W3C home > Mailing lists > Public > public-webid@w3.org > August 2012

Re: MyProfile REST API.

From: Andrei Sambra <andrei@fcns.eu>
Date: Sun, 12 Aug 2012 11:14:28 +0200
Message-ID: <502773F4.3010401@fcns.eu>
To: public-webid@w3.org
Hi Kingsley,

> Implicit Indirection leads to the actual data source being at the URL:
> https://my-profile.eu/people/deiu/card .
>
> The resource above is associated with the subject it describes, assuming
> its a profile document. Thus, the resource will bear the complete
> description graph for itself and the entity it describes. Basically,
> <https://my-profile.eu/people/deiu/card#me> and
> <https://my-profile.eu/people/deiu/card> are two distinct URIs that
> resolve to a common resource (the actual eav/spo based structured content).
I totally agree with you, and this behaviour is actually supported right 
now in the API: I'm always looking for foaf:primaryTopic whenever I have 
deal with user profiles.

However, given that some people still create their profiles by hand, 
they might omit to add a primaryTopic to their document.

>> Returns*:
>> Successfully deleted profile https://my-profile.eu/people/deiu/card#me.
>>
>> *for now, the operation will be performed only if the request is made
>> by profile owner, or on his/her behalf (!)
>
> Shouldn't that be subject to the ACL associated with the resource?
Yes, and it will. Right now I'm getting close to finishing ACL, but 
until then the minimal protection I can offer is that only owners (and 
agents operating on their behalf) can remove their own profiles.

Andrei
Received on Sunday, 12 August 2012 09:14:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:34 UTC