# Auto-generated AIR restriction policy.

@prefix air: <http://dig.csail.mit.edu/TAMI/2007/amord/air#>.
@prefix log: <http://www.w3.org/2000/10/swap/log#>.
@prefix math: <http://www.w3.org/2000/10/swap/math#>.
@prefix s: <http://dig.csail.mit.edu/2009/IARPA-PIR/sparql#>.
@prefix : <>.

# User-defined namespaces:
@prefix example: <http://www.example.com/#> .

@forAll :P, :Q, :T, :U, :V, :W.

:sample-restriction a air:Policy;
    air:label "A sample auto-generated restriction policy.";
    air:rule :sample-restriction-check.
        
:sample-restriction-check a air:BeliefRule;
    air:label "sample-restriction query check";
    air:pattern {
        :Q a s:SPARQLQuery;
           s:retrieve :P;
           s:clause :W.
    };
    air:description ("Make sure this is a query.");
    # Goes to the first rule. If there are no attributes,
    # simply go to the default rule.
    air:rule :sample-restriction-rule-0.

:sample-restriction-rule-0 a air:BeliefRule;
    air:label "sample-restriction example:name restriction";
    air:pattern {
    # if RETRIEVE, or alternately, not USE
        :P s:var :V;
        :W s:triplePattern :T;
        :T log:includes { [] example:name :V }
        };
    air:description ("A restriction on the RETRIEVE of example:name, violated by " :T );
    air:assert{:Q air:non-compliant-with :sample-restriction)};
    # There are more policies, go to the next policy.
    air:alt [ air:rule :sample-restriction-rule-1 ] .
        
:sample-restriction-rule-1 a air:BeliefRule;
    air:label "sample-restriction example:age restriction";
    air:pattern {
    # if USE
        :W s:triplePattern :T;
        :T log:includes { [] example:age :V };
        :W s:triplePattern :U;
        :U log:includes { :V [] [] }.
        };
    air:description ("A restriction on the USE of example:age, violated by " :T );
    air:assert{:Q air:non-compliant-with :sample-restriction)};
    # There are more policies, go to the next policy.
    air:alt [ air:rule :sample-restriction-rule-2 ] .
        
:sample-restriction-rule-2 a air:BeliefRule;
    air:label "sample-restriction example:dob restriction";
    air:pattern {
    # if RETRIEVE, or alternately, not USE
        :P s:var :V;
        :W s:triplePattern :T;
        :T log:includes { [] example:dob :V }
        };
    air:description ("A restriction on the RETRIEVE of example:dob, violated by " :T );
    air:assert{:Q air:non-compliant-with :sample-restriction)};
    # There are more policies, go to the next policy.
    air:alt [ air:rule :sample-restriction-rule-3 ] .
        
:sample-restriction-rule-3 a air:BeliefRule;
    air:label "sample-restriction example:ssn restriction";
    air:pattern {
    # if USE
        :W s:triplePattern :T;
        :T log:includes { [] example:ssn :V };
        :W s:triplePattern :U;
        :U log:includes { :V [] [] }.
        };
    air:description ("A restriction on the USE of example:ssn, violated by " :T );
    air:assert{:Q air:non-compliant-with :sample-restriction)};
    # No more policies, go to the base case.
        air:alt [ air:rule :sample-restriction-default ] .

:sample-restriction-default a air:BeliefRule;
    air:label "sample-restriction default rule";
    air:pattern { # Empty search.
        };
    air:description ("No restricted attributes found.");
    air:assert{ :Q air:compliant-with :sample-restriction } .
        
#ends