@prefix sh:      <http://www.w3.org/ns/shacl#> .
@prefix xsd:     <http://www.w3.org/2001/XMLSchema#> .
@prefix dcterms: <http://purl.org/dc/terms/> .
@prefix rdfs:    <http://www.w3.org/2000/01/rdf-schema#> .
@prefix odrl:    <http://www.w3.org/ns/odrl/2/> .
@prefix evo:     <https://schema.bra0.org/evidence-os#> .

#
# SHACL shape — Ambient-agent ODRL policy profile
# Three role profiles: Reader / Writer / Trigger.
#

<> dcterms:license <https://creativecommons.org/licenses/by-sa/4.0/> .

#######################################################################
# evo:AmbientAgentPolicyShape
# Target: odrl:Policy carrying an evo:agentRoleProfile triple (Reader/Writer/Trigger)
# Validates ODRL policy compliance with the ambient-agent profile.
#######################################################################

evo:AmbientAgentPolicyShape
    a sh:NodeShape ;
    # SPARQL target filtering to policies carrying evo:agentRoleProfile,
    # so the shape does not over-match on asc: governance policies that
    # are not ambient-agent policies.
    sh:target [
        a sh:SPARQLTarget ;
        sh:select """
            PREFIX evo: <https://schema.bra0.org/evidence-os#>
            PREFIX odrl: <http://www.w3.org/ns/odrl/2/>
            SELECT ?this
            WHERE { ?this a odrl:Policy ; evo:agentRoleProfile ?role . }
        """ ;
    ] ;
    rdfs:label "Ambient-agent ODRL policy shape"@en ;
    rdfs:comment "Validates odrl:Policy instances intended for ambient agents. Only targets policies carrying evo:agentRoleProfile (SPARQL target avoids over-matching on non-ambient policies). Every ambient policy MUST declare a role profile (Reader/Writer/Trigger) and an enforceable bounded context."@en ;
    sh:property [
        sh:path dcterms:identifier ;
        sh:datatype xsd:string ;
        sh:minCount 1 ; sh:maxCount 1 ;
        sh:message "odrl:Policy MUST carry dcterms:identifier (policy IRI slug)."@en ;
    ] ,
    [
        sh:path evo:agentRoleProfile ;
        sh:datatype xsd:string ;
        sh:in ( "Reader" "Writer" "Trigger" ) ;
        sh:minCount 1 ; sh:maxCount 1 ;
        sh:message "odrl:Policy for an ambient agent MUST declare evo:agentRoleProfile ∈ {Reader, Writer, Trigger}."@en ;
    ] ,
    [
        sh:path evo:declaredContext ;
        sh:nodeKind sh:IRI ;
        sh:minCount 1 ;
        sh:message "odrl:Policy MUST declare evo:declaredContext pointing at a named-graph IRI (bounded context)."@en ;
    ] ,
    [
        sh:path odrl:permission ;
        sh:minCount 1 ;
        sh:message "odrl:Policy MUST carry ≥1 odrl:permission (at least one explicit permitted action)."@en ;
    ] ,
    [
        sh:path odrl:prohibition ;
        sh:minCount 0 ;
        sh:message "odrl:Policy MAY carry odrl:prohibition (explicit prohibitions beyond Reader/Writer/Trigger defaults)."@en ;
    ] .