rdf_sandbox.pl -- Declare RDF API sandbox-safe

This module provides clauses for the multifile predicate sandbox:safe_primitive/1 defined in library(sandbox) that make all predicates of the RDF API that have no permanent side effects safe. To have an affect, this module must be loaded after the modules it declares safe. Thus, when using the sequence below, rdf11 is safe, while sparql_client is not (unless sparql_client was already loaded before this sequence).

:- use_module(library(semweb/rdf11)).         % safe
:- use_module(library(semweb/rdf_sandbox)).
:- use_module(library(semweb/sparql_client)). % Not safe

Normally, sandbox declarations live in the module in which the safe predicates are defined, so we are sure we are making declarations about this specific version of a predicate. For RDF we decoupled the sandbox declarations from the implementation because although rdf/3 is technically safe to use (calling it has no side effects), it may make information accessible that is not supposed to be.

Loading this library makes all side-effect-free predicates considered safe. If some of your RDF needs to remain hidden, you should not load this file and instead use your own version that project your data. The example below defines a wrapper around rdf/4 that provides safe access to certain graphs.

` :- module(rdf_api, [ rdf/4 ]). :- use_module(library(semweb/rdf11)).

:- rdf_meta rdf(r,r,o,r).

rdf(S,P,O,G) :- public_graph(G), !, rdf11:rdf(S,P,O,G). rdf(S,P,O,G) :- permission_error(access, graph, G).

:- multifile sandbox:safe_primitive/1.

sandbox:safe_primitive(rdf_api:rdf(_,_,_,_)).