Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
dse-driver
Advanced tools
This driver is built on top of Node.js driver for Apache Cassandra and provides the following additions for DataStax Enterprise:
Authenticator
implementations that use the authentication scheme negotiation in the server-side DseAuthenticator
;The DataStax Enterprise Node.js Driver can be used solely with DataStax Enterprise. Please consult the license.
npm install dse-driver
You can use the project mailing list or create a ticket on the Jira issue tracker.
Client
inherits from the CQL driver counterpart Client
.
const dse = require('dse-driver');
const client = new dse.Client({ contactPoints: ['host1', 'host2'], localDataCenter: 'datacenter1' });
const query = 'SELECT name, email FROM users WHERE key = ?';
client.execute(query, [ 'someone' ])
.then(result => console.log('User with email %s', result.rows[0].email));
Along with the rest of asynchronous execution methods in the driver, execute()
returns a Promise
that
can be chained using then()
method. On modern JavaScript engines, promises can be awaited upon using the await
keyword within async functions.
Alternatively, you can use the callback-based execution for all asynchronous methods of the API by providing a callback as the last parameter.
client.execute(query, [ 'someone' ], function(err, result) {
assert.ifError(err);
console.log('User with email %s', result.rows[0].email);
});
In order to have concise code examples in this documentation, we will use the promise-based API of the driver
along with the await
keyword.
The same submodules structure in the Node.js driver for Apache Cassandra is available in the dse-driver
, for example:
const dse = require('dse-driver');
const Uuid = dse.types.Uuid;
For clients connecting to a DSE cluster secured with DseAuthenticator
, two authentication providers are included:
DsePlainTextAuthProvider
: Plain-text authentication;DseGSSAPIAuthProvider
: GSSAPI authentication;To configure a provider, pass it when initializing a cluster:
const dse = require('dse-driver');
const client = new dse.Client({
contactPoints: ['h1', 'h2'],
keyspace: 'ks1',
authProvider: new dse.auth.DseGssapiAuthProvider()
});
See the jsdoc of each implementation for more details.
Client
includes the executeGraph()
method to execute graph queries:
const client = new dse.Client({
contactPoints: ['host1', 'host2'],
profiles: [
new ExecutionProfile('default', {
graphOptions: { name: 'demo' }
})
]
});
// executeGraph() method returns a Promise
const result = await client.executeGraph('g.V()');
const vertex = result.first();
console.log(vertex.label);
You can set graph options in execution profiles when initializing Client
. Also, to avoid providing the graph name
option in each executeGraph()
call, you can set the graph options in the default execution profile:
const client = new dse.Client({
contactPoints: ['host1', 'host2'],
profiles: [
new ExecutionProfile('default', {
graphOptions: { name: 'demo' }
}),
new ExecutionProfile('demo2-profile', {
graphOptions: { name: 'demo2' }
})
]
});
// Execute a traversal on the 'demo' graph
const result = await client.executeGraph(query, params);
If needed, you can specify an execution profile different from the default one:
// Execute a traversal on the 'demo2' graph
client.executeGraph(query, params, { executionProfile: 'demo2-profile'});
Additionally, you can also set the default graph options without using execution profiles (not recommended).
const client = new dse.Client({
contactPoints: ['host1', 'host2'],
graphOptions: { name: 'demo' }
});
Graph queries return a GraphResultSet
, which is an iterable of rows. The format of the data returned is
dependent on the data requested. For example, the payload representing edges will be different than those that
represent vertices using the 'modern' graph:
// Creating the 'modern' graph
const query =
'Vertex marko = graph.addVertex(label, "person", "name", "marko", "age", 29);\n' +
'Vertex vadas = graph.addVertex(label, "person", "name", "vadas", "age", 27);\n' +
'Vertex lop = graph.addVertex(label, "software", "name", "lop", "lang", "java");\n' +
'Vertex josh = graph.addVertex(label, "person", "name", "josh", "age", 32);\n' +
'Vertex ripple = graph.addVertex(label, "software", "name", "ripple", "lang", "java");\n' +
'Vertex peter = graph.addVertex(label, "person", "name", "peter", "age", 35);\n' +
'marko.addEdge("knows", vadas, "weight", 0.5f);\n' +
'marko.addEdge("knows", josh, "weight", 1.0f);\n' +
'marko.addEdge("created", lop, "weight", 0.4f);\n' +
'josh.addEdge("created", ripple, "weight", 1.0f);\n' +
'josh.addEdge("created", lop, "weight", 0.4f);\n' +
'peter.addEdge("created", lop, "weight", 0.2f);';
await client.executeGraph(query);
// Handling Edges
const result = await client.executeGraph('g.E()');
result.forEach(function (edge) {
console.log(edge.id); // [an internal id representing the edge]
console.log(edge.type); // edge
console.log(edge.label); // created
console.log(edge.properties.weight); // 0.4
console.log(edge.outVLabel); // person
console.log(edge.outV); // [an id representing the outgoing vertex]
console.log(edge.inVLabel); // software
console.log(edge.inV); // [an id representing the incoming vertex]
});
// Using ES6 for...of
const result = await client.executeGraph('g.E()');
for (let edge of result) {
console.log(edge.label); // created
// ...
}
// Handling Vertices
const result = await client.executeGraph('g.V().hasLabel("person")');
result.forEach(function(vertex) {
console.log(vertex.id); // [an internal id representing the vertex]
console.log(vertex.type); // vertex
console.log(vertex.label); // person
console.log(vertex.properties.name[0].value); // marko
console.log(vertex.properties.age[0].value); // 29
});
Unlike CQL queries which support both positional and named parameters, graph queries only support named parameters. As a result of this, parameters must be passed in as an object:
const query = 'g.addV(label, vertexLabel, "name", username)';
const result = await client.executeGraph(query, { vertexLabel: 'person', username: 'marko' });
const vertex = result.first();
// ...
Parameters are encoded in json, thus will ultimately use their json representation (toJSON
if present,
otherwise object representation).
You can use results from previous queries as parameters to subsequent queries. For example, if you want to use the id of a vertex returned in a previous query for making a subsequent query:
let result = await client.executeGraph('g.V().hasLabel("person").has("name", "marko")');
const vertex = result.first();
result = await client.executeGraph('g.V(vertexId).out("knows").values("name")', { vertexId: vertex.id });
const names = result.toArray();
console.log(names); // [ 'vadas', 'josh' ]
Prepared graph statements are not supported by DSE Graph yet (they will be added in the near future).
DSE 5.0 comes with a set of additional CQL types to represent geospatial data: PointType
, LineStringType
and
PolygonType
.
cqlsh> CREATE TABLE points_of_interest(name text PRIMARY KEY, coords 'PointType');
cqlsh> INSERT INTO points_of_interest (name, coords) VALUES ('Eiffel Tower', 'POINT(48.8582 2.2945)');
The DSE driver includes encoders and representations of these types in the geometry
module that can be used directly
as parameters in queries:
const dse = require('dse-driver');
const Point = dse.geometry.Point;
const insertQuery = 'INSERT INTO points_of_interest (name, coords) VALUES (?, ?)';
const selectQuery = 'SELECT coords FROM points_of_interest WHERE name = ?';
await client.execute(insertQuery, [ 'Eiffel Tower', new Point(48.8582, 2.2945) ], { prepare: true });
const result = await client.execute(selectQuery, ['Eiffel Tower'], { prepare: true });
const row = result.first();
const point = row['coords'];
console.log(point instanceof Point); // true
console.log('x: %d, y: %d', point.x, point.y); // x: 48.8582, y: 2.2945
Instances of Client
are EventEmitter
and emit 'log'
events:
client.on('log', (level, className, message, furtherInfo) => {
console.log('%s: %s', level, message);
});
The level
values passed to the listener can be verbose
, info
, warning
or error
. In production environment, you should filter out verbose
log events, that are suitable for debug.
Note: DataStax products do not support big-endian systems.
© DataStax, Inc.
The full license terms are available at https://www.datastax.com/terms/datastax-dse-driver-license-terms
FAQs
DataStax Enterprise Node.js Driver
We found that dse-driver demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.