Hidden-Data-POC
This proof of concept (PoC) automatically sets up a Stardog database named cube-permission-test with the correct roles and users. It is designed to demonstrate access control mechanisms over RDF data stored in Stardog.
- Add User Passwords to
.sdpassFile: Before running the setup script, add the following lines to$HOME/.sdpass. This file stores the connection credentials for Stardog.
localhost:5820:cube-permission-test:user_public:pass_public
localhost:5820:cube-permission-test:user_authenticated:pass_authenticated
localhost:5820:cube-permission-test:user_editor:pass_editor
Replace pass_public, pass_authenticated, and pass_editor with the actual passwords for the users.
- Run the Setup Script:
Execute
create.shto create the database, roles, users, and assign the necessary permissions. Ensure that Stardog is running and you have administrative access.
./create.sh
After running the script, you can test the access controls:
- Public User (
user_public): Can read the default non-hidden graphs. - Authenticated User (
user_authenticated): Has read access to all graphs, including hidden graphs. - Editor User (
user_editor): Can read from and write to all graphs.
Use appropriate SPARQL queries to validate the access controls for each user. Ensure you are authenticated as the correct user when running these queries.
This PoC is intended for demonstration purposes and should be adapted for production environments with proper security considerations, especially concerning password management and user permissions.