- From: Nathan <nathan@webr3.org>
- Date: Thu, 29 Nov 2012 16:52:05 +0000
- To: bergi <bergi@axolotlfarm.org>
- CC: Read-Write-Web <public-rww@w3.org>, WebID <public-webid@w3.org>
bergi wrote: > In the last teleconf, we didn't come to a conclusion if it's possible to > use existing triples for resource access control using the WAC ontology. > Here is an UAC example, which is use for my ResourceMe tests. In this > example the _:RoleReadGallery role grants read access to the resources > defined by following the s:significantLink and s:contentURL properties. > Start point is a uac:Authorization, which assigns roles and subjects to > an agent/group. > > Could WAC also do this? How would the access control rule look like? > > > @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>. > @prefix s: <http://schema.org/>. > @prefix uac: <http://ns.bergnet.org/uac/0.1/universal-access-control#>. > > # > # my gallery triples: > # > <https://www.bergnet.org/people/bergi/gallery/test/gallery#gallery> > a s:ImageGallery; > s:significantLink [ > a s:ImageObject; > s:contentURL <https://www.bergnet.org/people/bergi/file/IMG_9391.jpg>; > ], [ > a s:ImageObject; > s:contentURL <https://www.bergnet.org/people/bergi/file/IMG_9401.jpg>; > ]. > > # > # read access to gallery pictures > # > _:RoleReadGallery a uac:Role; > uac:access [ > uac:filter [ a uac:SimpleFilter; > uac:predicate s:significantLink; > ]; > uac:children [ > uac:access [ > uac:filter [ a uac:SimpleFilter; > uac:predicate s:contentURL; > ]; > uac:children [ > uac:access [ a uac:ResourceAuthorization; > uac:mode uac:Read; > ]; > ]; > ]; > ]; > ]. > > # > # assign role + gallery to a foaf group > # > _:AuthzFriendsReadGallery a uac:Authorization; > uac:agent <https://www.bergnet.org/people/bergi/card#friends>; > uac:subject > <https://www.bergnet.org/people/bergi/gallery/test/gallery#gallery>; > uac:hasRole _:RoleReadGallery. Yes, by using OWL machinery to create an equivalent class which is filtered ont he same properties, then use the result in an agentClass.
Received on Thursday, 29 November 2012 16:52:41 UTC