[kfkbAyTs] Added Security Guidance docs page

docs/asciidoc/modules/ROOT/nav.adoc

@@ -4,7 +4,10 @@
 * xref::installation/index.adoc[]
         ** xref::installation/index.adoc#neo4j-server[Neo4j Server]
         ** xref::installation/index.adoc#docker[Docker]
-        ** xref::installation/index.adoc#restricted[Load and unrestrict procedures/functions]
+        ** xref::installation/index.adoc#restricted[Load and Unrestrict]
+        ** xref::installation/index.adoc#additional_dependencies[Additional Dependencies]
+
+* xref::security-guidelines/index.adoc[]
 
 * xref::usage/index.adoc[]
 * xref::overview/index.adoc[]

docs/asciidoc/modules/ROOT/pages/config/index.adoc

@@ -3,12 +3,14 @@
 :description: This chapter gives an overview of all the configuration options used by the APOC Extended library.
 
 
-
+[#_location_of_config_options]
 == Location of config options
 
 All config options from <<config-reference>> can be provided either in:
 
+[options="header",cols="1,3a"]
 |===
+| Option | Description
 | environment variables | set via either `export key=val` or `--env` settings when used for docker.
 | `conf/apoc.conf` | located in the same folder as `neo4j.conf`
 |===
@@ -24,6 +26,38 @@ The meta-configuration is located in `src/main/resources/apoc-config.xml`.
 [[config-reference]]
 == Reference of config options
 
+- link:#_apoc_export_file_enabled[apoc.export.file.enabled]: Enables writing local files to disk.
+- link:#_apoc_import_file_enabled[apoc.import.file.enabled]: Enables reading local files from disk.
+- link:#_apoc_import_file_use_neo4j_config[apoc.import.file.use_neo4j_config]: Uses Neo4j configuration settings when reading local files from disk.
+- link:#_apoc_http_timeout_connect[apoc.http.timeout.connect]: Sets an timeout for outbound HTTP connection establishment.
+- link:#_apoc_http_timeout_read[apoc.http.timeout.read]: Set a timeout for outbound HTTP reads.
+- link:#_apoc_jobs_scheduled_num_threads[apoc.jobs.scheduled.num_threads]: Scheduled execution thread pool size.
+- link:#_apoc_jobs_pool_num_threads[apoc.jobs.pool.num_threads]: Background execution thread pool size.
+- link:#_apoc_jobs_queue_size[apoc.jobs.queue.size]: Background execution job queue size.
+
+TODO - extended config
+- link:#_apoc_couchbase_key_uri[apoc.couchbase.<key>.uri]: Store couchbase-urls under a key to be used by couchbase procedures
+- link:#_apoc_es_key_uri[apoc.es.<key>.uri]: store es-urls under a key to be used by elasticsearch procedures
+- link:#_apoc_jdbc_key_uri[apoc.jdbc.<key>.uri]: store jdbc-urls under a key to be used by apoc.load.jdbc
+- link:#_apoc_mongodb_key_uri[apoc.mongodb.<key>.uri]: store mongodb-urls under a key to be used by mongodb procedures
+- link:#_apoc_ttl_enabled[apoc.ttl.enabled]: Enable time to live background task
+- link:#_apoc_ttl_enabled_db[apoc.ttl.enabled.<name_db>]: Enable time to live background task for a specific db. Please note that this key has to be set necessarily in `apoc.conf`. If is true TTL is enabled for the db even if apoc.ttl.enabled is false, instead if is false is disabled for the db even if apoc.ttl.enabled is true
+
+- link:#_apoc_ttl_schedule[apoc.ttl.schedule]: Set frequency in seconds to run ttl background task
+
+- link:#_apoc_ttl_schedule_db[apoc.ttl.schedule.<name_db>]: Set frequency in seconds to run ttl background task for a specific db. It has priority over apoc.ttl.schedule. Please note that this key has to be set necessarily in `apoc.conf`.
+
+
+- link:#_apoc_ttl_limit[apoc.ttl.limit]: Maximum number of nodes being deleted in one background transaction, that is the batchSize applied to apoc.periodic.iterate() during removing nodes
+
+- link:#_apoc_ttl_limit_db[apoc.ttl.limit.<name_db>]: Maximum number of nodes being deleted in one background transaction for a specific db, that is the batchSize applied to apoc.periodic.iterate() during removing nodes for a specific db. It has priority over apoc.ttl.limit. Please note that this key has to be set necessarily in `apoc.conf`.
+
+
+
+- link:#_apoc_uuid_enabled[apoc.uuid.enabled]: global switch to enable uuid handlers
+- link:#_apoc_uuid_enabled_db[apoc.uuid.enabled.<name_db>]: Enable/disable uuid handlers for a specific db. Please note that this key has to be set necessarily in `apoc.conf`. If is true UUID is enabled for the db even if apoc.uuid.enabled is false, instead if is false is disabled for the db even if apoc.uuid.enabled is true
+
+
 Set these config options in `$NEO4J_HOME/conf/apoc.conf`, or by using environment variables.
 
 All boolean options default to **false**. This means that they are *disabled*, unless mentioned otherwise.
@@ -34,16 +68,22 @@ All boolean options default to **false**. This means that they are *disabled*, u
 | apoc.couchbase.<key>.uri=couchbase-url-with-credentials | store couchbase-urls under a key to be used by couchbase
 procedures
 | apoc.es.<key>.uri=es-url-with-credentials | store es-urls under a key to be used by elasticsearch procedures
+
 | apoc.import.file.enabled=false/true | Enable reading local files from disk
 | apoc.import.file.use_neo4j_config=true/false (default `true`) | the procedures check whether file system access is allowed and possibly constrained to a specific directory by reading the two configuration parameters `dbms.security.allow_csv_import_from_file_urls` and `server.directories.import` respectively
 | apoc.jdbc.<key>.uri=jdbc-url-with-credentials | store jdbc-urls under a key to be used by apoc.load.jdbc
 | apoc.mongodb.<key>.uri=mongodb-url-with-credentials | store mongodb-urls under a key to be used by mongodb procedures
+
 | apoc.ttl.enabled=false/true | Enable time to live background task
+
 | apoc.ttl.enabled.<name_db>=false/true (default true) | Enable time to live background task for a specific db. Please note that this key has to be set necessarily in `apoc.conf`. If is true TTL is enabled for the db even if apoc.ttl.enabled is false, instead if is false is disabled for the db even if apoc.ttl.enabled is true
+
 | apoc.ttl.schedule=<secs> (default `60`) | Set frequency in seconds to run ttl background task
 | apoc.ttl.schedule.<name_db>=<secs> (default `60`) | Set frequency in seconds to run ttl background task for a specific db. It has priority over apoc.ttl.schedule. Please note that this key has to be set necessarily in `apoc.conf`.
 | apoc.ttl.limit=<number> (default 1000) | Maximum number of nodes being deleted in one background transaction, that is the batchSize applied to apoc.periodic.iterate() during removing nodes
+
 | apoc.ttl.limit.<name_db>=<number> (default 1000) | Maximum number of nodes being deleted in one background transaction for a specific db, that is the batchSize applied to apoc.periodic.iterate() during removing nodes for a specific db. It has priority over apoc.ttl.limit. Please note that this key has to be set necessarily in `apoc.conf`.
+
 | apoc.uuid.enabled=false/true (default false) | global switch to enable uuid handlers
 | apoc.uuid.enabled.<name_db>=false/true (default true) | Enable/disable uuid handlers for a specific db. Please note that this key has to be set necessarily in `apoc.conf`. If is true UUID is enabled for the db even if apoc.uuid.enabled is false, instead if is false is disabled for the db even if apoc.uuid.enabled is true
 

docs/asciidoc/modules/ROOT/pages/index.adoc

@@ -21,6 +21,7 @@ The guide covers the following areas:
 * xref::introduction/index.adoc[] -- An Introduction to the APOC Extended library.
 * xref::installation/index.adoc[] -- Installation instructions for the APOC Extended library.
 * xref::usage/index.adoc[] -- A usage example.
+* xref::security-guidelines/index.adoc[] -- Guidelines on securing the APOC Extended library, and its environment.
 * xref::overview/index.adoc[] -- A list of all APOC Extended procedures and functions.
 * xref::config/index.adoc[] -- Configuration options used by the APOC Extended library.
 * xref::import/index.adoc[] -- A detailed guide to procedures that can be used to import data from different formats including JSON, CSV, and XLS.

docs/asciidoc/modules/ROOT/pages/installation/index.adoc

@@ -70,6 +70,6 @@ and put it into `plugin` folder.
 
 
 [[restricted]]
-== Load and unrestrict procedures/functions
+== Load and Unrestrict
 
-include::partial$restricted.adoc[tags=warnings,leveloffset=1]
+include::partial$restricted.adoc[tags=restricted,leveloffset=1]