cancel
Showing results for 
Search instead for 
Did you mean: 

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Using Cypher to generate Cypher statements to recreate Users and Roles

The following can be used to extract user and role defintions from an existing database and the resultant output can be played
back on another Neo4j database.

<!-- //export roles -->
return '//export Roles' as output
union all
call dbms.security.listRoles() yield role return 'call dbms.security.createRole(\'' + role + '\');' as output
union all 
<!-- //export users -->
return '//export Users' as output
union all
call dbms.security.listUsers() yield username return 'call dbms.security.createUser(\'' + username + '\',\'newpassword\');' as output
union all
<!-- // export user to role maps -->
return '//export Roles to User map' as output
union all
call dbms.security.listRoles() yield role,users with role,users unwind users as user return 'call dbms.security.addRoleToUser(\'' + role + '\',' + user + '\');'  as output

The resultant output will default all users passwords to 'newpassword' and the user will be required to change their password on initial
log on.
Sample output is as follows:

<!-- //export Roles -->
call dbms.security.createRole('reader');
call dbms.security.createRole('architect');
call dbms.security.createRole('admin');
call dbms.security.createRole('publisher');
<!-- //export Users -->
call dbms.security.createUser('neo4j_dba','newpassword');
call dbms.security.createUser('neo4j','newpassword');
<!-- //export Roles to User map -->
call dbms.security.addRoleToUser('admin',neo4j');
call dbms.security.addRoleToUser('admin',neo4j_dba');

The approach used above is similar to related knowledgebase document "Using Cypher to generate Cypher statements to recreate
indexes and constraints"

0 REPLIES 0