def preliminary_policy_expansion(graph): """Expand the policy graph with the knowledge contained within the policy. :graph: The policy graph """ # expanding hierarchy of targets for target in utils.get_targets(graph): utils.add_iri_hierarchy_to_graph(graph, target, predicate=ODRL.partOf, reverse=True) # expanding hierarchy of subjects for assignee in utils.get_assignee(graph): utils.add_iri_hierarchy_to_graph(graph, assignee, predicate=MOSAICROWN.belongsTo, reverse=True)
def main(): graph = rdflib.Graph() graph.parse(source="examples/scripts/policies/assets.jsonld", format="json-ld") print(colorama.Fore.CYAN + "[*] Add IRI-based hierarchy on targets") for target in utils.get_targets(graph): utils.add_iri_hierarchy_to_graph(graph, target, predicate=ODRL.partOf, reverse=True) print(colorama.Fore.CYAN + "[*] Add IRI-based hierarchy on assignees") for assignee in utils.get_assignee(graph): utils.add_iri_hierarchy_to_graph(graph, assignee, predicate=MOSAICROWN.belongsTo, reverse=True) print(colorama.Fore.CYAN + "\n[*] The policy\n") print(triples_table(graph)) print(colorama.Fore.CYAN + "\n\n[*] Actions\n") query = """ PREFIX odrl: <http://www.w3.org/ns/odrl/2/> SELECT DISTINCT ?rule ?assignee ?action ?target WHERE { ?policy odrl:permission ?rule . ?rule odrl:assignee ?assignee . ?rule odrl:action ?action . ?rule odrl:target ?targetRec . ?target odrl:partOf* ?targetRec . } """ results = graph.query(query) print(results_table(query, results)) generic = rdflib.URIRef("http://unibg.it/user") parabosc = rdflib.URIRef("http://unibg.it/user/parabosc") action = ODRL.read purpose = MOSAICROWN.statistical IRIs = {'students': 'http://unibg.it/table/students'} # Generic user access request. query = "SELECT students.Ethnicity FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, generic, action, purpose) query = "SELECT students.Ethnicity, students.CF FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, generic, action, purpose) query = "SELECT students.Sex, students.CF, students.Birthdate FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, generic, action, purpose) query = "SELECT students.IBAN FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, generic, action, purpose) query = "SELECT students.NotPreviouslyDefined FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, generic, action, purpose) # Parabosc user access request. query = "SELECT students.Ethnicity FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, parabosc, action, purpose) query = "SELECT students.Ethnicity, students.CF FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, parabosc, action, purpose) query = "SELECT students.Sex, students.CF, students.Birthdate FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, parabosc, action, purpose) query = "SELECT students.IBAN FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, parabosc, action, purpose) query = "SELECT students.NotPreviouslyDefined FROM students" targets = utils.get_targets_from_query(query, IRIs) utils.check_access(graph, targets, parabosc, action, purpose)