Read Query Structure
[USE]
[MATCH [WHERE]]
[OPTIONAL MATCH [WHERE]]
[WITH [WHERE] [ORDER BY] [SKIP] [LIMIT]]
RETURN [ORDER BY] [SKIP] [LIMIT]
Baseline for pattern search operations.
USE
clause.MATCH
clause.OPTIONAL MATCH
clause.WITH
clause.RETURN
clause.- Cypher keywords are not case-sensitive.
- Cypher is case-sensitive for variables.
MATCH
MATCH (n)
RETURN n AS node
Find all nodes and return all nodes.
MATCH (n:Person)-[:KNOWS]->(m:Person)
WHERE n.name = 'Alice'
RETURN m AS person
Node patterns can contain labels and properties.
MATCH (n)-->(m)
RETURN n, m
Any pattern can be used in MATCH
.
MATCH (n {name: 'Alice'})-->(m)
RETURN m AS node
Patterns with node properties.
MATCH p = (n)-->(m)
RETURN p AS path
Assign a path to p
.
OPTIONAL MATCH
OPTIONAL MATCH (n)-[r]->(m {name: 'Alice'})
RETURN n, r, m
An OPTIONAL MATCH
matches patterns against your graph database, just like a MATCH
does.
The difference is that if no matches are found, OPTIONAL MATCH
will use a null
for missing parts of the pattern.
MATCH (n {name: 'Neo'})
OPTIONAL MATCH (n)-[r]->(m {name: 'Alice'})
RETURN n, r, m
You should MATCH
the portions that must be present, and then the OPTIONAL MATCH
on the pieces of the pattern that may not be present.
WHERE
MATCH (n:Person)-->(m:Person)
WHERE n.property <> $value
RETURN n, m
The WHERE
clause adds constraints to the patterns in a MATCH
or OPTIONAL MATCH
clause; or filters the results of a WITH
clause.
The scope of the WHERE
clause is within the related MATCH
, OPTIONAL MATCH
, or WITH
clause.
WHERE EXISTS {
MATCH (n)-->(m)
WHERE n.age = m.age
}
Use an existential subquery to filter.
RETURN
MATCH (n)-[r]->(m)
RETURN *
Return the value of all variables.
MATCH (n)-[r]->(m:Person)
RETURN n AS node, r AS rel
Use alias for result column name.
MATCH (n)-[r:KNOWS]-(m:Person)
RETURN DISTINCT n AS node
Return unique rows.
MATCH (n:Person)-[r]->(m)
RETURN n AS node, r AS rel
ORDER BY n.name
Sort the result. The default order is ASCENDING
.
MATCH (n:Person)-[r]->(m)
RETURN n AS node, r AS rel
ORDER BY n.name DESC
Sort the result in DESCENDING
order.
MATCH (n:Person)-[r]->(m)
RETURN n AS node, r AS rel
SKIP 10
Skip the 10 first rows, for the result set.
MATCH (n:Person)-[r]->(m)
RETURN n AS node, r AS rel
LIMIT 10
Limit the number of rows to a maximum of 10, for the result set.
MATCH (n:Person)-[r]->(m)
RETURN count(*) AS nbr
The number of matching rows. See aggregating functions for more.
WITH
MATCH (user)-[:FRIEND]-(friend)
WHERE user.name = $name
WITH user, count(friend) AS friends
WHERE friends > 10
RETURN user
The WITH
syntax is similar to RETURN
.
It separates query parts explicitly, allowing you to declare which variables to carry over to the next part.
Return the value of all variables.
MATCH (user)-[:FRIEND]-(friend)
WITH user, count(friend) AS friends
WHERE friends > 10
ORDER BY friends DESC
SKIP 1
LIMIT 3
RETURN user
The WITH
clause can use:
WHERE
ORDER BY
SKIP
LIMIT
UNION
MATCH (a)-[:KNOWS]->(b)
RETURN b.name AS name
UNION
MATCH (a)-[:LOVES]->(b)
RETURN b.name AS name
Returns the distinct union of all query results. Result column types and names have to match.
MATCH (a)-[:KNOWS]->(b)
RETURN b.name AS name
UNION ALL
MATCH (a)-[:LOVES]->(b)
RETURN b.name AS name
Returns the union of all query results, including duplicated rows.
Write-Only Query Structure
Read-Write Query Structure
[USE]
[MATCH [WHERE]]
[OPTIONAL MATCH [WHERE]]
[WITH [WHERE] [ORDER BY] [SKIP] [LIMIT]]
[CREATE]
[MERGE [ON CREATE ...] [ON MATCH ...]]
[WITH [WHERE] [ORDER BY] [SKIP] [LIMIT]]
[SET]
[DELETE]
[REMOVE]
[RETURN [ORDER BY] [SKIP] [LIMIT]]
CREATE
CREATE (n {name: $value})
Create a node with the given properties.
CREATE (n $map)
Create a node with the given properties.
CREATE (n)-[r:KNOWS]->(m)
Create a relationship with the specified relationship type (KNOWS
) and direction; bind a variable (r
) to it.
CREATE (n)-[:LOVES {since: $value}]->(m)
Create a relationship with the given type, direction, and properties.
SET
SET e.property1 = $value1
Update or create a property.
SET
e.property1 = $value1,
e.property2 = $value2
Update or create several properties.
SET e = $map
Set all properties. This will remove any existing properties.
SET e = {}
Using the empty map ({}
), removes any existing properties.
SET e += $map
Add and update properties, while keeping existing ones.
MATCH (n)
WHERE n.id = 123
SET n:Person
Add a label to a node. This example add the label Person
to a node.
MERGE
MERGE (n:Person {name: $value})
ON CREATE SET n.created = timestamp()
ON MATCH SET
n.counter = coalesce(n.counter, 0) + 1,
n.accessTime = timestamp()
Match a pattern or create it if it does not exist.
Use ON CREATE
and ON MATCH
for conditional updates.
MATCH
(a:Person {name: $value1}),
(b:Person {name: $value2})
MERGE (a)-[r:LOVES]->(b)
MERGE
finds or creates a relationship between the nodes.
MATCH (a:Person {name: $value1})
MERGE (a)-[r:KNOWS]->(b:Person {name: $value3})
MERGE
finds or creates paths attached to the node.
DELETE
MATCH ()-[r]->()
WHERE r.id = 123
DELETE r
Delete a relationship.
MATCH ()-[r]->()
DELETE r
Delete all relationships.
MATCH (n)
WHERE n.id = 123
DETACH DELETE n
Delete a node and all relationships connected to it.
MATCH (n)-[r]-()
WHERE r.id = 123 AND n.id = 'abc'
DELETE n, r
Delete a node and a relationship. This will throw an error if the node is attached to more than one relationship.
MATCH (n1:Person)-[r {id: 123}]->(n2:Person)
CALL {
WITH n1 MATCH (n1)-[r1]-()
RETURN count(r1) AS rels1
}
CALL {
WITH n2 MATCH (n2)-[r2]-()
RETURN count(r2) AS rels2
}
DELETE r
RETURN
n1.name AS node1, rels1 - 1 AS relationships1,
n2.name AS node2, rels2 - 1 AS relationships2
Delete a relationship and return the number of relationships for each node after the deletion.
MATCH (n)
DETACH DELETE n
Delete all nodes and relationships from the database.
REMOVE
MATCH (n:Person)
WHERE n.id = 123
REMOVE n:Person
Remove a label from a node. REMOVE n:ExampleLabel
MATCH (n:Person)
WHERE n.id = 123
REMOVE n.alias
Remove a property. REMOVE e.property
MATCH (n:Person)
WHERE n.id = 123
SET n = {} # REMOVE ALL properties
REMOVE
cannot be used to remove all existing properties from a node or relationship.
All existing properties can be removed from a node or relationship by using the SET
clause with the property replacement operator (=
) and an empty map ({}
) as the right operand.
CASE
CASE n.eyes
WHEN 'blue' THEN 1
WHEN 'brown' THEN 2
ELSE 3
END
The CASE
clause can only be used as part of the RETURN
clause or the WITH
clause.
Return THEN
value from the matching WHEN
value.
The ELSE
value is optional, and substituted for null if missing.
CASE
WHEN n.eyes = 'blue' THEN 1
WHEN n.age < 40 THEN 2
ELSE 3
END
Return THEN
value from the first WHEN
predicate evaluating to true
.
Predicates are evaluated in order.
CALL procedure
CALL db.labels() YIELD label
This shows a standalone call to the procedure db.labels
to list all labels used in the database.
Note that required procedure arguments are given explicitly in brackets after the procedure name.
CALL db.labels() YIELD *
Standalone calls may use YIELD *
to return all columns.
CALL java.stored.procedureWithArgs
Standalone calls may omit YIELD
and also provide arguments implicitly via statement parameters, e.g. a standalone call requiring one argument input may be run by passing the parameter map {input: 'foo'}
.
CALL db.labels() YIELD label
RETURN count(label) AS db_labels
Calls the built-in procedure db.labels
inside a larger query to count all labels used in the database.
Calls inside a larger query always requires passing arguments and naming results explicitly with YIELD
.
CALL subquery
CALL {
MATCH (p:Person)-[:FRIEND_OF]->(other:Person)
RETURN p, other
UNION
MATCH (p:Child)-[:CHILD_OF]->(other:Parent)
RETURN p, other
}
This calls a subquery with two union parts. The result of the subquery can afterwards be post-processed.
FOREACH
WITH ['Alice', 'Neo'] AS names
FOREACH ( value IN names | CREATE (:Person {name: value}) )
Execute a mutating operation for each element in a list.
FOREACH ( r IN relationships(path) | SET r.marked = true )
Execute a mutating operation for each relationship in a path.
LOAD CSV
LOAD CSV FROM
'https://neo4j.com/docs/cypher-refcard/4.4/csv/artists.csv'
AS line
CREATE (:Artist {name: line[1], year: toInteger(line[2])})
Load data from a CSV file and create nodes.
LOAD CSV WITH HEADERS FROM
'https://neo4j.com/docs/cypher-refcard/4.4/csv/artists-with-headers.csv'
AS line
CREATE (:Artist {name: line.Name, year: toInteger(line.Year)})
Load CSV data which has headers.
LOAD CSV WITH HEADERS FROM
'https://neo4j.com/docs/cypher-refcard/4.4/csv/artists-with-headers.csv'
AS line
CALL {
WITH line
CREATE (:Artist {name: line.Name, year: toInteger(line.Year)})
} IN TRANSACTIONS OF 500 ROWS
Subqueries can be made to execute in separate, inner transactions, producing intermediate commits.
Deprecated syntax: PERIODIC COMMIT
.
Only auto-commit (implicit) transactions can accept this; pre-pend with :auto
in Neo4j Browser.
LOAD CSV FROM
'https://neo4j.com/docs/cypher-refcard/4.4/csv/artists-fieldterminator.csv'
AS line FIELDTERMINATOR ';'
CREATE (:Artist {name: line[1], year: toInteger(line[2])})
Use a different field terminator, not the default which is a comma (with no whitespace around it).
file()
The file()
function returns a string; the absolute path of the file that LOAD CSV
is processing.
Returns null
if called outside of LOAD CSV
context.
linenumber()
The linenumber
function returns an integer; the line number that LOAD CSV
is currently processing.
Returns null
if called outside of LOAD CSV
context.
SHOW FUNCTIONS
SHOW FUNCTIONS
List all available functions, returns only the default outputs (name
, category
, and description
).
SHOW FUNCTIONS YIELD *
Listing all available functions.
SHOW PROCEDURES
SHOW PROCEDURES
Listing all available procedures, returns only the default outputs (name
, description
, mode
, and worksOnSystem
).
SHOW PROCEDURES YIELD *
Listing all available procedures.
SHOW PROCEDURES EXECUTABLE YIELD name
List all procedures that can be executed by the current user and return only the name of the procedures.
SHOW TRANSACTIONS
SHOW TRANSACTIONS
Listing running transactions (within the instance), returns only the default outputs (database
, transactionId
, currentQueryId
, connectionId
, clientAddress
, username
, currentQuery
, startTime
, status
, elapsedTime
, and allocatedBytes
).
SHOW TRANSACTIONS YIELD *
Listing running transactions (within the instance).
SHOW TRANSACTIONS 'transaction_id' YIELD *
Listing the running transaction (within the instance), with a specific transaction_id
.
Transaction IDs must be supplied as:
'id1', 'id2'
$value
, (value = 'id1'
)$value
, (value = ['id1', 'id2']
)
TERMINATE TRANSACTIONS
TERMINATE TRANSACTIONS 'transaction_id'
Terminate a specific transaction, returns the outputs:
transactionId
username
message
TERMINATE TRANSACTIONS $value
- Comma-separated list of one or more quoted strings;
'id1', 'id2'
- Parameter containing a string;
$value
, (value = 'id1'
) - Parameter containing a list of strings;
$value
, (value = ['id1', 'id2']
)
UNWIND
UNWIND [1, 2, 3] AS ix
RETURN ix + 1 AS item
The UNWIND
clause expands a list into a sequence of rows.
Three rows are returned.
WITH [[1, 2], [3, 4], 5] AS nested
UNWIND nested AS ix
UNWIND ix AS iy
RETURN iy AS number
Multiple UNWIND
clauses can be chained to unwind nested list elements.
Five rows are returned.
UNWIND $list_of_maps AS properties
CREATE (n)
SET n = properties
Create a node for each map in the list and set the given properties.
Example parameter: list_of_maps = [{name: 'Alice', age: 20}, {name: 'Neo'}]
UNWIND $names AS name
MATCH (n {name: name})
RETURN avg(n.age) AS average
With UNWIND
, any list can be transformed back into individual rows.
The example matches all names from a list of names.
Example parameter: names = ['Alice', 'Neo', 'Cypher']
USE
USE myDatabase
Select myDatabase
to execute query, or query part, against.
USE neo4j
MATCH (n:Person)-[:KNOWS]->(m:Person)
WHERE n.name = 'Alice'
MATCH
query executed against neo4j database.
Operators
DISTINCT, ., []
General
+, -, *, /, %, ^
Mathematical
=, <>, <, >, <=, >=, IS NULL, IS NOT NULL
Comparison
AND, OR, XOR, NOT
Boolean
+
String
+, IN, [x], [x .. y]
List
=~
Regular expression
STARTS WITH, ENDS WITH, CONTAINS
String matching
null
null
is used to represent missing/undefined values.
null
is not equal to null
.
Not knowing two values does not imply that they are the same value.
So the expression null = null
yields null
and not true
.
To check if an expression is null
, use IS NULL
.
Arithmetic expressions, comparisons and function calls (except coalesce
) will return null
if any argument is null
.
An attempt to access a missing element in a list or a property that does not exist yields null
.
In OPTIONAL MATCH
clauses, nulls will be used for missing parts of the pattern.
Patterns
(n:Person)
Node with Person
label.
(n:Person:Swedish)
Node with both Person
and Swedish
labels.
(n:Person {name: $value})
Node with the declared properties.
()-[r {name: $value}]-()
Matches relationships with the declared properties.
(n)-->(m)
Relationship from n
to m
.
(n)--(m)
Relationship in any direction between n
and m
.
(n:Person)-->(m)
Node n
labeled Person
with relationship to m
.
(m)<-[:KNOWS]-(n)
Relationship of type KNOWS
from n
to m
.
(n)-[:KNOWS|:LOVES]->(m)
Relationship of type KNOWS
or of type LOVES
from n
to m
.
(n)-[r]->(m)
Bind the relationship to variable r
.
(n)-[*1..5]->(m)
Variable length path of between 1 and 5 relationships from n
to m
.
(n)-[*]->(m)
Variable length path of any number of relationships from n
to m
.
(See Performance section.)
(n)-[:KNOWS]->(m {property: $value})
A relationship of type KNOWS
from a node n
to a node m
with the declared property.
shortestPath((n1:Person)-[*..6]-(n2:Person))
Find a single shortest path.
allShortestPaths((n1:Person)-[*..6]->(n2:Person))
Find a single shortest path.
size((n)-->()-->())
Count the paths matching the pattern.
Labels
CREATE (n:Person {name: $value})
Create a node with label and property.
MERGE (n:Person {name: $value})
Matches or creates unique node(s) with the label and property.
MATCH (n:Person)
RETURN n AS person
Matches nodes labeled Person.
MATCH (n)
WHERE (n:Person)
Checks the existence of the label on the node.
MATCH (n:Person)
WHERE n.name = $value
Matches nodes labeled Person
with the given name
.
MATCH (n:Person {id: 123})
SET n:Spouse:Parent:Employee
Add label(s) to a node.
MATCH (n {id: 123})
RETURN labels(n) AS labels
The labels
function returns the labels for the node.
MATCH (n {id: 123})
REMOVE n:Person
Remove the label Person
from the node.
Properties
MATCH (n {name: 'Alice'})
SET n += {
a: 1,
b: 'example',
c: true,
d: date('2022-05-04'),
e: point({x: 2, y: 3}),
f: [1, 2, 3],
g: ['abc', 'example'],
h: [true, false, false],
i: [date('2022-05-04'), date()],
j: [point({x: 2, y: 3}), point({x: 5, y: 5})],
k: null
}
Neo4j only supports a subset of Cypher types for storage as singleton or array properties. Properties can be lists of numbers, strings, booleans, temporal, or spatial.
{a: 123, b: 'example'}
A map is not allowed as a property.
[{a: 1, b: 2}, {c: 3, d: 4}]
A list of maps are not allowed as a property.
[[1,2,3], [4,5,6]]
Collections containing collections can not be stored in properties.
[1, 2, null]
Collections containing null
values can not be stored in properties.
Lists
RETURN ['a', 'b', 'c'] AS x
Literal lists are declared in square brackets.
WITH ['Alice', 'Neo', 'Cypher'] AS names
RETURN names
Literal lists are declared in square brackets.
RETURN size($my_list) AS len
Lists can be passed in as parameters.
Example parameter: my_list = [1, 2, 3]
RETURN $my_list[0] AS value
Lists can be passed in as parameters.
Example parameter: my_list = [1, 2, 3]
RETURN range($firstNum, $lastNum, $step) AS list
range()
creates a list of numbers (step is optional), other functions returning lists are: labels()
, nodes()
, relationships()
.
MATCH p = (a)-[:KNOWS*]->()
RETURN relationships(p) AS r
The list of relationships comprising a variable length path can be returned using named paths and relationships()
.
RETURN list[$idx] AS value
List elements can be accessed with idx
subscripts in square brackets.
Invalid indexes return null
.
RETURN list[$startIdx..$endIdx] AS slice
Slices can be retrieved with intervals from start_idx
to end_idx
, each of which can be omitted or negative.
Out of range elements are ignored.
MATCH (a)
RETURN [(a)-->(b) WHERE b.name = 'Alice' | b.age] AS list
Pattern comprehensions may be used to do a custom projection from a match directly into a list.
MATCH (n:Person)
RETURN n {.name, .age}
Map projections may be easily constructed from nodes, relationships and other map values.
Maps
RETURN {name: 'Alice', age: 20, address: {city: 'London', residential: true}} AS alice
Literal maps are declared in curly braces much like property maps. Lists are supported.
WITH {name: 'Alice', age: 20, colors: ['blue', 'green']} AS map
RETURN map.name, map.age, map.colors[0]
Map entries can be accessed by their keys. Invalid keys result in an error.
WITH {person: {name: 'Anne', age: 25}} AS p
RETURN p.person.name AS name
Access the property of a nested map.
MERGE (p:Person {name: $map.name})
ON CREATE SET p = $map
Maps can be passed in as parameters and used either as a map or by accessing keys.
Example parameter: map = {'name': 'Alice', 'age': 20}
MATCH (matchedNode:Person)
RETURN matchedNode
Nodes and relationships are returned as maps of their data.
Predicates
n.property <> $value
Use comparison operators.
toString(n.property) = $value
Use functions.
n.number >= 1 AND n.number <= 10
Use boolean operators to combine predicates.
n:Person
Check for node labels.
variable IS NOT NULL
Check if something is not null
, e.g. that a property exists.
n.property IS NULL OR n.property = $value
Either the property does not exist or the predicate is true
.
n.property = $value
Non-existing property returns null
, which is not equal to anything.
n['property'] = $value
Properties may also be accessed using a dynamically computed property name.
n.property STARTS WITH 'Neo'
String matching that starts with the specified string.
n.property ENDS WITH '4j'
String matching that ends with the specified string.
n.property CONTAINS 'cypher'
String matching that contains the specified string.
n.property =~ '(?i)neo.*'
String matching that matches the specified regular expression.
By pre-pending a regular expression with (?i)
, the whole expression becomes case-insensitive.
(n)-[:KNOWS]->(m)
Ensure the pattern has at least one match.
NOT (n)-[:KNOWS]->(m)
Exclude matches to (n)-[:KNOWS]->(m)
from the result.
n.property IN [$value1, $value2]
Check if an element exists in a list.
List Predicates
all(x IN coll WHERE x.property IS NOT NULL)
Returns true
if the predicate is true
for all elements in the list.
any(x IN coll WHERE x.property IS NOT NULL)
Returns true
if the predicate is true
for at least one element in the list.
none(x IN coll WHERE x.property IS NOT NULL)
Returns true
if the predicate is false
for all elements in the list.
single(x IN coll WHERE x.property IS NOT NULL)
Returns true
if the predicate is true
for exactly one element in the list.
List Expressions
size($list)
Number of elements in the list.
head($list)
Returns the first element of the list.
Returns null
for an empty list.
Equivalent to the list indexing $list[0]
.
last($list)
Returns the last element of the list.
Returns null
for an empty list.
Equivalent to the list indexing $list[-1]
.
tail($list)
Returns a list containing all elements except for the first element.
Equivalent to the list slice $list[1..]
.
In this case out-of-bound slices are truncated to an empty list []
.
reverse($list)
Returns a list containing all elements in reversed order.
[x IN list | x.prop]
A list of the value of the expression for each element in the original list.
[x IN list WHERE x.prop <> $value]
A filtered list of the elements where the predicate is true
.
[x IN list WHERE x.prop <> $value | x.prop]
A list comprehension that filters a list and extracts the value of the expression for each element in that list.
reduce(s = '', x IN list | s + x.prop)
Evaluate expression for each element in the list, accumulate the results.
Functions
id(nodeOrRelationship)
The id
function returns an integer; the internal ID of a node or relationship.
Do not rely on the internal ID for your business domain; the internal ID can change between transactions.
properties(nodeOrRelationship)
The properties
function returns a map containing all the properties of a node or relationship.
keys(nodeOrRelationship)
The keys
function returns a list of string representations for the property names of a node or relationship.
keys($map)
The keys
function returns a list of string representations for the keys of a map.
Example parameter: map = {name: 'Alice', age: 20}
coalesce(expr1, expr2, expr3, defaultValue)
The coalesce
function return the first non-null
expression.
Syntax: coalesce(expression [, expression]*)
timestamp()
The timestamp
function returns an integer; the time in milliseconds since midnight, January 1, 1970 UTC.
and the current time.
randomUUID()
The randomUUID
function returns a string; a randomly-generated universally unique identifier (UUID).
toInteger(expr)
The toInteger
function returns an integer number if possible, for the given expression; otherwise it returns null
.
The function returns an error if provided with an expression that is not a string, integer, floating point, boolean, or null.
toIntegerOrNull(expr)
The toIntegerOrNull
function returns an integer number if possible, for the given expression; otherwise it returns null
.
toFloat(expr)
The toFloat
returns a floating point number if possible, for the given expression; otherwise it returns null
.
The function returns an error if provided with an expression that is not a string, integer, floating point, or null.
toFloatOrNull(expr)
The toFloatOrNull
returns a floating point number if possible, for the given expression; otherwise it returns null
.
toBoolean(expr)
The toBoolean
returns a boolean if possible, for the given expression; otherwise it returns null
.
The function returns an error if provided with an expression that is not a string, integer, boolean, or null.
toBooleanOrNull(expr)
The toBooleanOrNull
returns a boolean if possible, for the given expression; otherwise it returns null
.
isEmpty(string)
The isEmpty
returns a boolean; Check if a string has zero characters.
Returns null
for null
.
isEmpty(list)
The isEmpty
returns a boolean; Check if a list has zero items.
Returns null
for null
.
isEmpty(map)
The isEmpty
returns a boolean; Check if a map has zero keys.
Returns null
for null
.
Path Functions
length(path)
The number of relationships in the path.
nodes(path)
The nodes in the path as a list.
relationships(path)
The relationships in the path as a list.
[x IN nodes(path) | x.prop]
Extract properties from the nodes in a path.
Spatial Functions
point({x: $x, y: $y})
Returns a point in a 2D cartesian coordinate system.
point({latitude: $y, longitude: $x})
Returns a point in a 2D geographic coordinate system, with coordinates specified in decimal degrees.
point({x: $x, y: $y, z: $z})
Returns a point in a 3D cartesian coordinate system.
point({latitude: $y, longitude: $x, height: $z})
Returns a point in a 3D geographic coordinate system, with latitude and longitude in decimal degrees, and height in meters.
point.distance(
point({x: $x1, y: $y1}),
point({x: $x2, y: $y2})
)
Returns a floating point number representing the linear distance between two points. The returned units will be the same as those of the point coordinates, and it will work for both 2D and 3D cartesian points.
point.distance(
point({latitude: $y1, longitude: $x1}),
point({latitude: $y2, longitude: $x2})
)
Returns the geodesic distance between two points in meters. It can be used for 3D geographic points as well.
point.withinBBox(
point({x: 1, y: 1}),
point({x: 0, y: 0}),
point({x: 2, y: 2})
)
The point.withinBBox
function returns a boolean; true
if the provided point is contained in the bounding box (boundary included), otherwise the return value will be false
.
Syntax: point.withinBBox(point, lowerLeft, upperRight)
point
- the point (geographic or cartesian CRS) to check.lowerLeft
- the lower-left (south-west) point of a bounding box.upperRight
- the upper-right (north-east) point of a bounding box.- All inputs need to be in the same Coordinate Reference System (CRS).
Temporal Functions
date('2018-04-05')
Returns a date parsed from a string.
localtime('12:45:30.25')
Returns a time with no time zone.
time('12:45:30.25+01:00')
Returns a time in a specified time zone.
localdatetime('2018-04-05T12:34:00')
Returns a datetime with no time zone.
datetime('2018-04-05T12:34:00[Europe/Berlin]')
Returns a datetime in the specified time zone.
datetime({epochMillis: 3360000})
Transforms 3360000 as a UNIX Epoch time into a normal datetime.
date({year: $year, month: $month, day: $day})
All of the temporal functions can also be called with a map of named components. This example returns a date from year, month and day components. Each function supports a different set of possible components.
datetime({date: $date, time: $time})
Temporal types can be created by combining other types. This example creates a datetime from a date and a time.
date({date: $datetime, day: 5})
Temporal types can be created by selecting from more complex types, as well as overriding individual components. This example creates a date by selecting from a datetime, as well as overriding the day component.
WITH date('2018-04-05') AS d
RETURN d.year, d.month, d.day, d.week, d.dayOfWeek
Accessors allow extracting components of temporal types.
Duration Functions
RETURN duration('P1Y2M10DT12H45M30.25S') AS duration
Returns a duration of 1 year, 2 months, 10 days, 12 hours, 45 minutes and 30.25 seconds.
RETURN duration.between($date1, $date2) AS duration
Returns a duration between two temporal instances.
WITH duration('P1Y2M10DT12H45M') AS d
RETURN d.years, d.months, d.days, d.hours, d.minutes
Returns 1 year, 14 months, 10 days, 12 hours and 765 minutes.
WITH duration('P1Y2M10DT12H45M') AS d
RETURN d.years, d.monthsOfYear, d.days, d.hours, d.minutesOfHour
Returns 1 year, 2 months, 10 days, 12 hours and 45 minutes.
RETURN date('2015-01-01') + duration('P1Y1M1D') AS date
Returns a date of 2016-02-02. It is also possible to subtract durations from temporal instances.
RETURN duration('PT30S') * 10 AS duration
Returns a duration of 5 minutes. It is also possible to divide a duration by a number.
Mathematical Functions
RETURN abs($expr) AS abs
The absolute value.
RETURN rand() AS random
Returns a random number in the range from 0
(inclusive) to 1
(exclusive), [0,1)
.
Returns a new value for each call.
Also useful for selecting a subset or random ordering.
RETURN (toInteger(rand() * 10)) + 1 AS random
Return a random number in the range from 1
to 10
.
RETURN round($number) AS nbr
Round to the nearest integer.
RETURN ceil($number) AS nbr
Round up to the nearest integer.
RETURN floor($number) AS nbr
Round down to the nearest integer.
RETURN sqrt($number) AS square
The square root.
RETURN sign($number) AS sign
0
if zero, -1
if negative, 1
if positive.
RETURN sin($radians) AS sine
Trigonometric functions also include cos()
, tan()
, cot()
, asin()
, acos()
, atan()
, atan2()
, and haversin()
.
All arguments for the trigonometric functions should be in radians, if not otherwise specified.
degrees($expr), radians($expr), pi()
Converts radians into degrees; use radians()
for the reverse, and pi()
for π.
log10($expr), log($expr), exp($expr), e()
Logarithm base 10, natural logarithm, e to the power of the parameter, and the value of e.
String Functions
toString($expression)
String representation of the expression.
replace($original, $search, $replacement)
Replace all occurrences of search with replacement. All arguments must be expressions.
substring($original, $begin, $subLength)
Get part of a string. The subLength argument is optional.
left($original, $subLength)
The first part of a string.
right($original, $subLength)
The last part of the string.
trim($original), lTrim($original), rTrim($original)
Trim all whitespace, or on the left side, or on the right side.
toUpper($original), toLower($original)
UPPERCASE and lowercase.
split($original, $delimiter)
Split a string into a list of strings.
reverse($original)
Reverse a string.
size($string)
Calculate the number of characters in the string.
Relationship Functions
type($relationship)
String representation of the relationship type.
startNode($relationship)
Start node of the relationship.
endNode($relationship)
End node of the relationship.
id($relationship)
The internal ID of the relationship. Do not rely on the internal ID for your business domain; the internal ID can change between transactions.
Aggregating Functions
MATCH (:Person)-[:KNOWS]->(:Person {name: 'Alice'})
RETURN count(*) AS rows
The number of matching rows.
count(variable)
The number of non-null
values.
count(DISTINCT variable)
All aggregating functions also take the DISTINCT
operator, which removes duplicates from the values.
collect(n.property)
List from the values, ignores null
.
sum(n.property)
Sum numerical values.
Similar functions are avg()
, min()
, max()
.
percentileDisc(n.property, $percentile)
Discrete percentile.
Continuous percentile is percentileCont()
.
The percentile argument is from 0.0
to 1.0
.
stDev(n.property)
Standard deviation for a sample of a population.
For an entire population use stDevP()
.
INDEX
SHOW INDEXES
List all indexes, returns only the default outputs (id
, name
, state
, populationPercent
, uniqueness
, type
, entityType
, labelsOrTypes
, properties
, and indexProvider
).
SHOW INDEXES YIELD *
List all indexes. See Listing indexes.
SHOW [ALL|BTREE|FULLTEXT|LOOKUP|TEXT] INDEXES
List a specific index type.
DROP INDEX index_name
Drop the index named index_name
, throws an error if the index does not exist.
DROP INDEX index_name IF EXISTS
Drop the index named index_name
if it exists, does nothing if it does not exist.
CREATE INDEX index_name
FOR (p:Person) ON (p.name)
Create a BTREE
index with the specified name (index_name
), on nodes with label Person
and property name
.
It is possible to omit the index_name
, if not specified the index name will be decided by the DBMS.
Best practice is to always specify a sensible name when creating an index.
The create syntax is CREATE [BTREE|FULLTEXT|LOOKUP|TEXT] INDEX ...
.
Default to BTREE
if not explicit stated.
CREATE BTREE INDEX index_name
FOR ()-[k:KNOWS]-() ON (k.since)
Create a BTREE
index on relationships with type KNOWS
and property since
with the name index_name
.
CREATE BTREE INDEX index_name
FOR (p:Person) ON (p.surname)
OPTIONS {
indexProvider: 'native-btree-1.0',
indexConfig: {
`spatial.cartesian.min`: [-100.0, -100.0],
`spatial.cartesian.max`: [100.0, 100.0]
}
}
Create a BTREE
index on nodes with label Person
and property surname
with the index provider native-btree-1.0
and given spatial.cartesian
settings.
The other index settings will have their default values.
CREATE INDEX index_name
FOR (p:Person) ON (p.name, p.age)
Create a composite index on nodes with label Person
and the properties name
and age
, throws an error if the index already exist.
CREATE INDEX index_name IF NOT EXISTS
FOR (p:Person) ON (p.name, p.age)
Create a composite index on nodes with label Person
and the properties name
and age
if it does not already exist, does nothing if it did exist.
CREATE LOOKUP INDEX index_name
FOR (n) ON EACH labels(n)
Create a token lookup index on nodes with any label.
CREATE LOOKUP INDEX index_name
FOR ()-[r]-() ON EACH type(r)
Create a token lookup index on relationships with any relationship type.
CREATE FULLTEXT INDEX index_name
FOR (n:Friend) ON EACH [n.name]
OPTIONS {
indexConfig: {
`fulltext.analyzer`: 'swedish'
}
}
Create a fulltext index on nodes with the name index_name
and analyzer swedish
.
Fulltext indexes on nodes can only be used by from the procedure db.index.fulltext.queryNodes
.
The other index settings will have their default values.
CREATE FULLTEXT INDEX index_name
FOR ()-[r:KNOWS]-() ON EACH [r.info, r.note]
OPTIONS {
indexConfig: {
`fulltext.analyzer`: 'english'
}
}
Create a fulltext index on relationships with the name index_name
and analyzer english
.
Fulltext indexes on relationships can only be used by from the procedure db.index.fulltext.queryRelationships
.
The other index settings will have their default values.
CREATE TEXT INDEX index_name
FOR (p:Person) ON (p.name)
Create a TEXT
index on nodes with label Person
and property name
.
The property value type should be a string for the TEXT
index.
Other value types are ignored by the TEXT
index.
TEXT
index is utilized if the predicate compares the property with a string.
Note that for example toLower(n.name) = 'Example String'
does not use an index.
TEXT
index is utilized to check the IN
list checks, when all elements in the list are strings.
CREATE TEXT INDEX index_name
FOR ()-[r:KNOWS]-() ON (r.city)
Create a text index on relationships with type KNOWS
and property city
.
The property value type should be a string for the TEXT
index.
Other value types are ignored by the TEXT
index.
MATCH (n:Person)
WHERE n.name = $value
An index can be automatically used for the equality comparison.
Note that for example toLower(n.name) = $value
will not use an index.
MATCH (n:Person)
WHERE n.name IN [$value]
An index can automatically be used for the IN
list checks.
MATCH (n:Person)
WHERE n.name = $value1 AND n.age = $value2
A composite index can be automatically used for equality comparison of both properties. Note that there needs to be predicates on all properties of the composite index for it to be used.
MATCH (n:Person)
USING INDEX n:Person(name)
WHERE n.name = $value
Index usage can be enforced when Cypher uses a suboptimal index, or more than one index should be used.
CONSTRAINT
SHOW UNIQUE CONSTRAINTS
List all unique constraints, returns only the default outputs (id
, name
, type
, entityType
, labelsOrTypes
, properties
, and ownedIndexId
).
SHOW UNIQUE CONSTRAINTS YIELD *
List all unique constraints.
DROP CONSTRAINT constraint_name
Drop the constraint with the name constraint_name
, throws an error if the constraint does not exist.
DROP CONSTRAINT constraint_name IF EXISTS
Drop the constraint with the name constraint_name
if it exists, does nothing if it does not exist.
CREATE CONSTRAINT constraint_name IF NOT EXISTS
FOR (p:Person)
REQUIRE p.name IS UNIQUE
Create a unique property constraint on the label Person
and property name
.
If any other node with that label is updated or created with a name that already exists, the write operation will fail.
Best practice is to always specify a sensible name when creating a constraint.
Deprecated syntax: CREATE CONSTRAINT ON ... ASSERT ...
.
CREATE CONSTRAINT constraint_name IF NOT EXISTS
FOR (p:Person)
REQUIRE (p.name, p.age) IS UNIQUE
Create a unique property constraint on the label Person
and properties name
and age
.
If any node with that label is updated or created with a name and age combination that already exists, the write operation fails.
CREATE CONSTRAINT constraint_name
FOR (p:Person)
REQUIRE p.surname IS UNIQUE
OPTIONS {
indexProvider: 'native-btree-1.0'
}
Create a unique property constraint on the label Person
and property surname
with the index provider native-btree-1.0
for the accompanying index.
CREATE CONSTRAINT constraint_name
FOR ()-[r:LIKED]-()
REQUIRE r.when IS NOT NULL
Create a relationship property existence constraint on the type LIKED
and property when
.
If a relationship with that type is created without a when
, or if the property when
is removed from an existing relationship with the type LIKED
, the write operation will fail.
CREATE CONSTRAINT constraint_name
FOR (p:Person)
REQUIRE p.name IS NOT NULL
Create a node property existence constraint on the label Person
and property name
.
CREATE CONSTRAINT constraint_name
FOR (p:Person)
REQUIRE (p.name, p.surname) IS NODE KEY
Create a node key constraint on the label Person
and properties name
and surname
with the name constraint_name
.
If a node with that label is created without both name
and surname
or if the combination of the two is not unique, or if the name
and/or surname properties on an existing node with the label Person
is modified to violate these constraints, the write operation will fail.
CREATE CONSTRAINT constraint_name
FOR (p:Person)
REQUIRE (p.name, p.age) IS NODE KEY
OPTIONS {
indexConfig: {
`spatial.wgs-84.min`: [-100.0, -100.0],
`spatial.wgs-84.max`: [100.0, 100.0]
}
}
Create a node key constraint on the label Person
and properties name
and age
with the name constraint_name
and given spatial.wgs-84
settings.
The other index settings will have their default values.
Performance
Use parameters instead of literals when possible. This allows Neo4j DBMS to cache your queries instead of having to parse and build new execution plans.
Always set an upper limit for your variable length patterns. It is possible to have a query go wild and touch all nodes in a graph by mistake.
Return only the data you need. Avoid returning whole nodes and relationships; instead, pick the data you need and return only that.
Use PROFILE
/ EXPLAIN
to analyze the performance of your queries.
See Query Tuning for more information on these and other topics, such as planner hints.
DATABASE Management
dba
`db1`
`database-name`
`database-name-123`
`database.name`
`database.name.123`
The naming rules for a database:
- The character length of a database name must be at least
3
characters; and not more than63
characters. - The first character of a database name must be an ASCII alphabetic character.
- Subsequent characters must be ASCII alphabetic or numeric characters, dots or dashes;
[a..z][0..9].-
. - Database names are case-insensitive and normalized to lowercase.
- Database names that begin with an underscore (
_
) or with the prefixsystem
are reserved for internal use.
The non-alphabetic characters dot (.
) and dash (-
), including numbers, can be used in database names, but must be escaped using backticks (`
).
Database names are the only identifier for which dots (.
) do not need to be escaped; best practice is to always escape when using dots.
SHOW DATABASES
List all databases in Neo4j DBMS and information about them, returns only the default outputs (name
, aliases
, access
, address
, role
, requestedStatus
, currentStatus
, error
, default
, and home
).
SHOW DATABASES YIELD *
List all databases in Neo4j DBMS and information about them.
SHOW DATABASES
YIELD name, currentStatus
WHERE name CONTAINS 'my'
AND currentStatus = 'online'
List information about databases, filtered by name
and currentStatus
and further refined by conditions on these.
SHOW DATABASE `database-name` YIELD *
List information about the database database-name
.
SHOW DEFAULT DATABASE
List information about the default database, for the Neo4j DBMS.
SHOW HOME DATABASE
List information about the current users home database.
DROP DATABASE `database-name` IF EXISTS
Delete the database database-name
, if it exists.
CREATE DATABASE `database-name` IF NOT EXISTS
Create a database named database-name
if it does not already exist.
CREATE OR REPLACE DATABASE `database-name`
Create a database named database-name
.
If a database with that name exists, then the existing database is deleted and a new one created.
STOP DATABASE `database-name`
Stop the database database-name
.
START DATABASE `database-name`
Start the database database-name
.
ALTER DATABASE `database-name` IF EXISTS
SET ACCESS READ ONLY
Modify the database database-name
to accept only read queries.
ALTER DATABASE `database-name` IF EXISTS
SET ACCESS READ WRITE
Modify the database database-name
to accept write and read queries.
ALIAS Management
SHOW ALIASES FOR DATABASE
List all database aliases in Neo4j DBMS and information about them, returns only the default outputs (name
, database
, location
, url
, and user
).
SHOW ALIASES FOR DATABASE YIELD *
List all database aliases in Neo4j DBMS and information about them.
CREATE ALIAS `database-alias` IF NOT EXISTS
FOR DATABASE `database-name`
Create a local alias database-alias
for the database with name database-name
.
CREATE OR REPLACE ALIAS `database-alias`
FOR DATABASE `database-name`
Create or replace a local alias database-alias
for the database with name database-name
.
CREATE ALIAS `database-alias` IF NOT EXISTS
FOR DATABASE `database-name`
AT $url
USER user_name
PASSSWORD $password
Create a remote alias database-alias
for the database with name database-name
.
Remote aliases was introduced in Neo4j 4.4.8
.
Example parameters:
url = 'neo4j+s://example.com:7687'
password = 'example_secret'
ALTER ALIAS `database-alias` IF EXISTS
SET DATABASE TARGET `database-name`
Alter the alias database-alias
to target the database with name database-name
.
ALTER ALIAS `remote-database-alias` IF EXISTS
SET DATABASE
USER user_name
PASSWORD $password
Alter the remote alias remote-database-alias
, set the user name (user_name
) and the password.
Example parameter: password = 'example_secret'
DROP ALIAS `database-alias` IF EXISTS FOR DATABASE
Delete the alias database-alias
.
USER Management
SHOW USERS
List all users in Neo4j DBMS, returns only the default outputs (user
, roles
, passwordChangeRequired
, suspended
, and home
).
SHOW CURRENT USER
List the currently logged-in user, returns only the default outputs (user
, roles
, passwordChangeRequired
, suspended
, and home
).
SHOW USERS
WHERE suspended = true
List users that are suspended.
DROP USER user_name
Delete the specified user.
CREATE USER user_name
SET PASSWORD $password
Create a new user and set the password. This password must be changed on the first login.
Example parameter: password = 'example_secret'
RENAME USER user_name TO other_user_name
Rename the specified user.
ALTER CURRENT USER
SET PASSWORD FROM $oldPassword TO $newPassword
Change the password of the logged-in user. The user will not be required to change this password on the next login.
Example parameters:
oldPassword = 'example_secret'
newPassword = 'new_secret'
ALTER USER user_name
SET PASSWORD 'example_secret'
CHANGE NOT REQUIRED
Set a new password (a String) for a user. This user will not be required to change this password on the next login.
ALTER USER user_name IF EXISTS
SET PASSWORD CHANGE REQUIRED
If the specified user exists, force this user to change the password on the next login.
ALTER USER user_name
SET STATUS SUSPENDED
Change the status to SUSPENDED
, for the specified user.
ALTER USER user_name
SET STATUS ACTIVE
Change the status to ACTIVE
, for the specified user.
ALTER USER user_name
SET HOME DATABASE `database-name`
Set the home database for the specified user.
ALTER USER user_name
REMOVE HOME DATABASE
Unset the home database for the specified user and fallback to the default database.
ROLE Management
SHOW ROLES
List all roles in the system, returns the output role
.
SHOW ROLES
WHERE role CONTAINS $subString
List roles that contains a given string.
Example parameter: subString = 'read'
SHOW POPULATED ROLES
List all roles that are assigned to at least one user in the system.
SHOW POPULATED ROLES WITH USERS
List all roles that are assigned to at least one user in the system, and the users assigned to those roles.
The returned outputs are role
and member
.
SHOW POPULATED ROLES WITH USERS
YIELD member, role
WHERE member = $user
RETURN role
List all roles that are assigned to a $user
.
Example parameter: user = 'neo4j'
DROP ROLE role_name
Delete a role.
CREATE ROLE role_name IF NOT EXISTS
Create a role, unless it already exists.
CREATE ROLE role_name AS COPY OF other_role_name
Create a role, as a copy of the existing other_role_name
.
RENAME ROLE role_name TO other_role_name
Rename a role.
GRANT ROLE role_name1, role_name2 TO user_name
Assign roles to a user.
REVOKE ROLE role_name FROM user_name
Remove the specified role from a user.
SHOW Privileges
SHOW PRIVILEGES
List all privileges in the system, and the roles that they are assigned to.
Outputs returned are: access
, action
, resource
, graph
, segment
, and role
.
SHOW PRIVILEGES AS COMMANDS
List all privileges in the system as Cypher commands, for example GRANT ACCESS ON DATABASE * TO `admin`
.
Outputs returned are: command
.
SHOW USER PRIVILEGES
List all privileges of the currently logged-in user, and the role that they are assigned to.
Outputs returned are: access
, action
, resource
, graph
, segment
, role
, and user
.
SHOW USER PRIVILEGES AS COMMANDS
List all privileges of the currently logged-in user, and the role that they are assigned to as Cypher commands, for example GRANT ACCESS ON DATABASE * TO $role
.
Outputs returned are: command
.
SHOW USER user_name PRIVILEGES
List all privileges assigned to each of the specified users (multiple users can be specified seperated by commas n1, n2, n3
), and the role that they are assigned to.
Outputs returned are: access
, action
, resource
, graph
, segment
, role
, and user
.
SHOW USER user_name PRIVILEGES AS COMMANDS
List all privileges assigned to each of the specified users (multiple users can be specified seperated by commas n1, n2, n3
), as generic Cypher commands, for example GRANT ACCESS ON DATABASE * TO $role
.
Outputs returned are: command
.
SHOW ROLE role_name PRIVILEGES
List all privileges assigned to each of the specified roles (multiple roles can be specified seperated by commas r1, r2, r3
).
Outputs returned are: access
, action
, resource
, graph
, segment
, and role
.
SHOW ROLE role_name PRIVILEGES AS COMMANDS
List all privileges assigned to each of the specified roles (multiple roles can be specified seperated by commas r1, r2, r3
) as Cypher commands, for example GRANT ACCESS ON DATABASE * TO `admin`
.
Outputs returned are: command
.
ON GRAPH Read Privileges
GRANT TRAVERSE
ON GRAPH * NODE * TO role_name
Grant TRAVERSE
privilege on all graphs and all nodes to the specified role.
GRANT
– gives privileges to roles.DENY
– denies privileges to roles.
REVOKE GRANT TRAVERSE
ON GRAPH * NODE * FROM role_name
To remove a granted or denied privilege, prepend the privilege query with REVOKE
and replace the TO
with FROM
.
GRANT TRAVERSE
ON GRAPH * RELATIONSHIP * TO role_name
Grant TRAVERSE
privilege on all graphs and all relationships to the specified role.
DENY READ {prop}
ON GRAPH `database-name` RELATIONSHIP rel_type TO role_name
Deny READ
privilege on a specified property, on all relationships with a specified type in a specified graph, to a role.
GRANT MATCH {*}
ON HOME GRAPH ELEMENTS label_or_type TO role_name
Grant MATCH
privilege on all nodes and relationships with the specified label/type, on the home graph, to a role.
This is semantically the same as having both TRAVERSE
privilege and READ
privilege.
ON GRAPH Write Privileges
GRANT ALL GRAPH PRIVILEGES
ON GRAPH `database-name` TO role_name
Grant ALL GRAPH PRIVILEGES
privilege on a specified graph to a role.
GRANT ALL ON GRAPH `database-name` TO role_name
Short form for grant ALL GRAPH PRIVILEGES
privilege.
GRANT
– gives privileges to roles.DENY
– denies privileges to roles.
REVOKE
and replace the TO
with FROM
; (REVOKE GRANT ALL ON GRAPH `database-name` FROM role_name
).
DENY CREATE
ON GRAPH * NODES node_label TO role_name
Deny CREATE
privilege on all nodes with a specified label in all graphs to the specified role.
DENY DELETE
ON GRAPH `database-name` TO role_name
Deny DELETE
privilege on all nodes and relationships in a specified graph to a role.
DENY SET LABEL node_label
ON GRAPH * TO role_name
Deny SET LABEL
privilege for the specified label on all graphs to a role.
DENY REMOVE LABEL *
ON GRAPH `database-name` TO role_name
Deny REMOVE LABEL
privilege for all labels on a specified graph to a role.
DENY SET PROPERTY {prop_name}
ON GRAPH `database-name` RELATIONSHIPS rel_type TO role_name
Deny SET PROPERTY
privilege on a specified property, on all relationships with a specified type in a specified graph, to a role.
DENY MERGE {*}
ON GRAPH * NODES node_label TO role_name
Deny MERGE
privilege on all properties, on all nodes with a specified label in all graphs, to a role.
DENY WRITE
ON GRAPH * TO role_name
Deny WRITE
privilege on all graphs to a role.
ON DATABASE Privileges
GRANT ALL DATABASE PRIVILEGES
ON DATABASE * TO role_name
Grant ALL DATABASE PRIVILEGES
privilege for all databases to the specified role.
- Allows access (
GRANT ACCESS
). - Index management (
GRANT INDEX MANAGEMENT
). - Constraint management (
GRANT CONSTRAINT MANAGEMENT
). - Name management (
GRANT NAME MANAGEMENT
).
GRANT ALL ON DATABASE * TO role_name
Short form for grant ALL DATABASE PRIVILEGES
privilege.
GRANT
– gives privileges to roles.DENY
– denies privileges to roles.
REVOKE
and replace the TO
with FROM
; (REVOKE GRANT ALL ON DATABASE * FROM role_name
).
GRANT ACCESS
ON DATABASE * TO role_name
Grant ACCESS
privilege to access and run queries against all databases to a role.
GRANT START
ON DATABASE * TO role_name
Grant START
privilege to start all databases to a role.
GRANT STOP
ON DATABASE * TO role_name
Grant STOP
privilege to stop all databases to a role.
ON DATABASE - INDEX MANAGEMENT Privileges
GRANT INDEX MANAGEMENT
ON DATABASE * TO role_name
Grant INDEX MANAGEMENT
privilege to create, drop, and list indexes for all database to a role.
- Allow creating an index - (
GRANT CREATE INDEX
). - Allow removing an index - (
GRANT DROP INDEX
). - Allow listing an index - (
GRANT SHOW INDEX
).
GRANT CREATE INDEX
ON DATABASE `database-name` TO role_name
Grant CREATE INDEX
privilege to create indexes on a specified database to a role.
GRANT DROP INDEX
ON DATABASE `database-name` TO role_name
Grant DROP INDEX
privilege to drop indexes on a specified database to a role.
GRANT SHOW INDEX
ON DATABASE * TO role_name
Grant SHOW INDEX
privilege to list indexes on all databases to a role.
ON DATABASE - CONSTRAINT MANAGEMENT Privileges
GRANT CONSTRAINT MANAGEMENT
ON DATABASE * TO role_name
Grant CONSTRAINT MANAGEMENT
privilege to create, drop, and list constraints for all database to a role.
- Allow creating a constraint - (
GRANT CREATE CONSTRAINT
). - Allow removing a constraint - (
GRANT DROP CONSTRAINT
). - Allow listing a constraint - (
GRANT SHOW CONSTRAINT
).
GRANT CREATE CONSTRAINT
ON DATABASE * TO role_name
Grant CREATE CONSTRAINT
privilege to create constraints on all databases to a role.
GRANT DROP CONSTRAINT
ON DATABASE * TO role_name
Grant DROP CONSTRAINT
privilege to create constraints on all databases to a role.
GRANT SHOW CONSTRAINT
ON DATABASE `database-name` TO role_name
Grant SHOW CONSTRAINT
privilege to list constraints on a specified database to a role.
ON DATABASE - NAME MANAGEMENT Privileges
GRANT NAME MANAGEMENT
ON DATABASE * TO role_name
Grant NAME MANAGEMENT
privilege to create new labels, new relationship types, and new property names for all databases to a role.
- Allow creating a new label - (
GRANT CREATE NEW LABEL
). - Allow creating a new relationship type - (
GRANT CREATE NEW TYPE
). - Allow creating a new property name - (
GRANT CREATE NEW NAME
).
GRANT CREATE NEW LABEL
ON DATABASE * TO role_name
Grant CREATE NEW LABEL
privilege to create new labels on all databases to a role.
DENY CREATE NEW TYPE
ON DATABASE * TO role_name
Deny CREATE NEW TYPE
privilege to create new relationship types on a specified database to a role.
GRANT CREATE NEW NAME
ON DATABASE * TO role_name
Grant CREATE NEW NAME
privilege to create new property names on all databases to a role.
ON DATABASE - TRANSACTION MANAGEMENT Privileges
GRANT TRANSACTION MANAGEMENT (*)
ON DATABASE * TO role_name
Grant TRANSACTION MANAGEMENT
privilege to show and terminate transactions on all users, for all database, to a role.
- Allow listing transactions - (
GRANT SHOW TRANSACTION
). - Allow terminate transactions - (
GRANT TERMINATE TRANSACTION
).
GRANT SHOW TRANSACTION (*)
ON DATABASE * TO role_name
Grant SHOW TRANSACTION
privilege to list transactions on all users on all databases to a role.
GRANT TERMINATE TRANSACTION (*)
ON DATABASE * TO role_name
Grant TERMINATE TRANSACTION
privilege to terminate transactions on all users on all databases to a role.
ON DBMS Privileges
GRANT ALL DBMS PRIVILEGES
ON DBMS TO role_name
Grant ALL DBMS PRIVILEGES
privilege to perform management for roles, users, databases, aliases, and privileges to a role.
Also privileges to execute procedures and user defined functions are granted.
- Allow controlling roles - (
GRANT ROLE MANAGEMENT
). - Allow controlling users - (
GRANT USER MANAGEMENT
). - Allow controlling databases - (
GRANT DATABASE MANAGEMENT
). - Allow controlling aliases - (
GRANT ALIAS MANAGEMENT
). - Allow controlling privileges - (
GRANT PRIVILEGE MANAGEMENT
). - Allow user impersonation - (
GRANT IMPERSONATE (*)
). - Allow to execute all procedures with elevated privileges.
- Allow to execute all user defined functions with elevated privileges.
GRANT ALL
ON DBMS TO role_name
Short form for grant ALL DBMS PRIVILEGES
privilege.
GRANT
– gives privileges to roles.DENY
– denies privileges to roles.
REVOKE
and replace the TO
with FROM
; (REVOKE GRANT ALL ON DBMS FROM role_name
).
GRANT IMPERSONATE (user_name1, user_name2)
ON DBMS TO role_name
Grant IMPERSONATE
privilege to impersonate the specified users (user_name1
and user_name2
) to a role.
GRANT IMPERSONATE (*)
ON DBMS TO role_name
Grant IMPERSONATE
privilege to impersonate all users to a role.
ON DBMS - ROLE MANAGEMENT Privileges
GRANT ROLE MANAGEMENT
ON DBMS TO role_name
Grant ROLE MANAGEMENT
privilege to manage roles to a role.
- Allow creating roles - (
GRANT CREATE ROLE
). - Allow renaming roles - (
GRANT RENAME ROLE
). - Allow deleting roles - (
GRANT DROP ROLE
). - Allow assigning (
GRANT
) roles to a user - (GRANT ASSIGN ROLE
). - Allow removing (
REVOKE
) roles to a user - (GRANT REMOVE ROLE
). - Allow listing roles - (
GRANT SHOW ROLE
).
GRANT CREATE ROLE
ON DBMS TO role_name
Grant CREATE ROLE
privilege to create roles, to a role.
GRANT RENAME ROLE
ON DBMS TO role_name
Grant RENAME ROLE
privilege to rename roles, to a role.
GRANT DROP ROLE
ON DBMS TO role_name
Grant DROP ROLE
privilege to delete roles, to a role.
GRANT ASSIGN ROLE
ON DBMS TO role_name
Grant ASSIGN ROLE
privilege to assign roles to users, to a role.
GRANT REMOVE ROLE
ON DBMS TO role_name
Grant REMOVE ROLE
privilege to remove roles from users, to a role.
GRANT SHOW ROLE
ON DBMS TO role_name
Grant SHOW ROLE
privilege to list roles, to a role.
ON DBMS - USER MANAGEMENT Privileges
GRANT USER MANAGEMENT
ON DBMS TO role_name
Grant USER MANAGEMENT
privilege to manage users to a role.
- Allow creating users - (
GRANT CREATE USER
). - Allow renaming users - (
GRANT RENAME USER
). - Allow modifying a user - (
GRANT ALTER USER
). - Allow deleting users - (
GRANT DROP USER
). - Allow listing users - (
GRANT SHOW USER
).
GRANT CREATE USER
ON DBMS TO role_name
Grant CREATE USER
privilege to create users to a role.
GRANT RENAME USER
ON DBMS TO role_name
Grant RENAME USER
privilege to rename users to a role.
GRANT ALTER USER
ON DBMS TO my_role
Grant ALTER USER
privilege to alter users to a role.
- Allow changing a user's password - (
GRANT SET PASSWORD
). - Allow changing a user's home database - (
GRANT SET USER HOME DATABASE
). - Allow changing a user's status - (
GRANT USER STATUS
).
GRANT SET PASSWORD
ON DBMS TO role_name
Grant SET PASSWORD
privilege to alter a user password to a role.
GRANT SET USER HOME DATABASE
ON DBMS TO role_name
Grant SET USER HOME DATABASE
privilege to alter the home database of users to a role.
GRANT SET USER STATUS
ON DBMS TO role_name
Grant SET USER STATUS
privilege to alter user account status to a role.
GRANT DROP USER
ON DBMS TO role_name
Grant DROP USER
privilege to delete users to a role.
GRANT SHOW USER
ON DBMS TO role_name
Grant SHOW USER
privilege to list users to a role.
ON DBMS - DATABASE MANAGEMENT Privileges
GRANT DATABASE MANAGEMENT
ON DBMS TO role_name
Grant DATABASE MANAGEMENT
privilege to manage databases and aliases, to a role.
- Allow creating databases and aliases - (
GRANT CREATE DATABASE
). - Allow deleting databases and aliases - (
GRANT DROP DATABASE
). - Allow modifying databases and aliases - (
GRANT ALTER DATABASE
). - Allow modifying access mode for databases - (
GRANT SET DATABASE ACCESS
).
GRANT CREATE DATABASE
ON DBMS TO role_name
Grant CREATE DATABASE
privilege to create databases and aliases, to a role.
GRANT DROP DATABASE
ON DBMS TO role_name
Grant DROP DATABASE
privilege to delete databases and aliases, to a role.
GRANT ALTER DATABASE
ON DBMS TO role_name
Grant ALTER DATABASE
privilege to alter databases and aliases, to a role.
GRANT SET DATABASE ACCESS
ON DBMS TO role_name
Grant SET DATABASE ACCESS
privilege to set database access mode, to a role.
ON DBMS - ALIAS MANAGEMENT Privileges
GRANT ALIAS MANAGEMENT
ON DBMS TO role_name
Grant ALIAS MANAGEMENT
privilege to manage aliases to a role.
- Allow creating aliases - (
GRANT CREATE ALIAS
). - Allow deleting aliases - (
GRANT DROP ALIAS
). - Allow modifying aliases - (
GRANT ALTER ALIAS
). - Allow listing aliases - (
GRANT SHOW ALIAS
).
GRANT CREATE ALIAS
ON DBMS TO role_name
Grant CREATE ALIAS
privilege to create aliases, to a role.
GRANT DROP ALIAS
ON DBMS TO role_name
Grant DROP ALIAS
privilege to delete aliases, to a role.
GRANT ALTER ALIAS
ON DBMS TO role_name
Grant ALTER ALIAS
privilege to alter aliases, to a role.
GRANT SHOW ALIAS
ON DBMS TO role_name
Grant SHOW ALIAS
privilege to list aliases, to a role.
ON DBMS - PRIVILEGE MANAGEMENT Privileges
GRANT PRIVILEGE MANAGEMENT
ON DBMS TO role_name
Grant PRIVILEGE MANAGEMENT
privilege to manage privileges for the Neo4j DBMS to a role.
- Allow assigning (
GRANT|DENY
) privileges for a role - (GRANT ASSIGN PRIVILEGE
). - Allow removing (
REVOKE
) privileges for a role - (GRANT REMOVE PRIVILEGE
). - Allow listing privileges - (
GRANT SHOW PRIVILEGE
).
GRANT ASSIGN PRIVILEGE
ON DBMS TO role_name
Grant ASSIGN PRIVILEGE
privilege, allows the role to assign privileges for roles.
GRANT REMOVE PRIVILEGE
ON DBMS TO role_name
Grant REMOVE PRIVILEGE
privilege, allows the role to remove privileges for roles.
GRANT SHOW PRIVILEGE
ON DBMS TO role_name
Grant SHOW PRIVILEGE
privilege to list privileges, to a role.