's top-level transaction. To decouple the transaction, callfork()
on the returned instance.
-
fork
public SecureTransaction fork()
Return a newSecureTransaction
that owns a newly created top-levelTransaction
. The returned instance will always own a transaction, regardless of whetherthis
instance owns one. The returned instance will operate under the sameSecurityContext
asthis
instance.This is intended for when you need to keep track of a new transaction for a longer time, in which case you can use
topLevelKernelTransaction()
to get the underlying transaction. That method will never return an emptyOptional
when it's called on the returned instance.
-
close
public void close()
Closing thisSecureTransaction
only has an effect if it owns a top-levelTransaction
, in which caseTransaction.close()
will be called, without callingTransaction.commit()
.- Specified by:
close
in interfacejava.lang.AutoCloseable
-
-