@Override
public void visit(final OpBGP opBGP) throws ReadDeniedException, AuthenticationRequiredException {
if (LOG.isDebugEnabled()) {
LOG.debug("Starting visiting OpBGP");
}
Object principal = securityEvaluator.getPrincipal();
if (!securityEvaluator.evaluate(principal, Action.Read, graphIRI)) {
if (silentFail) {
return;
} else {
throw new ReadDeniedException(SecuredItem.Util.modelPermissionMsg(graphIRI));
}
}
// if the user can read any triple just add the opBGP
if (securityEvaluator.evaluate(principal, Action.Read, graphIRI, Triple.ANY)) {
addOp(opBGP);
} else {
// add security filtering to the resulting triples
final List<Triple> newBGP = new ArrayList<>();
final List<Node> variables = new ArrayList<>();
// register all variables
for (final Triple t : opBGP.getPattern().getList()) {
newBGP.add(registerBGPTriple(t, variables));
}
// create the security function.
final SecuredFunction secFunc =
new SecuredFunction(graphIRI, securityEvaluator, variables, newBGP);
// create the filter
Op filter = OpFilter.filter(secFunc, new OpBGP(BasicPattern.wrap(newBGP)));
// add the filter
addOp(filter);
}
}
public static Op buildPropertyFunctions(
PropertyFunctionRegistry registry, OpBGP opBGP, Context context) {
if (opBGP.getPattern().isEmpty()) return opBGP;
return compilePattern(registry, opBGP.getPattern(), context);
}