Add impersonatedUser o the driver surface

Author: bigmontz

packages/bolt-connection/src/connection-provider/connection-provider-direct.js

@@ -26,7 +26,7 @@ import {
 import { internal, error } from 'neo4j-driver-core'
 
 const {
-  constants: { BOLT_PROTOCOL_V4_0, BOLT_PROTOCOL_V3 }
+  constants: { BOLT_PROTOCOL_V4_0, BOLT_PROTOCOL_V3, BOLT_PROTOCOL_V4_4 }
 } = internal
 
 const { SERVICE_UNAVAILABLE, newError } = error
@@ -97,4 +97,10 @@ export default class DirectConnectionProvider extends PooledConnectionProvider {
       version => version >= BOLT_PROTOCOL_V3
     )
   }
+
+  async supportsUserImpersonation () {
+    return await this._hasProtocolVersion(
+      version => version >= BOLT_PROTOCOL_V4_4
+    )
+  }
 }

packages/bolt-connection/src/connection-provider/connection-provider-routing.js

@@ -36,7 +36,8 @@ const {
     ACCESS_MODE_READ: READ,
     ACCESS_MODE_WRITE: WRITE,
     BOLT_PROTOCOL_V3,
-    BOLT_PROTOCOL_V4_0
+    BOLT_PROTOCOL_V4_0,
+    BOLT_PROTOCOL_V4_4
   }
 } = internal
 
@@ -224,6 +225,12 @@ export default class RoutingConnectionProvider extends PooledConnectionProvider
     )
   }
 
+  async supportsUserImpersonation () {
+    return await this._hasProtocolVersion(
+      version => version >= BOLT_PROTOCOL_V4_4
+    )
+  }  
+
   forget (address, database) {
     this._routingTableRegistry.apply(database, {
       applyWhenExists: routingTable => routingTable.forget(address)

packages/core/src/connection-provider.ts

@@ -68,6 +68,16 @@ class ConnectionProvider {
     throw Error('Not implemented')
   }
 
+  /**
+   * This method checks whether the backend database supports transaction config functionality
+   * by checking protocol handshake result.
+   *
+   * @returns {Promise<boolean>}
+   */
+   supportsUserImpersonation(): Promise<boolean> {
+    throw Error('Not implemented')
+  }
+
   /**
    * Closes this connection provider along with its internals (connections, pools, etc.)
    *

packages/core/src/driver.ts

@@ -78,6 +78,17 @@ type CreateConnectionProvider = (
   hostNameResolver: ConfiguredCustomResolver
 ) => ConnectionProvider
 
+type CreateSession = (args: {
+  mode: SessionMode
+  connectionProvider: ConnectionProvider
+  bookmark?: Bookmark
+  database: string
+  config: any
+  reactive: boolean
+  fetchSize: number,
+  impersonatedUser?: string
+}) => Session
+
 interface DriverConfig {
   encrypted?: EncryptionLevel | boolean
   trust?: TrustStrategy
@@ -102,6 +113,7 @@ class Driver {
   private readonly _log: Logger
   private readonly _createConnectionProvider: CreateConnectionProvider
   private _connectionProvider: ConnectionProvider | null
+  private readonly _createSession: CreateSession
 
   /**
    * You should not be calling this directly, instead use {@link driver}.
@@ -110,11 +122,13 @@ class Driver {
    * @param {Object} meta Metainformation about the driver
    * @param {Object} config
    * @param {function(id: number, config:Object, log:Logger, hostNameResolver: ConfiguredCustomResolver): ConnectionProvider } createConnectonProvider Creates the connection provider
-   */
+   * @param {function(args): Session } createSession Creates the a session    
+  */
   constructor(
     meta: MetaInfo,
     config: DriverConfig = {},
-    createConnectonProvider: CreateConnectionProvider
+    createConnectonProvider: CreateConnectionProvider,
+    createSession: CreateSession = args => new Session(args)
   ) {
     sanitizeConfig(config)
     validateConfig(config)
@@ -124,6 +138,7 @@ class Driver {
     this._config = config
     this._log = Logger.create(config)
     this._createConnectionProvider = createConnectonProvider
+    this._createSession = createSession
 
     /**
      * Reference to the connection provider. Initialized lazily by {@link _getOrCreateConnectionProvider}.
@@ -177,6 +192,19 @@ class Driver {
     return connectionProvider.supportsTransactionConfig()
   }
 
+  /**
+   * Returns whether the server supports user impersonation capabilities based on the protocol
+   * version negotiated via handshake.
+   *
+   * Note that this function call _always_ causes a round-trip to the server.
+   *
+   * @returns {Promise<boolean>} promise resolved with a boolean or rejected with error.
+   */
+   supportsUserImpersonation(): Promise<boolean> {
+    const connectionProvider = this._getOrCreateConnectionProvider()
+    return connectionProvider.supportsUserImpersonation()
+  }
+
   /**
    * @protected
    * @returns {boolean}
@@ -224,24 +252,28 @@ class Driver {
    * @param {number} param.fetchSize - The record fetch size of each batch of this session.
    * Use {@link FETCH_ALL} to always pull all records in one batch. This will override the config value set on driver config.
    * @param {string} param.database - The database this session will operate on.
+   * @param {string} param.impersonatedUser - The username which the user wants to impersonate for the duration of the session.
    * @return {Session} new session.
    */
   session({
     defaultAccessMode = WRITE,
     bookmarks: bookmarkOrBookmarks,
     database = '',
+    impersonatedUser,
     fetchSize
   }: {
     defaultAccessMode?: SessionMode
     bookmarks?: string | string[]
     database?: string
+    impersonatedUser?: string
     fetchSize?: number
   } = {}): Session {
     return this._newSession({
       defaultAccessMode,
       bookmarkOrBookmarks,
       database,
       reactive: false,
+      impersonatedUser,
       fetchSize: validateFetchSizeValue(fetchSize, this._config.fetchSize!!)
     })
   }
@@ -277,26 +309,29 @@ class Driver {
     bookmarkOrBookmarks,
     database,
     reactive,
+    impersonatedUser,
     fetchSize
   }: {
     defaultAccessMode: SessionMode
     bookmarkOrBookmarks?: string | string[]
     database: string
     reactive: boolean
+    impersonatedUser?: string
     fetchSize: number
   }) {
     const sessionMode = Session._validateSessionMode(defaultAccessMode)
     const connectionProvider = this._getOrCreateConnectionProvider()
     const bookmark = bookmarkOrBookmarks
       ? new Bookmark(bookmarkOrBookmarks)
       : Bookmark.empty()
-    return new Session({
+    return this._createSession({
       mode: sessionMode,
       database: database || '',
       connectionProvider,
       bookmark,
       config: this._config,
       reactive,
+      impersonatedUser,
       fetchSize
     })
   }

packages/core/src/session.ts

@@ -57,6 +57,7 @@ class Session {
   private _hasTx: boolean
   private _lastBookmark: Bookmark
   private _transactionExecutor: TransactionExecutor
+  private _impersonatedUser?: string
   private _onComplete: (meta: any) => void
 
   /**
@@ -70,6 +71,7 @@ class Session {
    * @param {Object} args.config={} - This driver configuration.
    * @param {boolean} args.reactive - Whether this session should create reactive streams
    * @param {number} args.fetchSize - Defines how many records is pulled in each pulling batch
+   * @param {string} args.impersonatedUser - The username which the user wants to impersonate for the duration of the session.
    */
   constructor({
     mode,
@@ -78,15 +80,17 @@ class Session {
     database,
     config,
     reactive,
-    fetchSize
+    fetchSize,
+    impersonatedUser
   }: {
     mode: SessionMode
     connectionProvider: ConnectionProvider
     bookmark?: Bookmark
     database: string
     config: any
     reactive: boolean
-    fetchSize: number
+    fetchSize: number,
+    impersonatedUser?: string
   }) {
     this._mode = mode
     this._database = database
@@ -106,6 +110,7 @@ class Session {
     })
     this._open = true
     this._hasTx = false
+    this._impersonatedUser = impersonatedUser
     this._lastBookmark = bookmark || Bookmark.empty()
     this._transactionExecutor = _createTransactionExecutor(config)
     this._onComplete = this._onCompleteCallback.bind(this)
@@ -142,6 +147,7 @@ class Session {
         txConfig: autoCommitTxConfig,
         mode: this._mode,
         database: this._database,
+        impersonatedUser: this._impersonatedUser,
         afterComplete: this._onComplete,
         reactive: this._reactive,
         fetchSize: this._fetchSize

packages/core/src/transaction.ts

@@ -52,6 +52,7 @@ class Transaction {
   private _onComplete: (metadata: any) => void
   private _fetchSize: number
   private _results: any[]
+  private _impersonatedUser?: string
 
   /**
    * @constructor
@@ -62,21 +63,24 @@ class Transaction {
    * is not yet released.
    * @param {boolean} reactive whether this transaction generates reactive streams
    * @param {number} fetchSize - the record fetch size in each pulling batch.
+   * @param {string} args.impersonatedUser - The username which the user wants to impersonate for the duration of the session.
    */
   constructor({
     connectionHolder,
     onClose,
     onBookmark,
     onConnection,
     reactive,
-    fetchSize
+    fetchSize,
+    impersonatedUser
   }: {
     connectionHolder: ConnectionHolder
     onClose: () => void
     onBookmark: (bookmark: Bookmark) => void
     onConnection: () => void
     reactive: boolean
     fetchSize: number
+    impersonatedUser?: string
   }) {
     this._connectionHolder = connectionHolder
     this._reactive = reactive
@@ -88,6 +92,7 @@ class Transaction {
     this._onComplete = this._onCompleteCallback.bind(this)
     this._fetchSize = fetchSize
     this._results = []
+    this._impersonatedUser = impersonatedUser
   }
 
   /**
@@ -107,6 +112,7 @@ class Transaction {
             txConfig: txConfig,
             mode: this._connectionHolder.mode(),
             database: this._connectionHolder.database(),
+            impersonatedUser: this._impersonatedUser,
             beforeError: this._onError,
             afterComplete: this._onComplete
           })
@@ -289,7 +295,7 @@ const _states = {
         onComplete,
         onConnection,
         reactive,
-        fetchSize
+        fetchSize,
       }: StateTransitionParams
     ): any => {
       // RUN in explicit transaction can't contain bookmarks and transaction configuration
@@ -305,7 +311,7 @@ const _states = {
               beforeError: onError,
               afterComplete: onComplete,
               reactive: reactive,
-              fetchSize: fetchSize
+              fetchSize: fetchSize,
             })
           } else {
             throw newError('No connection available')