aboutsummaryrefslogtreecommitdiffstats
path: root/bsfs/graph/ac
diff options
context:
space:
mode:
Diffstat (limited to 'bsfs/graph/ac')
-rw-r--r--bsfs/graph/ac/__init__.py20
-rw-r--r--bsfs/graph/ac/base.py71
-rw-r--r--bsfs/graph/ac/null.py52
3 files changed, 143 insertions, 0 deletions
diff --git a/bsfs/graph/ac/__init__.py b/bsfs/graph/ac/__init__.py
new file mode 100644
index 0000000..420de01
--- /dev/null
+++ b/bsfs/graph/ac/__init__.py
@@ -0,0 +1,20 @@
+"""
+
+Part of the BlackStar filesystem (bsfs) module.
+A copy of the license is provided with the project.
+Author: Matthias Baumgartner, 2022
+"""
+# imports
+import typing
+
+# inner-module imports
+from .base import AccessControlBase
+from .null import NullAC
+
+# exports
+__all__: typing.Sequence[str] = (
+ 'AccessControlBase',
+ 'NullAC',
+ )
+
+## EOF ##
diff --git a/bsfs/graph/ac/base.py b/bsfs/graph/ac/base.py
new file mode 100644
index 0000000..bc9aeb3
--- /dev/null
+++ b/bsfs/graph/ac/base.py
@@ -0,0 +1,71 @@
+"""
+
+Part of the BlackStar filesystem (bsfs) module.
+A copy of the license is provided with the project.
+Author: Matthias Baumgartner, 2022
+"""
+# imports
+import abc
+import typing
+
+# bsfs imports
+from bsfs import schema
+from bsfs.triple_store import TripleStoreBase
+from bsfs.utils import URI
+
+# exports
+__all__: typing.Sequence[str] = (
+ 'AccessControlBase',
+ )
+
+
+## code ##
+
+class AccessControlBase(abc.ABC):
+ """Defines the interface for access control policies.
+
+ An access control policy governs which actions a user may take to query
+ or to manipulate a graph.
+
+ """
+
+ # The triple store backend.
+ _backend: TripleStoreBase
+
+ # The current user.
+ _user: URI
+
+ def __init__(
+ self,
+ backend: TripleStoreBase,
+ user: URI,
+ ):
+ self._backend = backend
+ self._user = URI(user)
+
+ @abc.abstractmethod
+ def is_protected_predicate(self, pred: schema.Predicate) -> bool:
+ """Return True if a predicate cannot be modified manually."""
+
+ @abc.abstractmethod
+ def create(self, node_type: schema.Node, guids: typing.Iterable[URI]):
+ """Perform post-creation operations on nodes, e.g. ownership information."""
+
+ @abc.abstractmethod
+ def link_from_node(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes for which outbound links can be written."""
+
+ @abc.abstractmethod
+ def link_to_node(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes for which inbound links can be written."""
+
+ @abc.abstractmethod
+ def write_literal(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes to which literals can be attached."""
+
+ @abc.abstractmethod
+ def createable(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes that are allowed to be created."""
+
+
+## EOF ##
diff --git a/bsfs/graph/ac/null.py b/bsfs/graph/ac/null.py
new file mode 100644
index 0000000..36838bd
--- /dev/null
+++ b/bsfs/graph/ac/null.py
@@ -0,0 +1,52 @@
+"""
+
+Part of the BlackStar filesystem (bsfs) module.
+A copy of the license is provided with the project.
+Author: Matthias Baumgartner, 2022
+"""
+# imports
+import typing
+
+# bsfs imports
+from bsfs import schema
+from bsfs.namespace import ns
+from bsfs.utils import URI
+
+# inner-module imports
+from . import base
+
+# exports
+__all__: typing.Sequence[str] = (
+ 'NullAC',
+ )
+
+
+## code ##
+
+class NullAC(base.AccessControlBase):
+ """The NULL access control implements a dummy policy that allows any action to any user."""
+
+ def is_protected_predicate(self, pred: schema.Predicate) -> bool:
+ """Return True if a predicate cannot be modified manually."""
+ return pred.uri == ns.bsm.t_created
+
+ def create(self, node_type: schema.Node, guids: typing.Iterable[URI]):
+ """Perform post-creation operations on nodes, e.g. ownership information."""
+
+ def link_from_node(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes for which outbound links can be written."""
+ return guids
+
+ def link_to_node(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes for which inbound links can be written."""
+ return guids
+
+ def write_literal(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes to which literals can be attached."""
+ return guids
+
+ def createable(self, node_type: schema.Node, guids: typing.Iterable[URI]) -> typing.Iterable[URI]:
+ """Return nodes that are allowed to be created."""
+ return guids
+
+## EOF ##
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 09:51:39 +0000