From cbb3eeec84ac79e67835d9eb69acce3983bcd5aa Mon Sep 17 00:00:00 2001 From: Liam Thys Date: Mon, 2 May 2022 09:48:27 +0200 Subject: [PATCH] feat: add example interop structure --- .gitignore | 2 + data/alice/.acl | 27 ++++++++++ data/alice/.meta | 1 + data/alice/README$.markdown | 22 ++++++++ data/alice/README.acl | 14 +++++ data/alice/agents/.meta | 11 ++++ .../agents/anApplicationRegistration/.meta | 17 ++++++ .../anAccessGrant/.meta | 13 +++++ data/alice/authorization/.meta | 7 +++ data/alice/authorization/aDataConsent$.ttl | 20 +++++++ data/alice/authorization/anAccessConsent$.ttl | 19 +++++++ data/alice/profile/card$.ttl | 20 +++++++ data/alice/profile/card.acl | 19 +++++++ data/alice/registries$.ttl | 8 +++ data/app-example/.acl | 27 ++++++++++ data/app-example/.meta | 1 + data/app-example/README$.markdown | 22 ++++++++ data/app-example/README.acl | 14 +++++ data/app-example/access-en$.ttl | 27 ++++++++++ data/app-example/data/img/thumb.svg | 54 +++++++++++++++++++ data/app-example/needs/.meta | 28 ++++++++++ data/app-example/profile/card$.ttl | 21 ++++++++ data/app-example/profile/card.acl | 19 +++++++ data/app-example/registries$.ttl | 8 +++ package-lock.json | 22 ++++---- 25 files changed, 432 insertions(+), 11 deletions(-) create mode 100644 data/alice/.acl create mode 100644 data/alice/.meta create mode 100644 data/alice/README$.markdown create mode 100644 data/alice/README.acl create mode 100644 data/alice/agents/.meta create mode 100644 data/alice/agents/anApplicationRegistration/.meta create mode 100644 data/alice/agents/anApplicationRegistration/anAccessGrant/.meta create mode 100644 data/alice/authorization/.meta create mode 100644 data/alice/authorization/aDataConsent$.ttl create mode 100644 data/alice/authorization/anAccessConsent$.ttl create mode 100644 data/alice/profile/card$.ttl create mode 100644 data/alice/profile/card.acl create mode 100644 data/alice/registries$.ttl create mode 100644 data/app-example/.acl create mode 100644 data/app-example/.meta create mode 100644 data/app-example/README$.markdown create mode 100644 data/app-example/README.acl create mode 100644 data/app-example/access-en$.ttl create mode 100644 data/app-example/data/img/thumb.svg create mode 100644 data/app-example/needs/.meta create mode 100644 data/app-example/profile/card$.ttl create mode 100644 data/app-example/profile/card.acl create mode 100644 data/app-example/registries$.ttl diff --git a/.gitignore b/.gitignore index 6704566..62e26c1 100644 --- a/.gitignore +++ b/.gitignore @@ -102,3 +102,5 @@ dist # TernJS port file .tern-port + +tmp \ No newline at end of file diff --git a/data/alice/.acl b/data/alice/.acl new file mode 100644 index 0000000..5eb85ab --- /dev/null +++ b/data/alice/.acl @@ -0,0 +1,27 @@ +# Root ACL resource for the agent account +@prefix acl: . +@prefix foaf: . + +# The homepage is readable by the public +<#public> + a acl:Authorization; + acl:agentClass foaf:Agent; + acl:accessTo <./>; + acl:default <./>; + acl:mode acl:Read. + +# The owner has full access to every resource in their pod. +# Other agents have no access rights, +# unless specifically authorized in other .acl resources. +<#owner> + a acl:Authorization; + acl:agent ; + # Optional owner email, to be used for account recovery: + acl:agent ; + # Set the access to the root storage folder itself + acl:accessTo <./>; + # All resources will inherit this authorization, by default + + # The owner has all of the access modes allowed + acl:mode + acl:Read, acl:Write, acl:Control. diff --git a/data/alice/.meta b/data/alice/.meta new file mode 100644 index 0000000..11c60e3 --- /dev/null +++ b/data/alice/.meta @@ -0,0 +1 @@ + a . diff --git a/data/alice/README$.markdown b/data/alice/README$.markdown new file mode 100644 index 0000000..785e39c --- /dev/null +++ b/data/alice/README$.markdown @@ -0,0 +1,22 @@ +# Welcome to your pod + +## A place to store your data +Your pod is a **secure storage space** for your documents and data. +
+You can choose to share those with other people and apps. + +As the owner of this pod, +identified by http://localhost:3002/alice/profile/card#me, +you have access to all of your documents. + +## Working with your pod +The easiest way to interact with pods +is through Solid apps. +
+For example, +you can open your pod in [Databrowser](https://solid.github.io/mashlib/dist/browse.html?uri=http://localhost:3002/alice/). + +## Learn more +The [Solid website](https://solidproject.org/) +and the people on its [forum](https://forum.solidproject.org/) +will be glad to help you on your journey. \ No newline at end of file diff --git a/data/alice/README.acl b/data/alice/README.acl new file mode 100644 index 0000000..e6939a4 --- /dev/null +++ b/data/alice/README.acl @@ -0,0 +1,14 @@ +@prefix acl: . +@prefix foaf: . + +<#public> + a acl:Authorization; + acl:accessTo <./README>; + acl:agentClass foaf:Agent; + acl:mode acl:Read. + +<#owner> + a acl:Authorization; + acl:accessTo <./README>; + acl:agent ; + acl:mode acl:Read, acl:Write, acl:Control. diff --git a/data/alice/agents/.meta b/data/alice/agents/.meta new file mode 100644 index 0000000..9aefdb4 --- /dev/null +++ b/data/alice/agents/.meta @@ -0,0 +1,11 @@ +@prefix rdf: . +@prefix rdfs: . +@prefix xsd: . +@prefix interop: . +@prefix alice-agents: . + +alice-agents: + a interop:AgentRegistry ; + + interop:hasApplicationRegistration + alice-agents:anApplicationRegistration\/ . \ No newline at end of file diff --git a/data/alice/agents/anApplicationRegistration/.meta b/data/alice/agents/anApplicationRegistration/.meta new file mode 100644 index 0000000..2f218d3 --- /dev/null +++ b/data/alice/agents/anApplicationRegistration/.meta @@ -0,0 +1,17 @@ +@prefix rdf: . +@prefix rdfs: . +@prefix xsd: . +@prefix interop: . +@prefix alice: . +@prefix appCreatorExample: . +@prefix appExample: . +@prefix alice-agents: . + +alice-agents:anApplicationRegistration\/ + a interop:ApplicationRegistration ; + interop:registeredBy alice: ; + interop:registeredWith appCreatorExample: ; + interop:registeredAt "2022-03-24T14:00:00.000Z"^^xsd:dateTime ; + interop:updatedAt "2022-03-24T14:00:00.000Z"^^xsd:dateTime ; + interop:registeredAgent appExample:profile\/card\#me ; + interop:hasAccesGrant alice-agents:anApplicationRegistration\/anAccessGrant . \ No newline at end of file diff --git a/data/alice/agents/anApplicationRegistration/anAccessGrant/.meta b/data/alice/agents/anApplicationRegistration/anAccessGrant/.meta new file mode 100644 index 0000000..5ef8f05 --- /dev/null +++ b/data/alice/agents/anApplicationRegistration/anAccessGrant/.meta @@ -0,0 +1,13 @@ +@prefix rdf: . +@prefix rdfs: . +@prefix xsd: . +@prefix interop: . +@prefix alice: . +@prefix appExample: . + +alice-mockApp:anAccessGrant + a interop:AccesGrant ; + interop:grantedBy alice: ; + interop:grantedAt "2022-03-28T10:00:00.000Z"^^xsd:dateTime; + interop:grantee appExample: ; + interop:hasAccessNeedGroup appExample: . \ No newline at end of file diff --git a/data/alice/authorization/.meta b/data/alice/authorization/.meta new file mode 100644 index 0000000..76bb300 --- /dev/null +++ b/data/alice/authorization/.meta @@ -0,0 +1,7 @@ +@prefix interop: . +@prefix alice-authorization: . + +alice-authorization: + a interop:AccessConsentRegistry; + interop:hasAccessConsent + alice-authorization:anAccessConsent . \ No newline at end of file diff --git a/data/alice/authorization/aDataConsent$.ttl b/data/alice/authorization/aDataConsent$.ttl new file mode 100644 index 0000000..2961893 --- /dev/null +++ b/data/alice/authorization/aDataConsent$.ttl @@ -0,0 +1,20 @@ +@prefix rdf: . +@prefix rdfs: . +@prefix xsd: . +@prefix acl: . +@prefix interop: . +@prefix alice: . +@prefix appexample: . +@prefix alice-authorization: . +@prefix alice-agents: . +@prefix pm-shapetrees: . + +alice-authorization:aDataConsent + a interop:DataConsent ; + interop:dataOwner alice: ; + interop:grantee appexample: ; + interop:registeredShapeTree pm-shapetrees:ProjectTree ; + interop:accessMode acl:Read, acl:Create ; + interop:creatorAccessMode acl:Update, acl:Delete ; + interop:scopeOfConsent interop:All ; + interop:satisfiesAccessNeed appexample: . \ No newline at end of file diff --git a/data/alice/authorization/anAccessConsent$.ttl b/data/alice/authorization/anAccessConsent$.ttl new file mode 100644 index 0000000..e566c92 --- /dev/null +++ b/data/alice/authorization/anAccessConsent$.ttl @@ -0,0 +1,19 @@ +@prefix rdf: . +@prefix rdfs: . +@prefix xsd: . +@prefix interop: . +@prefix alice: . +@prefix appcreatorexample: . +@prefix appexample: . +@prefix alice-authorization: . + + +alice-authorization:anAccessConsent + a interop:AccessConsent ; + interop:grantedBy alice: ; + interop:grantedWith appcreatorexample: ; + interop:grantedAt "2020-09-05T06:15:01Z"^^xsd:dateTime ; + interop:grantee appexample: ; + interop:hasAccessNeedGroup appexample: ; + interop:hasDataConsent + alice-authorization:aDataConsent . \ No newline at end of file diff --git a/data/alice/profile/card$.ttl b/data/alice/profile/card$.ttl new file mode 100644 index 0000000..9fff6b3 --- /dev/null +++ b/data/alice/profile/card$.ttl @@ -0,0 +1,20 @@ +@prefix foaf: . +@prefix solid: . +@prefix auth-agent: . +@prefix interop: . +@prefix alice: . + +<> + a foaf:PersonalProfileDocument, interop:Agent; + foaf:maker ; + foaf:primaryTopic . + + + + a foaf:Person, interop:Agent; + solid:oidcIssuer ; + # solid:oidcIssuer ; + # solid:oidcIssuer ; + + interop:hasRegistrySet alice:registries; + interop:hasAuthorizationAgent auth-agent:. \ No newline at end of file diff --git a/data/alice/profile/card.acl b/data/alice/profile/card.acl new file mode 100644 index 0000000..f33c217 --- /dev/null +++ b/data/alice/profile/card.acl @@ -0,0 +1,19 @@ +# ACL resource for the WebID profile document +@prefix acl: . +@prefix foaf: . + +# The WebID profile is readable by the public. +# This is required for discovery and verification, +# e.g. when checking identity providers. +<#public> + a acl:Authorization; + acl:agentClass foaf:Agent; + acl:accessTo <./card>; + acl:mode acl:Read. + +# The owner has full access to the profile +<#owner> + a acl:Authorization; + acl:agent ; + acl:accessTo <./card>; + acl:mode acl:Read, acl:Write, acl:Control. diff --git a/data/alice/registries$.ttl b/data/alice/registries$.ttl new file mode 100644 index 0000000..20b324f --- /dev/null +++ b/data/alice/registries$.ttl @@ -0,0 +1,8 @@ +@prefix interop: . +@prefix alice: . + +alice:registries + a interop:RegistrySet; + interop:hasAgentRegistry alice:agents\/ ; + interop:hasAccessConsentRegistry alice:authorization\/ ; + interop:hasDataRegistry alice:data\/. \ No newline at end of file diff --git a/data/app-example/.acl b/data/app-example/.acl new file mode 100644 index 0000000..4d724d3 --- /dev/null +++ b/data/app-example/.acl @@ -0,0 +1,27 @@ +# Root ACL resource for the agent account +@prefix acl: . +@prefix foaf: . + +# The homepage is readable by the public +<#public> + a acl:Authorization; + acl:agentClass foaf:Agent; + acl:accessTo <./>; + acl:default <./>; + acl:mode acl:Read. + +# The owner has full access to every resource in their pod. +# Other agents have no access rights, +# unless specifically authorized in other .acl resources. +<#owner> + a acl:Authorization; + acl:agent ; + # Optional owner email, to be used for account recovery: + acl:agent ; + # Set the access to the root storage folder itself + acl:accessTo <./>; + # All resources will inherit this authorization, by default + + # The owner has all of the access modes allowed + acl:mode + acl:Read, acl:Write, acl:Control. diff --git a/data/app-example/.meta b/data/app-example/.meta new file mode 100644 index 0000000..89b33b4 --- /dev/null +++ b/data/app-example/.meta @@ -0,0 +1 @@ + a . \ No newline at end of file diff --git a/data/app-example/README$.markdown b/data/app-example/README$.markdown new file mode 100644 index 0000000..4ed7961 --- /dev/null +++ b/data/app-example/README$.markdown @@ -0,0 +1,22 @@ +# Welcome to your pod + +## A place to store your data +Your pod is a **secure storage space** for your documents and data. +
+You can choose to share those with other people and apps. + +As the owner of this pod, +identified by http://localhost:3002/app-example/profile/card#me, +you have access to all of your documents. + +## Working with your pod +The easiest way to interact with pods +is through Solid apps. +
+For example, +you can open your pod in [Databrowser](https://solid.github.io/mashlib/dist/browse.html?uri=http://localhost:3002/app-example/). + +## Learn more +The [Solid website](https://solidproject.org/) +and the people on its [forum](https://forum.solidproject.org/) +will be glad to help you on your journey. diff --git a/data/app-example/README.acl b/data/app-example/README.acl new file mode 100644 index 0000000..7e483cb --- /dev/null +++ b/data/app-example/README.acl @@ -0,0 +1,14 @@ +@prefix acl: . +@prefix foaf: . + +<#public> + a acl:Authorization; + acl:accessTo <./README>; + acl:agentClass foaf:Agent; + acl:mode acl:Read. + +<#owner> + a acl:Authorization; + acl:accessTo <./README>; + acl:agent ; + acl:mode acl:Read, acl:Write, acl:Control. diff --git a/data/app-example/access-en$.ttl b/data/app-example/access-en$.ttl new file mode 100644 index 0000000..2236c9a --- /dev/null +++ b/data/app-example/access-en$.ttl @@ -0,0 +1,27 @@ +@prefix interop: . +@prefix projectron: . +@prefix skos: . +@prefix xsd: . + +<> + a interop:AccessDescriptionSet ; + interop:usesLanguage "en"^^xsd:language . + +<#en-need-group-pm> + a interop:AccessNeedGroupDescription ; + interop:inAccessDescriptionSet <> ; + interop:hasAccessNeedGroup projectron:need-group-pm ; + skos:prefLabel "Read and Contribute to Projects"@en ; + skos:description "Allow Projectron to read the Projects you select, and create new ones. Projectron won't modify existing data, but can add more."@en . + +<#en-need-project> + a interop:AccessNeedDescription ; + interop:inAccessDescriptionSet <> ; + interop:hasAccessNeed projectron:need-project ; + skos:prefLabel "Access to Projects is essential for Projectron to perform its core function of Project Management"@en . + +<#en-need-task> + a interop:AccessNeedDescription ; + interop:inAccessDescriptionSet <> ; + interop:hasAccessNeed projectron:need-task ; + skos:prefLabel "Access to Tasks allows Projectron to identify and manage the work to be done in a given Project."@en . \ No newline at end of file diff --git a/data/app-example/data/img/thumb.svg b/data/app-example/data/img/thumb.svg new file mode 100644 index 0000000..04b9cbc --- /dev/null +++ b/data/app-example/data/img/thumb.svg @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/data/app-example/needs/.meta b/data/app-example/needs/.meta new file mode 100644 index 0000000..6fe7575 --- /dev/null +++ b/data/app-example/needs/.meta @@ -0,0 +1,28 @@ +@prefix interop: . +@prefix acl: . +@prefix appexample: . +@prefix pm-shapetrees: . + +<#need-group-pm> + a interop:AccessNeedGroup ; + interop:accessNecessity interop:accessRequired ; + interop:accessScenario interop:PersonalAccess ; + interop:authenticatesAs interop:SocialAgent ; + interop:hasAccessDescriptionSet + appexample:access-en ; + interop:hasAccessNeed <#need-project> . + +<#need-project> + a interop:AccessNeed ; + interop:registeredShapeTree pm-shapetrees:ProjectTree ; + interop:accessNecessity interop:accessRequired ; + interop:accessMode acl:Read, acl:Create ; + interop:creatorAccessMode acl:Update, acl:Delete . + +<#need-task> + a interop:AccessNeed ; + interop:registeredShapeTree pm-shapetrees:TaskTree ; + interop:accessNecessity interop:accessRequired ; + interop:accessMode acl:Read, acl:Create ; + interop:creatorAccessMode acl:Update, acl:Delete ; + interop:inheritsFromNeed <#need-project> . \ No newline at end of file diff --git a/data/app-example/profile/card$.ttl b/data/app-example/profile/card$.ttl new file mode 100644 index 0000000..99882fe --- /dev/null +++ b/data/app-example/profile/card$.ttl @@ -0,0 +1,21 @@ +@prefix foaf: . +@prefix solid: . +@prefix interop: . +@prefix alice: . +@prefix needs: . +@prefix applicationThumbnail: . +@prefix auth-agent: . + +<> + a foaf:PersonalProfileDocument; + foaf:maker ; + foaf:primaryTopic . + + + a interop:Application ; + interop:applicationName "Application example" ; + interop:applicationDescription "Manage projects with ease" ; + interop:applicationAuthor alice: ; + interop:applicationThumbnail applicationThumbnail: ; + interop:hasAccessNeedGroup needs:need-group-pm . + \ No newline at end of file diff --git a/data/app-example/profile/card.acl b/data/app-example/profile/card.acl new file mode 100644 index 0000000..6af810b --- /dev/null +++ b/data/app-example/profile/card.acl @@ -0,0 +1,19 @@ +# ACL resource for the WebID profile document +@prefix acl: . +@prefix foaf: . + +# The WebID profile is readable by the public. +# This is required for discovery and verification, +# e.g. when checking identity providers. +<#public> + a acl:Authorization; + acl:agentClass foaf:Agent; + acl:accessTo <./card>; + acl:mode acl:Read. + +# The owner has full access to the profile +<#owner> + a acl:Authorization; + acl:agent ; + acl:accessTo <./card>; + acl:mode acl:Read, acl:Write, acl:Control. diff --git a/data/app-example/registries$.ttl b/data/app-example/registries$.ttl new file mode 100644 index 0000000..3441bab --- /dev/null +++ b/data/app-example/registries$.ttl @@ -0,0 +1,8 @@ +@prefix interop: . +@prefix app-example: . + +app-example:registries + a interop:RegistrySet; + interop:hasAgentRegistry app-example:agents\/ ; + interop:hasAccessConsentRegistry app-example:authorization\/ ; + interop:hasDataRegistry app-example:data\/. \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index a346831..0643b81 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4188,6 +4188,17 @@ "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "paseto2": { + "version": "npm:paseto@2.1.3", + "resolved": "https://registry.npmjs.org/paseto/-/paseto-2.1.3.tgz", + "integrity": "sha512-BNkbvr0ZFDbh3oV13QzT5jXIu8xpFc9r0o5mvWBhDU1GBkVt1IzHK1N6dcYmN7XImrUmPQ0HCUXmoe2WPo8xsg==" + }, + "paseto3": { + "version": "npm:paseto@3.1.0", + "resolved": "https://registry.npmjs.org/paseto/-/paseto-3.1.0.tgz", + "integrity": "sha512-oVSKoCH89M0WU3I+13NoCP9wGRel0BlQumwxsDZPk1yJtqS76PWKRM7vM9D4bz4PcScT0aIiAipC7lW6hSgkBQ==", + "optional": true } } }, @@ -4243,17 +4254,6 @@ "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" }, - "paseto2": { - "version": "npm:paseto@2.1.3", - "resolved": "https://registry.npmjs.org/paseto/-/paseto-2.1.3.tgz", - "integrity": "sha512-BNkbvr0ZFDbh3oV13QzT5jXIu8xpFc9r0o5mvWBhDU1GBkVt1IzHK1N6dcYmN7XImrUmPQ0HCUXmoe2WPo8xsg==" - }, - "paseto3": { - "version": "npm:paseto@3.1.0", - "resolved": "https://registry.npmjs.org/paseto/-/paseto-3.1.0.tgz", - "integrity": "sha512-oVSKoCH89M0WU3I+13NoCP9wGRel0BlQumwxsDZPk1yJtqS76PWKRM7vM9D4bz4PcScT0aIiAipC7lW6hSgkBQ==", - "optional": true - }, "path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",