You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jena.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/08/24 17:41:00 UTC

[jira] [Commented] (JENA-1594) Provide per-graph access control in Fuseki

    [ https://issues.apache.org/jira/browse/JENA-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16591972#comment-16591972 ] 

ASF GitHub Bot commented on JENA-1594:
--------------------------------------

GitHub user afs opened a pull request:

    https://github.com/apache/jena/pull/465

    JENA-1594: Per-graph access control for Fuseki

    This adds a new module `jena-fuseki-access` that contains code for filtering data in SPARQL Query, SPARQL Graph Store Protocol, and plain quads access. Different users will see different views of the data based on their access rights.
    
    Also includes some smaller things picked up during development and tested as part 
    of this development:
    
    * [JENA-1585](https://issues.apache.org/jira/browse/JENA-1585) -- More refactoring of Fuseki for future separation of core engine and the webapp form of Fuseki.
    * [JENA-1595](https://issues.apache.org/jira/browse/JENA-1595) -- log4j in scope test
    * [JENA-1592](https://issues.apache.org/jira/browse/JENA-1592) -- Bug fix for TDB2
    * Typos and clearing up.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/afs/jena filter-security

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/jena/pull/465.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #465
    
----
commit d8e51a82fea80ea21e7cdef8445dc00adec42ee2
Author: Andy Seaborne <an...@...>
Date:   2018-08-20T19:34:04Z

    Copy dataset context to execution for query over model

commit 9a60253c00aec6763adbb0253588fe4dc0b484d4
Author: Andy Seaborne <an...@...>
Date:   2018-08-20T19:35:06Z

    JENA-1592: Unwrap TDB2 graphs

commit ba3b4b6d1e6d64073db90f69b8a5feda195f3854
Author: Andy Seaborne <an...@...>
Date:   2018-08-22T15:39:28Z

    Fix javadoc

commit ea7f95efb493f3a1a8c8638e2496fceed178a0aa
Author: Andy Seaborne <an...@...>
Date:   2018-08-22T15:40:06Z

    Minor formatting tiding

commit 62656645e698792116e82495320cca131ae45304
Author: Andy Seaborne <an...@...>
Date:   2018-08-22T15:40:47Z

    Refactor to make subclassing easier

commit 06f59125002992a13160fbc0d855ee819f035816
Author: Andy Seaborne <an...@...>
Date:   2018-08-23T15:32:48Z

    JENA-1585: Refactoring webapp code to separate from the core server.

commit 344ae5d841c8d22ce8c87e4a2fa466fe2a263582
Author: Andy Seaborne <an...@...>
Date:   2018-08-23T16:13:00Z

    JENA-1594: Initial machinery with SPARQL Query filtering

commit a17c6dd732ca32ef4122dc089c8717fccc5b75b1
Author: Andy Seaborne <an...@...>
Date:   2018-08-23T17:27:39Z

    JENA-1595: Put log4j and slf4j-log4j into scope test for all modules

commit 09f0e8b1c829013e377a42be84a0ce977973ee21
Author: Andy Seaborne <an...@...>
Date:   2018-08-24T11:02:20Z

    Use only getW() for the denying write operations.

commit dfa40be260e8e604223693f25d93ea3dc675b7c5
Author: Andy Seaborne <an...@...>
Date:   2018-08-24T11:03:32Z

    Use the connection's httpClient and httpContext for fetchDataset().

commit aa65883b159c9a3ca6f2130d45bfa7249ba3c744
Author: Andy Seaborne <an...@...>
Date:   2018-08-24T16:37:09Z

    Javadoc formatting.

commit 689c4cf886facae3eec26208de059905db40408e
Author: Andy Seaborne <an...@...>
Date:   2018-08-24T16:38:42Z

    JENA-1594: GSP and Quads filtered access. Tests.

----


> Provide per-graph access control in Fuseki
> ------------------------------------------
>
>                 Key: JENA-1594
>                 URL: https://issues.apache.org/jira/browse/JENA-1594
>             Project: Apache Jena
>          Issue Type: Task
>          Components: Fuseki
>    Affects Versions: Jena 3.8.0
>            Reporter: Andy Seaborne
>            Assignee: Andy Seaborne
>            Priority: Major
>
> This will be for TDB1 and TDB2 only. They provide a [filter mechanism|https://jena.apache.org/documentation/tdb/quadfilter.html] so that triples and quads are filtered out at the lowest level.
> This first version of data security will be for a data-access controlled read-only service. The expectation is that updates happens via a different Fuseki service sharing the same database and that service is service-access controlled (i.e all or nothing access). 
> The data-access controlled service takes a security configuration of a collection of graph names. Only those graph are visible through the data-access controlled service.
> For the union default graph, it is the union of visible graph only. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)