Versions Compared

Old Version 15

changes.mady.by.user Danny Bernstein

Saved on

compared with

New Version 16

changes.mady.by.user Yinlin Chen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Discussion of handling external-content

2.a.

Two options

  1. Reduce the granularity of our label  

  2. Modify Memento spec


Change the current implementation to not have label in microsecond but just second.

escowles:

409 Conflict seems reasonable to me

agree that server-managed or distributed backends could have trouble with that

Bethany Seeger & awoods:

Memento Tools - Validator: http://mementoweb.org/tools/validator/

whikloj:

https://jira.duraspace.org/browse/FCREPO-2727 & https://jira.duraspace.org/browse/FCREPO-2728

2.c.

Change the Fedora spec. Change to May instead of a Must. [Spec 5.7.1]

whikloj: Section 5: "To configure access control restrictions, implementations MUST follow the recommendations of Web Access Control [SOLIDWEBAC] with the following additional requirements:"

Bethany Seeger: Can you read this the above this way “If you choose to configure access control restrictions, you MUST follow Solid Webac”? (edited)

awoods:https://fcrepo.github.io/fcrepo-specification/#append-ldprs

Modeshape doesn’t give delete and add property permission, only set property. This problem is because authz is being enforced at the Modeshape layer, and one logical API operation translates into multiple modeshape operations.

Option 1: using injection. like injecting it in the RDF diffing code, so you could e.g., look for deleting triples and throw an exception if the user only had append permission. But could break the design also need to think about performance impact @whikloj.

@Peter Eichman suggests moving the ACL check out of Modeshape and into the HTTP layer  or at the very least outside of modeshape.

Find a feasible way to get out from underneath Modeshape the webac code has lots of jcr in it.

3. external content pr: https://github.com/fcrepo/fcrepo-specification/pull/343

Use POST/PUT requests to create external content nodes.

It looks great on the current proposal in 3.a

Action Items

  •  Danny Bernstein determine whether there is any case where a PUT on a TimeMap would make sense. If there is it should be raised with the specification editors.
  •  Peter Eichman to do a short writeup on the use of userAgent and groupAgent base URI's and their relationship to WebAC in order to clarify whether or not what if anything needs improvement/clarification/alignment. ACL Agents - Strings vs. URIs