IndyKite Developer Hub logo
Back to all resources
ContX IQ ContX IQ Json

ContX IQ: With User node as a subject, delete properties of nodes and relationships.

This use case explains how to delete property nodes.

ContX IQ: With User node as a subject, delete properties of nodes and relationships.

Use a user access token to delete properties of nodes and relationships with a user as subject.

Use case

In this case, a user access token is sent and introspected then nodes are deleted, properties of nodes are deleted and properties of relationships are deleted.

ikg

Requirements

- ServiceAccount credentials created in the IndyKite Hub for your organization.

- AppAgent credentials created in the IndyKite Hub, using the REST endpoints or using Terraform for your Project / Application.

- Access token for a Person node

User Access token is sent in CIQ Execution in Headers: key:Authorization, value:Bearer token.

Steps

1. Using the AppAgent credential as API Key (name: X-IK-ClientKey), ingest data in your IKG (IndyKite Knowledge Graph) using the script provided.

2. Using the ServiceAccount credential as Bearer token, create a CIQ Policy which designates the Subject node, the cypher, the nodes and relationships allowed to be deleted and the nodes and relationships allowed to be read.

3. Using the ServiceAccount credential as Bearer token, create a CIQ Knowledge Query in the context of the policy to delete nodes, delete properties on nodes and delete properties on relationships.

4. Using the AppAgent credential as API Key (name: X-IK-ClientKey), run a CIQ Execution to get the nodes that have undergone modifications.

Step 1

Ingest the nodes needed for this use case.

POST https://eu.api.indykite.com/capture/v1/nodes/Json
{
  "nodes": [
    {
      "external_id": "alice",
      "type": "Person",
      "is_identity": true,
      "properties": [
        {
          "type": "email",
          "value": "alice@email.com"
        },
        {
          "type": "name",
          "value": "Alice Smith"
        }
      ]
    },
    {
      "external_id": "satchmo",
      "type": "Person",
      "is_identity": true,
      "properties": [
        {
          "type": "email",
          "value": "satchmo@demo.com"
        },
        {
          "type": "name",
          "value": "Louis Armstrong"
        }
      ]
    },
    {
      "external_id": "karel",
      "type": "Person",
      "is_identity": true,
      "properties": [
        {
          "type": "email",
          "value": "karel@demo.com"
        },
        {
          "type": "name",
          "value": "Karel Plihal"
        }
      ]
    },
    {
      "external_id": "kitt",
      "type": "Car",
      "is_identity": false,
      "properties": [
        {
          "type": "manufacturer",
          "value": "pontiac"
        },
        {
          "type": "model",
          "value": "Firebird"
        }
      ]
    },
    {
      "external_id": "caddilacv16",
      "type": "Car",
      "is_identity": false,
      "properties": [
        {
          "type": "manufacturer",
          "value": "Caddilac"
        },
        {
          "type": "model",
          "value": "V-16"
        }
      ]
    },
    {
      "external_id": "harmonika",
      "type": "Bus",
      "is_identity": false,
      "properties": [
        {
          "type": "manufacturer",
          "value": "Ikarus"
        },
        {
          "type": "model",
          "value": "280"
        }
      ]
    },
    {
      "external_id": "ln-xxx",
      "type": "LicenseNumber",
      "is_identity": false,
      "properties": [
        {
          "type": "license",
          "value": "ln-xxx-value"
        }
      ]
    },
    {
      "external_id": "ln-yyy",
      "type": "LicenseNumber",
      "is_identity": false,
      "properties": [
        {
          "type": "license",
          "value": "ln-yyy-value"
        }
      ]
    },
    {
      "external_id": "ln-zzz",
      "type": "LicenseNumber",
      "is_identity": false,
      "properties": [
        {
          "type": "license",
          "value": "ln-zzz-value"
        }
      ]
    }
  ]
}

Ingest the relationships needed for this use case.

POST https://eu.api.indykite.com/capture/v1/relationships/Json
{
  "relationships": [
    {
      "source": {
        "external_id": "alice",
        "type": "Person"
      },
      "target": {
        "external_id": "kitt",
        "type": "Car"
      },
      "type": "OWNS",
      "properties": [
        {
          "type": "weight",
          "value": 1
        }
      ]
    },
    {
      "source": {
        "external_id": "alice",
        "type": "Person"
      },
      "target": {
        "external_id": "caddilacv16",
        "type": "Car"
      },
      "type": "OWNS",
      "properties": [
        {
          "type": "weight",
          "value": 2
        }
      ]
    },
    {
      "source": {
        "external_id": "satchmo",
        "type": "Person"
      },
      "target": {
        "external_id": "caddilacv16",
        "type": "Car"
      },
      "type": "OWNS"
    },
    {
      "source": {
        "external_id": "karel",
        "type": "Person"
      },
      "target": {
        "external_id": "harmonika",
        "type": "Bus"
      },
      "type": "OWNS"
    },
    {
      "source": {
        "external_id": "kitt",
        "type": "Car"
      },
      "target": {
        "external_id": "ln-xxx",
        "type": "LicenseNumber"
      },
      "type": "HAS",
      "properties": [
        {
          "type": "weight",
          "value": 3
        }
      ]
    },
    {
      "source": {
        "external_id": "caddilacv16",
        "type": "Car"
      },
      "target": {
        "external_id": "ln-zzz",
        "type": "LicenseNumber"
      },
      "type": "HAS"
    },
    {
      "source": {
        "external_id": "harmonika",
        "type": "Bus"
      },
      "target": {
        "external_id": "ln-yyy",
        "type": "LicenseNumber"
      },
      "type": "HAS"
    }
  ]
}

Step 2

Create a CIQ Policy which designates the Subject node, the cypher, the nodes allowed to be deleted and the nodes allowed to be read.

policy.jsonJson
{
  "meta": {
    "policy_version": "1.0-ciq"
  },
  "subject": {
    "type": "Person"
  },
  "condition": {
    "cypher": "MATCH (subject:Person)-[r1:OWNS]->(car:Car)-[r2:HAS]->(ln:LicenseNumber)",
    "filter": [
      {
        "app": "postman",
        "operator": "=",
        "attribute": "subject.external_id",
        "value": "$subject_external_id"
      }
    ]
  },
  "allowed_reads": {
    "nodes": [
      "subject.*",
      "ln.property.value"
    ],
    "relationships": [
      "r1.*",
      "r2.*"
    ]
  },
  "allowed_deletes": {
    "nodes": [
      "ln",
      "ln.*",
      "car.*"
    ],
    "relationships": [
      "r1.*",
      "r1",
      "r2"
    ]
  }
}

Request to create the CIQ Policy configuration using REST.

POST https://eu.api.indykite.com/configs/v1/authorization-policiesJson
{
  "project_id": "your_project_gid",
  "description": "description of policy",
  "display_name": "policy name",
  "name": "policy-name",
  "policy": "{\"meta\":{\"policy_version\":\"1.0-ciq\"},\"subject\":{\"type\":\"Person\"},\"condition\":{\"cypher\":\"MATCH (subject:Person)-[r1:OWNS]->(car:Car)-[r2:HAS]->(ln:LicenseNumber)\",\"filter\":[{\"app\":\"postman\",\"operator\":\"=\",\"attribute\":\"subject.external_id\",\"value\":\"$subject_external_id\"}]},\"allowed_reads\":{\"nodes\":[\"subject.*\",\"ln.property.value\"],\"relationships\":[\"r1.*\",\"r2.*\"]},\"allowed_deletes\":{\"nodes\":[\"ln\",\"ln.*\",\"car.*\"],\"relationships\":[\"r1.*\",\"r1\",\"r2\"]}}",
  "status": "ACTIVE",
  "tags": []
}

Request to read the CIQ Policy configuration using REST.

policy_request.jsonJson
{
  "id": "your_policy_configuration_gid"
}

Step 3

Create a CIQ Knwledge Query in the context of the policy to delete License Number nodes, delete the model and vin properties of Car nodes, and delete the weight properties of OWNS relationships of the authorized subject.

knowledge_query.jsonJson
{
  "nodes": [
    "subject.external_id"
  ],
  "delete_nodes": [
    "ln",
    "car.property.model",
    "car.property.vin"
  ],
  "delete_relationships": [
    "r1.weight"
  ]
}

Request to create a CIQ Knowledge Query configuration using REST.

POST https://eu.api.indykite.com/configs/v1/knowledge-queriesJson
{
  "project_id": "your_project_gid",
  "description": "description of knowledge query",
  "display_name": "knowledge query name",
  "name": "knowledge-query-name",
  "policy_id": "your_policy_gid",
  "query": "{\"nodes\":[\"subject.external_id\"],\"delete_nodes\":[\"ln\",\"car.property.model\",\"car.property.vin\"],\"delete_relationships\":[\"r1.weight\"]}",
  "status": "ACTIVE"
}

Read the CIQ Query Configuration.

GET https://eu.api.indykite.com/configs/v1/knowledge-queries/{id}Json
{
  "id": "your_knowledge_query_configuration_gid"
}

Step 4

Run a CIQ query to identify and return the external_id of all nodes that have had properties removed. Also, identify nodes that are connected to relationships from which properties have been deleted.

POST https://eu.api.indykite.com/contx-iq/v1/executeJson
{
  "id": "knowledge_query_gid",
  "input_params": {
    "subject_external_id": "alice"
  },
  "page_token": 1
}

CIQ Execution response.

response.jsonJson
{
  "data": [
    {
      "nodes": {
        "subject.external_id": "alice"
      }
    },
    {
      "nodes": {
        "subject.external_id": "alice"
      }
    }
  ]
}

ikg

Tags

CIQ Policy CIQ Query CIQ Execution Security

Related Resources

ContX IQ basic example

ContX IQ Python

ContX IQ: list authorized resources.

ContX IQ Python

ContX IQ: allow READ action

ContX IQ Json

ContX IQ: allow creation nodes and relationships.

ContX IQ Json

ContX IQ: upsert relationships

ContX IQ Json

ContX IQ: delete nodes and relationships.

ContX IQ Json

ContX IQ: loyalty program.

ContX IQ Json

ContX IQ: link the _Application node to other data in the IKG.

ContX IQ Json

ContX IQ: With _Application node as a subject, read resources and upsert relationships and nodes.

ContX IQ Json

ContX IQ: With User node as a subject, read resources and upsert relationships and nodes.

ContX IQ Json