Accueil > Intranet Michel Buffa > Droits d'accès dans SweetWiki

Droits d'accès dans SweetWiki

De $1

Introduction

Ici on discute de la manière d'implémenter les droits d'accès dans SweetWiki.

Utilisateurs, groupes, rôles et actions

Inspiration première : la manière dont DekiWiki gère les droits. Dans la partie admin, il y a un control panel qui permet de gérer des "Roles", un rôle étant associé à une action (cf screenshot ci-dessous). Il y a aussi la gestion des utilisateurs et des groupes, un groupe pouvant se composer d'une liste d'utilisateurs et/ou d'autres groupes. Un utilisateur ou un groupe a un role par défaut.

 Snap1.jpg

After long discussion, we create our dependence own between "roles" and "action":

table_htm (1).png

 

Spécification des droits pour une resource

Dans DekiWiki, pour chaque page, on spécifie son accès "public, semi-public ou privé", et pour les deux derniers cas, on donne la liste des utilisateurs et/ou des groupes qui ont le droit de modifier ou de voir et modifier.

 Snap2 (2).jpg

Ontologies proposées et exemples d'annotation pour SweetWiki

Nous proposons d'étendre l'ontologie du wiki et d'utiliser conjointement une ontologie intitulée provisoirement amo_ont (Access Management Ontology).

Nous supposons que les home page de SweetWiki contiennent un profil FOAF dédié à SweetWiki (qui pourra être référencé par un profil FOAF "global", un peu à la manière d'Adil qui a des profils FOAF légers/dédiés sur lastfm, etc... et un gros profil FOAF sur un URL de l'inria).

Example home page of user

<?xml version="1.0" encoding="utf-8"?>
<rdf:RDF
 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
 xmlns:owl="http://www.w3.org/2002/07/owl#"
 xmlns:foaf="http://xmlns.com/foaf/0.1/#"
 xml:base="http://sweetwiki.inria.fr/AMO_ontology.rdfs"
 xmlns:xfoaf="http://www.foafrealm.org/xfoaf/0.1/#"
 xmlns="http://sweetwiki.inria.fr/AMO_ontology.rdfs#">	<!-- Access Managment Ontology--> 
    
    <foaf:Person rdf:about="#AnnaKolomoiska" >
        <foaf:name>
            Anna Kolomoiska
        </foaf:name>
        <foaf:mbox rdf:resource="kalamo4ka@ukr.net"/>
        <foaf:nick>
            kalamo4ka
        </foaf:nick>
        <foaf:interest rdf:resource="http://www.wikipedia.org" rdfs:label="Wikipedia"/>
        <foaf:interest>
            Rollers
        </foaf:interest>
        <foaf:homepage rdf:resource="#HomePage_AnnaKolomoiska"/>
		<hasRole rdf:resource="#Admin"/>
        <foaf:knows>
            <foaf:Person rdf:about="#AngelaBeesley">
            	<foaf:name>
            		Angela Beesley
            	</foaf:name>
                <xfoaf:friendshipLevel>
                    0.7
                </xfoaf:friendshipLevel>
				<foaf:homepage rdf:resource="#HomePage_AngelaBeesley"/>
            </foaf:Person>
        </foaf:knows>
        <foaf:knows>
            <foaf:Person>
            	<foaf:name>
            		Nastya Baranenko
            	</foaf:name>
                <xfoaf:friendshipLevel>
                    0.9
                </xfoaf:friendshipLevel>
            </foaf:Person>
        </foaf:knows>
        
    </foaf:Person>
    
</rdf:RDF>

 

 

Exemple de page annotée pour spécifier un accès restreint

Ici, la page a un accès privé, accessible et modifiable par Ania et le groupe des admins.

<?xml version="1.0" encoding="utf-8"?>
<rdf:RDF
 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
 xmlns:owl="http://www.w3.org/2002/07/owl#"
 xmlns:foaf="http://xmlns.com/foaf/0.1/#"
 xml:base="http://sweetwiki.inria.fr/AMO_ontology.rdfs"
 xmlns:xfoaf="http://www.foafrealm.org/xfoaf/0.1/#"
 xmlns="http://sweetwiki.inria.fr/AMO_ontology.rdfs#">	<!-- Access Managment Ontology-->  

    <Document rdf:about="#PageBy_AnnaKolomoiska">
        <foaf:name>
            PageBy_AnnaKolomoiska
        </foaf:name>
        <creator rdf:resource="#AnnaKolomoiska"/>
        <hasAccessType rdf:resource="#Private"/>            
    </Document>
    
</rdf:RDF>

 

Example annotation groupe of admins

<?xml version="1.0" encoding="utf-8"?>
<rdf:RDF
 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
 xmlns:owl="http://www.w3.org/2002/07/owl#"
 xmlns:foaf="http://xmlns.com/foaf/0.1/#"
 xml:base="http://sweetwiki.inria.fr/AMO_ontology.rdfs"
 xmlns:xfoaf="http://www.foafrealm.org/xfoaf/0.1/#"
 xmlns="http://sweetwiki.inria.fr/AMO_ontology.rdfs#">	<!-- Access Managment Ontology--> 
 
    <Group rdf:about="#GroupAdmins">
        <foaf:name>
            Group of Admins 
        </foaf:name>
        <foaf:member>
            <foaf:Person rdf:about="#AnnaKolomoiska"/>
        </foaf:member>  
        <hasRole rdf:resource="#Admin"/>     
    </Group>
    
</rdf:RDF>

 

Ontology

<?xml version="1.0" encoding="utf-8"?>
<rdf:RDF
 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
 xmlns:owl="http://www.w3.org/2002/07/owl#"
 xmlns:foaf="http://xmlns.com/foaf/0.1/#"
 xml:base="http://sweetwiki.inria.fr/AMO_ontology.rdfs"
 xmlns:xfoaf="http://www.foafrealm.org/xfoaf/0.1/#"
 xmlns="http://sweetwiki.inria.fr/AMO_ontology.rdfs#">
    
    <!-- Access Managment Ontology-->
    
    <owl:Ontology rdf:about="http://sweetwiki.inria.fr/AMO_ontology.rdfs">
        <rdfs:comment>
            Ontology for managment access rights
        </rdfs:comment>
        <rdfs:label>
            Access Managment Ontology
        </rdfs:label>
    </owl:Ontology>
    
    
    <!-- external clesses
    
    Class: foaf:Agent (http://xmlns.com/foaf/spec/#term_Agent)
    Agent - An agent (eg. person, group, software or physical artifact).
    
    Class: foaf:Document (http://xmlns.com/foaf/spec/#term_Document)
    Document - A document.
    
    -->
	
    <rdfs:Class rdf:ID="Agent">
        <rdfs:subClassOf rdf:resource="foaf:Agent"/>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Document">
        <rdfs:subClassOf rdf:resource="foaf:Document"/>
    </rdfs:Class>
    
    
    <rdf:Property rdf:ID="creator">
        <rdfs:domain rdf:resource="#Document"/>
        <rdfs:range rdf:resource="#Agent"/>
        <rdfs:label xml:lang="en">
            creator of resourse
        </rdfs:label>
        <rdfs:subPropertyOf rdf:resource="foaf:maker"/>
    </rdf:Property>
    
    <!--Class-->
    
    <rdfs:Class rdf:ID="Role">
        <rdfs:label xml:lang="en">
            role
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            a role
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Admin">
        <rdf:type rdf:resource="#Role"/>
        <rdfs:label xml:lang="en">
            administrator
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            role of administrator
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Contributor">
        <rdf:type rdf:resource="#Role"/>
        <rdfs:label xml:lang="en">
            contributor
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            role of contributor
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Guest">
        <rdf:type rdf:resource="#Role"/>
        <rdfs:label xml:lang="en">
            guest
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            of guest
        </rdfs:comment>
    </rdfs:Class>   
	
    <rdfs:Class rdf:ID="AuthorizedActionOnResource">
		<rdfs:subClassOf rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            Authorized action on resource
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            an action on a resource
        </rdfs:comment>
    </rdfs:Class>	
	
    <rdfs:Class rdf:ID="Action">
        <rdfs:label xml:lang="en">
            action
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            an action on a resource
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="ReadContent">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            read
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-read content of resource
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="ModifyUserRights">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            modify rights
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-modify rights of users
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="ModifyContent">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            modify content
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-modify content of resource
        </rdfs:comment>
    </rdfs:Class>
  
    <rdfs:Class rdf:ID="ModifyAccessType">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            delete
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-Modify Access Type of resource
        </rdfs:comment>
    </rdfs:Class>
	
    <rdfs:Class rdf:ID="ModifyListOfGivenAgent">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            delete
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-Modify List Of Given Agent of resource
        </rdfs:comment>
    </rdfs:Class>  
    
    <rdfs:Class rdf:ID="DeleteContent">
        <rdf:type rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            delete
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            kind of action-delete content of resource
        </rdfs:comment>
    </rdfs:Class>
	   
    <rdfs:Class rdf:ID="AccessType">
        <rdfs:label xml:lang="en">
            access type
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            type of access
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Private">
        <rdf:type rdf:resource="#AccessType"/>
        <rdfs:label xml:lang="en">
            private
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            private access-nobody can read, modify, delete, except given persons and groups
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="SemiPublic">
        <rdf:type rdf:resource="#AccessType"/>
        <rdfs:label xml:lang="en">
            semiPublic
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            semiPublic access-everyone can read, but only given persons and groups can modify and delete
        </rdfs:comment>
    </rdfs:Class>
    
    <rdfs:Class rdf:ID="Public">
        <rdf:type rdf:resource="#AccessType"/>
        <rdfs:label xml:lang="en">
            public
        </rdfs:label>
        <rdfs:comment xml:lang="en">
            public access-everyone can read, modify and delete
        </rdfs:comment>
    </rdfs:Class>
    
    
    <!--Properties-->
    
    <rdf:Property rdf:ID="hasAction">
        <rdfs:domain rdf:resource="#Role"/>
        <rdfs:range rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            action for this role
        </rdfs:label>
    </rdf:Property>
    
    <rdf:Property rdf:ID="hasRole">
        <rdfs:domain rdf:resource="#Agent"/>
        <rdfs:range rdf:resource="#Role"/>
        <rdfs:label xml:lang="en">
            role of agent
        </rdfs:label>
    </rdf:Property>
    
    <rdf:Property rdf:ID="hasAccessType">
        <rdfs:domain rdf:resource="#Document"/>
        <rdfs:range rdf:resource="#AccessType"/>
        <rdfs:label xml:lang="en">
            access type to document
        </rdfs:label>
    </rdf:Property>
    
    <rdf:Property rdf:ID="hasGivenAgent">
        <rdfs:domain rdf:resource="#Document"/>
        <rdfs:range rdf:resource="#Agent"/>
        <rdfs:label xml:lang="en">
            agent, who has rights to modify and delete page
        </rdfs:label>
    </rdf:Property>
    
    <rdf:Property rdf:ID="hasAuthorizedActionOnResource">
        
        <rdfs:domain rdf:resource="#Agent"/>
        <rdfs:range rdf:resource="#AuthorizedActionOnResource"/>
        <rdfs:label xml:lang="en">
            authorized action, wich agent has on resouce
        </rdfs:label>
    </rdf:Property>

    <rdf:Property rdf:ID="hasActionOnResource">
        
        <rdfs:domain rdf:resource="#AuthorizedActionOnResource"/>
        <rdfs:range rdf:resource="#Action"/>
        <rdfs:label xml:lang="en">
            actions, wich agent has on resouce
        </rdfs:label>
    </rdf:Property>

    <rdf:Property rdf:ID="hasResource">
        
        <rdfs:domain rdf:resource="#AuthorizedActionOnResource"/>
        <rdfs:range rdf:resource="#Document"/>
        <rdfs:label xml:lang="en">
            resource, where agent has an action
        </rdfs:label>
    </rdf:Property>	  
	  
    <!--Descriptions-->
    
    <rdf:Description rdf:about="#Guest">
        <hasAction rdf:resource="#ReadContent"/>
    </rdf:Description>
    
    <rdf:Description rdf:about="#Contributor">
    	<hasAction rdf:resource="#CreateContent"/>
        <hasAction rdf:resource="#ReadContent"/>
        <hasAction rdf:resource="#ModifyContent"/>
        <hasAction rdf:resource="#DeleteContent"/>
		<hasAction rdf:resource="#ModifyListOfGivenAgent"/>
		<hasAction rdf:resource="#ModifyAccessType"/>
    </rdf:Description>
    
    <rdf:Description rdf:about="#Admin">
    	<hasAction rdf:resource="#CreateContent"/>
        <hasAction rdf:resource="#ReadContent"/>
        <hasAction rdf:resource="#ModifyUserRights"/>
        <hasAction rdf:resource="#ModifyContent"/>
        <hasAction rdf:resource="#DeleteContent"/>
		<hasAction rdf:resource="#ModifyListOfGivenAgent"/>
		<hasAction rdf:resource="#ModifyAccessType"/>
    </rdf:Description>
    
</rdf:RDF>

 Rules

rule_about_access (1).rul

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE rdf:RDF [

<!ENTITY cos "http://www.inria.fr/acacia/corese#">
<!ENTITY rdf "http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<!ENTITY rdfs "http://www.w3.org/2000/01/rdf-schema#">
<!ENTITY amo "http://sweetwiki.inria.fr/AMO_ontology.rdfs#">
<!ENTITY foaf "http://xmlns.com/foaf/0.1/#">
 ]>


<rdf:RDF xmlns:rdfs="&rdfs;" xmlns:rdf="&rdf;" xmlns:cos="&cos;" xmlns:amo="&amo;" xmlns:foaf="&foaf;">
	
    <cos:rule cos:name="for_Given_Agent">
        <!-- given agents have only such actions -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource rdf:type amo:Document.
			?resource amo:hasGivenAgent ?agent
            }
        </cos:if>
        <cos:then>
            {
			?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.
            ?auth_action_on_res amo:hasActionOnResource amo:ReadContent.
			?auth_action_on_res amo:hasActionOnResource amo:ModifyContent.
			?auth_action_on_res amo:hasActionOnResource amo:DeleteContent.
			?auth_action_on_res amo:hasActionOnResource amo:ModifyListOfGivenAgent.
			?auth_action_on_res amo:hasActionOnResource amo:ModifyAccessType.
			?auth_action_on_res amo:hasResource ?resource
            }
        </cos:then>
    </cos:rule>	
	
    <cos:rule cos:name="Creator_is_Given">
        <!--  access for creator -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource amo:creator ?agent
            }
        </cos:if>
        <cos:then>
            {
            ?resource amo:hasGivenAgent ?agent
            }
        </cos:then>
    </cos:rule>
	    	
    <cos:rule cos:name="for_Admin">
        <!-- admins have only such actions -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource rdf:type amo:Document.
            ?agent amo:hasRole amo:Admin
            }
        </cos:if>
        <cos:then>
            {
			?resource amo:hasGivenAgent ?agent.
			?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.
			?auth_action_on_res amo:hasActionOnResource amo:ModifyUserRights.
			?auth_action_on_res amo:hasResource ?resource
			
            }
        </cos:then>
    </cos:rule>
		        
    <cos:rule cos:name="Public_for_Guest">
        <!-- if access Type of page "Public"-enyone have such actions -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource amo:hasAccessType amo:Public.
            ?agent rdf:type amo:Agent
            }
        </cos:if>
        <cos:then>
            {
            ?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.
			?auth_action_on_res amo:hasActionOnResource amo:ReadContent.
			?auth_action_on_res amo:hasResource ?resource
            }
        </cos:then>
    </cos:rule>
    
	<cos:rule cos:name="Public_for_Contributor">
        <!-- if access Type of page "Public" - contributors have such actions -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource amo:hasAccessType amo:Public.
            ?agent amo:hasRole amo:Contributor
            }
        </cos:if>
        <cos:then>
            {
            ?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.		
			?auth_action_on_res amo:hasActionOnResource amo:ReadContent.
			?auth_action_on_res amo:hasActionOnResource amo:ModifyContent.
			?auth_action_on_res amo:hasActionOnResource amo:DeleteContent.
			?auth_action_on_res amo:hasResource ?resource
            }
        </cos:then>
    </cos:rule>
	
    <cos:rule cos:name="SemiPublic_for_Guest_or_Contributor">
        <!-- if access Type of page "SemiPublic"- everyone have such actions -->
        <cos:if>
            PREFIX amo: &lt;&amo;&gt;
            {
            ?resource amo:hasAccessType amo:SemiPublic.
            ?agent rdf:type amo:Agent
            }
        </cos:if>
        <cos:then>
            {
			?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.
            ?auth_action_on_res amo:hasActionOnResource amo:ReadContent.
			?auth_action_on_res amo:hasResource ?resource
            }
        </cos:then>       
    </cos:rule>
 	
</rdf:RDF>

 

 

SPARQL Requests examples

Example 1.

 using all files

Query :

prefix amo: <http://sweetwiki.inria.fr/AMO_ontology.rdfs#>
select ?resource ?agent where {
?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res.
?auth_action_on_res amo:hasResource ?resource
?auth_action_on_res amo:hasActionOnResource amo:DeleteContent
}

Result :

<?xml version='1.0' encoding='Cp1251'?>
<cos:result xmlns:cos='http://www.inria.fr/acacia/corese#'>
<cos:tquery>
<![CDATA[prefix amo: <http://sweetwiki.inria.fr/AMO_ontology.rdfs#> 
select list display xml ?resource ?agent  
where 
{ ?agent amo:hasAuthorizedActionOnResource ?auth_action_on_res . ?auth_action_on_res amo:hasResource ?resource . ?auth_action_on_res amo:hasActionOnResource amo:DeleteContent . }  
]]></cos:tquery>
<cos:info><![CDATA[
0.00 s for 5 projections
]]></cos:info>
<sparql xmlns='http://www.w3.org/2005/sparql-results#' xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' >
<head>
<variable name='resource'/>
<variable name='agent'/>
</head>
<results ordered='false' distinct='false' >
<result>
<binding name='resource'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#PageBy_AngelaBeesley</uri></binding>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
</result>
<result>
<binding name='resource'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#PageBy_AngelaBeesley</uri></binding>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
</result>
<result>
<binding name='resource'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#PageBy_AngelaBeesley</uri></binding>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AngelaBeesley</uri></binding>
</result>
<result>
<binding name='resource'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#PageBy_AnnaKolomoiska</uri></binding>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
</result>
<result>
<binding name='resource'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#PageBy_AnnaKolomoiska</uri></binding>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
</result>
</results>
</sparql>
</cos:result>

 

Example 2

  using all files

Query:

prefix amo: <http://sweetwiki.inria.fr/AMO_ontology.rdfs#>
select ?agent ?action where
{
 ?agent amo:hasAuthorizedActionOnResource ?auth_act.
 ?auth_act amo:hasActionOnResource ?action.
 ?auth_act amo:hasResource amo:PageBy_AnnaKolomoiska
}
order by ?agent

Result:

<?xml version='1.0' encoding='Cp1251'?>
<cos:result xmlns:cos='http://www.inria.fr/acacia/corese#'>
<cos:tquery>
<![CDATA[prefix amo: <http://sweetwiki.inria.fr/AMO_ontology.rdfs#> 
select list display xml ?agent ?action  
where 
{ ?agent amo:hasAuthorizedActionOnResource ?auth_act . ?auth_act amo:hasActionOnResource ?action . ?auth_act amo:hasResource <amo:PageBy_AnnaKolomoiska> . } order by ?agent  
]]></cos:tquery>
<cos:info><![CDATA[
0.00 s for 12 projections
]]></cos:info>
<sparql xmlns='http://www.w3.org/2005/sparql-results#' xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' >
<head>
<variable name='agent'/>
<variable name='action'/>
</head>
<results ordered='true' distinct='false' >
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyUserRights</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ReadContent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyContent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyAccessType</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyListOfGivenAgent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#AnnaKolomoiska</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#DeleteContent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyUserRights</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ReadContent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyContent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyAccessType</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#ModifyListOfGivenAgent</uri></binding>
</result>
<result>
<binding name='agent'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#GroupAdmins</uri></binding>
<binding name='action'><uri>http://sweetwiki.inria.fr/AMO_ontology.rdfs#DeleteContent</uri></binding>
</result>
</results>
</sparql>
</cos:result>

Discussions et questions

  • Au lieu de définir les groupes et les rôles par défaut : utiliser des règles OWL lite ?
  • Utilisation de SIOC:user ou sioc:user_groups_of au lieu de foaf:agent
  • Problème de sécurité, ne pas indiquer à quels groupes les personnes appartiennent dans le home page, mais dans des annotations non accessibles de l'extérieur,
  • Utiliser SIOC types qui définit déjà ce qu'est un contributeur, un guest, un admin ? Soucis : SIOC Types a l'air non fini et surtout ces rôles sont au niveau du "site" et mal définis...

 

Mots clés:
FichierTailleDateAttaché par 
 AMO_ontology (4).rdfs
ontology
9.13 Ko10:16, 22 Avr 2009AnnaKolomoiskaActions
 Group_Admins (3).rdf
Group_Admins description
752 octets10:16, 22 Avr 2009AnnaKolomoiskaActions
 HomePage_AngelaBeesley (1).rdf
HomePage_AngelaBeesley description
1167 octets10:16, 22 Avr 2009AnnaKolomoiskaActions
 HomePage_AnnaKolomoiska (3).rdf
HomePage_AnnaKolomoiska description
1678 octets10:17, 22 Avr 2009AnnaKolomoiskaActions
 Microsoft Word - table.pdf
dependence table
6.04 Ko10:34, 22 Avr 2009AnnaKolomoiskaActions
 PageBy_AngelaBeesley (1).rdf
PageBy_AngelaBeesley description
730 octets10:17, 22 Avr 2009AnnaKolomoiskaActions
 PageBy_AnnaKolomoiska (3).rdf
PageBy_AnnaKolomoiska description
728 octets10:17, 22 Avr 2009AnnaKolomoiskaActions
 pic.pdf
Aucune description
199.5 Ko09:54, 31 Mar 2009MichelBuffaActions
 rule_about_access (1).rul
rules
4.2 Ko10:17, 22 Avr 2009AnnaKolomoiskaActions
Images (6)
Voir 1 - 6 sur 6 images | Voir tout
table_pic
table_pic
table_htm...  Actions
Aucune description
Snap5.jpg  Actions
Aucune description
Snap4.jpg  Actions
Aucune description
Snap3.jpg  Actions
Aucune description
Snap2 (2)...  Actions
Aucune description
Snap1.jpg  Actions
Commentaires (2)
Affichage de 2 commentaires sur 2: voir tout
This is a test
Posté 10:12, 12 Mar 2010
This is another test
Posté 10:12, 12 Mar 2010
Affichage de 2 commentaires sur 2: voir tout
Vous devez être connecté pour poster un commentaire.