Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"acl" should = Active Control List #326

Closed
bblfish opened this issue Oct 19, 2021 · 7 comments
Closed

"acl" should = Active Control List #326

bblfish opened this issue Oct 19, 2021 · 7 comments

Comments

@bblfish
Copy link
Contributor

bblfish commented Oct 19, 2021

In the latest WAC spec the "acl" link relation points to the resources own ACR even when this does not exist. For Solid servers with simple defaults set at the root that means that most resources would point to ACLs that don't exist. One could imagine a horror situation with a Web Science server hosting billions of documents where each one points to an ACL that does not exist, requiring clients to search for the default making "2n+1" requests.

Instead the "acl" should point to the active acl (acl = active control list), as that is what authentication libraries have been following to find the access control rules for a resource. A new relation pointing to the Access Control Potential (ACP) resource could then be coined. Perhaps http://www.w3.org/ns/auth/acp#AccessControl?

A server could then return for the /2021/foo/bar/baz/2093supernovae resource a 401 with the headers

Link: </default.acl>; rel="acl"
Link: </2021/foo/bar/baz/2093supernovae.acl>; \     
      rel="http://www.w3.org/ns/auth/acp#AccessControl"

Possibly the server would not show the ACP link unless the user already has control mode, as that would be required to create it. Who has control mode could be available from the active ACL. The cost of making a second HTTP request on /2021/foo/bar/baz/2093supernovae after having submitted a proof of control mode will not be that problematic. This is in line with the thinking of issue 325/, but now taking the more pragmatic route of having acl point to the effective one.

@bblfish
Copy link
Contributor Author

bblfish commented Oct 20, 2021

The nice thing is that for servers where all resources have their own Access Control Resource, as advocated currently by ACP, acl and acp:AccessControl will coincide. For servers like existing WAC based ones, where a few default rules exist the two will point to different resources. This will allow the WAC and the ACP systems to come together.

@bblfish
Copy link
Contributor Author

bblfish commented Oct 20, 2021

So here is the definition from the ACP draft spec (pushed recently but not reviewed) for the URL http://www.w3.org/ns/solid/acp#accessControl

The ACP accessControl predicate defines the set of access controls that mandate access over a resource and its associated access control resource, it has a range of acp:AccessControl and a domain of acp:AccessControlResource.

I think we could adapt the language a bit here, so that it can point to non-existing resources allowing it to work with WAC default access control policy.
@timbl could then add that as a first relation to the acp ontology, since I don't see why we could not have consensus on both sides.

@bblfish bblfish changed the title "acl" Link should point to effective ACL and not signify "a corrupt link" "acl" should = Active Control List Oct 20, 2021
@acoburn
Copy link
Member

acoburn commented Oct 20, 2021

This will allow the WAC and the ACP systems to come together.

I don't understand the motivation for this. WAC and ACP address different use cases.

@bblfish
Copy link
Contributor Author

bblfish commented Oct 20, 2021

I don't understand the motivation for this. WAC and ACP address different use cases.

They are both addressing access control use cases. That is all the client at the stage discussed here is wanting to discover. It is asking: where is the access control resource?

Consider a hyper-App (such as @timbl's Tabulator) trying to find the access control rules governing a resource on the web. It might have arrived at this resource in any number of ways. So at this point it has no way of knowing if the ontology for describing the rules is WAC or ACP. And that is not yet the question. At this point the client wants to find the rules for access, either to read them and then the "active control list" is the one it is looking for, or to edit it, in which case it may want to edit the access control resource most closely tied to the given resource. (in WAC that resource may not yet exist, in ACP as currently specified, it always exists)

@bblfish
Copy link
Contributor Author

bblfish commented May 25, 2023

I now think it should be the other way. We need a relation to the Active access control container. See
#325 (comment)

@bblfish bblfish closed this as completed May 25, 2023
@TallTed
Copy link
Contributor

TallTed commented Jun 5, 2023

So you want to further overload the already horrendously overloaded ACL TLA, differentiating by whether it's uppercase or lowercase? acl = Active [Access] Control List, while ACL = Access Control List? This needs a rethink, should it already have been revived or be revived in the future.

@bblfish
Copy link
Contributor Author

bblfish commented Jun 6, 2023

Hi @TallTed, I agree that my thought was confused a bit at the time of writing the initial issue, which is why I closed the issue a couple of weeks ago. I have now got a better proposal: #531

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants