%META:TOPICPARENT{name="VirtSpongerLinkedDataHooksIntoSPARQL"}% %META:TOPICPARENT{name="VirtSpongerLinkedDataHooksIntoSPARQL"}% ---+Example Performing Sponging with Private Graphs Using get:private pragma The following example demonstrates how private sponging using get:private pragma works for database with private graphs. 1 Create few users in alphabetical order: DB.DBA.USER_CREATE ('Anna', 'Anna'); DB.DBA.USER_CREATE ('Brad', 'Brad'); DB.DBA.USER_CREATE ('Carl', 'Carl'); 1 Set to Anna, Brad and Carl SPARQL SELECT, UPDATE and SPONGE permissions: grant SPARQL_SELECT to "Anna"; grant SPARQL_SELECT to "Brad"; grant SPARQL_SELECT to "Carl"; grant SPARQL_UPDATE to "Anna"; grant SPARQL_UPDATE to "Brad"; grant SPARQL_UPDATE to "Carl"; grant SPARQL_SPONGE to "Anna"; grant SPARQL_SPONGE to "Brad"; grant SPARQL_SPONGE to "Carl"; 1 Set specific privileges: Setup assuming 3 users: Anna, Brad and Carl where each of these individual users has read access to graphs: -- Close any public access to "private" graphs DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 0, 1); -- Set Read Only for public on graphs not listed as "private". DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Anna', 0, 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Brad', 0, 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Carl', 0, 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Anna', 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Brad', 1); DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('Carl', 1); 1 Assuming the following four sorts of access that are specified by four bits of an integer "permission bit-mask", following plain old UNIX style: * Bit 1 permits read access. * Bit 2 permits write access via SPARUL and is basically useless without bit 1 set. * Bit 4 permits write access via "RDF Network Resource Fetch" methods and is basically useless without bits 1 and 2 set. * Bit 8 allows retrieval of the list of members of a graph group. An IRI can be used as a graph IRI and as a graph group IRI at the same time, so bit 8 can be freely combined with any of bits 1, 2 or 4. * In the statements from below should be considered: * "15 = 8+4+2+1 " -- i.e. combining all the four sorts of access FROM above * "9 = 8 + 1" -- i.e. read access + access to retrieve the list of members for a given graph group -- Create Graph Group for Anna and set privileges: DB.DBA.RDF_GRAPH_GROUP_CREATE ('urn:Anna:Sponged:Data', 1); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Anna:Sponged:Data', 'Anna', 15); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Anna:Sponged:Data', 'Brad', 9); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Anna:Sponged:Data', 'Carl', 9); -- Create Graph Group for Brad and set privileges: DB.DBA.RDF_GRAPH_GROUP_CREATE ('urn:Brad:Sponged:Data', 1); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Brad:Sponged:Data', 'Anna', 9); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Brad:Sponged:Data', 'Brad', 15); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Brad:Sponged:Data', 'Carl', 9); -- Create Graph Group for Carl and set privileges: DB.DBA.RDF_GRAPH_GROUP_CREATE ('urn:Carl:Sponged:Data', 1); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Carl:Sponged:Data', 'Anna', 9); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Carl:Sponged:Data', 'Brad', 9); DB.DBA.RDF_GRAPH_USER_PERMS_SET ('urn:Carl:Sponged:Data', 'Carl', 15); -- Set Anna's, Brad's and Carl's graphs by inserting them into the virtrdf:PrivateGraphs graph group: DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'http://anna-example.com/'); DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'http://brad-example.com/'); DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'http://carl-example.com/'); 1 Examples with invalid graph group names: 1 Example with Non-existing Graph Group: -- An error for non-existing Graph group will be raised. SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example with "virtrdf:PrivateGraphs" graph group which is reserved for system usage: -- An error for attempt to add a graph to special graph group will be raised. SPARQL DEFINE get:soft "replacing" DEFINE get:private virtrdf:PrivateGraphs SELECT * FROM WHERE { ?s ?p ?o }; 1 Example with "virtrdf:rdf_repl_graph_group" graph group which is reserved for system usage: -- An error for attempt to add a graph to special graph group will be raised. SPARQL DEFINE get:soft "replacing" DEFINE get:private virtrdf:rdf_repl_graph_group SELECT * FROM WHERE { ?s ?p ?o }; 1 Examples to check Anna's sponging permissions on different graph groups: 1 Example for adding graph to Anna's graph group <urn:Anna:Sponged:Data>: -- No error will be raised as Anna has the efficient rights for graph group reconnect "Anna"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Brad's graph group <urn:Brad:Sponged:Data>: -- An error will be rased because "Anna" has not enough rights on that group reconnect "Anna"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Carl's graph group <urn:Carl:Sponged:Data>: -- An error will be rased because "Anna" has not enough rights on that group reconnect "Anna"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Examples check Brad's sponging permissions on different graph groups: 1 Example for adding graph to Anna's graph group <urn:Anna:Sponged:Data>: -- An error will be rased because "Brad" has not enough rights on that group reconnect "Brad"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Brad's graph group <urn:Brad:Sponged:Data>: -- No error will be raised as Brad has the efficient rights for graph group reconnect "Brad"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Carl's graph group <urn:Carl:Sponged:Data>: -- An error will be rased because "Brad" has not enough rights on that group reconnect "Brad"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Examples check Carl's sponging permissions on different graph groups: 1 Example for adding graph to Anna's graph group <urn:Anna:Sponged:Data>: -- An error will be rased because "Carl" has not enough rights on that group reconnect "Carl"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Brad's graph group <urn:Brad:Sponged:Data>: -- An error will be rased because "Carl" has not enough rights on that group reconnect "Carl"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 Example for adding graph to Carl's graph group <urn:Carl:Sponged:Data>: -- No error will be raised as Carl has the efficient rights for graph group reconnect "Carl"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; 1 User Carl performs private sponging: reconnect "Carl"; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM WHERE { ?s ?p ?o }; -- Should return for ex. 365 rows. SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT COUNT(*) FROM WHERE { ?s ?p ?o }; SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT * FROM NAMED FROM NAMED WHERE { graph ?g { ?s ?p ?o } }; -- Should return for ex. 1317 rows. SPARQL DEFINE get:soft "replacing" DEFINE get:private SELECT COUNT(*) FROM NAMED FROM NAMED WHERE { graph ?g { ?s ?p ?o } }; 1 User Anna reads Carl's data: reconnect "Anna"; SPARQL SELECT COUNT(*) FROM WHERE { ?s ?p ?o }; callret-0 INTEGER _______________________________________________________________________________ 365 1 Rows. -- 15 msec. ---++Sponger Usage Examples * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html#virtuosospongerusageprocessorex][SPARQL Processor Usage Example]] * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html#virtuosospongerusageproxyex2][RDF Proxy Service Example]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtDeployingLinkedDataGuide_BrowsingNorthwindRdfView#AncMozToc2][Browsing & Exploring RDF View Example Using ODE]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtDeployingLinkedDataGuide_BrowsingNorthwindRdfView#AncMozToc3][Browsing & Exploring RDF View Example Using iSPARQL]] * [[http://docs.openlinksw.com/virtuoso/rdfinsertmethods.html#rdfinsertmethodplapissimpleexample][Basic Sponger Cartridge Example]] * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html#virtuosospongerusagebriefex][HTTP Example for Extracting Metadata using CURL]] * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html#virtuosospongercartridgetypesmetarestexamples][RESTFul Interaction Examples]] * [[http://docs.openlinksw.com/virtuoso/sect5_virtuosospongercreatecustcartrrgstflickr.html][Flickr Cartridge Example]] * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html#virtuosospongercreatecustcartrexmp][MusicBrainz Metadatabase Example]] * [[VirtTipsAndTricksGuideAddTriplesNamedGraph][SPARQL Tutorial -- Magic of SPARUL and Sponger]] ---++Related * [[VirtSpongerLinkedDataHooksIntoSPARQLEx45][Example Performing Sponging on a entirely confidential database using get:private pragma]] * [[VirtSpongerLinkedDataHooksIntoSPARQL][Sponger's Linked Data Middleware Hooks into SPARQL]] * [[VirtSponger][Virtuoso Sponger]] * [[http://virtuoso.openlinksw.com/Whitepapers/html/VirtSpongerWhitePaper.html][Technical White Paper]] * [[VirtSpongerCartridgeSupportedDataSources][Supported Virtuoso Sponger Cartridges]] * [[SPARQLSponger][SPARQL Sponger]] * [[VirtInteractSpongerMiddlewareRESTPatterns][Interacting with Sponger Middleware via RESTful Patterns]] * [[VirtSpongerCartridgeSupportedDataSourcesMetaRESTExamples][Interacting with Sponger Meta Cartridge via RESTful Patterns]] * [[VirtSpongerCartridgeRDFExtractor][Sponger Cartridge RDF Extractor]] * [[RDFMappers][ Extending SPARQL IRI Dereferencing with RDF Mappers]] * [[VirtSpongerCartridgeProgrammersGuide][Programmer Guide for Virtuoso Linked Data Middleware ("Sponger")]] * [[VirtProgrammerGuideRDFCartridge][Create RDF Custom Cartridge Tutorial]] * [[VirtSpongerCartridgeSupportedDataSources][OpenLink-supplied Virtuoso Sponger Cartridges]] * [[VirtAuthServerUI][Virtuoso Authentication Server]] * [[VirtOAuthSPARQL][Virtuoso SPARQL OAuth Tutorial]] * [[VirtSpongerACL][Virtuoso Sponger Access Control List (ACL) Setup]] * [[VirtSPARQLSecurityWebID][WebID Protocol & SPARQL Endpoint ACLs Tutorial]] * [[http://docs.openlinksw.com/virtuoso/virtuososponger.html][Virtuoso Documentation]]