Re: rww:Control

On 11 Dec 2012, at 13:13, Melvin Carvalho <melvincarvalho@gmail.com> wrote:

> 
> 
> On 11 December 2012 13:02, Henry Story <henry.story@bblfish.net> wrote:
> The ACL ontology contains the Control class, which is not very
> well explained either in the ontology or in the wiki. All I
> could get on it is this:
> 
> $ curl http://www.w3.org/ns/auth/acl.n3 | less
> 
> Control a rdfs:Class;
>     rdfs:subClassOf Access;
>     rdfs:label  "control"@en;
>     rdfs:comment "Allows read/write access to the ACL for the resource(s)".
> 
> So if I had the following ACL in <meta/card.meta>
> 
>  [] :accessTo <card> ;
>     :mode :Control, :Read, :Write ;
>     :agent <card#me> .
> 
> Then that would mean that <card#me> had read/write access to <card>
> and to <meta/card.meta> .
> 
> Quick question: where does meta/card.meta come from?  
> 
> I think we just use .meta in data.fm using the following link relation:
> 
> Link: </.meta>; rel=meta

Here:
http://www.w3.org/wiki/WebAccessControl#Modifying_Access_Control_information

It does not really matter how you name the resource that contains the metadata.
It could also be on another server.

> 
>  
> 
> So then we have two cases:
> 1- when a request is made on <card> the server knows to look in
>   <meta/card.meta> for the acl rules, and looks for :Read, :Write.
> 2- when a request in made on <meta/card.meta> the server knows
>   this is a meta data file, ( and so knows not to look at
>   meta/card.meta/card.meta.meta ). That is one such a file is one
>   that is in relation:
>     <> accessControl <> .
>   In such a case the only relevant rules  are those that have
>  a ?x mode Control relation in them.
> 
> 
> In 2 the  server cannot really do anything with the :accessTo
> relation because the metadata work is done directly on the metadata
> resource. The server has no way of knowing when a request is made on
> a metadata resource, what the client was accessing this through.
> ( Perhaps with some of the much less used WebDAV methods this is
> possible, but I don't think that this is consciously what is being aimed
> for here ) It is important to see that this is unlike the filesystem
> where when one changes properties it is always done with the name
> of the object resources. Eg:
> 
> $ chmod g+rw file.txt
> $ ls -l -@ NeoOffice-3.1.1-Patch-1-Intel.dmg
> -rw-r--r--@ 1 admin  staff  8899825 Jul 20  2010 NeoOffice-3.1.1-Patch-1-Intel.dmg
>         com.apple.diskimages.fsck            20
>         com.apple.diskimages.recentcksum             80
>         com.apple.metadata:kMDItemWhereFroms        232
>         com.apple.quarantine         74
> 
> ( -@ in the second command is an apple OSX extension to 'ls'
> that allows one to see attributes on a file set with xattr )
> 
> But in the case of basic HTTP here we are acting directly on the
> (metadata) file itself. So we should rather have an access control
> rule such as:
> 
> [] :accessTo <> ;
>    :mode :Read, :Write ;
>    :agent <card#me> .
> 
> But in that case my feeling is that the :Control mode is not really
> useful. ( Or only using some very rarely used WebDAV methods, that would
> require a lot more work to develop ).
> 
> It does seem to add a lot of relations.
> 
> But perhaps not. Both can be fused with
> 
>  [] :accessTo <card>, <> ;
>     :mode :Read, :Write ;
>     :agent <card#me> .
> 
> And here we have the same number of relations.
> 
>   Henry
> 
> Social Web Architect
> http://bblfish.net/
> 
> 

Social Web Architect
http://bblfish.net/