- From: Clemm, Geoff <gclemm@rational.com>
- Date: Tue, 12 Jun 2001 16:18:49 -0400
- To: "Acl@Webdav.Org" <acl@webdav.org>
Oops! Apologies to the folks on the versioning mailing list ...
The DAV:principal-match proposal was supposed to just go to the ACL
mailing list (please prune any followups so that they just go to the
ACL list ... I've BCC'ed this message to versioning list to start that
pruning process).
From: Eric Sedlar [mailto:Eric.Sedlar@oracle.com]
This sounds to me more like a good application for DASL, since it
is a simple query on a particular property value. If DASL can't do
this, it is pretty much good for nothing.
Whether or not DASL is "good for nothing" is an interesting
question (:-), but until it is a standard (or at least, a
standards track document), it cannot be used for interoperable
queries. This is the same reason why a couple of key
versioning reports are defined in the versioning protocol.
In addition, the "matches current principal" is a very ACL specific
"match" operation, and it is unclear whether it is reasonable to
expect DASL to have such a built-in operation for such a purpose.
So the combination of these two reasons makes me believe that
the DAV:principal-match query is an important one to provide
directly in the ACL spec.
I'll attach a copy of the proposal to the bottom of this note, to
minimize confusion caused by my original misdirection of this message.
Cheers,
Geoff
-----Original Message-----
From: Clemm, Geoff
A very useful request is "find all resources in this collection
that I own". Currently, there is no interoperable way to do this
in the ACL protocol. To remedy this situation, I propose that we
add a DAV:principal-match REPORT:
------------------------------------
9 ACCESS CONTROL REPORTS
9.1 DAV:principal-match REPORT
The DAV:principal-match REPORT is used to identify all members of a
collection that have a specified relationship with the current user.
In particular, if the collection contains principals, the report can
be used to identify all members of the collection that match the
current user. Alternatively, if the collection contains resources
that have a property that identifies a principal (e.g. DAV:owner),
then the report can be used to identify all members of the collection
whose property identifies a principal that matches the current user.
Marshalling:
The request body MUST be a DAV:principal-match XML element.
<!ELEMENT principal-match ((principal-property|self), prop)>
<!ELEMENT principal-match ANY>
ANY value: an element whose type identifies a property
<!ELEMENT self EMPTY>
prop: see RFC 2518, Section 12.11
The response body for a successful request MUST be a DAV:multistatus
XML element.
multistatus: see RFC 2518, Section 12.9
The response body for a successful DAV:principal-match REPORT request
MUST contain a DAV:response element for each member of the collection
that has the specified relationship with the current user. If
DAV:prop is specified in the request body, the properties specified in
the DAV:prop element MUST be reported in the DAV:response elements.
9.1.1 Example - DAV:principal-match REPORT
The following example identifies the members of the /doc
collection that are owned by the current user.
>>REQUEST
REPORT /doc HTTP/1.1
Host: www.webdav.org
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
<?xml version="1.0" encoding="utf-8" ?>
<D:principal-match xmlns:D="DAV:">
<D:principal-property>
<D:owner/>
</D:principal-property>
</D:principal-match>
>>RESPONSE
HTTP/1.1 207 Multi-Status
Content-Type: text/xml; charset="utf-8"
Content-Length: xxxx
<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:">
<D:response>
<D:href>http://www.webdav.org/doc/foo.html</D:href>
<D:status>HTTP/1.1 200 OK</D:status>
</D:response>
<D:response>
<D:href>http://www.webdav.org/doc/img/bar.gif</D:href>
<D:status>HTTP/1.1 200 OK</D:status>
</D:response>
</D:multistatus>
------------------------------------
Comments?
Received on Tuesday, 12 June 2001 16:13:31 UTC