On 16/11/12 13:44, Claude Warren wrote:
Immutable Graphs: I had really problems to get this right and the
current Clerezza API does not help with that task (resulting in things
like read-only mutable graphs that are no Graphs as they only provide
a read-only view on a Graph that might still be changed by other
means). I think read-only Graphs (like
Collections.unmodifiableCollection(..)) should be sufficient. IMHO the
use case to protect a returned graph from modifications by the caller
of the method is much more prominent as truly immutable graphs.
I am currently working on a set of dynamic proxies in an attempt to
add security all all layers of the Jena stack. I currently have the
graph layer complete and the model layer 50% done.
My thought is that in addition to having read only you might want to
have write only (I know that sounds strange but I've seen such in
DBs). The upshot is that I would put full CRUD restriction
capabilities within the system.
I'm not sure that it will work but I thought I would give it a try. I
think that something needs to be done in this arena to go along with
the Fuseki security discussion I saw awhile back.
Claude
Excellent.
In case it helps:
com.hp.hpl.jena.sparql.core.DatasetGraphReadOnly
and friend:
com.hp.hpl.jena.sparql.graph.GraphReadOnly
Not perfect.
TDB, for read transactions enforces readonly at a lower level:
BlockMgrBuilderReadonly and NodeTableBuilderReadonly.
As BlockMgrs and NodeTables are all datastructures for TRDB, if those
two are readonly, the DB is immutable (for a view on to it).
Andy
