Named graph security: 'Invalid resource name'

Using version 5.3.4 in production.

I've enabled security.named.graphs=true for a database ng-test, and am trying to assign some user permissions, but when the named graph IRI has a hash symbol in it I get the following:

stardog-admin --server https://myHost user grant -u stardog-admin -a read -o named-graph:ng-test\\ -- grafli-r-conradL

Invalid resource name

The command works fine when the graph IRI does not contain a hash.

I'm pretty sure this used to work in version 4.x

You should escape it or add quotes so the shell doesn't interpret it as a comment.


nope; neither escaping, nor single nor double quotes work. I would expect the shell would only interpret a space followed by hash as a comment anyhow.

I've tried using the HTTP API directly, same result:

curl \
    -H "Content-Type: application/json" \
    -X "PUT" \
    --user stardog-admin:**** \
    --data '{"action":"READ","resource_type":"named-graph","resource":["grafli-gqa-test\\"]}' \ 

{ "message" : "invalid resource: 'grafli-gqa-test\'."}

And also using the Java API, same result:

import com.typesafe.config.ConfigFactory
import com.typesafe.config.ConfigValueFactory
import com.complexible.common.rdf.model.Values

val adminConfig = ConfigFactory
    .withValue("hostname", ConfigValueFactory.fromAnyRef("****"))
    .withValue("username", ConfigValueFactory.fromAnyRef("stardog-admin"))
val conn = ConnectionFactory.getAdminConnection(adminConfig)
val perms = NamedGraphPermissions
    .on(conn.get.getPermissionManager, "grafli-gqa-test")

run it:

com.complexible.stardog.protocols.http.client.BaseHttpClient$HttpClientException: invalid resource: ''.
	at com.complexible.stardog.protocols.http.client.BaseHttpClient.checkResponseCode(
	at com.complexible.stardog.protocols.http.client.BaseHttpClient.execute(
	at com.complexible.stardog.protocols.http.client.BaseHttpClient.executeHttpPut(
	at com.complexible.stardog.protocols.http.client.HttpAdminClientImpl.addRolePerm(
	at Main$$anon$1.<init>(setNgPerms.scala:18)
	at Main$.main(setNgPerms.scala:1)
	at Main.main(setNgPerms.scala)

reading the stack trace, this is in the response from the client after it's executed the command, so it's server-side issue.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.