# Auto-generated AIR restriction policy. @prefix air: . @prefix log: . @prefix math: . @prefix s: . @prefix : <#>. # User-defined namespaces: @prefix ex: . @forAll :P, :Q, :T, :U, :V, :W. :no-address a air:Policy; air:label "Users may not find the home address of members of the database."; air:rule :no-address-check. :no-address-check a air:BeliefRule; air:label "no-address query check"; air:pattern { :Q a s:SPARQLQuery; s:retrieve :P; s:clause :W. }; air:description ("Make sure this is a query."); # Goes to the first rule. If there are no attributes, # simply go to the default rule. air:rule :no-address-rule-0. :no-address-rule-0 a air:BeliefRule; air:label "no-address ex:address restriction"; air:pattern { # if RETRIEVE, or alternately, not USE :P s:var :V. :W s:triplePattern :T. :T log:includes { [] ex:address :V }. #2 }; air:description ("A restriction on the RETRIEVE of ex:address, violated by " :T ); air:assert{:Q air:non-compliant-with :no-address}; # There are more policies, go to the next policy. air:alt [ air:rule :no-address-rule-1 ] . :no-address-rule-1 a air:BeliefRule; air:label "no-address ex:address restriction"; air:pattern { # if USE :W s:triplePattern :T. :T log:includes { [] ex:address :V }. #1 :W s:triplePattern :U. :U log:includes { :V [] [] }. }; air:description ("A restriction on the USE of ex:address, violated by " :T ); air:assert{:Q air:non-compliant-with :no-address}; # No more policies, go to the base case. air:alt [ air:rule :no-address-default ] . :no-address-default a air:BeliefRule; air:label "no-address default rule"; air:pattern { # Empty search. }; air:description ("No restricted attributes found."); air:assert{ :Q air:compliant-with :no-address }.