Hi all,
Submitted the PR with necessary changes. Kindly review.
PR: https://github.com/apache/tinkerpop/pull/2025
On Fri, Apr 14, 2023 at 9:33 PM Sai Phanindhra <[email protected]> wrote:
> Hi all,
> In the graph implementation I'm working on, we are interested in
> knowing the type of operations like read, write, delete performed during
> the query execution so that we can apply authorization logic to allow users
> to run only a few types of queries. As of today, there is no
> straightforward way to check whether a certain step performs only read or
> write or delete or any combinations of these three. Only way to check if a
> step is capable of mutation is to see if it implements the Mutating
> interface or bot. We cannot distinguish whether the mutating is a write
> operation or delete operation or both. To achieve this I propose marker
> interfaces Writing and Deleting to identify the respective step
> capabilities.
>
> Another observation is We are using Bytecode instructions to infer
> operation types and they are not very helpful in identifying the operation
> type(read, write, delete) as there is no mapping between operation name and
> its corresponding Tinkerpop Step. Recent mergeE, mergeV steps slipped past
> the checks we added for authorization. By maintaining a map of the
> operation name and its corresponding Tinkerpop Step if it exists, helps
> maintain a strict relationship between Bytecode operation and its
> corresponding Tinkerpop step. Combining these 2 changes will make it easy
> to infer the type of operation performed by the query and easy to apply
> authorization and authorization works out of the box for newly added steps
> as well.
>
> If there are no objections, I'll proceed with these changes and offer a
> pull request for review. If time permits, i would like to include this
> change in Tinkerpop version 3.6.3
>
> --
> Thanks & Regards,
> Sai Phanindhra
>
>
--
Sai Phanindhra
