List of Legacy Privilege Syntax
This page provides a complete list of privileges in TigerGraph’s Role-based Access Control system.
Legacy Privilege Syntax Limitations
-
Any privilege marked “Global only” can only be granted to a global role. It cannot be granted to a local role (See Global role vs local role).
-
Local roles are deprecated and will be dropped in a later version.
-
As of 3.10.0, when using the legacy privilege syntax, a user will receive a warning when trying to grant or revoke a privilege.
-
Legacy privilege syntax for function privileges is only supported on the global scope.
-
To add function privileges, it’s best to use the Object-Based Privileges syntax.
-
-
As of 4.1.0, when using certain legacy query privilege syntax, a user need to config entry
GSQL.BasicConfig.Env
withALLOW_LEGACY_RBAC_SYNTAX
environmental variable. However, there are also several forbidden legacy RBAC syntax usages. See details and examples in Legacy RBAC Syntax Usage.
It’s recommended to use the Object-Based Privileges syntax. See Object-Based Privilege Tables for a comparison with the legacy syntax. |
Table of Privileges
Privilege Name | Commands Associated | Global Only |
---|---|---|
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
Running queries that insert vertices or edges in the allowed scope. For details see Data CRUD privileges. |
No |
|
Running queries that read vertex or edge information in the allowed scope. For details see Data CRUD privileges. |
No |
|
Running queries that update vertex or edge information in the allowed scope. For details see Data CRUD privileges. |
No |
|
Running queries that delete vertices or edges in the allowed scope. For details see Data CRUD privileges. |
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
Yes |
|
|
No |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
No |
|
Accessing data through TigerGraph Suite applications including GraphStudio and TigerGraph Insights. This privilege only allows you to access the information through TigerGraph Suite applications if you already have access to the data in GSQL. It only pertains to the applications and does not have meaning in GSQL itself. |
|
|
|
Yes |