Add compact method

acoburn · acoburn · commit e0719ebf7b5d · 2025-09-30T13:26:36.000-05:00
diff --git a/acp/src/main/java/com/inrupt/client/acp/AccessControlResource.java b/acp/src/main/java/com/inrupt/client/acp/AccessControlResource.java
@@ -33,6 +33,7 @@
 
 import org.apache.commons.rdf.api.Dataset;
 import org.apache.commons.rdf.api.Graph;
+import org.apache.commons.rdf.api.Quad;
 import org.apache.commons.rdf.api.RDFTerm;
 
 /**
@@ -42,20 +43,75 @@ public class AccessControlResource extends RDFSource {
 
     private static final URI SOLID_ACCESS_GRANT = URI.create("http://www.w3.org/ns/solid/vc#SolidAccessGrant");
 
+    /**
+     *  Create a new Access Control Resource.
+     *
+     *  @param identifier the resource identifier
+     *  @param dataset the underlying dataset for the resource
+     */
     public AccessControlResource(final URI identifier, final Dataset dataset) {
         super(identifier, dataset);
         dataset.add(null, rdf.createIRI(identifier.toString()), rdf.createIRI(RDF.type.toString()),
                 rdf.createIRI(ACP.AccessControlResource.toString()));
     }
 
+    /**
+     * Retrieve the acp:accessControl structures.
+     *
+     * <p>accessControl resources are applied (non-recursively) to a container or resource.
+     *
+     * @return a collection of {@link AccessControl} objects
+     */
     public Set<AccessControl> accessControl() {
         return new ACPNode(rdf.createIRI(getIdentifier().toString()), getGraph()).accessControl();
     }
 
+    /**
+     * Retrieve the acp:memberAccessControl structures.
+     *
+     * <p>memberAccessControl resources are applied recursively to a containment hierarchy.
+     *
+     * @return a collection of {@link AccessControl} objects
+     */
     public Set<AccessControl> memberAccessControl() {
         return new ACPNode(rdf.createIRI(getIdentifier().toString()), getGraph()).memberAccessControl();
     }
 
+    /**
+     * Compact the internal data.
+     */
+    public void compact() {
+        final var accessControls = stream(null, null, rdf.createIRI(RDF.type.toString()),
+                rdf.createIRI(ACP.AccessControl.toString())).map(Quad::getSubject).toList();
+        for (final var accessControl : accessControls) {
+            if (!contains(null, null, null, accessControl)) {
+                for (final var quad : stream(null, accessControl, null, null).toList()) {
+                    remove(quad);
+                }
+            }
+        }
+
+        final var policies = stream(null, null, rdf.createIRI(RDF.type.toString()),
+                rdf.createIRI(ACP.Policy.toString())).map(Quad::getSubject).toList();
+        for (final var policy : policies) {
+            if (!contains(null, null, null, policy)) {
+                for (final var quad : stream(null, policy, null, null).toList()) {
+                    remove(quad);
+                }
+            }
+        }
+
+        final var matchers = stream(null, null, rdf.createIRI(RDF.type.toString()),
+                rdf.createIRI(ACP.Matcher.toString())).map(Quad::getSubject).toList();
+        for (final var matcher : matchers) {
+            if (!contains(null, null, null, matcher)) {
+                for (final var quad : stream(null, matcher, null, null).toList()) {
+                    remove(quad);
+                }
+            }
+        }
+    }
+
     static class ACPNode extends WrapperIRI {
         public ACPNode(final RDFTerm original, final Graph graph) {
             super(original, graph);
@@ -72,6 +128,12 @@ public Set<AccessControl> accessControl() {
         }
     }
 
+    /**
+     * Add policies to the access control resource.
+     *
+     * @param policies the policies to add
+     * @return the access control structure
+     */
     public AccessControl accessControl(final Policy... policies) {
         final var baseUri = getIdentifier().getScheme() + ":" + getIdentifier().getSchemeSpecificPart();
         final var ac = new AccessControl(rdf.createIRI(baseUri + "#" + UUID.randomUUID()), getGraph());
@@ -81,34 +143,85 @@ public AccessControl accessControl(final Policy... policies) {
         return ac;
     }
 
+    /**
+     * Create a policy that matches authenticated agents.
+     *
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy authenticatedAgentPolicy(final URI... access) {
         return agentPolicy(ACP.AuthenticatedAgent, access);
     }
 
+    /**
+     * Create a policy that matches all agents.
+     *
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy anyAgentPolicy(final URI... access) {
         return agentPolicy(ACP.PublicAgent, access);
     }
 
+    /**
+     * Create a policy that matches all clients.
+     *
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy anyClientPolicy(final URI... access) {
         return clientPolicy(ACP.PublicClient, access);
     }
 
+    /**
+     * Create a policy that matches all issuers.
+     *
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy anyIssuerPolicy(final URI... access) {
         return issuerPolicy(ACP.PublicIssuer, access);
     }
 
+    /**
+     * Create a policy that matches access grants.
+     *
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy accessGrantsPolicy(final URI... access) {
         return simplePolicy(matcher -> matcher.vc().add(SOLID_ACCESS_GRANT), access);
     }
 
+    /**
+     * Create a policy that matches a particular agent.
+     *
+     * @param agent the agent identifier
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy agentPolicy(final URI agent, final URI... access) {
         return simplePolicy(matcher -> matcher.agent().add(agent), access);
     }
 
+    /**
+     * Create a policy that matches a particular client.
+     *
+     * @param client the client identifier
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy clientPolicy(final URI client, final URI... access) {
         return simplePolicy(matcher -> matcher.client().add(client), access);
     }
 
+    /**
+     * Create a policy that matches a particular issuer.
+     *
+     * @param issuer the issuer identifier
+     * @param access the access levels, such as Read or Write
+     * @return the new policy
+     */
     public Policy issuerPolicy(final URI issuer, final URI... access) {
         return simplePolicy(matcher -> matcher.issuer().add(issuer), access);
     }
diff --git a/acp/src/test/java/com/inrupt/client/acp/AccessControlResourceTest.java b/acp/src/test/java/com/inrupt/client/acp/AccessControlResourceTest.java
@@ -179,6 +179,51 @@ void buildAcr() {
         assertEquals(10, acr.size());
     }
 
+    @Test
+    void testAcr1RemoveValues() {
+        final var uri = mockHttpServer.acr2();
+        try (final AccessControlResource acr = client.read(uri, AccessControlResource.class)) {
+            assertEquals(2, acr.accessControl().size());
+            assertEquals(3, acr.memberAccessControl().size());
+
+            // Check dataset size
+            assertEquals(29, acr.size());
+
+            // Remove single matcher and compact
+            for (final var accessControl : acr.accessControl()) {
+                for (final var policy : accessControl.apply()) {
+                    if (policy.allow().contains(ACL.Write) && policy.allow().size() == 2) {
+                        for (final var matcher : policy.allOf()) {
+                            policy.allOf().remove(matcher);
+                        }
+                    }
+                }
+            }
+            assertEquals(28, acr.size());
+            acr.compact();
+            assertEquals(26, acr.size());
+
+            // Remove single policy and compact
+            for (final var accessControl : acr.accessControl()) {
+                for (final var policy : accessControl.apply()) {
+                    if (policy.allow().contains(ACL.Write) && policy.allow().size() == 2) {
+                        accessControl.apply().remove(policy);
+                    }
+                }
+            }
+            assertEquals(25, acr.size());
+            acr.compact();
+            assertEquals(22, acr.size());
+
+            // Remove single access control and compact - no compaction involved
+            final var ac = acr.accessControl().stream().findFirst().get();
+            acr.accessControl().remove(ac);
+            assertEquals(21, acr.size());
+            acr.compact();
+            assertEquals(21, acr.size());
+        }
+    }
+
     @Test
     void buildAcrWithExistingPolicies() {
         final var identifier = "https://data.example/resource";
