Example 1 with AuthPolicy
use of org.apache.jena.fuseki.auth.AuthPolicy in project jena by apache.
the class FusekiConfig method buildDataAccessPoint.
/**
* Build a DataAccessPoint, including DataService, from the description at Resource svc
*/
public static DataAccessPoint buildDataAccessPoint(Resource svc, DatasetDescriptionMap dsDescMap) {
RDFNode n = BuildLib.getOne(svc, "fu:name");
try {
if (!n.isLiteral())
throw new FusekiConfigException("Not a literal for access point name: " + FmtUtils.stringForRDFNode(n));
Literal object = n.asLiteral();
if (object.getDatatype() != null && !object.getDatatype().equals(XSDDatatype.XSDstring))
Fuseki.configLog.error(format("Service name '%s' is not a string", FmtUtils.stringForRDFNode(object)));
String name = object.getLexicalForm();
name = DataAccessPoint.canonical(name);
AuthPolicy allowedUsers = allowedUsers(svc);
DataService dataService = buildDataService(svc, dsDescMap).setAuthPolicy(allowedUsers).build();
DataAccessPoint dataAccess = new DataAccessPoint(name, dataService);
return dataAccess;
} catch (FusekiException ex) {
Fuseki.configLog.error("Skipping: Failed to build service for " + FmtUtils.stringForRDFNode(n));
Fuseki.configLog.error(" " + ex.getMessage());
return null;
}
}
Also used :
FusekiConfigException(org.apache.jena.fuseki.FusekiConfigException)
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
FusekiException(org.apache.jena.fuseki.FusekiException)
Example 2 with AuthPolicy
use of org.apache.jena.fuseki.auth.AuthPolicy in project jena by apache.
the class FusekiConfig method buildEndpoint.
/**
* Parse {@code fuseki:endpoint}
* <pre>
* fuseki:endpoint [
* fuseki:operation fuseki:Query ;
* fuseki:opImplementation <java:package.Class>
* fuseki:allowedUsers (....) ;
*
* ja:context [ ja:cxtName "arq:queryTimeout" ; ja:cxtValue "1000" ] ;
* ja:context [ ja:cxtName "arq:queryLimit" ; ja:cxtValue "10000" ] ;
* ja:context [ ja:cxtName "tdb:defaultUnionGraph" ; ja:cxtValue "true" ] ;
*
* and specials:
* fuseki:timeout "1000,1000" ;
* fuseki:queryLimit 1000;
* arq:unionGraph true;
* ] ;
* </pre>
*/
private static Endpoint buildEndpoint(Resource fusekiService, Resource endpoint) {
// Endpoints are often blank nodes so use fusekiService in error messages.
// fuseki:operation
RDFNode opResource = getZeroOrOne(endpoint, pOperation);
Operation op = null;
if (opResource != null) {
if (!opResource.isResource() || opResource.isAnon())
throw exception("Blank node endpoint operation in service %s", nodeLabel(fusekiService));
Node opRef = opResource.asNode();
op = Operation.get(opRef);
}
// fuseki:implementation - checking only, not active.
if (op == null) {
RDFNode rImpl = getZeroOrOne(endpoint, pImplementation);
if (rImpl == null)
throw exception("No implementation for fuseki:operation '%s' in service %s", nodeLabel(opResource), nodeLabel(fusekiService));
// Global registry. Replace existing registry.
Pair<Operation, ActionService> x = BuildLib.loadOperationActionService(rImpl);
Operation op2 = x.getLeft();
ActionService proc = x.getRight();
if (op2 == null)
throw exception("Failed to load implementation for fuseki:operation '%s' in service %s", nodeLabel(opResource), nodeLabel(fusekiService));
op = op2;
// Using a blank node (!) for the operation means this is safe!
// OperationRegistry.get().register(op2, proc);
}
// fuseki:allowedUsers
AuthPolicy authPolicy = FusekiConfig.allowedUsers(endpoint);
// fuseki:name
RDFNode epNameR = getZeroOrOne(endpoint, pEndpointName);
String epName = null;
if (epNameR == null) {
// // Make required to give "" for dataset, not default to dataset if missing.
// throw exception("No service name for endpoint", fusekiService, ep, pServiceName);
epName = Endpoint.DatasetEP.string;
} else {
if (!epNameR.isLiteral())
throw exception("Not a literal for service name for endpoint", fusekiService, endpoint, pEndpointName);
epName = epNameR.asLiteral().getLexicalForm();
}
Context cxt = parseContext(endpoint);
// Per-endpoint context.
// Could add special names:
// fuseki:timeout
// fuseki:queryLimit
// fuseki:unionDefaultGraph
Endpoint ep = Endpoint.create().operation(op).endpointName(epName).authPolicy(authPolicy).context(cxt).build();
return ep;
}
Also used :
Context(org.apache.jena.sparql.util.Context)
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
Node(org.apache.jena.graph.Node)
ActionService(org.apache.jena.fuseki.servlets.ActionService)
Example 3 with AuthPolicy
use of org.apache.jena.fuseki.auth.AuthPolicy in project jena by apache.
the class FusekiConfig method oldStyleCompat.
/**
* Old style compatibility.
* For each endpoint in "endpoints1", ensure there is an endpoint on the dataset (endpoint name "") itself.
* Combine the authentication as "AND" of named endpoints authentication.
*/
private static Collection<Endpoint> oldStyleCompat(DataService.Builder dataService, Set<Endpoint> endpoints1) {
Map<Operation, Endpoint> endpoints3 = new HashMap<>();
endpoints1.forEach(ep -> {
Operation operation = ep.getOperation();
AuthPolicy auth = ep.getAuthPolicy();
if (!StringUtils.isEmpty(ep.getName())) {
if (endpoints3.containsKey(operation)) {
Endpoint ep1 = endpoints3.get(operation);
// Accumulate Authorization.
auth = AuthPolicyList.merge(ep1.getAuthPolicy(), auth);
Endpoint ep2 = Endpoint.create(ep.getOperation(), "", auth);
endpoints3.put(operation, ep2);
} else {
Endpoint ep2 = Endpoint.create(operation, "", auth);
endpoints3.put(operation, ep2);
}
}
});
// Now, after making all legacy endpoints, remove any that are explicit defined in endpoints1.
// Given the small numbers involved, it is easier to do it this way than
// additional logic in the first pass over endpoints1.
endpoints1.stream().filter(ep -> StringUtils.isEmpty(ep.getName())).forEach(ep -> endpoints3.remove(ep.getOperation()));
return endpoints3.values();
}
Also used :
Context(org.apache.jena.sparql.util.Context)
java.util(java.util)
RDF(org.apache.jena.vocabulary.RDF)
Auth(org.apache.jena.fuseki.auth.Auth)
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
DatasetGraph(org.apache.jena.sparql.core.DatasetGraph)
FmtUtils(org.apache.jena.sparql.util.FmtUtils)
StringUtils(org.apache.commons.lang3.StringUtils)
StrUtils(org.apache.jena.atlas.lib.StrUtils)
RDFParserRegistry.isRegistered(org.apache.jena.riot.RDFParserRegistry.isRegistered)
JA(org.apache.jena.assembler.JA)
DirectoryStream(java.nio.file.DirectoryStream)
QuerySolution(org.apache.jena.query.QuerySolution)
GraphUtils(org.apache.jena.sparql.util.graph.GraphUtils)
Fuseki(org.apache.jena.fuseki.Fuseki)
FusekiException(org.apache.jena.fuseki.FusekiException)
Method(java.lang.reflect.Method)
Path(java.nio.file.Path)
Dataset(org.apache.jena.query.Dataset)
BuildLib.nodeLabel(org.apache.jena.fuseki.build.BuildLib.nodeLabel)
FusekiVocab(org.apache.jena.fuseki.server.FusekiVocab)
Lang(org.apache.jena.riot.Lang)
Logger(org.slf4j.Logger)
Assembler(org.apache.jena.assembler.Assembler)
Files(java.nio.file.Files)
ActionService(org.apache.jena.fuseki.servlets.ActionService)
BuildLib.getZeroOrOne(org.apache.jena.fuseki.build.BuildLib.getZeroOrOne)
IOException(java.io.IOException)
org.apache.jena.fuseki.server(org.apache.jena.fuseki.server)
String.format(java.lang.String.format)
RDFLanguages.filenameToLang(org.apache.jena.riot.RDFLanguages.filenameToLang)
File(java.io.File)
org.apache.jena.rdf.model(org.apache.jena.rdf.model)
IRILib(org.apache.jena.atlas.lib.IRILib)
FusekiConfigException(org.apache.jena.fuseki.FusekiConfigException)
Collectors.toList(java.util.stream.Collectors.toList)
Util(org.apache.jena.rdf.model.impl.Util)
Node(org.apache.jena.graph.Node)
XSDDatatype(org.apache.jena.datatypes.xsd.XSDDatatype)
ReadWrite(org.apache.jena.query.ReadWrite)
Pair(org.apache.jena.atlas.lib.Pair)
AssemblerUtils(org.apache.jena.sparql.core.assembler.AssemblerUtils)
JenaException(org.apache.jena.shared.JenaException)
AuthPolicyList(org.apache.jena.fuseki.auth.AuthPolicyList)
ResultSet(org.apache.jena.query.ResultSet)
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
Example 4 with AuthPolicy
use of org.apache.jena.fuseki.auth.AuthPolicy in project jena by apache.
the class TestAuthorized method auth_noOne.
@Test
public void auth_noOne() {
AuthPolicy auth = Auth.DENY;
assertFalse(auth.isAllowed(null));
assertFalse(auth.isAllowed("user1"));
}
Also used :
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
Test(org.junit.Test)
Example 5 with AuthPolicy
use of org.apache.jena.fuseki.auth.AuthPolicy in project jena by apache.
the class TestAuthorized method auth_parse_2.
@Test
public void auth_parse_2() {
Resource r = model.createResource("http://example/r2");
AuthPolicy auth = FusekiConfig.allowedUsers(r);
assertNotNull(auth);
assertFalse(auth.isAllowed(null));
assertTrue(auth.isAllowed("user1"));
assertTrue(auth.isAllowed("user2"));
assertFalse(auth.isAllowed("user3"));
}
Also used :
AuthPolicy(org.apache.jena.fuseki.auth.AuthPolicy)
Resource(org.apache.jena.rdf.model.Resource)
Test(org.junit.Test)
Aggregations
AuthPolicy (org.apache.jena.fuseki.auth.AuthPolicy)16
Test (org.junit.Test)10
Resource (org.apache.jena.rdf.model.Resource)5
FusekiConfigException (org.apache.jena.fuseki.FusekiConfigException)3
Collectors.toList (java.util.stream.Collectors.toList)2
FusekiException (org.apache.jena.fuseki.FusekiException)2
AuthPolicyList (org.apache.jena.fuseki.auth.AuthPolicyList)2
DataService (org.apache.jena.fuseki.server.DataService)2
ActionService (org.apache.jena.fuseki.servlets.ActionService)2
Node (org.apache.jena.graph.Node)2
QuerySolution (org.apache.jena.query.QuerySolution)2
ResultSet (org.apache.jena.query.ResultSet)2
Context (org.apache.jena.sparql.util.Context)2
File (java.io.File)1
IOException (java.io.IOException)1
String.format (java.lang.String.format)1
Method (java.lang.reflect.Method)1
DirectoryStream (java.nio.file.DirectoryStream)1
Files (java.nio.file.Files)1
Path (java.nio.file.Path)1
