Skip to content

Replace list with show where possible #3084

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renetapopova wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Replace list with show where possible #3084

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions ...les/ROOT/pages/authentication-authorization/attribute-based-access-control.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ The `conditionExpression` can use any valid Cypher expression that evaluates to
|===
| Function group | Functions

| List functions
| Show functions
| link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-range[range()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-reduce[reduce()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/string/#functions-reverse[reverse()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-tail[tail()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-tobooleanlist[toBooleanList()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-tofloatlist[toFloatList()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-tointegerlist[toIntegerList()], link:{neo4j-docs-base-uri}/cypher-manual/current/functions/list/#functions-tostringlist[toStringList()]

| Numeric functions
Expand Down Expand Up @@ -233,14 +233,14 @@ The following example revokes the `reader` role from the auth rule `temporary_re
REVOKE ROLE reader FROM AUTH RULE temporary_reader;
----

== Listing auth rules
== Showing auth rules

You can list all auth rules using the Cypher command `SHOW AUTH RULES`.
You can show all auth rules using the Cypher command `SHOW AUTH RULES`.

[NOTE]
====
The `SHOW AUTH RULES` command requires the `SHOW AUTH RULE` privilege.
See xref:authentication-authorization/dbms-administration/dbms-auth-rule-management-privileges.adoc#grant-list-auth-rule-privilege[Grant privilege to list auth rules] for details on how to grant this privilege.
See xref:authentication-authorization/dbms-administration/dbms-auth-rule-management-privileges.adoc#grant-list-auth-rule-privilege[Grant privilege to show auth rules] for details on how to grant this privilege.
====

`SHOW AUTH RULES` returns a table containing a single row per auth rule with the following columns:
Expand Down Expand Up @@ -294,7 +294,7 @@ This column returns `null` if the executing user is missing or denied the `SHOW

=== Example 1: List auth rules

The following example lists all auth rules with their conditions, enablement, and assigned roles:
The following example shows all auth rules with their conditions, enablement, and assigned roles:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -359,7 +359,7 @@ It is also possible to use `SKIP` and `LIMIT` to paginate the results.

=== Example 3: List auth rules as commands

The following example lists the auth rules as commands:
The following example shows the auth rules as commands:

[source, cypher, role=noplay]
----
Expand Down
4 changes: 2 additions & 2 deletions modules/ROOT/pages/authentication-authorization/database-administration.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,9 @@ See also xref:authentication-authorization/immutable-roles-privileges.adoc[].
** `CREATE NEW [PROPERTY] NAME` - allows property names to be created, so that nodes and relationships can have properties assigned with these names.
** `NAME [MANAGEMENT]` - allows all of the name management capabilities: node labels, relationship types, and property names.
** `ALL [[DATABASE] PRIVILEGES]` - allows access, index, constraint, and name management for the specified database or remote database alias.
** `SHOW TRANSACTION` - allows listing transactions and queries for the specified users on the specified database.
** `SHOW TRANSACTION` - allows showing transactions and queries for the specified users on the specified database.
** `TERMINATE TRANSACTION` - allows ending transactions and queries for the specified users on the specified database.
** `TRANSACTION [MANAGEMENT]` - allows listing and ending transactions and queries for the specified users on the specified database.
** `TRANSACTION [MANAGEMENT]` - allows showing and ending transactions and queries for the specified users on the specified database.

* _name_
** The database to associate the privilege with.
Expand Down
6 changes: 3 additions & 3 deletions ...OOT/pages/authentication-authorization/dbms-administration/dbms-admin-role.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ GRANT ROLE MANAGEMENT ON DBMS TO userAndRoleAdministrator;
----
+
As a result, the `userAndRoleAdministrator` role has privileges that only allow user and role management.
. To list all privileges for the role `userAndRoleAdministrator` as commands, use the following query:
. To show all privileges for the role `userAndRoleAdministrator` as commands, use the following query:
+
[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -177,7 +177,7 @@ GRANT TRANSACTION MANAGEMENT (*) ON DATABASE * TO customAdministrator;
----
+
As a result, the `customAdministrator` role has privileges that include managing transactions and all DBMS privileges except creating, dropping, and modifying databases.
. To list all privileges for the role `customAdministrator` as commands, use the following query:
. To show all privileges for the role `customAdministrator` as commands, use the following query:
+
[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -240,7 +240,7 @@ REVOKE GRANT ACCESS ON DATABASE * FROM newAdministrator;
GRANT ACCESS ON DATABASE system TO newAdministrator;
----

. To list all privileges for the role `newAdministrator` as commands, use the following query:
. To show all privileges for the role `newAdministrator` as commands, use the following query:
+
[source, cypher, role=noplay]
----
Expand Down
12 changes: 6 additions & 6 deletions ...ication-authorization/dbms-administration/dbms-alias-management-privileges.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ GRANT CREATE ALIAS ON DBMS TO aliasAdder;
----

As a result, the `aliasAdder` role has privileges that only allow creating aliases.
To list all privileges for the role `aliasAdder` as commands, use the following query:
To show all privileges for the role `aliasAdder` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -177,7 +177,7 @@ GRANT ALTER ALIAS ON DBMS TO aliasModifier;
----

As a result, the `aliasModifier` role has privileges that only allow modifying aliases.
To list all privileges for the role `aliasModifier` as commands, use the following query:
To show all privileges for the role `aliasModifier` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -193,9 +193,9 @@ a|Rows: 1
|===


== Grant privilege to list aliases
== Grant privilege to show aliases
Copy link
Copy Markdown
Contributor

@JPryce-Aklundh JPryce-Aklundh May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a broader question I have: does it not make sense to use header anchors in the Ops Manual? Changing these headers may result in broken links from, e.g. the cypher manual and having anchors adds an extra layer of stability.


You can grant the privilege to list aliases using the `SHOW ALIAS` privilege. +
You can grant the privilege to show aliases using the `SHOW ALIAS` privilege. +
For example:

[source, cypher, role=noplay]
Expand All @@ -204,7 +204,7 @@ GRANT SHOW ALIAS ON DBMS TO aliasViewer;
----

As a result, the `aliasViewer` role has privileges that only allow modifying aliases.
To list all privileges for the role `aliasViewer` as commands, use the following query:
To show all privileges for the role `aliasViewer` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -230,7 +230,7 @@ GRANT ALIAS MANAGEMENT ON DBMS TO aliasManager;
----

As a result, the `aliasManager` role has all privileges to manage aliases.
To list all privileges for the role `aliasManager` as commands, use the following query:
To show all privileges for the role `aliasManager` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down
20 changes: 10 additions & 10 deletions ...ion-authorization/dbms-administration/dbms-auth-rule-management-privileges.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ GRANT CREATE AUTH RULE ON DBMS TO authRuleAdder;

As a result, the `authRuleAdder` role has privileges that allow adding auth rules.

To list all privileges for the role `authRuleAdder` as commands, use the following query:
To show all privileges for the role `authRuleAdder` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -106,7 +106,7 @@ GRANT RENAME AUTH RULE ON DBMS TO authRuleNameModifier;

As a result, the `authRuleNameModifier` role has privileges that allow renaming auth rules.

To list all privileges for the role `authRuleNameModifier`, use the following query:
To show all privileges for the role `authRuleNameModifier`, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -134,7 +134,7 @@ GRANT ALTER AUTH RULE ON DBMS TO authRuleModifier;

As a result, the `authRuleModifier` role has privileges that allow modifying auth rules.

To list all privileges for the role `authRuleModifier`, use the following query:
To show all privileges for the role `authRuleModifier`, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -170,7 +170,7 @@ GRANT DROP AUTH RULE ON DBMS TO authRuleDropper;

As a result, the `authRuleDropper` role has privileges that allow deleting auth rules.

To list all privileges for the role `authRuleDropper`, use the following query:
To show all privileges for the role `authRuleDropper`, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -186,9 +186,9 @@ a|Rows: 1
|===

[[grant-list-auth-rule-privilege]]
== Grant privilege to list auth rules
== Grant privilege to show auth rules
Copy link
Copy Markdown
Contributor

@JPryce-Aklundh JPryce-Aklundh May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here, for instance, the change in header is risk-free in terms of causing broken links.


You can grant the privilege to list auth rules using the `SHOW AUTH RULE` privilege.
You can grant the privilege to show auth rules using the `SHOW AUTH RULE` privilege.
A role with this privilege is allowed to execute the `SHOW AUTH RULES` administration commands.
It also grants the role the ability to show auth rules assigned to roles with the `SHOW RULES WITH AUTH RULES` command.

Expand All @@ -199,9 +199,9 @@ The following query shows an example of how to grant the `SHOW AUTH RULE` privil
GRANT SHOW AUTH RULE ON DBMS TO authRuleViewer;
----

As a result, the `authRuleViewer` role has privileges that allow listing auth rules.
As a result, the `authRuleViewer` role has privileges that allow showing auth rules.

To list all privileges for the role `authRuleViewer` as commands, use the following query:
To show all privileges for the role `authRuleViewer` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -218,7 +218,7 @@ a|Rows: 1

== Grant privilege to manage auth rules

You can grant the privilege to create, rename, modify, delete, and list auth rules using the `AUTH RULE MANAGEMENT` privilege. +
You can grant the privilege to create, rename, modify, delete, and show auth rules using the `AUTH RULE MANAGEMENT` privilege. +
For example:

[source, cypher, role=noplay]
Expand All @@ -228,7 +228,7 @@ GRANT AUTH RULE MANAGEMENT ON DBMS TO authRuleManager;

As a result, the `authRuleManager` role has all privileges to manage auth rules.

To list all privileges for the role `authRuleManager` as commands, use the following query:
To show all privileges for the role `authRuleManager` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down
20 changes: 10 additions & 10 deletions ...tion-authorization/dbms-administration/dbms-database-management-privileges.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ GRANT CREATE DATABASE ON DBMS TO databaseAdder
----

As a result, the `databaseAdder` role has privileges that only allow creating standard databases.
To list all privileges for the role `databaseAdder` as commands, use the following query:
To show all privileges for the role `databaseAdder` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -188,7 +188,7 @@ GRANT CREATE COMPOSITE DATABASE ON DBMS TO compositeDatabaseAdder
----

As a result, the `compositeDatabaseAdder` role has privileges that only allow creating composite databases.
To list all privileges for the role `compositeDatabaseAdder` as commands, use the following query:
To show all privileges for the role `compositeDatabaseAdder` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -214,7 +214,7 @@ GRANT DROP DATABASE ON DBMS TO databaseDropper
----

As a result, the `databaseDropper` role has privileges that only allow deleting standard databases.
To list all privileges for the role `databaseDropper` as commands, use the following query:
To show all privileges for the role `databaseDropper` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -240,7 +240,7 @@ GRANT DROP COMPOSITE DATABASE ON DBMS TO compositeDatabaseDropper
----

As a result, the `compositeDatabaseDropper` role has privileges that only allow deleting composite databases.
To list all privileges for the role `compositeDatabaseDropper` as commands, use the following query:
To show all privileges for the role `compositeDatabaseDropper` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -266,7 +266,7 @@ GRANT ALTER DATABASE ON DBMS TO databaseModifier;
----

As a result, the `databaseModifier` role has privileges that only allow modifying standard databases.
To list all privileges for the role `databaseModifier` as commands, use the following query:
To show all privileges for the role `databaseModifier` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -299,7 +299,7 @@ GRANT SET DATABASE ACCESS ON DBMS TO accessModifier
----

As a result, the `accessModifier` role has privileges that only allow modifying access to standard databases.
To list all privileges for the role `accessModifier` as commands, use the following query:
To show all privileges for the role `accessModifier` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -333,7 +333,7 @@ GRANT SET DATABASE DEFAULT LANGUAGE ON DBMS TO languageModifier
----

As a result, the `languageModifier` role has privileges that only allow modifying default language to standard databases.
To list all privileges for the role `languageModifier` as commands, use the following query:
To show all privileges for the role `languageModifier` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -368,7 +368,7 @@ GRANT ALTER COMPOSITE DATABASE ON DBMS TO compositeDatabaseModifier;
----

As a result, the `compositeDatabaseModifier` role has privileges that only allow modifying composite databases.
To list all privileges for the role `compositeDatabaseModifier` as commands, use the following query:
To show all privileges for the role `compositeDatabaseModifier` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -401,7 +401,7 @@ GRANT COMPOSITE DATABASE MANAGEMENT ON DBMS TO compositeDatabaseManager;
----

As a result, the `compositeDatabaseManager` role has all privileges to manage composite databases.
To list all privileges for the role `compositeDatabaseManager` as commands, use the following query:
To show all privileges for the role `compositeDatabaseManager` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand All @@ -427,7 +427,7 @@ GRANT DATABASE MANAGEMENT ON DBMS TO databaseManager;
----

As a result, the `databaseManager` role has all privileges to manage standard and composite databases.
To list all privileges for the role `databaseManager` as commands, use the following query:
To show all privileges for the role `databaseManager` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down
20 changes: 10 additions & 10 deletions ...s/authentication-authorization/dbms-administration/dbms-execute-privileges.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ GRANT EXECUTE PROCEDURE db.schema.* ON DBMS TO procedureExecutor;
Users with the role `procedureExecutor` can run any procedure in the `db.schema` namespace.
The procedures are executed using the user's own privileges.

To list all privileges for the role `procedureExecutor` as commands, use the following query:
To show all privileges for the role `procedureExecutor` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -165,7 +165,7 @@ DENY EXECUTE PROCEDURE dbms.cluster* ON DBMS TO deniedProcedureExecutor;
Users with the role `deniedProcedureExecutor` can run any procedure except those starting with `dbms.cluster`.
The procedures are executed using the user's own privileges.

To list all privileges for the role `deniedProcedureExecutor` as commands, use the following query:
To show all privileges for the role `deniedProcedureExecutor` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -209,7 +209,7 @@ GRANT EXECUTE BOOSTED PROCEDURE db.labels, db.relationshipTypes ON DBMS TO boost
Users with the role `boostedProcedureExecutor` can thus run the `db.labels` and the `db.relationshipTypes` procedures with full privileges, seeing everything in the graph and not just the labels and types that the user has `TRAVERSE` privilege on.
Without the `EXECUTE PROCEDURE`, no procedures could be executed at all.

To list all privileges for the role `boostedProcedureExecutor` as commands, use the following query:
To show all privileges for the role `boostedProcedureExecutor` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -243,7 +243,7 @@ As a result, the `deniedBoostedProcedureExecutor1` role has privileges that allo
They also prevent the `db.labels` procedure from being elevated.
Still, the denied `EXECUTE BOOSTED PROCEDURE` does not block execution of `db.labels`.

To list all privileges for role `deniedBoostedProcedureExecutor1` as commands, use the following query:
To show all privileges for role `deniedBoostedProcedureExecutor1` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -278,7 +278,7 @@ DENY EXECUTE PROCEDURE db.labels ON DBMS TO deniedBoostedProcedureExecutor2;

As a result, the `deniedBoostedProcedureExecutor2` role has privileges that allow elevating the privileges for all procedures, but cannot execute any due to missing or denied `EXECUTE PROCEDURE` privileges.

To list all privileges for the role `deniedBoostedProcedureExecutor2` as commands, use the following query:
To show all privileges for the role `deniedBoostedProcedureExecutor2` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -315,7 +315,7 @@ DENY EXECUTE BOOSTED PROCEDURE db.labels ON DBMS TO deniedBoostedProcedureExecut
As a result, the `deniedBoostedProcedureExecutor3` role has privileges that allow elevating the privileges for all procedures except `db.labels`.
However, no procedures can be executed due to missing `EXECUTE PROCEDURE` privilege.

To list all privileges for the role `deniedBoostedProcedureExecutor3` as commands, use the following query:
To show all privileges for the role `deniedBoostedProcedureExecutor3` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -372,7 +372,7 @@ GRANT EXECUTE ADMIN PROCEDURES ON DBMS TO adminProcedureExecutor;

Users with the role `adminProcedureExecutor` can run any `admin` procedure with elevated privileges.
As a result, the `adminProcedureExecutor` role has privileges that allow the execution of all admin procedures.
To list all privileges for the role `adminProcedureExecutor` as commands, use the following query:
To show all privileges for the role `adminProcedureExecutor` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -428,7 +428,7 @@ Users with the role `functionExecutor` can thus run any UDF in the `apoc.coll` n
The functions are executed using the user's own privileges.

As a result, the `functionExecutor` role has privileges that only allow executing UDFs in the `apoc.coll` namespace.
To list all privileges for the role `functionExecutor` as commands, use the following query:
To show all privileges for the role `functionExecutor` as commands, use the following query:

[source,cypher,role=noplay]
----
Expand Down Expand Up @@ -472,7 +472,7 @@ DENY EXECUTE FUNCTION apoc.any.prop* ON DBMS TO deniedFunctionExecutor;

As a result, the `deniedFunctionExecutor` role has privileges that only allow the execution of all UDFs except those starting with `apoc.any.prop`.
The functions are executed using the user's own privileges.
To list all privileges for the role `deniedFunctionExecutor` as commands, use the following query:
To show all privileges for the role `deniedFunctionExecutor` as commands, use the following query:

[source, cypher, role=noplay]
----
Expand Down Expand Up @@ -527,7 +527,7 @@ Users with the role `boostedFunctionExecutor` can thus run `apoc.any.properties`
Without the `EXECUTE USER DEFINED FUNCTION`, you cannot execute any UDFs at all.

As a result, the `boostedFunctionExecutor` role has privileges that allow executing the UDF `apoc.any.properties` with elevated privileges, and all other UDFs with the users' own privileges.
To list all privileges for the role `boostedFunctionExecutor` as commands, use the following query:
To show all privileges for the role `boostedFunctionExecutor` as commands, use the following query:

[source,cypher,role=noplay]
----
Expand Down
Loading