Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[protege-discussion] Policy for write access only for certain instances of certain clases

Jonathan Carter jonathan.carter at e-asolutions.com
Wed Jun 13 08:34:41 PDT 2012


Hi Wolfgang,

The Protege software is very nicely architected and I suspect that a small amount of coding around the Instance Browser widgets (i.e, the widgets that render instances) might be a good starting point. Thinking about it some more, it could be that the Cls#getInstances() methods might be the way to get consistent access control applied. Then, no matter which widget tries to render one or more instances of a particular class (or subclasses), only the ones that a user is allowed to see are returned to be rendered. This is somewhat more low-level than the normal plugin development but probably the simplest, most reliable and easiest to manage approach. 

That covers access to instances but if we need to control read/write (as opposed to hiding instances that I'm not allowed to see) then we need to be looking at the various Widgets. It would be good to put the access control hooks into the AbstractSlotWidget but as this has never been in Protege, you would need to check what the various SlotWidget implementations do to make them use the access control hooks.

One of your questions raises a very interesting point, though. 
> can I define which Instances a user may
> create/edit?

When you say define which Instances a user may create, do you mean at the Class level. That is, I am allowed to create new instances of Class X? I think that our previous discussions have been at the Instance level: so within a certain Class, I can access Instance A but not Instance B. In this case, how can Protege know that there are specific Instances (that as yet do not exist in the Knowledgebase) that I am not allowed to create?
I suspect your requirements are at the Class level but I wanted to confirm this!

Hope this helps

Jonathan

_______________________________________

Jonathan Carter 
Enterprise Architecture Solutions Ltd
_______________________________________

Proud sponsors of The Essential Project
The free open-source Enterprise Architecture Management Platform
www.enterprise-architecture.org
_______________________________________

On 12 Jun 2012, at 12:01, Wolfgang Göbl wrote:

> Timothy,
> 
> Thank you for your reply.
> Two more questions:
> 
> - how (which User Interface) can I define which Instances a user may
> create/edit?
> - how can I program the behaviour you suggested ("when a user
> tries to edit an instance in a class that he should not access, an
> exception is thrown and the user operation fails")
> 
> Thanks
> Wolfgang
> 
> Subject: Re: [protege-discussion] Policy for write access only for
>       certain instances of certain classes?
> Message-ID: <4FA2D844.3010805 at stanford.edu>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
> 
> On 04/27/2012 01:27 AM, Wolfgang G?bl wrote:
>> Hi,
>> 
>> We start using Client/Server Protege.
>> One Requirement is to allow certain users to edit certain instances of
>> certain classes only.
> 
> This is not that easy.  If you are willing to program there is an easy
> thing that you could implement but it is somewhat unsatisfactory from
> the user point of view.  It is not hard to arrange that when a user
> tries to edit an instance in a class that he should not access, an
> exception is thrown and the user operation fails.  This solution doesn't
> stop the user from trying it just punishes him by failing to succeed and
> throwing an exception.
> 
> To do better - we did this once before and it was very messy - you would
> have to make changes to the user interface.  You would have to think of
> all the ways that the user can achieve the wrong outcome and make it nicer.
> 
> -Timothy
> _______________________________________________
> protege-discussion mailing list
> protege-discussion at lists.stanford.edu
> https://mailman.stanford.edu/mailman/listinfo/protege-discussion
> 
> Instructions for unsubscribing: http://protege.stanford.edu/doc/faq.html#01a.03

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/protege-discussion/attachments/20120613/719a7347/attachment.html>


More information about the protege-discussion mailing list