RBAC -> Role Based Access Control
Hello!! I´m learning neo4j but I dont feel confident about the best practice for a scenario where there are multiple users roles and cases. I´ll give an example:
A Police departament haver multiple officers and investigations. Admin created a POLE graph BI () so officers can add graph data of their cases.
One case can be assigned to more than one officer, one officer can be assigned to more than one case (many-to-many).
If one suspect (:Person) is assigned to a case, a junior officer(field policeman) should have partial access to all properties on the database, as opposed to a senior officer(investigator).
How can an application generate subgraphs for each case? Here are my thoughts:
I read this thread: Proper way to implement multi-tenancy on Neo4j - #9 by jim.webber
and this: Multi-Tenancy on Neo4j - #3 by alfonso.martinez
Here are my possible options:
1 Add a property to nodes and relationships, adding case number. -> It wont work well if it´s a many-to-many and queries get tricky.
2 Create a "investigation ID" node where all nodes will have a relationsip to it. That´s what I think it was suggested here: https://neo4j.com/blog/analytical-subgraph-overlays-in-neo4j/ -> RBAC will be assigned on query.
3 Use multi-labels nodes and relationships, assigning cases to it. -> RBAC will be assigned on query
4 Use the new RBAC implemented in neo4j 4.X(Fine-grained access control - Operations Manual) , so each investigation will be considered a user, also, I´ll have user roles, such as investigator and policeman. -> This feature is only avalable on enterprise license?
This is for a toy project, so it would be greate if neo4j enterprise is not needed.
Thanks in advance!