Skip to content

[discuss] should we switch to requiring container-write instead of resource-write permissions for delete? #47

New issue
New issue
Closed
Closed
[discuss] should we switch to requiring container-write instead of resource-write permissions for delete?#47
Assignees
csarven
@michielbdejong

Description

@michielbdejong
michielbdejong
opened on May 16, 2019

This spec clearly states that it requires acl:Write on the resource, but in nodeSolidServer/node-solid-server#729 NSS diverged from the spec.

In nodeSolidServer/node-solid-server#729 (comment) @dmitrizagidulin correctly remarked that this should be made into a spec-level discussion, but it seem that his remark was ignored?

So let's have the discussion now!

Pro change:

  • NSS implementers have already diverged from the spec at this point, and even though they didn't follow process, it would be practical to retro-actively agree with them
  • It aligns WAC more with how the Linux file system works

Con change:

  • All changes cost work, and this one is no exception
  • even though NSS may have made this change, inrupt/pod-server has not, so for the current implementations it's 1 against 1. @acoburn what does your Trellis extension for WAC do on this topic?
  • As remarked in Deleting a file should require write permission on the container nodeSolidServer/node-solid-server#729 (comment), and I agree, the current spec makes more sense.
  • It's weird if DELETE requires different permissions than PUT
  • If we do want to separate the two, it would make more sense to split acl:Write into acl:Create, acl:Update, and acl:Delete.
  • Now that I write this, I realize that the distinction is not just update/delete, it's create/update/delete, which makes it.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions