WebAC authorization fedora Fedora module is an implementation of the still evolving draft by the W3C that proposes a decentralized authorization mechanism. See WebAccessControl specifications at the W3C website.
...
The WebAC module will enforce access control based on the Access Control List (ACL) RDF file resource associated with the requested resource. The ACL file resource should specify the types of access, allowed users or groups, and applicable resources.
...
1. userA can Read document foo
@prefix acl: <http://www.w3.org/ns/auth/aclacl#>
</acls/read> acl:accessTo </foo> ;
acl:mode acl:Read;
acl:agent </agents/userA> .
2. users in NewsEditor group can Write to any resource of type News
@prefix acl: <http://www.w3.org/ns/auth/aclacl#>
</acls/write> acl:accessToClass </objecttype/news> ;
acl:mode acl:Read, acl:Write;
acl:agentClass </agents/newsEditor> .
...