[ https://issues.apache.org/jira/browse/JENA-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16591972#comment-16591972 ]
ASF GitHub Bot commented on JENA-1594: -------------------------------------- GitHub user afs opened a pull request: https://github.com/apache/jena/pull/465 JENA-1594: Per-graph access control for Fuseki This adds a new module `jena-fuseki-access` that contains code for filtering data in SPARQL Query, SPARQL Graph Store Protocol, and plain quads access. Different users will see different views of the data based on their access rights. Also includes some smaller things picked up during development and tested as part of this development: * [JENA-1585](https://issues.apache.org/jira/browse/JENA-1585) -- More refactoring of Fuseki for future separation of core engine and the webapp form of Fuseki. * [JENA-1595](https://issues.apache.org/jira/browse/JENA-1595) -- log4j in scope test * [JENA-1592](https://issues.apache.org/jira/browse/JENA-1592) -- Bug fix for TDB2 * Typos and clearing up. You can merge this pull request into a Git repository by running: $ git pull https://github.com/afs/jena filter-security Alternatively you can review and apply these changes as the patch at: https://github.com/apache/jena/pull/465.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #465 ---- commit d8e51a82fea80ea21e7cdef8445dc00adec42ee2 Author: Andy Seaborne <andy@...> Date: 2018-08-20T19:34:04Z Copy dataset context to execution for query over model commit 9a60253c00aec6763adbb0253588fe4dc0b484d4 Author: Andy Seaborne <andy@...> Date: 2018-08-20T19:35:06Z JENA-1592: Unwrap TDB2 graphs commit ba3b4b6d1e6d64073db90f69b8a5feda195f3854 Author: Andy Seaborne <andy@...> Date: 2018-08-22T15:39:28Z Fix javadoc commit ea7f95efb493f3a1a8c8638e2496fceed178a0aa Author: Andy Seaborne <andy@...> Date: 2018-08-22T15:40:06Z Minor formatting tiding commit 62656645e698792116e82495320cca131ae45304 Author: Andy Seaborne <andy@...> Date: 2018-08-22T15:40:47Z Refactor to make subclassing easier commit 06f59125002992a13160fbc0d855ee819f035816 Author: Andy Seaborne <andy@...> Date: 2018-08-23T15:32:48Z JENA-1585: Refactoring webapp code to separate from the core server. commit 344ae5d841c8d22ce8c87e4a2fa466fe2a263582 Author: Andy Seaborne <andy@...> Date: 2018-08-23T16:13:00Z JENA-1594: Initial machinery with SPARQL Query filtering commit a17c6dd732ca32ef4122dc089c8717fccc5b75b1 Author: Andy Seaborne <andy@...> Date: 2018-08-23T17:27:39Z JENA-1595: Put log4j and slf4j-log4j into scope test for all modules commit 09f0e8b1c829013e377a42be84a0ce977973ee21 Author: Andy Seaborne <andy@...> Date: 2018-08-24T11:02:20Z Use only getW() for the denying write operations. commit dfa40be260e8e604223693f25d93ea3dc675b7c5 Author: Andy Seaborne <andy@...> Date: 2018-08-24T11:03:32Z Use the connection's httpClient and httpContext for fetchDataset(). commit aa65883b159c9a3ca6f2130d45bfa7249ba3c744 Author: Andy Seaborne <andy@...> Date: 2018-08-24T16:37:09Z Javadoc formatting. commit 689c4cf886facae3eec26208de059905db40408e Author: Andy Seaborne <andy@...> Date: 2018-08-24T16:38:42Z JENA-1594: GSP and Quads filtered access. Tests. ---- > Provide per-graph access control in Fuseki > ------------------------------------------ > > Key: JENA-1594 > URL: https://issues.apache.org/jira/browse/JENA-1594 > Project: Apache Jena > Issue Type: Task > Components: Fuseki > Affects Versions: Jena 3.8.0 > Reporter: Andy Seaborne > Assignee: Andy Seaborne > Priority: Major > > This will be for TDB1 and TDB2 only. They provide a [filter > mechanism|https://jena.apache.org/documentation/tdb/quadfilter.html] so that > triples and quads are filtered out at the lowest level. > This first version of data security will be for a data-access controlled > read-only service. The expectation is that updates happens via a different > Fuseki service sharing the same database and that service is service-access > controlled (i.e all or nothing access). > The data-access controlled service takes a security configuration of a > collection of graph names. Only those graph are visible through the > data-access controlled service. > For the union default graph, it is the union of visible graph only. -- This message was sent by Atlassian JIRA (v7.6.3#76005)