From e5a603b53381d7bb0c819984757f8eca3eb73427 Mon Sep 17 00:00:00 2001 From: Michiel de Jong Date: Wed, 6 Dec 2023 12:59:07 +0100 Subject: [PATCH 1/2] Further clarify requirements for PUT-to-create and PATCH-to-create This updates the text to match what we decided in https://github.com/solid/web-access-control-spec/issues/105#issuecomment-1160876522. At the time we decided not to update the spec text, but now that the spec text is more detailed, the current statement is not correctly conveying that access to both the containing folder and the non-existing resource URL is required. See the confusion that was created by this in https://github.com/solid-contrib/web-access-control-tests/pull/56 which was an (I think incorrect) reaction to #122. --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 3ace3e2..d24a7e7 100644 --- a/index.html +++ b/index.html @@ -805,10 +805,10 @@
Note: HTTP Method and Access Mode Mappin
The HTTP POST can be used to create a new resource in a container or add information to existing resources (but not remove resources or its contents) with either acl:Append or acl:Write.
PUT
-
As the HTTP PUT method requests to create or replace the resource state, the acl:Write access mode is required to replace an existing resource, but to create a new resource, access to the container can be either acl:Append or acl:Write.
+
As the HTTP PUT method requests to create or replace the resource state, the acl:Write access mode is required to replace an existing resource, but to create a new resource, access to the container additionally needs to be either acl:Append or acl:Write.
PATCH
-
As the processing of HTTP PATCH method requests depends on the request semantics and content, acl:Append can allow requests using SPARQL 1.1 Update’s [SPARQL11-UPDATE] INSERT DATA operation but not DELETE DATA, whereas acl:Write would allow both operations.
+
As the processing of HTTP PATCH method requests depends on the request semantics and content, acl:Append can allow requests using SPARQL 1.1 Update’s [SPARQL11-UPDATE] INSERT DATA operation but not DELETE DATA, whereas acl:Write would allow both operations. And again, to create a new resource, access to the container additionally needs to be either acl:Append or acl:Write.
DELETE
As the HTTP DELETE method requests to remove a resource, the acl:Write access mode would be required.
From ac862e5cb301c2dbdea4db60c5278adc541b95cf Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Fri, 15 Dec 2023 13:00:20 +0200 Subject: [PATCH 2/2] Apply suggestions from code review Co-authored-by: Ted Thibodeau Jr --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index d24a7e7..e1bc53c 100644 --- a/index.html +++ b/index.html @@ -805,10 +805,10 @@
Note: HTTP Method and Access Mode Mappin
The HTTP POST can be used to create a new resource in a container or add information to existing resources (but not remove resources or its contents) with either acl:Append or acl:Write.
PUT
-
As the HTTP PUT method requests to create or replace the resource state, the acl:Write access mode is required to replace an existing resource, but to create a new resource, access to the container additionally needs to be either acl:Append or acl:Write.
+
The HTTP PUT method requests to create or replace the resource state. Creating a new resource requires acl:Append and/or acl:Write access to the container as well as acl:Write access to the (new) resource. Replacing an existing resource requires only acl:Write access to the resource itself.
PATCH
-
As the processing of HTTP PATCH method requests depends on the request semantics and content, acl:Append can allow requests using SPARQL 1.1 Update’s [SPARQL11-UPDATE] INSERT DATA operation but not DELETE DATA, whereas acl:Write would allow both operations. And again, to create a new resource, access to the container additionally needs to be either acl:Append or acl:Write.
+
As the processing of HTTP PATCH method request depends on the request semantics and content, acl:Append can allow requests to insert but not delete operations, whereas acl:Write would allow both operations. To create a new resource, acl:Append or acl:Write access mode to the container is additionally required.
DELETE
As the HTTP DELETE method requests to remove a resource, the acl:Write access mode would be required.