예제 #1
0
파일: OpRewriter.java 프로젝트: apache/jena
 /** rewrites the subop of filter. */
 @Override
 public void visit(final OpFilter opFilter) {
   if (LOG.isDebugEnabled()) {
     LOG.debug("Starting visiting OpFilter");
   }
   addOp(OpFilter.filterBy(opFilter.getExprs(), rewriteOp1(opFilter)));
 }
예제 #2
0
파일: OpRewriter.java 프로젝트: apache/jena
  @Override
  public void visit(final OpBGP opBGP) throws ReadDeniedException, AuthenticationRequiredException {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Starting visiting OpBGP");
    }
    Object principal = securityEvaluator.getPrincipal();
    if (!securityEvaluator.evaluate(principal, Action.Read, graphIRI)) {
      if (silentFail) {
        return;
      } else {
        throw new ReadDeniedException(SecuredItem.Util.modelPermissionMsg(graphIRI));
      }
    }

    // if the user can read any triple just add the opBGP
    if (securityEvaluator.evaluate(principal, Action.Read, graphIRI, Triple.ANY)) {
      addOp(opBGP);
    } else {
      // add security filtering to the resulting triples
      final List<Triple> newBGP = new ArrayList<>();
      final List<Node> variables = new ArrayList<>();
      // register all variables
      for (final Triple t : opBGP.getPattern().getList()) {
        newBGP.add(registerBGPTriple(t, variables));
      }
      // create the security function.
      final SecuredFunction secFunc =
          new SecuredFunction(graphIRI, securityEvaluator, variables, newBGP);
      // create the filter
      Op filter = OpFilter.filter(secFunc, new OpBGP(BasicPattern.wrap(newBGP)));
      // add the filter
      addOp(filter);
    }
  }