Removed system endpoint resources from default RDF datasets

As a result, during the ACL check resources that match `acl:accessTo` authorization(s) are no longer required to have an explicit `rdf:type`

Author: namedgraph

platform/datasets/admin.trig

@@ -1,11 +1,6 @@
 @prefix def:	<https://w3id.org/atomgraph/linkeddatahub/default#> .
 @prefix ldh:	<https://w3id.org/atomgraph/linkeddatahub#> .
-@prefix ac:	    <https://w3id.org/atomgraph/client#> .
 @prefix rdf:	<http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
-@prefix xsd:	<http://www.w3.org/2001/XMLSchema#> .
-@prefix dh:	    <https://www.w3.org/ns/ldt/document-hierarchy#> .
-@prefix sd:     <http://www.w3.org/ns/sparql-service-description#> .
-@prefix sp:	    <http://spinrdf.org/sp#> .
 @prefix sioc:	<http://rdfs.org/sioc/ns#> .
 @prefix foaf:	<http://xmlns.com/foaf/0.1/> .
 @prefix dct:	<http://purl.org/dc/terms/> .
@@ -23,40 +18,6 @@
 
 }
 
-# ENDPOINTS
-
-<sparql>
-{
-
-    <sparql> a foaf:Document ;
-        dct:title "SPARQL endpoint" .
-
-}
-
-<ns>
-{
-
-    <ns> a foaf:Document ;
-        dct:title "Namespace endpoint" .
-
-}
-
-<add>
-{
-
-    <add> a foaf:Document ;
-        dct:title "Add data endpoint" .
-
-}
-
-<generate>
-{
-
-    <generate> a foaf:Document ;
-        dct:title "Generate data endpoint" .
-
-}
-
 ### ADMIN-SPECIFIC
 
 @prefix lacl:	<https://w3id.org/atomgraph/linkeddatahub/admin/acl#> .
@@ -70,7 +31,7 @@
 <sign%20up>
 {
 
-    <sign%20up> a adm:SignUp ;
+    <sign%20up> a foaf:Document ;
         dct:title "Sign up" ;
         rdf:_1 <sign%20up#content> .
 
@@ -288,44 +249,6 @@ WHERE
 
 }
 
-# access endpoint
-
-<acl/authorizations/access/>
-{
-
-    <acl/authorizations/access/> a dh:Item ;
-        sioc:has_container <acl/authorizations/> ;
-        dct:title "Access description access" ;
-        foaf:primaryTopic <acl/authorizations/access/#this> .
-
-    <acl/authorizations/access/#this> a acl:Authorization ;
-        rdfs:label "Access description access" ;
-        rdfs:comment "Allows non-authenticated access" ;
-        acl:accessToClass ldh:Access ;
-        acl:mode acl:Read ;
-        acl:agentClass foaf:Agent, acl:AuthenticatedAgent .
-
-}
-
-# access request endpoint
-
-<acl/authorizations/access-request/>
-{
-
-    <acl/authorizations/access-request/> a dh:Item ;
-        sioc:has_container <acl/authorizations/> ;
-        dct:title "Access request access" ;
-        foaf:primaryTopic <acl/authorizations/access-request/#this> .
-
-    <acl/authorizations/access-request/#this> a acl:Authorization ;
-        rdfs:label "Access request access" ;
-        rdfs:comment "Allows non-authenticated access" ;
-        acl:accessToClass ldh:AccessRequest ;
-        acl:mode acl:Append ;
-        acl:agentClass foaf:Agent, acl:AuthenticatedAgent .
-
-}
-
 # sign up
 
 <acl/authorizations/sign-up/>
@@ -339,8 +262,7 @@ WHERE
     <acl/authorizations/sign-up/#this> a acl:Authorization ;
         rdfs:label "Signup access" ;
         rdfs:comment "Required to enable public signup" ;
-        acl:accessTo <ns> ; # TO-DO: only allow <ns> access by the secretary agent?
-        acl:accessToClass adm:SignUp ;
+        acl:accessTo <ns>, <sign%20up> ; # TO-DO: only allow <ns> access by the secretary agent?
         acl:mode acl:Read, acl:Append ;
         acl:agentClass foaf:Agent .
 
@@ -359,7 +281,7 @@ WHERE
     <acl/authorizations/oauth2-login/#this> a acl:Authorization ;
         rdfs:label "OAuth2 login access" ;
         rdfs:comment "Required to enable public OAuth2 login" ;
-        acl:accessToClass ldh:OAuthLogin ;
+        acl:accessToClass <oauth2/login/google>, <oauth2/login/orcid> ;
         acl:mode acl:Read ;
         acl:agentClass foaf:Agent .
 
@@ -378,7 +300,7 @@ WHERE
     <acl/authorizations/oauth2-authorize/#this> a acl:Authorization ;
         rdfs:label "OAuth2 authorization" ;
         rdfs:comment "Required to enable public OAuth2 login" ;
-        acl:accessToClass ldh:OAuthAuthorize ;
+        acl:accessTo <oauth2/authorize/google>, <oauth2/authorize/orcid> ;
         acl:mode acl:Read ;
         acl:agentClass foaf:Agent .
 

platform/datasets/end-user.trig

@@ -1,11 +1,6 @@
 @prefix def:	<https://w3id.org/atomgraph/linkeddatahub/default#> .
 @prefix ldh:	<https://w3id.org/atomgraph/linkeddatahub#> .
-@prefix ac:	    <https://w3id.org/atomgraph/client#> .
 @prefix rdf:	<http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
-@prefix xsd:	<http://www.w3.org/2001/XMLSchema#> .
-@prefix dh:	    <https://www.w3.org/ns/ldt/document-hierarchy#> .
-@prefix sd:     <http://www.w3.org/ns/sparql-service-description#> .
-@prefix sp:	    <http://spinrdf.org/sp#> .
 @prefix sioc:	<http://rdfs.org/sioc/ns#> .
 @prefix foaf:	<http://xmlns.com/foaf/0.1/> .
 @prefix dct:	<http://purl.org/dc/terms/> .
@@ -23,97 +18,10 @@
 
 }
 
-# ENDPOINTS
-
-<sparql>
-{
-
-    <sparql> a foaf:Document ;
-        dct:title "SPARQL endpoint" .
-
-}
-
-<ns>
-{
-
-    <ns> a foaf:Document ;
-        dct:title "Namespace endpoint" .
-
-}
-
-<add>
-{
-
-    <add> a foaf:Document ;
-        dct:title "Add data endpoint" .
-
-}
-
-<generate>
-{
-
-    <generate> a foaf:Document ;
-        dct:title "Generate data endpoint" .
-
-}
-
 ### END-USER-SPECIFIC
 
-<access>
-{
-
-    <access> a ldh:Access ;
-        dct:title "Access endpoint" .
-
-}
-
-<access/request>
-{
-
-    <access/request> a ldh:AccessRequest ;
-        dct:title "Access request endpoint" .
-
-}
-
-<oauth2/login/google>
-{
-
-    <oauth2/login/google> a ldh:OAuthLogin ;
-        dct:title "OAuth 2.0 login" .
-
-}
-
-<oauth2/authorize/google>
-{
-
-    <oauth2/authorize/google> a ldh:OAuthAuthorize ;
-        dct:title "Google OAuth2.0 authorization" .
-
-}
-
-<oauth2/login/orcid>
-{
-
-    <oauth2/login/orcid> a ldh:OAuthLogin ;
-        dct:title "ORCID OAuth2.0 login" .
-
-}
-
-<oauth2/authorize/orcid>
-{
-
-    <oauth2/authorize/orcid> a ldh:OAuthAuthorize ;
-        dct:title "ORCID OAuth2.0 authorization" .
-
-}
-
-<settings>
-{
-
-    <settings> a foaf:Document ;
-        dct:title "Settings endpoint" .
-
-}
+@prefix dh:	    <https://www.w3.org/ns/ldt/document-hierarchy#> .
+@prefix sd:     <http://www.w3.org/ns/sparql-service-description#> .
 
 <services/dbpedia/>
 {

platform/entrypoint.sh

@@ -698,7 +698,7 @@ for app in "${apps[@]}"; do
 
         namespace_ontology_dataset_path="/var/linkeddatahub/datasets/${app_folder}/namespace-ontology.trig"
         mkdir -p "$(dirname "$namespace_ontology_dataset_path")"
-        export end_user_origin admin_origin
+        export end_user_origin
         envsubst < namespace-ontology.trig.template > "$namespace_ontology_dataset_path"
 
         trig --base="${admin_origin}/" --output=nq "$namespace_ontology_dataset_path" > "/var/linkeddatahub/based-datasets/${app_folder}/namespace-ontology.nq"