Page History

...

I want to allow a user with username "smith123" to have read, write access to resource http://localhost:8080/rest/webacl_box1.

Expand

Using these the two "files" below to create our Authorization and ACL resources.

Code Block

title	Acl.ttl

@prefix<> rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldpa ???:WebAcl .

Code Block

title	Authorization.ttl

@prefix acl: <http://www.w3.org/ns/ldp#>auth/acl#> .
<> a ldpacl:BasicContainerAuthorization ;
   rdfacl:type ???:WebAcl .

Code Block

title	Authorization.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf:agent "smith123" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "smith123" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/webacl_box1> .

We would execute the following commands.

localhost:8080/rest/webacl_box1> .

We would execute the following commands.

Code Block

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH

Code Block

> curl -X POST -H "Content-type: textapplication/turtlesparql-update" --dataupload-binary "@Acl.ttl"file - "http://localhost:8080/rest"

/webacl_box1"

I want to let the group "Editors" have read, write access on all the items in the collection "http://localhost:8080/rest/box/bag/collection"

Expand

Using the two "files" below to create our Authorization and ACL resources.

Code Block

title	Acl.ttl

<> a ???:WebAcl .

Code Block

title	Authorization.ttl

@prefix/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#> .
INSERT INTO {
<><> a acl:Authorization ;
   acl:accessControl <http://agent "Editors" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/box/bag/collection> .

We would execute the following commands.

Code Block
>acl> . }" \| curl -X PATCHPOST -H "Content-type: applicationtext/sparql-updateturtle" --uploaddata-file -binary "@Acl.ttl" "http://localhost:8080/rest/webacl_box1"

I want to let the group "Editors" have read, write access on all the items in the collection "

"

http://localhost:8080/rest/

box/bag/collection"

Expand

Using the below two "files",

@prefix acl: <http://www.w3.org/ns/auth/acl#> . @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix ldp: <http://www.w3.org/ns/ldp#> . <> a ldp:RDFSource ; rdf:type acl:Authorization ; acl:agent "Editors" ; acl:mode acl:Read, acl:Write ; acl:accessTo <http:

Code Block

title	Acl.ttl

@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldpacl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/ldp#> ./auth/acl#>
INSERT INTO {
<> a ldpacl:BasicContainer ;
   rdf:type ???:WebAcl .

Code Block

title	Authorization.ttl

accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/box/bag/collection"

I would like the collection http://localhost:8080/rest/dark/archive to be viewable only by the groupId "Restricted", but I would like to allow anyone to view the resource http://localhost:8080/rest/

box

dark/

bag

archive/

collection>

sunshine.

Expand

Using the three "files" below to create our Authorization and ACL resourcesWe would execute the following commands.

Code Block

title	Acl.ttl

<> a ???:WebAcl .

Code Block

title	Auth_restricted.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
<> a acl:Authorization ;
   acl:agent "Restricted" ;
   acl:mode acl:Read ;
   acl:accessTo <http> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> echo "PREFIX dark/archive> .

Code Block

title	Auth_open.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
INSERT INTO {
<> acl:accessControl@prefix foaf: <http://localhost:8080/rest/acl>/xmlns.com/foaf/0.1/> .
}"<> |a curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/box/bag/collection"

I would like the collection http

acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/dark/archive

to be viewable only by the groupId "Restricted", but I would like to allow anyone to view the resource

/sunshine> .

The I would execute the following commands.

Code Block
> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest

/dark/archive/sunshine.

Expand

Using the below three files to setup the Acl and Authorization resources.

Code Block

title	Acl.ttl

@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .

Auth

Code Block

title	Auth_restricted.ttl

@prefix "

http://localhost:8080/rest/acl_lock

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_restricted.ttl" "http://localhost:8080/rest/acl_lock/auth1"

http://localhost:8080/rest/acl_lock/auth1

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT .INTO {
@prefix<> rdfacl:accessControl <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "Restricted" ;
   acl:mode acl:Read ;
   acl:accessTo <http:localhost:8080/rest/acl_lock> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/dark/archive"

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/dark/archive> .

Code Block

title

acl_open

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_open.ttl

@prefix" acl"http: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldplocalhost:8080/rest/acl_open/auth2"

http://localhost:8080/rest/acl_open/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/ldp#> .acl#>
@prefixINSERT foaf: INTO {
<> acl:accessControl <http://xmlns.com/foaf/0.1/>localhost:8080/rest/acl_open> .
<>}" a| ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http:curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/dark/archive/sunshine> .sunshine"

The collection http://localhost:8080/rest/public_collection should be readable by anyone but only editable by users in the group Editors.

Expand

Using the three "files" below to create our Authorization and ACL resources.

Code Block

title	Acl.ttl

<> a ???:WebAcl .

Code Block

title	Auth1.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http

The I would execute the following commands.

Code Block

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl_lock

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_restricted.ttl" "http://localhost:8080/rest/acl_lock/auth1"

http://localhost:8080/rest/acl_lock/auth1

> echo "PREFIXpublic_collection> .

Code Block

title	Auth2.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl .
<> a acl:Authorization ;
   acl:agent "Editors" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/aclpublic_collection> .

I would execute the following code:

Code Block

>lock> .
}" | curl -X PATCHPOST -H "Content-type: applicationtext/sparql-updateturtle" --uploaddata-file -binary "@Acl.ttl" "http://localhost:8080/rest/dark/archive""

http://localhost:8080/rest/acl

> curl -X POSTPUT -H "Content-type: text/turtle" --data-binary "@Acl@Auth1.ttl" "http://localhost:8080/rest"/acl/auth1"

http://localhost:8080/rest/acl_open/auth1

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_open@Auth2.ttl" "http://localhost:8080/rest/acl_open/auth2"

http://localhost:8080/rest/acl_open/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl_open>acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/dark/archive/sunshine"public_collection"

Only the ex:publicImage type objects in the container The collection http://localhost:8080/rest/public_collection should be readable by anyone but only editable by users in the group EditorsmixedCollection are viewable by anyone, all others are only viewable by the group Admins.

Expand

Using the following three files to setup the Acl and Authorizations. We would:"files" below to create our Authorization and ACL resources.

Code Block

title	Acl.ttl

@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .

Code Block

title	Auth1.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/public_collection> .

Code Block

title	Auth2.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent "Editors" ;
   acl:mode acl:Read, acl:Write ;
   acl:accessTo <http://localhost:8080/rest/public_collection> .

I would execute the following code:

Code Block

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth1.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth2.ttl" "http://localhost:8080/rest/acl/auth2"

http://localhost:8080/rest/acl/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/public_collection"

Only the ex:publicImage type objects in the container http://localhost:8080/rest/mixedCollection are viewable by anyone, all others are only viewable by the group Admins.

Expand

Using the following three files Acl.ttl, Auth_restricted.ttl and Auth_open.ttl

Code Block

title	Acl.ttl

@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
<> a ldp:BasicContainer ;
   rdf:type ???:WebAcl .

Code Block

title	Auth_restricted.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent 'Admins' ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/mixedCollection><> a ???:WebAcl .

Code Block

title	Auth_openrestricted.ttl

@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix rdf: .
<> a acl:Authorization ;
   acl:agent 'Admins' ;
   acl:mode acl:Read ;
   acl:accessTo <http://localhost:8080/rest/mixedCollection> .

Code Block

title	Auth_open.ttl

@prefix aclwww.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix ldp: <http://www.w3.org/ns/ldp#>auth/acl#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
<> a ldp:RDFSource ;
   rdf:type acl:Authorization ;
   acl:agent foaf:Agent ;
   acl:mode acl:Read ;
   acl:accessToClass ex:publicImage .

I would execute the following commands:

Code Block

> curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest"

http://localhost:8080/rest/acl

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_restricted.ttl" "http://localhost:8080/rest/acl/auth1"

http://localhost:8080/rest/acl/auth1

> curl -X PUT -H "Content-type: text/turtle" --data-binary "@Auth_open.ttl" "http://localhost:8080/rest/acl/auth2"

http://localhost:8080/rest/acl/auth2

> echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#>
INSERT INTO {
<> acl:accessControl <http://localhost:8080/rest/acl> .
}" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/mixedCollection"

...

Page tree

Versions Compared

Old Version 15

New Version 16

Key