NTO/GFS: add Bardioc Graph File System namespace (5 entities, 2 verbs, 17 attributes)#773
Merged
CalvinSpolwindAlmato merged 4 commits intoJun 1, 2026
Merged
Conversation
…butes) Adds the ogit.GFS: sub-namespace under NTO/GFS/ for the Bardioc Graph File System (GFS) -- a platform-level filesystem that turns files, folders, symbolic links, sharing tokens, and file-type-to- app mappings into first-class graph constructs. Five new entities (File, Folder, Symlink, ShareLink, AppHandler), two new verbs (refersTo, sharedVia), seventeen new attributes. Existing ogit:contains and ogit.Auth:isMemberOf reused unchanged. The diff is intentionally minimal: permissions and sharing reuse the platform's existing scope, role-rule, and ACL-materialisation mechanisms. The platform-reserved _effectiveReaders and _effectiveDevices attributes that the materialisation pipeline maintains are NOT part of this diff (they live in the platform namespace alongside ogit/_acl). Platform extensions in NTO/Auth/ (Device, usesDevice) and SGO/sgo/ (hasVault) ship in a separate coordinated PR. All 24 TTLs validate cleanly with rdflib 7.6.0 (turtle parse). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The previous version listed ogit:Entity as the refersTo target to express "any vertex type". The OGIT validator rejects this -- edge targets in ogit:allowed must be concrete vertex types, not the abstract ogit:Entity root class. Replace with three concrete GFS-namespace targets (File, Folder, Symlink) that cover the Iteration-1 use cases. Extending the allowed-target list to non-GFS types is recorded as an OGIT- review follow-up in the PR description. Closes the single CI validator error from the initial PR. Verified with a cross-reference check: all references in NTO/GFS/ resolve to defined OGIT constructs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Reviewer noted that the TTL files in the initial drop carried German inline comments (header comments above each entity, verb, and attribute definition). OGIT is an open-source repository -- all in-tree text should be English. This is fixed across all seven source files (5 entities, 1 verbs collection, 1 attributes collection in the working repo; split into 24 individual TTLs on the way into NTO/GFS/). Also adds NTO/GFS/README.md following the NTO/Auth/README.md convention: a short Overview section, a Contents table for the three sub-directories, plus pointers to the permission model (materialised in platform-reserved properties), the related platform extensions (Device, hasVault, Workspace marker), and the audit boundary (platform-level, not GFS). No TTL semantics changed; only comment text and a new README. All 24 TTLs continue to validate cleanly with rdflib. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Per OGIT-review feedback from Calvin: the three attributes that carry a fixed value set should declare it via the standard ogit:validation-type / ogit:validation-parameter properties so the platform validator can enforce the set automatically. - capability (read,write,share,admin,delete) -- five-value set - inheritPermissions (true,false) -- boolean - vaultRoot (true,false) -- boolean Same pattern as NTO/Knowledge/attributes/archived.ttl, NTO/Automation/attributes/sendData.ttl, and 18 other fixed-validation attributes already in OGIT. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
CalvinSpolwindAlmato
approved these changes
Jun 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a new
ogit.GFS:sub-namespace underNTO/GFS/for the Bardioc Graph File System (GFS) -- a platform-level
filesystem that turns files, folders, symbolic links, sharing
tokens, and file-type-to-app mappings into first-class graph
constructs. Permissions and sharing are expressed through the
platform's existing scope, role-rule, and ACL-materialisation
mechanisms; this PR introduces no parallel permission layer.
The diff is intentionally minimal: five new entities, two new
verbs, seventeen new attributes. Two existing constructs
(
ogit:contains,ogit.Auth:isMemberOf) are reused unchanged.What is added
Entities (
NTO/GFS/entities/)ogit.GFS:Fileblob=trueogit.GFS:Folderogit:contains;inheritPermissionstoggle; optionalvaultRootmarkerogit.GFS:SymlinkrefersToedgeogit.GFS:ShareLinktokenindexedogit.GFS:AppHandlerVerbs (
NTO/GFS/verbs/)ogit.GFS:refersToogit:Entity(type-agnostic)ogit.GFS:sharedViaAttributes (
NTO/GFS/attributes/)Seventeen new attributes:
mimeType,inheritPermissions,vaultRoot,minDeviceSecurityLevel,restrictToDevices,mimePattern,appId,priority,scopeRef,capability,token,expiresAt,maxUses,usedCount,allowedEmails,revokedAt,archivedAt. See each TTL for the per-propertydescription.
capabilityis a vertex-property onShareLink(not an edgeattribute -- Bardioc edges cannot carry attributes). The five
recognised capability values are
read,write,share,admin,delete.minDeviceSecurityLevelandrestrictToDevicesare definedon both
FileandFolder. Folder-level usage is inheritedby every File reached through the Folder's
ogit:contains-chain(subject to
inheritPermissions).What is NOT in this PR
Platform-reserved materialised ACL attributes
The platform materialisation pipeline maintains two attributes
on every GFS vertex that are not part of this diff:
_effectiveReaders-- multi-value Account-and-Team IDs,indexed; lists who may read.
_effectiveDevices-- multi-value Device IDs, indexed; listswhich devices may render.
These attributes belong in the platform-reserved namespace
(alongside
ogit/_acl), not inogit.GFS:, because themaintaining party is the platform's materialisation pipeline,
not the GFS sub-system. Their exact naming is one of the open
issues below.
Platform extensions in
NTO/Auth/andSGO/sgo/Four constructs outside
NTO/GFS/are needed for GFS tofunction but ship in a separate platform-team PR, coordinated
with the OGIT review:
ogit.Auth:Device(new entity inNTO/Auth/entities/) --end-user-device vertex with
securityLevel0-100. Distinctfrom the SGO datacenter-equipment
ogit:Device.ogit.Auth:usesDevice(new verb inNTO/Auth/verbs/) --Account-to-Device, many-to-many.
ogit:hasVault(new verb, location open:SGO/sgo/verbs/orNTO/Auth/verbs/) -- Person-to-DataScope, anchors a PersonalVault to a Person so it survives Account deactivation.
ogit.Auth:Team-- new optional booleanattribute signalling "self-service Workspace, members manage
themselves, has its own DataScope".
Audit events
GFS does not introduce an
AuditEventvertex type. Audit is aplatform-level concern and a separate consolidation project;
GFS commits to emitting audit-relevant events through the
existing platform
AuditEventListenerRegistry.Open issues for the OGIT review
Three points where the GFS team has chosen a direction but
wants the OGIT review to ratify or redirect.
Issue 1 -- Namespace of the materialised ACL attributes.
The diff proposes
ogit/_effectiveReadersandogit/_effectiveDevicesin the platform-reserved namespacealongside
ogit/_acl. They could equivalently live inogit.GFS:if the OGIT review prefers ownership symmetry. Theworking assumption is that the maintaining party (the
platform's materialisation pipeline) owns the namespace, not
the consuming sub-system.
Issue 2 --
vaultRootas property or subtype. This PRcarries
vaultRootas a boolean attribute onFolder. Analternative is a small
ogit.GFS:VaultRootFoldersubtype. Theproperty path keeps the diff smaller; the subtype path is
semantically cleaner. OGIT-review preference welcome.
Issue 3 -- Capability vocabulary persistence. The five-
capability vocabulary (
read,write,share,admin,delete) lives only as constraint metadata on the ShareLinkcapabilityattribute and as semantic vocabulary in the GFSdocumentation. The OGIT review may want a formal capability
enumeration entity. The working assumption is no; a documented
string set is sufficient.
Owner-string convention question
These are the first new OGIT entities authored under Almato AG
(post arago-Almato merger). All seven new TTL types carry
dcterms:creator "Almato AG"plusogit:admin-contact/ogit:tech-contact "Almato AG"on the entity and verb files.We assume this is the correct owner string going forward; please
flag if the OGIT convention requires
arago GmbHas historicalowner-string constancy -- mechanical replace if so.
Diff stats
NTO/GFS/: 5 entities, 2 verbs, 17attributes.
NTO/GFS/.rdflib7.6.0(turtle parse).
Companion concept document
The full concept that motivates this ontology lives at
bardioc_gfs/_concept/01_overall_concept.md(Overall Concept)and
bardioc_gfs/_concept/02_ogit_extensions.md(this PR'snarrative). A reviewer-friendly Word build of both lives in
the Bardioc Product Management Dropbox under
Bardioc GFS/Reviewable Deliverables/. Six reviewer passes(Viktor R1+R2, Thommy R1, Patrick R1+R2, Cy R1+follow-ups) are
recorded in the change-log appendix of the Word documents.