Versions Compared

Old Version 14

changes.mady.by.user Bethany Seeger

Saved on

compared with

New Version 15

changes.mady.by.user Bethany Seeger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For versioning: Versioning Delta/Specification Notes

For authorization: TBD

Design

...

Here are a few ways that ACLS and versions of resources might interact.   Ideas and use cases are welcome, especially if you have a certain way in which you might expect ACLs and Versioning to behave.

LDPRv - "Original Resource" -  the original resource that has versions

LDPCv -  A LDP container that contains the versions of a resource;  otherwise known as the TimeMap in memento

...

  1. This scenario allows for the LDPRv to potentially have a separate ACL from the versions of itself.
  2. If the LDPCv has no ACL - default back to the LDPRv??  Or perhaps the LDPCv points to some sort of default ACL?

...

  1.  If the URL of the ACL pointed to never changes, then all the versions will have the same ACL restrictions as the LDPRv. 
  2.  If the URL of the ACL pointed to changes over time, then the versions may have different ACL restrictions, from both each other and the Original Resource.
  3. This scenario gets complicated quickly, especially when an ACL that's on a version, but no longer on the LDPRv, gets removed from the system.  

Finding the ACL on a LDPRm (memento): 

Any ACL that is directly associated with a LDPRm will be ignored, as those could be out of date or no longer in existence.   To find the ACL that relates to a LDPRm, follow this algorithm:

  1. First look at the LDPCv for the LDPRm to see if it has an ACL associated with it.  If so, stop there and honor that ACL as it will apply to all mementos it contains.
  2. Otherwise follow the pattern specified by the SOLID WebAC specification for finding an ACL for a LDPRv:
    1. Use the document's (LDPR) own ACL resource if it exists (in which case, stop here).
    2. Otherwise, look for authorizations to inherit from the ACL of the document's container. If those are found, stop here.
    3. Failing that, check the container's parent container to see if that has its own ACL file, and see if there are any permissions to inherit.
    4. Failing that, move up the container hierarchy until you find a container with an existing ACL file, which has some permissions to inherit.
    5. The root container of a user's account MUST have an ACL resource specified. (If all else fails, the search stops there.)

Given this, the following is then true: 

  • LDPCv's can have an ACL applied to them. If not, then the LDPRv's ACL applies to all the mementos in the LDPCv.
  • LDPRv and it's mementos can have different ACLs

...

  • .  

Use Cases

Versioning/Authorization Use-Cases

...