Is there a way in OrientDB to grant/revoke access to specific records? For example, I have a class Post and would like only the owner of the post to have write access (UPDATE and DELETE) and everyone else to have read access.
According to the security documentation, I can only find a way to do this down to a class or cluster level.
Take a look at: Record Level Security. If your class extends ORestricted this behavior is automatic. To allow other user to only read your record, add the OUser's RID into the collection field _allowRead. If the resource has rid #34:44 and the user you want to allow has rid #9:3 do this:
update #34:44 add _allowRead = #9:3
You can also add a ORole's rid to allow to all the users that have that role to read that record.