Currently, if the Gravsearch
WHERE clause mentions a value that the user doesn’t have permission to see, we return
ForbiddenResource. The rationale for this was privacy-oriented. For example, if you’re not supposed to know that a painting sold for a million francs, it isn’t enough just to hide the price. You also shouldn’t get that painting’s title in the results of a search for the titles of paintings that sold for a million francs or more.
This creates problems, though, as discussed in the issue, and in any case, since we can’t filter by permissions in SPARQL, it’s not really possible to make this policy work as it should. For example, if you want to know the price of Van Gogh’s painting A Wheatfield with Cypresses, you can just do a count request, to get the number of paintings that have that title and whose price is at least X, and keep increasing X until the count is zero.
Therefore we’ve decided to change the policy as follows: the purpose of permissions on resources and values is to respect copyright, not to protect privacy. An example of the intended use case would be that you can find out which texts contain the word ‘science’, even if you don’t have permission to read the texts. Gravsearch will filter results the way the
/v2/resources route does: if you asked about a value that you don’t have permission to see, Knora will return the resource without that value.