[jira] [Updated] (JENA-990) rename the UpdateDeniedException
[ https://issues.apache.org/jira/browse/JENA-990?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Claude Warren updated JENA-990: --- Assignee: Claude Warren rename the UpdateDeniedException - Key: JENA-990 URL: https://issues.apache.org/jira/browse/JENA-990 Project: Apache Jena Issue Type: Improvement Components: Core Affects Versions: Jena 3.0.0 Reporter: Claude Warren Assignee: Claude Warren Priority: Minor As noted in a discussion on the dev list between myself and Andy this update is to rename the current UpdateDeniedException to AccessDeniedException and extend it from a newly created OperationDeniedException. AddDeniedException and DeleteDeniedException will extend AccessDeniedException. jena-permissions will extend AccessDeniedException to create: ReadDeniedException -- for read restrictions UpdateDeniedException -- for update restrictions (modifying triples that already exists as opposed to adding new triples) This will allow Fuskei to properly respond to the case where jena-permissions is in place and there are update restrictions in place. Currently Fuseki returns this as a 500 error. Once we have a common permission denied exception we can return either authentication required or access denied as appropriate. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (JENA-992) Refactor graph/permissions interface layer
Claude Warren created JENA-992: -- Summary: Refactor graph/permissions interface layer Key: JENA-992 URL: https://issues.apache.org/jira/browse/JENA-992 Project: Apache Jena Issue Type: Improvement Components: Security Affects Versions: Jena 3.0.0 Reporter: Claude Warren Assignee: Claude Warren The jena-permissions package was originally designed to be graph implementation agnostic. To that end there is a layer that translates the jena based node, triple and statement objects into a slightly different format. As jena-permissions is now part of Apache Jena proper this layer should be factored out to improve performance. The results of this refactoring will be visible and probably disruptive to early adopters and so should be done as part of the 3.0 release. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (JENA-990) rename the UpdateDeniedException
[ https://issues.apache.org/jira/browse/JENA-990?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14632302#comment-14632302 ] Claude Warren commented on JENA-990: Andy, I think the separation you are looking for is the distinction between when authentication may resolve an AccessDeniedException and when it will not. It took me awhile to see the distinction you were presenting but I think that captures it. Basically if the graph is read-only authentication will not solve the add denied exception -- right? Within the SecurityEvaluator implementation it is possible to make certain graphs read-only such that authentication will not change the state. I hadn't thought about this before. It seems to me that the only place where we know that authentication may change the AccessDeniedException is in the SecurityEvaluator. I suggest that we add an AuthenticationRequiredException to be thrown when the system determines that authentication may change the state of what would otherwise be an AccessDeniedException. I think that AuthenticationRequiredException should be a child of AccessDeniedException. This should make it much easier for Fuseki to produce proper 400 series errors. rename the UpdateDeniedException - Key: JENA-990 URL: https://issues.apache.org/jira/browse/JENA-990 Project: Apache Jena Issue Type: Improvement Components: Core Affects Versions: Jena 3.0.0 Reporter: Claude Warren Assignee: Claude Warren Priority: Minor As noted in a discussion on the dev list between myself and Andy this update is to rename the current UpdateDeniedException to AccessDeniedException and extend it from a newly created OperationDeniedException. AddDeniedException and DeleteDeniedException will extend AccessDeniedException. jena-permissions will extend AccessDeniedException to create: ReadDeniedException -- for read restrictions UpdateDeniedException -- for update restrictions (modifying triples that already exists as opposed to adding new triples) This will allow Fuskei to properly respond to the case where jena-permissions is in place and there are update restrictions in place. Currently Fuseki returns this as a 500 error. Once we have a common permission denied exception we can return either authentication required or access denied as appropriate. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (JENA-993) Change security to permissions in the components list
Claude Warren created JENA-993: -- Summary: Change security to permissions in the components list Key: JENA-993 URL: https://issues.apache.org/jira/browse/JENA-993 Project: Apache Jena Issue Type: Task Components: Security Reporter: Claude Warren Priority: Minor The jena-security package was renamed to jena-permissions this is a change to the ticketing label to align with that change. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Re: Final Deliveries of GSoC Project (JENA-491)
For 1), how to commit the documentation in Jena website? If you have commit access you can either edit the pages online by clicking on the link in the top right corner Improve this Page, or check out the source repository at http://svn.apache.org/repos/asf/jena/site/trunk/ and commit your changes. Or you can check out the SVN repository, create a patch and attach it to a JIRA issue. Changes to the web site are visible initially in http://jena.staging.apache.org/ Hope that helpsBruno From: Qihong Lin confidence@gmail.com To: dev@jena.apache.org Sent: Sunday, July 19, 2015 6:17 AM Subject: Re: Final Deliveries of GSoC Project (JENA-491) Hi, I've been taking some course exams for the last week. The current project status is ahead of plan. I'll continue the project next week after the exams. For 1), how to commit the documentation in Jena website? regards, Qihong On Wed, Jul 15, 2015 at 5:43 PM, Ying Jiang jpz6311...@gmail.com wrote: Hi Qihong, How is the project going? I've reviewed the code you committed last week. The function of Fuseki support of constructing quad is generally OK. The tests make sense to me, although just 2 tests. However, there's more deliveries for you final work. At least, 1) Formal documentation of the goals, approaches, results and etc. I suggest creating a doc page in jena website [1], in the section of Advanced SPARQL use 2) Pull requests from your code base into apache/jena ASAP Please split this up so that we can check your commits one by one. More details in the other thread advised by Andy. 3) More tests for jena-arq and jena-fuseki-core following the original framework Please let me know if anything forgotten. Best regards, Ying Jiang [1] https://jena.apache.org/documentation/query/index.html
Re: Final Deliveries of GSoC Project (JENA-491)
Hi, I've been taking some course exams for the last week. The current project status is ahead of plan. I'll continue the project next week after the exams. For 1), how to commit the documentation in Jena website? regards, Qihong On Wed, Jul 15, 2015 at 5:43 PM, Ying Jiang jpz6311...@gmail.com wrote: Hi Qihong, How is the project going? I've reviewed the code you committed last week. The function of Fuseki support of constructing quad is generally OK. The tests make sense to me, although just 2 tests. However, there's more deliveries for you final work. At least, 1) Formal documentation of the goals, approaches, results and etc. I suggest creating a doc page in jena website [1], in the section of Advanced SPARQL use 2) Pull requests from your code base into apache/jena ASAP Please split this up so that we can check your commits one by one. More details in the other thread advised by Andy. 3) More tests for jena-arq and jena-fuseki-core following the original framework Please let me know if anything forgotten. Best regards, Ying Jiang [1] https://jena.apache.org/documentation/query/index.html