We starts from a formal ontology model that we build up and share with the customer (starting from base ontologies already developed) and then semi automatially we generate a specialized SMW. To do that we have developed a complete suite of tools that we call Semantic Knowledge Management Platform.
Here we present two extensions that we developed and published (and currently using for our custmers) that exploit semantic mediawiki fuctionalities for different scopes: SparqlResulFormat and Semantic Auth/Profiling.
Exploiting and empowering semantic data with 2 new semantic extension: Sparql Result Format and Semantic Auth/Profiling
1. Exploiting and empowering semantic data with 2 new
semantic extension: SemanticAuthProfiling and
SparqlResultFormat
17th SMWCon
Fall 2019
September 25-27,
Paris, UIC HQ
MATTEO BUSANELLI
GABRIELE CORNACCHIA
17th SMWCon Fall 2019 1
3. 2005 – 2008: researcher at ENEA (Italian National Research Agency) on Semantic Web
2008 - present: IT Consultant and Advisor for Enterprise Knowledge Management at Imola Informatica
Working with SMW (since 2010) on:
IT Service Management, IT Governance and Cost allocation
IT Architecture support
Document management
Enterprise Architecture consulting
GDPR compliancy
Platform for Turism
Matteo Busanelli
17th SMWCon Fall 2019 3
4. …two extensions that we developed and mantain:
Today we will talk about...
17th SMWCon Fall 2019 4
SemanticAuthProfiling
Profiling and authorizing (not
authenticating ) users with wiki groups
on categories and with per page
administration roles
SparqlResultFormat
Generate diagrams and graph for data
analitycs, reporting or dashboard from an
arbitrary sparql endpoint
5. SemanticAuthProfiling: WHY?
17th SMWCon Fall 2019 5
We use SMW as a collaborative platform for many purposes but always inside big enterprises (Banks,
Insurances, PA, etc...).
Our clients need to access from different organizational units and with different roles on pages
EAP
I C T
S t r a t e g y
S e r v i c e
M a n a g e r
A p p l i c a t i o n
M a n a g e r
P r o j e c t
M a n a g e r
C I O
F i n a n c i a l
M a n a g e r
Example:
Enterprise Architecture
Portal (EAP)
7. 2. Per Page Administration - to set the «owner of something» as the admin of a page
17th SMWCon Fall 2019 7
SemanticAuthProfiling: How does it works?
Something like that…
Because of the project has a project
manager then we want also him to
be the Page admin
This could be done in the
Template:Project by coping the
value of the “Property:Has project
manager” in the extension
“Property:Has page admin”
9. The extension let you configure (via external file or LocalSettings.php) for
each mediawiki group on a specific category the following permission:
read – view pages of a category
create – create pages of a category
edit/formedit – edit pages (both «source» and «form» edit) of a cateogry
move - move pages of a category to another page title
delete – delete pages of a category
You can use the category wildcard * to set/unset action permission
globally to all categories and then unset/set permissions for single
category (a sort of Black/White list selection)
17th SMWCon Fall 2019 9
SemanticAuthProfiling - Per category profiling
10. Step 0: Setting base permission to let everyone edit pages
The extension needs to have edit permission at true for all users.
In this way we let the extension decide if you can or not edit based on the configurations that
follow in next steps.
17th SMWCon Fall 2019 10
SemanticAuthProfiling - Per category profiling
# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['user']['read'] = true;
# Enable anonymous editing
$wgGroupPermissions['*']['edit'] = true;
$wgGroupPermissions['*']['formedit'] = true;
NOTE: extension is on top of the wiki and if we close a permission at wiki level (i.e.
$wgGroupPermissions['*']['edit'] = false) there is no way to open the permission to a user.
In respect of the mediawiki, the extension can only “close” not “open”
11. Step 1: Creating groups (in Localsettings.php or in a specific profile.php)
We can create each group starting from the permissions of the ‘user’ group
Step 2: Setting default action permissions for not profiled users
17th SMWCon Fall 2019 11
SemanticAuthProfiling - Per category profiling
…
$wgGroupPermissions['Service_Catalogue_Manager'] = $wgGroupPermissions['user'];
$wgGroupPermissions['Application_Portfolio_Manager'] = $wgGroupPermissions['user'];
$wgGroupPermissions['IT_Strategy_Manager']=$wgGroupPermissions['user’];
…
#default permission
$wgdefaultPermissionEdit=false;
$wgdefaultPermissionCreate=false;
$wgdefaultPermissionView=false;
$wgdefaultPermissionMove=false;
12. Step 3: For each group specify pemissions on categories (eventually using the wildcard * to set them
globally). Each permission can be stated in this way:
There is a specific configuration variable (array[group][category]) for each ACTION:
17th SMWCon Fall 2019 12
SemanticAuthProfiling - Per category profiling
$wgSemanticAuthProfiling<ACTION>Categories [‘<WIKIGROUP>'][‘<CATEGORY> or *']= true/false;
$wgSemanticAuthProfilingViewCategories [‘Portfolio Manager’][‘Project']= true;
$wgSemanticAuthProfilingEditCategories [‘Service Manager’][‘Project’]= false;
$wgSemanticAuthProfilingCreateCategories [‘IT Manager’][‘*']= true;
$wgSemanticAuthProfilingMoveCategories [‘Financial Manager’][‘Service’]= false;
$wgSemanticAuthProfilingDeleteCategories [‘Service Manager’][‘Project’]= false;
13. FOR EXAMPLE…
IT Managers can view, create and edit pages of all categories but can’t delete nothing
Portfolio Managers can view all categories but only create,edit and move Project pages
17th SMWCon Fall 2019 13
SemanticAuthProfiling - Per category profiling
$wgSemanticAuthProfilingViewCategories [‘IT Manager’][‘*']= true;
$wgSemanticAuthProfilingCreateCategories [‘IT Manager’][‘*']= true;
$wgSemanticAuthProfilingEditCategories [‘IT Manager’][‘*']= true;
$wgSemanticAuthProfilingDeleteCategories [‘IT Manager’][‘*’]= false;
$wgSemanticAuthProfilingViewCategories [‘Porfolio Manager’][‘*']= true;
$wgSemanticAuthProfilingCreateCategories [‘Porfolio Manager’][‘*’]= false;
$wgSemanticAuthProfilingCreateCategories [‘Porfolio Manager’][‘Project']= true;
$wgSemanticAuthProfilingEditCategories [‘Porfolio Manager’][‘*’]= false;
$wgSemanticAuthProfilingEditCategories [‘Porfolio Manager’][‘Project’]= true;
$wgSemanticAuthProfilingMoveCategories [‘Porfolio Manager’][‘*’]= false;
$wgSemanticAuthProfilingMoveCategories [‘Porfolio Manager’][‘Project’]= true;
14. You can also associate a Person referred in a specific semantic property
to the Page Admin of that page through its wiki template:
17th SMWCon Fall 2019 14
SemanticAuthProfiling - Per page administration
===THIS IS PROJECT {{SUBJECTPAGENAME}}===
*Name: [[Project name::{{SUBJECTPAGENAME}}]]
*Project Manager [[Has project manager::{{{field_PM}}}]]
*….
{{#arraymap:{{{values|}}}|;|wk_template_var|{{#set:Has page admin=wk_template_var}} }}
Template:Project
15. The extension looks for the semantic property «Has page admin» with an
ASK and take the foaf:mbox of that foaf:Person to match with the
Mediawiki User.
17th SMWCon Fall 2019 15
SemanticAuthProfiling - Per page administration
User:Mbusanelli
generated
from the
Template
16. 17th SMWCon Fall 2019 16
SemanticAuthProfiling - Per page administration
To use per page administration feature you have to:
1. Manually create the Property:Has page admin in the Mediawiki
2. Manually configure the mapping (custom prop<->Has page admin) in each
Template of category you want page administration
3. Associate potentially each mediawiki user to a page of Category:Person (i.e
foaf:Person) with a semantic property email or username
4. Email of each Category:Person must be the same of the corresponding
mediawiki user (you can also use username).
17. 17th SMWCon Fall 2019 17
SemanticAuthProfiling - Work in progress…
The extension is still in BETA (but already used by clients)
We are making some refactoring to release the extension in a the right format
We need to test all security issues against the page «Security issues
with authorization extension»
Per page admin properties should be externally
configurable:
i.e $wgPageAdminProperty=‘Property:HasAdmin’;
$wgMapUserOn = ‘email’;
Extension doesn’t really hide «edit» menù
even if the user can’t edit.
So the user not allowed will see a forbidden
message
18. 17th SMWCon Fall 2019 18
SemanticAuthProfiling - Work in progress…
But our dream is to make the extension
configurable with a GUI from Preferences or some
special page (Special:SemanticAuthProfiling)
19. 17th SMWCon Fall 2019 19
SemanticAuthProfiling: References and links
Extension page:
https://www.mediawiki.org/wiki/Extension:SemanticAuthProfiling
GIT repository:
https://github.com/imolainformatica/SemanticAuthProfiling
Developer:
https://www.linkedin.com/in/giacomo-lorenzo-97664a106/
Feedbacks and suggestions are welcome!
20. Gabriele Cornacchia
17th SMWCon Fall 2019 22
2011 - present: Software Developer & IT Consultant at Imola Informatica
Working (not only) with SMW (since 2015) on:
IT Architecture support
Document management
Enterprise Architecture consulting
21. SparqlResultFormat: What is it?
17th SMWCon Fall 2019 23
"...a free, open-source extension to MediaWiki that lets you query
different Sparql endpoints and represent output data in various formats."
Based on different opensource javascript charting
libraries (JqPlot, Cytoscape.js, d3.js)
Several output formats
28. Allow customers to "see" and interact with data
Not only with flat HTML table
Overcome the ASK queries limits
Expressiveness limit compared to standard SPARQL syntax
But customers data consists of a complex network of related
entities
Requires particular output format
17th SMWCon Fall 2019 30
SparqlResultFormat: Why?
29. in January 2016...
Similar extensions did not exists
SparqlCharts -> appeared in May 2016
LinkedWiki Visualization -> appeared in August 2016
We didn't want server-side generated images (like Graphviz)
So we decided and started coding...
SparqlResultFormat: Context
17th SMWCon Fall 2019 31
30. Makes available magic words (one per format) to be
used directly inside a mediawiki page.
It can query any standard SPARQL endpoint (It does not
require SMW)
Queries are executed server side to avoid CORS problem.
Provides a "Special page" with all magic words
documentation (Special:SparqlResultFormat)
17th SMWCon Fall 2019 32
SparqlResultFormat: Key points
32. SparqlResultFormat in 3 steps
17th SMWCon Fall 2019 34
1) Configure your sparql
endpoints in LocalSettings.php
Query in page
2) Configure magic words in your wiki pages with
your custom sparql queries
3) Enjoy!
33. Example – Endpoint definition
17th SMWCon Fall 2019 35
$wgSparqlEndpointDefinition['<endpoint name>'] = array(
'url' => '<sparql endpoint url>',
'basicAuth' => array(
'user' => '<basic auth user>',
'password' => '<basic auth password>' ),
'connectionTimeout' => 30,
'requestTimeout' => 30,
'verifySSLCertificate' => false,
'prefixes' => array(
'skos' => 'http://www.w3.org/2004/02/skos/core#’,
'rdf' => 'http://www.w3.org/1999/02/22-rdf-syntax-ns#',
'rdfs' => 'http://www.w3.org/2000/01/rdf-schema#’,
'<prefix>' => '<namespace>',
... ) );
List of prefixes and
namespaces that are
added automatically to
every query to this
endpoint -> you don't have
to define each time
You must refer this name in the magic word
Other connection
parameters
In LocalSettings.php
34. {{#sparql2barchart:
|divId=chart1
|sparqlEndpoint=wikidata
|sparqlEscapedQuery=
SELECT DISTINCT ?countryLabel ?population
{
?country wdt:P31 wd:Q6256 ;
wdt:P1082 ?population .
SERVICE wikibase:label { bd:serviceParam wikibase:language "en" }
}
GROUP BY ?population ?countryLabel
ORDER BY DESC(?population)
limit 20
|seriesConfiguration=[{label:'Population', color:'blue',showLink:'false'} ]
|extraOption=chart.title:Top 20 contries by population
|extraOption=chart.axis.x.label:Country
|extraOption=chart.axis.y.label:Population
}}
Example – Magic Word configuration
17th SMWCon Fall 2019 36
Common parameters
(same for all output formats)
Format specific parameters for
tuning behaviour and
appearance
The output format is in the magic word name
In wiki page
36. Adding other useful output format
Adding page to test query & configurations (as Special:Ask page)
Adding more interactivity to graph format (graph exploration feature)
Improving documentation & examples
Developing unit & integration tests
Next steps and further works
17th SMWCon Fall 2019 38
37. Extension page:
https://www.mediawiki.org/wiki/Extension:SparqlResultFormat
GIT repository:
https://github.com/imolainformatica/SparqlResultFormat
Blog article:
https://blog.imolainformatica.it/2017/03/16/enterprise-architecture-
unimmagine-vale-piu-di-mille-tabelle/
SparqlResultFormat - References and links
17th SMWCon Fall 2019 39
Feedbacks and suggestions are welcome!