hello and some ACL spec questions

Hello all,

I'm in the process of developing an object store for a document
management system we use here at NASA Ames, and I decided (a while
ago) to implement it with full access control.  The WebDAV ACL spec
seemed like a logical choice, being in the same application space as
our current and future target applications (web-based document
management, eventually moving to WebDAV support as well.)

This object store provides persistence for (Python, currently) objects
with extension for large objects (usu. files stored on the document
management system.)  The basic user data components of the system are
objects and attributes.

I've taken out the "meat" of the application logic behind the "ACL
protocol" defined in the draft spec, I haven't implemented the XML
engine to take client configurations and map them to application
objects.

With regards to the spec, Objects relate to Entities and Collections
(no distinction, entities can contain other entities) and attributes
relate (of course) to properties.  Principals are simply other objects
in the database (authentication is out of the scope of this part of
the project, so let's not go down that primrose path. ;)  Methods are
also stored (as attributes.)

Currently, for "containment" (both for determining if a user has
access and for determining if an object is the child of another
object) I use the attribute (multiple-)inheritance tree.  (So, there
are two trees in my environment: the ACL tree [single inheritance] and
the attribute/containment tree [multiple inheritance.])

ACL's, ACE's, ownership, "containment" and ACL inheritance are all
stored in a seperate data space from the content.

In this environment, I expect property manipulation to be much more
commonplace of an activity than on traditional document management
(WebDAV) systems.

Since this is an abstract object datastore, much of the issues of
WebDAV methods mapping to the access rights don't really apply
(although there should be some mapping between my object database's
operations and the WebDAV methods, I would guess.)

Needless to say, in the process of implementing this software, I've
come across a couple questions that remain unresolved in the spec.  I
know that Yaron (and possibly others) are currently working on a
(major?) re-write of the spec, but until that comes out I'd like to
get your opinions on these questions (and, possibly, to spark interest
in the spec's revision.)

One of the things I'd like to see in the spec is less of a WebDAV
protocol-specific list of methods; a generic list of operations. 

Here's a stab at such a thing (which brings up some of my questions), please
correct me on these:

Entities
--------
create an entity - createchild for any containing collections
delete an entity - deletechild for any containing collections,
	delete for this entity
modify (the contents of) an entity - write for the entity
read the contents of an entity - read for the entity
read the "contents" of a collection - read for the collection (???)
remove an entity from a collection - deletechild for the collection
add an entity to a collection - createchild for the collection

Entity ACLs
-----------
read the ACL for an entity - readacl for the entity
create an ACL for an entity - writeacl for the entity
modify the ACL for an entity - writeacl for the entity
delete the ACL for an entity - writeacl for the entity

Property ACLs
-------------
create an ACL for a property - writeacl for the property (entity)
modify the ACL for a property - writeacl for the property
delete the ACL for a property - writeacl for the property

Owner
-----
read the owner of an entity - (none needed)
modify the owner of an entity - writeowner
delete the owner of an entity - (all entities must have an owner)

Properties
----------
add a new property - createchild for the entity (???)
modify the contents of an existing property - write for the property
delete a property - delete for the property, deletechild for the entity (???)

Received on Tuesday, 22 February 2000 14:57:06 UTC