Add support for dataset expansion

acoburn · acoburn · commit f82fd98e9790 · 2025-10-02T10:40:42.000-05:00
diff --git a/acp/pom.xml b/acp/pom.xml
@@ -24,6 +24,11 @@
       <artifactId>inrupt-client-vocabulary</artifactId>
       <version>${project.version}</version>
     </dependency>
+    <dependency>
+      <groupId>com.inrupt.client</groupId>
+      <artifactId>inrupt-client-solid</artifactId>
+      <version>${project.version}</version>
+    </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
       <artifactId>slf4j-api</artifactId>
@@ -79,12 +84,6 @@
       <version>${project.version}</version>
       <scope>test</scope>
     </dependency>
-    <dependency>
-      <groupId>com.inrupt.client</groupId>
-      <artifactId>inrupt-client-solid</artifactId>
-      <version>${project.version}</version>
-      <scope>test</scope>
-    </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
       <artifactId>slf4j-simple</artifactId>
diff --git a/acp/src/main/java/com/inrupt/client/acp/AccessControl.java b/acp/src/main/java/com/inrupt/client/acp/AccessControl.java
@@ -49,6 +49,7 @@ public static IRI asResource(final AccessControl accessControl, final Graph grap
             graph.add(accessControl, rdf.createIRI(ACP.apply.toString()), policy);
             Policy.asResource(policy, graph);
         });
+
         return accessControl;
     }
 
diff --git a/acp/src/main/java/com/inrupt/client/acp/AccessControlResource.java b/acp/src/main/java/com/inrupt/client/acp/AccessControlResource.java
@@ -21,6 +21,8 @@
 package com.inrupt.client.acp;
 
 import com.inrupt.client.RDFSource;
+import com.inrupt.client.solid.SolidClient;
+import com.inrupt.client.solid.SolidSyncClient;
 import com.inrupt.client.vocabulary.ACP;
 import com.inrupt.client.vocabulary.RDF;
 import com.inrupt.rdf.wrapping.commons.ValueMappings;
@@ -38,12 +40,16 @@
 import org.apache.commons.rdf.api.IRI;
 import org.apache.commons.rdf.api.Quad;
 import org.apache.commons.rdf.api.RDFTerm;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * An Access Control Resource type.
  */
 public class AccessControlResource extends RDFSource {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(AccessControlResource.class);
+
     public static final URI SOLID_ACCESS_GRANT = URI.create("http://www.w3.org/ns/solid/vc#SolidAccessGrant");
 
     /**
@@ -79,6 +85,104 @@ public Set<AccessControl> memberAccessControl() {
         return new ACPNode(asIRI(getIdentifier()), getGraph()).memberAccessControl();
     }
 
+    /**
+     * Expand the internal data using a synchronous client.
+     *
+     * @param client the solid client
+     * @return an expanded access control resource
+     */
+    public AccessControlResource expand(final SolidSyncClient client) {
+        // Copy the data from the existing ACR into a new dataset
+        final var dataset = rdf.createDataset();
+        stream().forEach(dataset::add);
+
+        final var cache = rdf.createDataset();
+        expandType(dataset, cache, asIRI(ACP.accessControl), asIRI(ACP.AccessControl),
+                uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.memberAccessControl), asIRI(ACP.AccessControl),
+                uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.apply), asIRI(ACP.Policy), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.allOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.anyOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.noneOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+
+        return new AccessControlResource(getIdentifier(), dataset);
+    }
+
+    /**
+     * Expand the internal data using an asynchronous client.
+     *
+     * @param client the solid client
+     * @return an expanded access control resource
+     */
+    public AccessControlResource expand(final SolidClient client) {
+        // Copy the data from the existing ACR into a new dataset
+        final var dataset = rdf.createDataset();
+        stream().forEach(dataset::add);
+
+        final var cache = rdf.createDataset();
+        expandType(dataset, cache, asIRI(ACP.accessControl), asIRI(ACP.AccessControl),
+                uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.memberAccessControl), asIRI(ACP.AccessControl),
+                uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.apply), asIRI(ACP.Policy), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.allOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.anyOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+        expandType(dataset, cache, asIRI(ACP.noneOf), asIRI(ACP.Matcher), uri -> populateCache(client, uri, cache));
+
+        return new AccessControlResource(getIdentifier(), dataset);
+    }
+
+    void expandType(final Dataset dataset, final Dataset cache, final IRI predicate, final IRI type,
+            final Consumer<URI> handler) {
+        final var subjects = dataset.stream(null, null, predicate, null)
+            .map(Quad::getObject).filter(IRI.class::isInstance).map(IRI.class::cast)
+            .filter(subject -> !dataset.contains(null, subject, asIRI(RDF.type), type)).toList();
+
+        for (final var subject : subjects) {
+            if (!cache.contains(null, subject, asIRI(RDF.type), type)) {
+                handler.accept(URI.create(subject.getIRIString()));
+            }
+            cache.stream(null, subject, null, null).forEach(dataset::add);
+        }
+    }
+
+    void populateCache(final SolidSyncClient client, final URI uri, final Dataset cache) {
+        try (final var acr = client.read(uri, AccessControlResource.class)) {
+            acr.stream()
+                .filter(quad -> !isAccessControlResourceType(quad))
+                .forEach(cache::add);
+        } catch (final Exception ex) {
+            LOGGER.atDebug()
+                .setMessage("Unable to fetch access control resource from {}: {}")
+                .addArgument(uri)
+                .addArgument(ex::getMessage)
+                .log();
+        }
+    }
+
+    void populateCache(final SolidClient client, final URI uri, final Dataset cache) {
+        client.read(uri, AccessControlResource.class).thenAccept(res -> {
+            try (final var acr = res) {
+                acr.stream()
+                    .filter(quad -> !isAccessControlResourceType(quad))
+                    .forEach(cache::add);
+            }
+        })
+        .exceptionally(err -> {
+            LOGGER.atDebug()
+                .setMessage("Unable to fetch access control resource from {}: {}")
+                .addArgument(uri)
+                .addArgument(err::getMessage)
+                .log();
+            return null;
+        }).toCompletableFuture().join();
+    }
+
+    static boolean isAccessControlResourceType(final Quad quad) {
+        return asIRI(RDF.type).equals(quad.getPredicate()) && asIRI(ACP.AccessControlResource).equals(quad.getObject());
+    }
+
     /**
      * Compact the internal data.
      */
@@ -135,7 +239,7 @@ public enum MatcherType {
         }
 
         public IRI asIRI() {
-            return AccessControlResource.asIRI(predicate);
+            return AccessControlResource.asIRI(asURI());
         }
 
         public URI asURI() {
diff --git a/acp/src/test/java/com/inrupt/client/acp/AccessControlResourceTest.java b/acp/src/test/java/com/inrupt/client/acp/AccessControlResourceTest.java
@@ -23,6 +23,7 @@
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.junit.jupiter.api.Assertions.*;
 
+import com.inrupt.client.solid.SolidClient;
 import com.inrupt.client.solid.SolidSyncClient;
 import com.inrupt.client.spi.RDFFactory;
 import com.inrupt.client.vocabulary.ACL;
@@ -283,4 +284,55 @@ void buildAcrWithExistingPolicies() {
 
         assertEquals(38, acr.size());
     }
+
+    @Test
+    void expandAcr3Sync() {
+        final var uri = mockHttpServer.acr3();
+        try (final AccessControlResource acr = client.read(uri, AccessControlResource.class)) {
+            assertEquals(2, acr.accessControl().size());
+            assertEquals(3, acr.memberAccessControl().size());
+
+            // Check dataset size
+            assertEquals(12, acr.size());
+
+            final var expanded = acr.expand(client);
+            assertEquals(29, expanded.size());
+            assertEquals(12, acr.size());
+        }
+    }
+
+    @Test
+    void expandAcr3Async() {
+        final var uri = mockHttpServer.acr3();
+        final var asyncClient = SolidClient.getClient();
+        asyncClient.read(uri, AccessControlResource.class).thenAccept(res -> {
+            try (final var acr = res) {
+                assertEquals(2, acr.accessControl().size());
+                assertEquals(3, acr.memberAccessControl().size());
+
+                // Check dataset size
+                assertEquals(12, acr.size());
+
+                final var expanded = acr.expand(asyncClient);
+                assertEquals(29, expanded.size());
+                assertEquals(12, acr.size());
+            }
+        }).toCompletableFuture().join();
+    }
+
+    @Test
+    void expandAcr4Sync() {
+        final var uri = mockHttpServer.acr4();
+        try (final AccessControlResource acr = client.read(uri, AccessControlResource.class)) {
+            assertEquals(2, acr.accessControl().size());
+            assertEquals(3, acr.memberAccessControl().size());
+
+            // Check dataset size
+            assertEquals(20, acr.size());
+
+            final var expanded = acr.expand(client);
+            assertEquals(22, expanded.size());
+            assertEquals(20, acr.size());
+        }
+    }
 }
diff --git a/acp/src/test/java/com/inrupt/client/acp/AcpMockHttpService.java b/acp/src/test/java/com/inrupt/client/acp/AcpMockHttpService.java
@@ -43,6 +43,14 @@ public URI acr2() {
         return URI.create(wireMockServer.baseUrl() + "/acr-2");
     }
 
+    public URI acr3() {
+        return URI.create(wireMockServer.baseUrl() + "/acr-3");
+    }
+
+    public URI acr4() {
+        return URI.create(wireMockServer.baseUrl() + "/acr-4");
+    }
+
     private void setupMocks() {
         wireMockServer.stubFor(get(urlEqualTo("/acr-1"))
             .willReturn(aResponse()
@@ -58,6 +66,34 @@ private void setupMocks() {
                 .withBodyFile("acr-2.ttl")
             )
         );
+        wireMockServer.stubFor(get(urlEqualTo("/acr-3"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "text/turtle")
+                .withBodyFile("acr-3.ttl")
+            )
+        );
+        wireMockServer.stubFor(get(urlEqualTo("/acr-4"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "text/turtle")
+                .withBodyFile("acr-4.ttl")
+            )
+        );
+        wireMockServer.stubFor(get(urlEqualTo("/not-an-acr"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "text/turtle")
+                .withBodyFile("not-an-acr.ttl")
+            )
+        );
+        wireMockServer.stubFor(get(urlEqualTo("/also-not-an-acr"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "application/json")
+                .withBodyFile("not-an-acr.json")
+            )
+        );
     }
 
     public String start() {
diff --git a/acp/src/test/resources/__files/acr-3.ttl b/acp/src/test/resources/__files/acr-3.ttl
@@ -0,0 +1,18 @@
+@prefix acp: <http://www.w3.org/ns/solid/acp#> .
+
+<>
+      a      acp:AccessControlResource ;
+      acp:accessControl <#owner-access-control> , <#indexer-access-control> ;
+      acp:memberAccessControl <#owner-access-control> , <#indexer-access-control> , <#vc-access-control> .
+
+<#owner-access-control>
+      a         acp:AccessControl ;
+      acp:apply </acr-2#owner-policy> .
+
+<#indexer-access-control>
+      a          acp:AccessControl ;
+      acp:apply  </acr-2#indexer-policy> .
+
+<#vc-access-control>
+      a         acp:AccessControl ;
+      acp:apply </acr-2#vc-policy> .
diff --git a/acp/src/test/resources/__files/acr-4.ttl b/acp/src/test/resources/__files/acr-4.ttl
@@ -0,0 +1,31 @@
+@prefix acp: <http://www.w3.org/ns/solid/acp#> .
+@prefix acl: <http://www.w3.org/ns/auth/acl#> .
+@prefix vc: <http://www.w3.org/ns/solid/vc#> .
+
+<>
+      a      acp:AccessControlResource ;
+      acp:accessControl <#owner-access-control> , <#indexer-access-control> ;
+      acp:memberAccessControl <#owner-access-control> , <#indexer-access-control> , <#vc-access-control> .
+
+<#owner-access-control>
+      a         acp:AccessControl ;
+      acp:apply </not-an-acr> .
+
+<#indexer-access-control>
+      a          acp:AccessControl ;
+      acp:apply  <#indexer-policy> .
+<#indexer-policy>
+      a         acp:Policy ;
+      acp:allOf </also-not-an-acr> ;
+      acp:allow acl:Read .
+
+<#vc-access-control>
+      a         acp:AccessControl ;
+      acp:apply <#vc-policy> .
+<#vc-policy>
+      a         acp:Policy ;
+      acp:allOf <#vc-matcher> ;
+      acp:allow acl:Read .
+<#vc-matcher>
+      a      acp:Matcher ;
+      acp:vc vc:SolidAccessGrant .
diff --git a/acp/src/test/resources/__files/not-an-acr.json b/acp/src/test/resources/__files/not-an-acr.json
@@ -0,0 +1,4 @@
+{
+    "type": "Type",
+    "title": "Example resource"
+}
diff --git a/acp/src/test/resources/__files/not-an-acr.ttl b/acp/src/test/resources/__files/not-an-acr.ttl
@@ -0,0 +1,7 @@
+@prefix dc: <http://purl.org/dc/terms/> .
+@prefix ex: <http://example.com/> .
+
+<>
+      a        ex:Type ;
+      dc:title "Example resource" .
+

Original file line number	Diff line number	Diff line change
`@@ -49,6 +49,7 @@ public static IRI asResource(final AccessControl accessControl, final Graph grap`
`49`	`49`	`graph.add(accessControl, rdf.createIRI(ACP.apply.toString()), policy);`
`50`	`50`	`Policy.asResource(policy, graph);`
`51`	`51`	`});`
	`52`	`+`
`52`	`53`	`return accessControl;`
`53`	`54`	`}`
`54`	`55`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +    "type": "Type",
 +    "title": "Example resource"
 +}