PREFIX rule: <tag:stardog:api:rule:>
PREFIX : <urn:test:>
PREFIX gr: <http://purl.org/goodrelations/v1#>
[] a rule:SPARQLRule ;
rule:content """
PREFIX xsd: <http://www.w3.org/2001/XMLSchema#>
PREFIX gr: <http://purl.org/goodrelations/v1#>
PREFIX :<urn:test:>
IF {
GRAPH <urn:company:data> {
?offering gr:hasPriceSpecification ?ps .
?ps gr:hasCurrencyValue ?price .
FILTER (?price >= 200.00).
}
}
THEN {
GRAPH <urn:company:role1> {
?offering a :ExpensiveProduct .
}
}
""".
Also:
How well do you think this scales?
Would a very specific query (10 results) of a near admin (sees > 1 G triples) have an acceptable query time / memory footprint?
Cheers,
Jörn
--
-- --
You received this message because you are subscribed to the C&P "Stardog" group.
To post to this group, send email to sta...@clarkparsia.com
To unsubscribe from this group, send email to
stardog+u...@clarkparsia.com
For more options, visit this group at
http://groups.google.com/a/clarkparsia.com/group/stardog?hl=en
Have you considering using named graph security?
--
-- --
You received this message because you are subscribed to the C&P "Stardog" group.
To post to this group, send email to sta...@clarkparsia.com
To unsubscribe from this group, send email to
stardog+u...@clarkparsia.com
For more options, visit this group at
http://groups.google.com/a/clarkparsia.com/group/stardog?hl=en
---
You received this message because you are subscribed to the Google Groups "Stardog" group.
To unsubscribe from this group and stop receiving emails from it, send an email to stardog+u...@clarkparsia.com.
Best,Jörn
On Tue, Apr 26, 2016 at 12:30 PM, <joern...@gmail.com> wrote:On Tuesday, April 26, 2016 at 5:45:58 PM UTC+2, Michael Grove wrote:Have you considering using named graph security?Yes, we've successfully used that on materialized named graphs before and it's what i meant with "set access control on those" in the previous post.To my knowledge it doesn't solve the problem of not materializing those named graphs though, does it?To rephrase:We'd be happy to use named graph security on graphs that are not actually filled with triples, but built dynamically when queried (to an extent which is sufficient to just answer the query).We hoped to find the answer in SPARQLRules, but couldn't get that to actually work (as described above)...Sorry, I misunderstood at first what you were trying to do with the rule.Rules and axioms are graph agnostic; there's no way to specific where an inference goes, so they are computed based on the active graph of the query and are inferred to be a part of the default graph.We could make it work with SPARQL rules leveraging the GRAPH keyword so what you're trying to do would work. We'll consider this feature in a future release.Cheers,Mike
Best,Jörn--
-- --
You received this message because you are subscribed to the C&P "Stardog" group.
To post to this group, send email to sta...@clarkparsia.com
To unsubscribe from this group, send email to
stardog+u...@clarkparsia.com
For more options, visit this group at
http://groups.google.com/a/clarkparsia.com/group/stardog?hl=en
--
-- --
You received this message because you are subscribed to the C&P "Stardog" group.
To post to this group, send email to sta...@clarkparsia.com
To unsubscribe from this group, send email to
stardog+u...@clarkparsia.com
For more options, visit this group at
http://groups.google.com/a/clarkparsia.com/group/stardog?hl=en
On Thu, Apr 28, 2016 at 2:48 PM, Michael Grove <mi...@stardog.com> wrote:On Tue, Apr 26, 2016 at 12:30 PM, <joern...@gmail.com> wrote:On Tuesday, April 26, 2016 at 5:45:58 PM UTC+2, Michael Grove wrote:Have you considering using named graph security?Yes, we've successfully used that on materialized named graphs before and it's what i meant with "set access control on those" in the previous post.To my knowledge it doesn't solve the problem of not materializing those named graphs though, does it?To rephrase:We'd be happy to use named graph security on graphs that are not actually filled with triples, but built dynamically when queried (to an extent which is sufficient to just answer the query).We hoped to find the answer in SPARQLRules, but couldn't get that to actually work (as described above)...Sorry, I misunderstood at first what you were trying to do with the rule.Rules and axioms are graph agnostic; there's no way to specific where an inference goes, so they are computed based on the active graph of the query and are inferred to be a part of the default graph.We could make it work with SPARQL rules leveraging the GRAPH keyword so what you're trying to do would work. We'll consider this feature in a future release.Cheers,MikeI had thought he was trying to tie the rule to the graph only as a proxy to associate the rule to a specific role. I could be totally wrong there. Would role base access to a graph allow or prevent the application of a rule loaded into the graph? ie.
On Thu, Apr 28, 2016 at 3:24 PM, Zachary Whitley <zachary...@wavestrike.com> wrote:On Thu, Apr 28, 2016 at 2:48 PM, Michael Grove <mi...@stardog.com> wrote:On Tue, Apr 26, 2016 at 12:30 PM, <joern...@gmail.com> wrote:On Tuesday, April 26, 2016 at 5:45:58 PM UTC+2, Michael Grove wrote:Have you considering using named graph security?Yes, we've successfully used that on materialized named graphs before and it's what i meant with "set access control on those" in the previous post.To my knowledge it doesn't solve the problem of not materializing those named graphs though, does it?To rephrase:We'd be happy to use named graph security on graphs that are not actually filled with triples, but built dynamically when queried (to an extent which is sufficient to just answer the query).We hoped to find the answer in SPARQLRules, but couldn't get that to actually work (as described above)...Sorry, I misunderstood at first what you were trying to do with the rule.Rules and axioms are graph agnostic; there's no way to specific where an inference goes, so they are computed based on the active graph of the query and are inferred to be a part of the default graph.We could make it work with SPARQL rules leveraging the GRAPH keyword so what you're trying to do would work. We'll consider this feature in a future release.Cheers,MikeI had thought he was trying to tie the rule to the graph only as a proxy to associate the rule to a specific role. I could be totally wrong there. Would role base access to a graph allow or prevent the application of a rule loaded into the graph? ie.Jörn can correct me, but I don't think that's what he was going for.Strictly speaking, that behavior is what is prescribed in the entailment regime spec. That is, that the schema used at query time is defined by the active graph of the query. This would have the consequence that the TBox would need to be extracted and classified for _every single query_. For any non-trivial schema or database size, that can be significant overhead. So we extract the schema as part of the transaction lifecycle and pre-classify so at query time we only have to rewrite wrt to the active graph for the Abox.Cheers,Mike
On Thu, Apr 28, 2016 at 3:24 PM, Zachary Whitley <zachary...@wavestrike.com> wrote:I had thought he was trying to tie the rule to the graph only as a proxy to associate the rule to a specific role. I could be totally wrong there. Would role base access to a graph allow or prevent the application of a rule loaded into the graph? ie.Jörn can correct me, but I don't think that's what he was going for.
Hi,thanks for the feedback and sorry for the late follow-up... was busy trying several ideas coming out of this, but sadly can't make any of them work as i'd like...On Thursday, April 28, 2016 at 9:39:13 PM UTC+2, Michael Grove wrote:On Thu, Apr 28, 2016 at 3:24 PM, Zachary Whitley <zachary...@wavestrike.com> wrote:I had thought he was trying to tie the rule to the graph only as a proxy to associate the rule to a specific role. I could be totally wrong there. Would role base access to a graph allow or prevent the application of a rule loaded into the graph? ie.Jörn can correct me, but I don't think that's what he was going for.My intention was to (ab-)use rules for access control, as materializing and named graph only access control doesn't cut it in our scenario, so somewhat yes and somewhat no.