Domain modelling, How to ensure GraphId value to be greater than 0 ?

[Aman Gupta]

Hello Everyone,

I am designing an application with several Domain/ entity classes with Jersey and Spring integration. Thing is, during initial time, or say first execution, each node which is saved in neo4j database, has an nodeId 0. Its a point of my interest. How can we make it sure that each nodeId should be atleast greater than 0 ?

Why I need this ?

I need this because I think, it would help me while validating request, received from front end. Consider a scenario of Updating a node which hold nodeId value as 0. Now what would be the best approach to check if nodeId is correct or not ? Indeed I can make call to db and be done with it, but I dont want that. I saw in case of Spring Data JPA, where we have @GeneratedValue from J2EE, which atleast provide some sort of control to generate Id of our choice. but I didn't or say I am yet not able to find any such provision if made.

Is there any thing which I am missing confrontational points ? FYI I have Spring Data Neo4j latest stable release and Neo4j 2.1.3 server.

Thanks

[Aman Gupta]

each node which is saved in neo4j database, has an nodeId 0

Little correction here. not each node. but the one which get created first. :)
 

[Mark Findlater]

Hey Aman I am not sure that I 100% understand, but you can be sure that Neo will generate node ids greater than 0 for each new node you create. With your @NodeEntity annotated classes you will map the ID to a field using the @GraphId annotation. You can safely do front end validation on node id > 0.

You can not set this ID value, this is the internal ID used by Neo and it is important to realise that it is not incremental and that the IDs do get recycled (when nodes get deleted the ID of that node will be re-used). It is therefore recommended that you add you own identification fields if you need to use the ID in any 3rd party systems. Neo does not have a mechanism for generating this separate external identifier for you, but there are a couple of handy blog post which talk about how to leverage event hooks to add the data at node creation time - this being one of them. I am currently trying to utilise the MERGE operator to create my nodes as it has handy ON CREATE/ON MATCH semantics which can allow autoincrement type behaviour, see this gist - this works great but I have had issues getting it to work when currency/HA is involved.

With regards to validating if the request from the front end is valid, how would you validate that with or without Neo?

Does that address what you were asking, sorry if I've missed the point,

M

[Michael Hunger]

SDN uses a Long field for the node-id so a null value there means that the entity has not yet been persisted.

You cannot control Neo4j's internal node-ids. If you want to have controllable id's you have to use your own business primary-keys.

Make sure to index them or add a constraint for quick lookup and uniqueness.

Michael

--
You received this message because you are subscribed to the Google Groups "Neo4j" group.
To unsubscribe from this group and stop receiving emails from it, send an email to neo4j+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Aman Gupta]

Hello Mark,

You got it completely :). by validation, I mean to say to check if nodeId is intact and not manipulated by client side. I got repository.save(someobject); to save the node if its new request or to update the node if nodeId is already present in that request. Consider a scenario here, I would like to design in following way:

class User {
  @GraphId
  Long nodeId
  String name;
  String surname;
 
}

User obj = new User();
// initialize Class with setters

obj = repository.save(obj); // this will save and create new node. obj returned at client side

Now client made update request with some additional changes as follows:

name="xyz";
nodeId=null; // here he may manipulate it to some null value or other value

repository.save(obj); // now here repository would create a new node again if nodeId is null !!

So that's my point, even if I am using a separate field to create my own id and save with node to serve my purpose. that would require additional call to db to check/validate if that node present which I feel is not good. So purpose of setting nodeId greater than 0 would serve my purpose as I can check it nodeId>0 or !=null, in my code and alert user about manipulation.

I hope I made it clear enough this time. am I going in correct way ?

Thanks alot.

[Mark Findlater]

Sorry still confused and I'm not sure the >= 0 check helps you.. How would you solve this problem with another framework? 

Tangent: I guess adding a hash/encrypted value to the original response which additionally identifies the node at this time and expecting that value back in the update request (regenerating the hash and validating your unmodifying fields remain unmodified), or encoding data in the session and using that as validation, or making sure that a) the nodes are protected by a layer of security (such as User A OWNS Nodes 1,2,3,4,5) - and expecting only authenticated users to use your client and that b) you use HTTP verbs as such that a POST can create a Node but a PUT is expected to update a node. All outside the bounds of Neo though as ultimately your question refers to code residing in your controller which is probably below your security and validation and by the time Neo is involved you should be happy that you trust your data (I wouldn't think that this would be achieved by pre-fetching the node either).

I guess if any of that stuff makes sense you should go over to security or programmers on Stack Overflow..

[Aman Gupta]

Thanks Mark for your useful suggestion, (I was away so couldn't replied on time.)

--
You received this message because you are subscribed to a topic in the Google Groups "Neo4j" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/neo4j/dMAV3B5yu1U/unsubscribe.
To unsubscribe from this group and all its topics, send an email to neo4j+un...@googlegroups.com.