Technically, right now the server will take any cypher query supplied to the RPC and run it. This is the equivalent of taking strait SQL from a client and running it. The cypher RPC needs to be updated to protect against CYPHERi (i'm making that a thing. right now.). I haven't researched if py2neo or neo4j have some way of parameterizing queries, but we need to find out.
At the very least, we need to filter out queries which update the graph (add, delete, change, replace nodes/edges) as those changes won't get fed back through the pubsub to the other clients.
Technically, right now the server will take any cypher query supplied to the RPC and run it. This is the equivalent of taking strait SQL from a client and running it. The cypher RPC needs to be updated to protect against CYPHERi (i'm making that a thing. right now.). I haven't researched if py2neo or neo4j have some way of parameterizing queries, but we need to find out.
At the very least, we need to filter out queries which update the graph (add, delete, change, replace nodes/edges) as those changes won't get fed back through the pubsub to the other clients.