You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jena.apache.org by an...@apache.org on 2018/11/17 17:20:33 UTC
[07/34] jena git commit: JENA-1627: Merge access control into Fuseki
main
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security-shared.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security-shared.ttl b/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security-shared.ttl
new file mode 100644
index 0000000..c16f66c
--- /dev/null
+++ b/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security-shared.ttl
@@ -0,0 +1,74 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX tdb2: <http://jena.apache.org/2016/tdb#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
+PREFIX access: <http://jena.apache.org/access#>
+
+[] rdf:type fuseki:Server ;
+ fuseki:services (
+ <#service_tdb2>
+ <#service_plain>
+ ) .
+
+<#service_tdb2> rdf:type fuseki:Service ;
+ rdfs:label "Access controlled dataset" ;
+ fuseki:name "database" ;
+ ## Read-only operations.
+ fuseki:serviceQuery "query" ;
+ fuseki:serviceQuery "sparql" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#access_dataset>;
+ .
+
+## Dataset 1
+## Access control
+<#access_dataset> rdf:type access:AccessControlledDataset ;
+ access:registry <#securityRegistry> ;
+ access:dataset <#tdb_dataset_shared> ;
+ .
+
+<#securityRegistry> rdf:type access:SecurityRegistry ;
+ access:entry ("user1" <http://host/graphname1> <http://host/graphname2> ) ;
+ access:entry ("user1" <http://host/graphname3> ) ;
+ access:entry ("user2" <http://host/graphname9> ) ;
+ access:entry [ access:user "user3" ; access:graphs (<http://host/graphname3> <http://host/graphname4> ) ] ;
+ access:entry [ access:user "user3" ; access:graphs <http://host/graphname5> ] ;
+ access:entry [ access:user "userZ" ; access:graphs <http://host/graphnameZ> ] ;
+ .
+## Dataset 2
+## No data access control.
+<#service_plain> rdf:type fuseki:Service ;
+ fuseki:name "plain";
+ fuseki:serviceQuery "query";
+ fuseki:serviceQuery "sparql";
+ fuseki:serviceUpdate "update";
+ fuseki:serviceUpload "upload" ;
+ fuseki:serviceReadGraphStore "data" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#tdb_dataset_shared> ;
+ .
+
+## Shared database.
+<#tdb_dataset_shared> rdf:type tdb2:DatasetTDB2 ;
+ tdb2:location "--mem--/DB" ;
+ tdb2:unionDefaultGraph true ;
+ .
+
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security.ttl b/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security.ttl
new file mode 100644
index 0000000..286ab2e
--- /dev/null
+++ b/jena-fuseki2/jena-fuseki-main/testing/Access/assem-security.ttl
@@ -0,0 +1,79 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX tdb2: <http://jena.apache.org/2016/tdb#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
+PREFIX access: <http://jena.apache.org/access#>
+
+[] rdf:type fuseki:Server ;
+ fuseki:services (
+ <#service_tdb2>
+ <#service_plain>
+ ) .
+
+<#service_tdb2> rdf:type fuseki:Service ;
+ rdfs:label "Access controlled dataset" ;
+ fuseki:name "database" ;
+ ## Read-only operations.
+ fuseki:serviceQuery "query" ;
+ fuseki:serviceQuery "sparql" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#access_dataset>;
+ .
+
+## Dataset 1
+## Access control
+<#access_dataset> rdf:type access:AccessControlledDataset ;
+ access:registry <#securityRegistry> ;
+ access:dataset <#tdb_dataset_read> ;
+ .
+
+## Own database
+<#tdb_dataset_read> rdf:type tdb2:DatasetTDB2 ;
+ tdb2:location "--mem--" ;
+ tdb2:unionDefaultGraph true ;
+ .
+
+<#securityRegistry> rdf:type access:SecurityRegistry ;
+ access:entry ("user1" <http://host/graphname1> <http://host/graphname2> ) ;
+ access:entry ("user1" <http://host/graphname3> ) ;
+ access:entry ("user2" <http://host/graphname9> ) ;
+ access:entry [ access:user "user3" ; access:graphs (<http://host/graphname3> <http://host/graphname4> ) ] ;
+ access:entry [ access:user "user3" ; access:graphs <http://host/graphname5> ] ;
+ access:entry [ access:user "userZ" ; access:graphs <http://host/graphnameZ> ] ;
+ .
+
+## Dataset 2
+## No data access control.
+<#service_plain> rdf:type fuseki:Service ;
+ fuseki:name "plain";
+ fuseki:serviceQuery "query";
+ fuseki:serviceQuery "sparql";
+ fuseki:serviceUpdate "update";
+ fuseki:serviceUpload "upload" ;
+ fuseki:serviceReadWriteGraphStore "data" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#tdb_dataset> ;
+ .
+
+<#tdb_dataset> rdf:type tdb2:DatasetTDB2 ;
+ tdb2:location "--mem--" ;
+ .
+
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-1.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-1.ttl b/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-1.ttl
new file mode 100644
index 0000000..e06b687
--- /dev/null
+++ b/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-1.ttl
@@ -0,0 +1,59 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX tdb2: <http://jena.apache.org/2016/tdb#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
+PREFIX access: <http://jena.apache.org/access#>
+
+[] rdf:type fuseki:Server ;
+ fuseki:allowedUsers "*";
+ fuseki:services (
+ <#service_tdb2>
+ <#service_plain>
+ ) .
+
+<#service_tdb2> rdf:type fuseki:Service ;
+ rdfs:label "Access controlled dataset" ;
+ fuseki:allowedUsers "user1", "user3";
+ fuseki:name "database1" ;
+ fuseki:serviceQuery "query" ;
+ fuseki:serviceQuery "sparql" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#dataset1>;
+ .
+
+## Own database
+<#dataset1> rdf:type ja:MemoryDataset ;
+ .
+
+## Dataset 2
+## No service
+<#service_plain> rdf:type fuseki:Service ;
+ fuseki:name "database2";
+ fuseki:serviceQuery "query";
+ fuseki:serviceQuery "sparql";
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#tdb_dataset> ;
+ .
+
+<#tdb_dataset> rdf:type tdb2:DatasetTDB2 ;
+ tdb2:location "--mem--" ;
+ .
+
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-2.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-2.ttl b/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-2.ttl
new file mode 100644
index 0000000..d08ad90
--- /dev/null
+++ b/jena-fuseki2/jena-fuseki-main/testing/Access/config-server-2.ttl
@@ -0,0 +1,59 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX tdb2: <http://jena.apache.org/2016/tdb#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
+PREFIX access: <http://jena.apache.org/access#>
+
+[] rdf:type fuseki:Server ;
+ fuseki:allowedUsers "user1", "user2";
+ fuseki:services (
+ <#service_tdb2>
+ <#service_plain>
+ ) .
+
+<#service_tdb2> rdf:type fuseki:Service ;
+ rdfs:label "Access controlled dataset" ;
+ fuseki:allowedUsers "user1", "user3";
+ fuseki:name "database1" ;
+ fuseki:serviceQuery "query" ;
+ fuseki:serviceQuery "sparql" ;
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#dataset1>;
+ .
+
+## Own database
+<#dataset1> rdf:type ja:MemoryDataset ;
+ .
+
+## Dataset 2
+## No service
+<#service_plain> rdf:type fuseki:Service ;
+ fuseki:name "database2";
+ fuseki:serviceQuery "query";
+ fuseki:serviceQuery "sparql";
+ fuseki:serviceReadGraphStore "get" ;
+ fuseki:dataset <#tdb_dataset> ;
+ .
+
+<#tdb_dataset> rdf:type tdb2:DatasetTDB2 ;
+ tdb2:location "--mem--" ;
+ .
+
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/Access/passwd
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/Access/passwd b/jena-fuseki2/jena-fuseki-main/testing/Access/passwd
new file mode 100644
index 0000000..d620faf
--- /dev/null
+++ b/jena-fuseki2/jena-fuseki-main/testing/Access/passwd
@@ -0,0 +1,4 @@
+# Licensed under the terms of http://www.apache.org/licenses/LICENSE-2.0
+user1 :pw1
+user2: pw2
+user3: pw3
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-main/testing/FusekiEmbedded/config.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-main/testing/FusekiEmbedded/config.ttl b/jena-fuseki2/jena-fuseki-main/testing/FusekiEmbedded/config.ttl
index 5a7f84a..cdd139b 100644
--- a/jena-fuseki2/jena-fuseki-main/testing/FusekiEmbedded/config.ttl
+++ b/jena-fuseki2/jena-fuseki-main/testing/FusekiEmbedded/config.ttl
@@ -1,9 +1,9 @@
-@prefix : <#> .
-@prefix fuseki: <http://jena.apache.org/fuseki#> .
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
-@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
-@prefix ja: <http://jena.hpl.hp.com/2005/11/Assembler#> .
-@prefix tdb: <http://jena.hpl.hp.com/2008/tdb#> .
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
+PREFIX tdb: <http://jena.hpl.hp.com/2008/tdb#>
<#serviceInMemory> rdf:type fuseki:Service;
rdfs:label "test";
http://git-wip-us.apache.org/repos/asf/jena/blob/2f1fefbd/jena-fuseki2/jena-fuseki-webapp/testing/config-ds-1.ttl
----------------------------------------------------------------------
diff --git a/jena-fuseki2/jena-fuseki-webapp/testing/config-ds-1.ttl b/jena-fuseki2/jena-fuseki-webapp/testing/config-ds-1.ttl
index 8e7a57b..aba5d82 100644
--- a/jena-fuseki2/jena-fuseki-webapp/testing/config-ds-1.ttl
+++ b/jena-fuseki2/jena-fuseki-webapp/testing/config-ds-1.ttl
@@ -1,9 +1,9 @@
-@prefix : <#> .
-@prefix fuseki: <http://jena.apache.org/fuseki#> .
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+PREFIX : <#>
+PREFIX fuseki: <http://jena.apache.org/fuseki#>
+PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
-@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
-@prefix ja: <http://jena.hpl.hp.com/2005/11/Assembler#> .
+PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+PREFIX ja: <http://jena.hpl.hp.com/2005/11/Assembler#>
<#service1> rdf:type fuseki:Service ;
# URI of the dataset -- http://host:port/ds