About the project
Typically, authorization applications include some form of group and user relationships. In particular, lots of organizations do use ActiveDirectory to protect resources like code repositories, virtual machines, etc. Such resource management, in essence, is backed by a user-group-resource relationship. This project aims to demonstrate the simplicity and cleanliness of the corporate authorization solution if it would be implemented using graphs and Neo4j in particular.
Desktop tracker
Desktop tracker is available at releases page, requires Java 8+
Tech stack:
- Spring Boot 2 with reactive WebFlux REST endpoints and security.
- Neo4j database with SDN-RX (endpoints) and OGM (reporting) access layers.
- Spring Batch with metadata persistence on Neo4j
- Angular / Angular material/flex for UI
- Gradle as build system.
- Dockerized deployment via docker-compose.
Demo environment
Demo environment to play with project is located here - https://demo.timetracker.tk
Demo users
Admin user at https://demo.timetracker.tk has admin/admin
credentials. You can see an organization tree with this user.
Typically, all other users have a password that is equal to the username - you can try petya/petya
for
example.
Why graph database?
Group and users’ owned resources are clear:
Also, code that fetches those resources is simple too, exactly one query to read all owned groups:
MATCH (m:User)-[:IN_GROUP]->(g:Group)-[:HAS_CHILD*]->(r:Group) WHERE id(m) = $ownerId RETURN id(r)
UNION MATCH (m:Group)-[:HAS_CHILD*]->(r:Group) WHERE id(m) = $ownerId RETURN id(r)
UNION MATCH (m)-[role:MANAGER*]->(r:Group) WHERE id(m) = $ownerId AND (m:Group OR m:User)
AND NONE(
dated in role WHERE (type(dated) IN ['MANAGER', 'DEVELOPER'])
AND (localdatetime() <= dated.from OR localdatetime() >= dated.to)
)
RETURN id(r)
UI / Application look
Features:
- Complex user-group relations management including date based role validity (i.e. developer in project from 2019-01-01 to 2020-01-01).
- Simple to use time card entry and modification.
- Template-based report generation in xlsx format (using jxls templates).
- Reactive endpoints.
Report templates can be found here:
Architecture
Build and run
Root project dir, execute these:
./gradlew clean buildImage
export TIMETRACKER_VERSION=`git rev-parse --verify --short HEAD`
docker-compose up
# OR 'sudo -E docker-compose up' if you need sudo to run docker
Commands above spin up everything needed. UI will be at localhost:6500
Run from IDE
-
Start the database using
docker run --rm -d --publish=7474:7474 --publish=7687:7687 --volume=$HOME/neo4j/data:/data -e NEO4J_AUTH=neo4j/docker neo4j/neo4j-experimental:4.0.0-rc01
- Start administration module
- Start time-tracking-server
- Start worker (only needed if you want reports)
- Install and run UI:
- Install dependencies - cd time-tracker-ui - npm install
- Install angular-cli:
npm install -g @angular/cli
- Run UI:
ng serve --port 6500 --proxy-config proxy.conf.json
- Open http://localhost:6500 - there you can play with user
admin/admin
Stub data
To create stub data:
- Ensure you have removed
neo-db
docker volume if it is not first start. docker-compose up
- run
administration/src/main/resources/init.sh
.
Important note - init.sh
assumes that it is executed on clean database which was touched by administration
application - that means clean neo4j started and administration app started but no users were added through UI.
Test users all have same password as their login. I.e. admin/admin