Versions Compared

Old Version 12

changes.mady.by.user Jared Whiklo

Saved on

compared with

New Version 13

changes.mady.by.user Andrew Woods

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. I want to allow a user with username "smith123" to have read, write access to resource http://localhost:8080/rest/webacl_box1.

    Expand

    Using these two "files" to create our Authorization and ACL resources.

    Code Block
    titleAcl.ttl
    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .
    Code Block
    titleAuthorization.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "smith123" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/webacl_box1> .

    We would execute the following commands.

    Code Block
    > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/webacl_box1"

  2. I want to let the group "Editors" have read, write access on all the items in the collection "http://localhost:8080/rest/box/bag/collection"

    Using the below two "files",

    Expand
    Code Block
    titleAcl.ttl
    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .
    Code Block
    titleAuthorization.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "Editors" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/box/bag/collection> .

    We would execute the following commands.

    Code Block
    > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/box/bag/collection"

  3.  I would like the collection http://localhost:8080/rest/dark/archive to be viewable only by the groupId "Restricted", but I would like to allow anyone to view the resource http://localhost:8080/rest/dark/archive/sunshine.

    Expand
    Using the below three
    files
     files to setup the Acl and Authorization resources.
    Code Block
    titleAcl.ttl
    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .
    Code Block
    titleAuth_restricted.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "Restricted" ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/dark/archive> .
    Code Block
    titleAuth_open.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/dark/archive/sunshine> .

    The I would execute the following commands.

    Code Block
    > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl_lock

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_restricted.ttl" "http://localhost:8080/rest/acl_lock/auth1"

http://localhost:8080/rest/acl_lock/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl_lock> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/dark/archive"

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl_open

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_open.ttl" "http://localhost:8080/rest/acl_open/auth2"

http://localhost:8080/rest/acl_open/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl_open> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/dark/archive/sunshine"

  4. The collection http://localhost:8080/rest/public_collection should be readable by anyone but only editable by users in the group Editors.

    Expand

    Using the

    following

    following three

    files

     files to setup the Acl and Authorizations. We would:

    Code Block
    titleAcl.ttl
    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .
    Code Block
    titleAuth1.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/public_collection> .
    Code Block
    titleAuth2.ttl
    @prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "Editors" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/public_collection> .

    I would execute the following code:

    Code Block
    > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth1.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth2.ttl" "http://localhost:8080/rest/acl/auth2"

http://localhost:8080/rest/acl/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/public_collection"