Tracking assets is about more than just the assets themselves, but also the related metadata: the properties of the assets and the relationships between them.
For example, if you have a number of retail stores, you need to track properties like addresses, square footage and total annual sales per store. However, some of that data is highly sensitive (like sales figures), and you need a system to control which users have access to which data categories and assets.
In this webinar, Brian Underwood shows you how to create simple and reusable code to build an access control system using Ruby on Rails similar to the one described above, including a consistent UI and the ability to grant or deny access to users – all powered by Neo4j.
2. Agenda
Demo
• Asset Portal UI
• The code
Overview
• Neo4j.rb
• The asset portal
■ Asset management
■ Access control
3. Neo4j.rb
● Consists primarily of the neo4j-core, neo4j gems
● neo4j-core allows you to query at a low level
○ Raw Cypher queries: query("MATCH n RETURN n")
○ Query class API: query.match(:n).return(:n)
● neo4j provides the ActiveNode and ActiveRel modules for object
modeling of nodes and relationships
7. Neo4j.rb - Querying
class Post
has_one :out, :author, type: :written_by, model_class: 'User'
has_many :in, :comments, type: :comments_on
end
class Comment
has_one :out, :author, type: :written_by, model_class: 'User'
end
class User
has_many :in, :posts, origin: :author
end
user.posts.comments(:c).author(:u2).pluck('u2.name, count(c)')
8. Many ways to get help
Active on StackOverflow
stackoverflow.com/questions/ask?tags=neo4j.rb+neo4j+ruby
Gitter chat room
gitter.im/neo4jrb/neo4j
Twitter
twitter.com/neo4jrb
9. The Asset Portal
We wanted to:
• Rewrite our existing GraphGist portal
• Create a learning resource for Neo4j and Ruby
• Make a Neo4j.rb screencast series
• Write articles: "Why You Should Use Neo4j in Your Next Ruby App"
• Host a webinar
• Make something useful
10. Quick aside: GraphGists
● Interactive Neo4j-backed documents for demonstrating graph use-
cases and solutions
Website:
graphgist.neo4j.com
GraphConnect Presentation:
From Zero to GraphGists
DEMO
12. The Asset Portal - What’s Related and How
Assets are connected to Model
indirectly via the Asset’s label and
the Model’s name property
13. The Asset Portal - Creating Assets and Metadata
class Book < Asset
property :isbn13, type: String
property :author, type: String
property :publish_date, type: String
end
This automatically generates a user interface for managing books and
their properties.
14. The Asset Portal - Access Control
● Access can be given
○ directly: User to Asset
○ indirectly: via a Group
○ indirectly: via a series of
Subgroups
● CAN_ACCESS relationships
have a “level” property to
determine “read” vs ”write”
15. The Asset Portal - Access Control
This sort of access control is
useful and easy to understand,
but is much more difficult to
implement in other databases.
16. The Asset Portal - Access Control
● Access can be given to:
○ A category which gives
them access to all assets in
that category
○ A type of asset (in this case
Book) which gives access to
all assets of that type
○ A property on an asset
type (in this case
“total_sales” on books)
17. The Asset Portal - Challenges
● Can we make an asset portal which is easy for people to get going
but which allows them to customize as they like?
● Can we make a generic asset portal which also works as a GraphGist
portal?
● Can we make a GraphGist portal which other people can host?
● How can we make an asset / GraphGist portal which is generic and
useful for everybody but which we can style to the neo4j.com
website?
18. The Asset Portal
Built using:
● Ruby on Rails
● Neo4j.rb
● Semantic UI
● Ember.js
Best practices:
● RSpec
● Rubocop
● Slim
● Devise
● Paperclip
19. The Asset Portal - Idea: As a Rails Engine
Rails Application
Your app with custom code Asset Portal Engine
● Asset CRUD UI
● Asset administration
○ Access
○ Approval
20. The Asset Portal - Idea: GraphGist application
GraphGist Application
Hosts your own GraphGists locally Asset Portal Engine
● Asset CRUD UI
● Asset administration
○ Access
○ Approval
21. Demo
● Asset portal UI
○ Viewing and editing assets
○ Setting permissions on assets, properties, categories
● Code
○ Book model
○ Asset.authorized_for
○ Asset.authorized_properties_query