Add GraphDB Authorization flags

distillery/.env.sample

@@ -44,4 +44,7 @@ DISTILLERY_BOOKKEEPING_TABLE=distillery
 PASSWORD_LENGTH=64
 
 # A file to be used for global authorized_keys for the ssh server.
-GLOBAL_AUTHORIZED_KEYS_FILE=/distillery/authorized_keys
+GLOBAL_AUTHORIZED_KEYS_FILE=/distillery/authorized_keys
+
+# The admin password of the GraphDB interface, to be used for queries
+GRAPHDB_ADMIN_PASSWORD=root

distillery/backup.sh

@@ -36,12 +36,12 @@ dockerized_mysqldump --all-databases > "$BACKUP_SQL_FILE"
 # Backup the triplestore system
 log_info " => Backing up Triplestore System"
 mkdir -p "$BACKUP_TRIPLESTORE_DIR"
-curl -X GET -H "Accept:application/n-quads" "http://127.0.0.1:7200/repositories/SYSTEM/statements?infer=false" > "$BACKUP_TRIPLESTORE_SYSTEM"
+curl -X GET -H "Accept:application/n-quads" $GRAPHDB_AUTH_FLAGS "http://127.0.0.1:7200/repositories/SYSTEM/statements?infer=false" > "$BACKUP_TRIPLESTORE_SYSTEM"
 
 # backup individual repos
 for REPO in `grep -oP '(?<=#repositoryID> ")[^"]+' $BACKUP_TRIPLESTORE_SYSTEM`; do
     log_info " => Backing up Triplestore Repository '$REPO'"
-	curl -X GET -H "Accept:application/n-quads" "http://127.0.0.1:7200/repositories/$REPO/statements?infer=false" > "$BACKUP_TRIPLESTORE_DIR/repo_$REPO.nq"
+	curl -X GET -H "Accept:application/n-quads" $GRAPHDB_AUTH_FLAGS "http://127.0.0.1:7200/repositories/$REPO/statements?infer=false" > "$BACKUP_TRIPLESTORE_DIR/repo_$REPO.nq"
 done
 
 # backup the filesystem

distillery/lib/10_config.sh

@@ -196,6 +196,17 @@ if ! is_valid_file "$GLOBAL_AUTHORIZED_KEYS_FILE"; then
       exit 1;
 fi;
 
+# GRAPHDB_ADMIN_PASSWORD should be the graphdb admin
+if [ -z "$GRAPHDB_ADMIN_PASSWORD" ]; then
+      log_error "Variable 'GRAPHDB_ADMIN_PASSWORD' is not set. ";
+      log_info "You might want to create this file to get rid of the error message. "
+      log_info "Please verify that it is set correctly in '.env'";
+      exit 1;
+fi;
+
+# flags for graphdb authorization
+GRAPHDB_AUTH_FLAGS="--user $(printf "admin:%s" "$GRAPHDB_ADMIN_PASSWORD")"
+
 # paths to composer things
 DEPLOY_WEB_DIR="$DEPLOY_ROOT/core/web"
 DEPLOY_SELF_DIR="$DEPLOY_ROOT/core/self"

distillery/provision.sh

@@ -33,7 +33,7 @@ dockerized_mysql -e "FLUSH PRIVILEGES;"
 # Use the template for this.
 log_info " => Generating new GraphDB repository '$GRAPHDB_REPO'"
 load_template "repository/graphdb-repo.ttl" "GRAPHDB_REPO" "${GRAPHDB_REPO}" "INSTANCE_DOMAIN" "${INSTANCE_DOMAIN}" | \
-curl -X POST \
+curl -X POST $GRAPHDB_AUTH_FLAGS \
     http://127.0.0.1:7200/rest/repositories \
     --header 'Content-Type: multipart/form-data' \
     -F "config=@-"
@@ -45,7 +45,7 @@ GRAPHDB_PASSWORD="$(randompw)"
 # Create the user and grant them access to the creatd database. 
 log_info " => Creating GraphDB user '$GRAPHDB_USER'"
 load_template "repository/graphdb-user.json" "GRAPHDB_USER" "${GRAPHDB_USER}" "GRAPHDB_REPO" "${GRAPHDB_REPO}" | \
-curl -X POST \
+curl -X POST $GRAPHDB_AUTH_FLAGS \
     "http://127.0.0.1:7200/rest/security/user/${GRAPHDB_USER}" \
     --header 'Content-Type: application/json' \
     --header 'Accept: text/plain' \

distillery/purge.sh

@@ -52,10 +52,10 @@ dockerized_mysql -e "FLUSH PRIVILEGES;"
 
 # Clear the GraphDB repository. 
 log_info " => Deleting GraphDB user '$GRAPHDB_USER'"
-curl -X DELETE http://127.0.0.1:7200/rest/security/user/$GRAPHDB_USER/
+curl $GRAPHDB_AUTH_FLAGS -X DELETE http://127.0.0.1:7200/rest/security/user/$GRAPHDB_USER/
 
 log_info " => Deleting GraphDB repository '$GRAPHDB_REPO'"
-curl -X DELETE http://127.0.0.1:7200/rest/repositories/$GRAPHDB_REPO/
+curl $GRAPHDB_AUTH_FLAGS -X DELETE http://127.0.0.1:7200/rest/repositories/$GRAPHDB_REPO/
 
 # Delete the directory
 log_info " => Deleting '$INSTANCE_BASE_DIR'"