I'm trying to evaluate Neo4j-Community-3.2.2 and my IT department installed the product for me in an area where I have no permissions. All I have seem to have is a running Service and the client interface through the browser. I have an immediate problem with LOAD CSV, but I anticipate others.
My current problem is that LOAD CSV seems to limit me to the Import folder under the database, which is in a protected location. I cannot copy files to the Neo4j import directory. I need to point the location to a folder I own.
I read in a different post that this is a security measure. So .. IF there is no way to address another folder, is there a configuration option that would let me work around. I can engage my IT department to edit / replace a config file, I think.
It would be best to implement a configuration setting to point to an entirely different Neo4j root. Any advice?
dbms.directories.import
Sets the root directory for file URLs used with the Cypher LOAD CSV
clause. This must be set to a single directory, restricting access to
only those files within that directory and its subdirectories.
So just point the full path to the directory in the neo4j.conf where you can place the files:
dbms.directories.import = /path/to/csv/import/directory
Note that the user under which the neo4j is started must have permission to read files from this directory.
Related
I'm trying to set CommType in connection string for Advantage DataBase Server using Entity Framework 5 and Advantage Data Provider in a .NET Web Application.
Connection string is in properties.config file.
I trie to use ads.ini but I don't know where to put it (I try in wwwroot/site/bin but nothing happened)
I need to set this parameters:
RETRY_ADS_CONNECTS = 5
PACKET_SIZE=512
USE_TCP_IP = 1
I can do this whiteout errors, but not using properties.config file.
AdsConnection conn = new AdsConnection("data source=\\\\SERVER1\\DATA; ServerType=remote;TableType=CDX;CommType = TCP_IP");
Any clue about how to solve this? Using ADS.INI or properties.config file, same for me.
Thank you!
Gaston Brave.
You can use the ADS.INI file for this purpose. Where it needs to be located (or how to tell Advantage where to find it) depends on the OS you're using.
From the Advantage Help file topic ADS.INI:
Windows
In order for the ads.ini file to be used, it must be located in the application directory, the Windows directory, the Windows System directory, or the client's search path.
In addition, if an environment variable exists with the name adsini_path, that path will be used to locate the ads.ini file. This can be helpful when you do not want to modify the application’s search path, but still need the ads.ini file to exist in a directory multiple users have rights to (for example on Windows Vista installations). An application can often set the environment variable at run-time before calling any Advantage functions, which avoids the need to set a per-workstation environment variable.
Linux
In order for the ads.ini file to be used, it must be located in the application directory, a directory specified in an environment variable named ADSPATH, in the users home directory, or in the /etc directory. If located in the users home directory the ads.ini file should be named .ads.ini (note the initial "dot").
I'm developing a MVC5 web app, hosted through azure, that lets you manage your movies (it's just for myself at the moment). I'm trying to find a way to scan a local folder on the users pc for a list of file names. I do realise the security/permissions issues I might run into. I do not need the file uploaded, only the full file name.
It would work by the user being able to select a folder where they store their movies and it will take in all the file names, including the ones in any sub directories.
I tried a multiple file upload form but quickly ran into issues with the max request limit which I tried messing around with but it proved redundant in the end. I can settle for the user selecting multiple files but would rather it done the directory way.
I know this might prove impossible in the end but any help would be greatly appreciated.
I need to store some temporary files from my program sometimes, currently I use the AppData path which works. However, I have just been trying my program on a non Admin (guest) account on Windows. This is resulting in errors because Windows is refusing me access to the AppData folder.
What would be the most ideal path to use instead of AppData, that even a user with the lowest permissions can use?
I tried Googling this one because I am sure I have seen an article on the Microsoft website that lists the different paths and requirements needed but I can't find it.
Thanks
If you want to store temporary files then use a sub-folder in the temporary directory. Use GetTempPath to find out where this is.
Note that on all modern versions of Windows, this folder is a per-user folder and is not shared between different users. If you want a location that is shared between all users then you need the CSIDL_COMMON_APPDATA folder. However, as you have discovered, standard users do not have rights to write in the folder. The standard approach is for the installation program to create a sub-folder with a permissive ACL that allows sufficient write access for standard users.
I would like to create a simple file repository in Ruby on Rails. Users have their accounts, and after one logs in they can upload a file or download files previously uploaded.
The issue here is the security. Files should be safe and not available to anyone but the owners.
Where, in which folder, should I store the files, to make them as safe as possible?
Does it make sense, to rename the uploaded files, store the names in a database and restore them when needed? This might help avoid name conflicts, though I'm not sure if it's a good idea.
Should the files be stored all in one folder, or should they be somewhat divided?
rename the files, for one reason, because you have no way to know if today's file "test" is supposed to replace last week's "test" or not (perhaps the user had them in different directories)
give each user their own directory, this prevents performance problems and makes it easy to migrate, archive, or delete a single user
put metadata in the database and files in the file system
look out for code injection via file name
This is an interesting question. Depending on the level of security you want to apply I would recommend the following:
Choose a folder that is only accessible by your app server (if you chose to store in the FS)
I would always recommend to rename the files to a random generated hash (or incremntally generated name like used in URL shorteners, see the open source implementation of rubyurl). However, I wouldn't store them in a database because filesystems are built for handling files, so let it do the job. You should store the meta data in the database to be able to set the right file name when the user downloads the file.
You should partition the files among multiple folders. This gives you multiple advantages. First, filesystems are not built to handle millions of files in a single folder. If you have operations that try to get all files from a folder this takes significantly more time. If you obfuscate the original file name you could create one directory for each letter in the filename and would get a fairly good distributed number of files per directory.
One last thing to consider is the possible collision of file names. A user should not be able to guess a filename from another user. So you might need some additional checks here.
Depending on the level of security you want to achieve you can apply more and more patterns.
Just don't save the files in the public folder and create a controller that will send the files.
How you want to organise from that point on is your choice. You could make a sub folder per user. There is no need to rename from a security point of view, but do try to cleanup the filename, spaces and non ascii characters make things harder.
For simple cases (where you don't want to distribute the file store):
Store the files in the tmp directory. DON'T store them in public. Then only expose these files via a route and controller where you do the authentication/authorisation checks.
I don't see any reason to rename the files; you can separate them out into sub directories based on the user ID. But if you want to allow the uploading of files with the same name then you may need to generate a unique hash or something for each file's name.
See above. You can partition them any way you see fit. But I would definitely recommend partitioning them and not lumping them in one directory.
Is there a standard place to put the mnesia database within erlang? At the moment I am putting it in the priv directory.
By default, Mnesia will create the schema in a subdirectory called Mnesia.<node name> of the current directory of the emulator process.
If that's not what you want, all you need to do is set Mnesia's dir application variable with something like
application:set_env(mnesia, dir, "/path/to/db").
As for where to place the database: that depends on your deployment scenario. Since application
variables can also be set using release config files or command line arguments, you can delay that
decision until you ship (or install on your own servers). For use in production, a standard directory like /var/lib/<your application>/mnesia-<node name>(on unix) should do.
For playing around, i'd recommend using a dedicated directory under the code root (NOT the priv directory) and setting that location within your application's startup section.
In my pet projects, i often use code such as
Root = filename:absname_join(filename:dirname(?FILE), ".."),
application:set_env(mnesia, dir, filename:join(Root, "db")).
for exactly that purpose.
As far as I know, when you create the schema every node creates a schema directory in its root directory.
Therefore, I guess that can be considered the default location.
If, for some reason, you have to include a schema together with your application, well, I guess the priv folder should be fine, since it is supposed to be used for application specific files and it's easily accessible via the code:priv_dir/1 function.