Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Aug 17 14:48
    csarven synchronize #417
  • Aug 17 14:48

    csarven on 2022

    Apply suggestions from code rev… (compare)

  • Aug 17 14:44

    csarven on main

    Add 2022-08-17 minutes (compare)

  • Aug 17 14:10
    csarven synchronize #417
  • Aug 17 14:10

    csarven on 2022

    Update doad:revision to 1.0.0-c… (compare)

  • Aug 17 12:48

    csarven on main

    Update current copyright year (compare)

  • Aug 17 08:10

    csarven on main

    Add guideline for 'citation nee… (compare)

  • Aug 15 18:01
    almereyda commented #448
  • Aug 15 13:17
    csarven closed #448
  • Aug 15 13:17
    csarven commented #448
  • Aug 15 12:55
    csarven commented #409
  • Aug 15 12:54
    csarven commented #409
  • Aug 15 12:54
    csarven closed #409
  • Aug 15 12:54

    csarven on main

    Add requirement for Solid Notif… Adjust version reference Update ED/protocol.html Co-aut… and 2 more (compare)

  • Aug 09 01:05
    elf-pavlik commented #447
  • Aug 08 15:22
    TallTed commented #447
  • Aug 07 02:14
    almereyda opened #448
  • Aug 06 09:58
    melvincarvalho commented #447
  • Aug 06 09:55
    melvincarvalho commented #447
  • Aug 06 09:44
    melvincarvalho commented #447
Dmitri Zagidulin
@dmitrizagidulin
I think what might help me is an example
because as an implementer, I'm looking at that spec text, and it says a server MUST advertise constraints, and I'm thinking.. what constraints? In what cases? and how do I express them?
Sarven Capadisli
@csarven
Say server denies an update. It can return 409 and link to the spec constraint saying that server doesn't allow client to update containment triples.
Dmitri Zagidulin
@dmitrizagidulin
so what's an example of that?
(so that I know what to return on a 409)
Sarven Capadisli
@csarven
With this specific example, it'd be https://www.w3.org/TR/ldp/#ldpc-put-mbrprops
(or whatever the URI is in the Solid spec)
Dmitri Zagidulin
@dmitrizagidulin
I see, thanks
Justin Bingham
@justinwb
@csarven i had commented on the ticket but do you assume shape validation falls into this bucket
Sarven Capadisli
@csarven
Not sure about exact categorisation. There are similar concepts in play but I'd say that SV is possibly a specific kind of a constraint (ie. linked via constrainedBy). Besides that, constrainedBy can handle HTTP, authn/z based constraints, in addition to data.
Comes back around to what I've asked several times about the relationship/diff with solid:shape...
Justin Bingham
@justinwb
@csarven are you good for session today?
Sarven Capadisli
@csarven
Yea.
Justin Bingham
@justinwb
:+1:
Sarven Capadisli
@csarven
solid/specification#187 is an important one. Reviews would be great and super helpful.
Justin Bingham
@justinwb
will do!
Sarven Capadisli
@csarven
@acoburn Noted your preference. Just want to be clear that the PR captures the rough consensus - and there was quite a bit of gaps/unknowns all around DELETE (as you know from the issues).
Sarven Capadisli
@csarven
@namedgraph_twitter Do you use acl:accessTo with 1 or n?
Sarven Capadisli
@csarven
Do you use acl:default ? Can a resource inherit an ACL instead of having its own?
Martynas Jusevicius
@namedgraph_twitter
you mean acl:accessTo with one or multiple values?
as a general case multiple
we don't use acl:default
Sarven Capadisli
@csarven
How about own ACL or inheritance?
Martynas Jusevicius
@namedgraph_twitter
what do you mean with "own ACL"?
Sarven Capadisli
@csarven
When a resource is deleted, do you clean-up eg. remove an associated ACL?
Link rel=acl foo.acl
or however you associate - data level.
Martynas Jusevicius
@namedgraph_twitter
we mostly use acl:accessToClass
acl:accessTo only with "singleton" system resources
with acl:accessToClass there's no cleanup that needs to be done when an instance goes away
Sarven Capadisli
@csarven
I presume somewhere you have foo rel=acl foo.acl . What happens to foo.acl (and say it uses acl:accessTo foo) if foo is deleted?
Martynas Jusevicius
@namedgraph_twitter
we don't :)
why should we?
Sarven Capadisli
@csarven
Can a client discover a resource's ACL so that it can update?
Martynas Jusevicius
@namedgraph_twitter
no. but it can request access if it doesn't have it
that part is an extension of W3C ACL
Sarven Capadisli
@csarven
I don't know why you should or not. I'm merely trying to understand how your systems are making use of WAC/ACL... and comparing with how Solid is going at it. Trying to find where things can be reconciled or really FUBAR'd.
Martynas Jusevicius
@namedgraph_twitter
but what use case are we talking about here?
Sarven Capadisli
@csarven
Extension of W3C ACL?
I just said.. client. If I have an article and I only want you to read it, how would I achieve that?
Martynas Jusevicius
@namedgraph_twitter
if you want to read it but currently do not have access?
request read access
the app admin will see a request and grant it - or deny it
Sarven Capadisli
@csarven
Is app admin like the owner or controller of the resource?
Does that mean that acl:agent doesn't actually control ( in the general sense) the resource referred from accessTo?
Martynas Jusevicius
@namedgraph_twitter
yes the one has acl:Control over the ACL
Sarven Capadisli
@csarven
Say foo.acl has policy with acl:agent myWebID with acl:mode Control. Is that not sufficient for an application to be able to update the ACL resource/policy for the authorized agent (myWebID)?
I'm trying to circle back to how an application discovers a resource's ACL and whether they can PUT/PATCH an ACL - without taking on another mechanism to request the change.
Do you distinguish the mechanism to update ACL resources from other resources?