Re: rww:Control from Melvin Carvalho on 2012-12-11 (public-rww@w3.org from December 2012)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 11 Dec 2012 13:13:55 +0100
To: Henry Story <henry.story@bblfish.net>
Cc: Read-Write-Web <public-rww@w3.org>
Message-ID: <CAKaEYhJBCyAFGVrccxeFaW1iS3ppTYQPWikn2gCYkVezGhNQwA@mail.gmail.com>

On 11 December 2012 13:02, Henry Story <henry.story@bblfish.net> wrote:

> The ACL ontology contains the Control class, which is not very
> well explained either in the ontology or in the wiki. All I
> could get on it is this:
>
> $ curl http://www.w3.org/ns/auth/acl.n3 | less
>
> Control a rdfs:Class;
>     rdfs:subClassOf Access;
>     rdfs:label  "control"@en;
>     rdfs:comment "Allows read/write access to the ACL for the resource(s)".
>
> So if I had the following ACL in <meta/card.meta>
>
>  [] :accessTo <card> ;
>     :mode :Control, :Read, :Write ;
>     :agent <card#me> .
>
> Then that would mean that <card#me> had read/write access to <card>
> and to <meta/card.meta> .
>

Quick question: where does meta/card.meta come from?

I think we just use .meta in data.fm using the following link relation:

Link: </.meta>; rel=meta



>
> So then we have two cases:
> 1- when a request is made on <card> the server knows to look in
>   <meta/card.meta> for the acl rules, and looks for :Read, :Write.
> 2- when a request in made on <meta/card.meta> the server knows
>   this is a meta data file, ( and so knows not to look at
>   meta/card.meta/card.meta.meta ). That is one such a file is one
>   that is in relation:
>     <> accessControl <> .
>   In such a case the only relevant rules  are those that have
>  a ?x mode Control relation in them.
>
>
> In 2 the  server cannot really do anything with the :accessTo
> relation because the metadata work is done directly on the metadata
> resource. The server has no way of knowing when a request is made on
> a metadata resource, what the client was accessing this through.
> ( Perhaps with some of the much less used WebDAV methods this is
> possible, but I don't think that this is consciously what is being aimed
> for here ) It is important to see that this is unlike the filesystem
> where when one changes properties it is always done with the name
> of the object resources. Eg:
>
> $ chmod g+rw file.txt
> $ ls -l -@ NeoOffice-3.1.1-Patch-1-Intel.dmg
> -rw-r--r--@ 1 admin  staff  8899825 Jul 20  2010
> NeoOffice-3.1.1-Patch-1-Intel.dmg
>         com.apple.diskimages.fsck            20
>         com.apple.diskimages.recentcksum             80
>         com.apple.metadata:kMDItemWhereFroms        232
>         com.apple.quarantine         74
>
> ( -@ in the second command is an apple OSX extension to 'ls'
> that allows one to see attributes on a file set with xattr )
>
> But in the case of basic HTTP here we are acting directly on the
> (metadata) file itself. So we should rather have an access control
> rule such as:
>
> [] :accessTo <> ;
>    :mode :Read, :Write ;
>    :agent <card#me> .
>
> But in that case my feeling is that the :Control mode is not really
> useful. ( Or only using some very rarely used WebDAV methods, that would
> require a lot more work to develop ).
>
> It does seem to add a lot of relations.
>
> But perhaps not. Both can be fused with
>
>  [] :accessTo <card>, <> ;
>     :mode :Read, :Write ;
>     :agent <card#me> .
>
> And here we have the same number of relations.
>
>   Henry
>
> Social Web Architect
> http://bblfish.net/
>
>

Received on Tuesday, 11 December 2012 12:14:29 UTC