effectiveAccessControl Link relation until akka/akka-http#4264

co-operating-systems · May 6, 2023 · aeff2a6 · aeff2a6
1 parent 2352945
commit aeff2a6
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 6 deletions.
diff --git a/src/main/scala/run/cosy/ldp/EffectiveACL.md b/src/main/scala/run/cosy/ldp/EffectiveACL.md
@@ -11,9 +11,12 @@ Note: Access Control is not part of LDP but of Solid. This suggests that those s
 The Web Access Control logic is defined in the [Web Access Control](https://solidproject.org/TR/wac) spec. The section [ACL Resource Discovery](https://solidproject.org/TR/wac#effective-acl-resource), explains how to determine the effective acl resource by starting from the acl of a resource. If the acl does not exist, then one should search for the resource container's acl, and if that does not exist, one should search for the container's containers acl, etc... The problem is that for a client [Effective ACL Resource discovery requires 2n+1 requests](https://github.com/solid/web-access-control-spec/issues/99). Given the limitations on the speed of light, that type of requirement is much too costly for a client trying to find the effective acl. Furthermore, for any Pod that has more than one owner, this link following will have to be done just to find out who the controller of the resource is if one wants to create it. 
 
 To solve the [2n+1 problem](https://github.com/solid/web-access-control-spec/issues/99) I will use [this simple proposal](https://github.com/solid/specification/issues/325#issuecomment-1474817231) to link to the effective acl
-
+Note that because of a problem between the server and the client 
+implementations of the [Link header](https://github.
+com/http4s/http4s/issues/7101), that should be remedied soon, I will instead
+use "effectiveAccessControl"
 ```http
-Link: </defaul.ac>; rel="https://www.w3.org/ns/auth/acl#accessControl`
+Link: </defaul.ac>; rel="effectiveAccessControl`
 ```
 
 ## Implementation

diff --git a/src/main/scala/run/cosy/ldp/fs/BasicContainer.scala b/src/main/scala/run/cosy/ldp/fs/BasicContainer.scala
@@ -101,12 +101,12 @@ object BasicContainer:
    val ldpr  = ldp.Resource.toAkka
 
    // see proposal: https://github.com/solid/specification/issues/325#issuecomment-1474817231
-   val effectiveAclUrl = Uri("https://www.w3.org/ns/auth/acl#accessControl")
+   val effectiveACLink = "effectiveAccessControl"
 
    def aclLinks(acl: Uri, active: ACInfo): List[LinkValue] =
      LinkValue(acl, LinkParams.rel("acl")) :: {
        if acl == active.acl then Nil
-       else LinkValue(active.acl, LinkParams.rel(BasicContainer.effectiveAclUrl.toString())) :: Nil
+       else LinkValue(active.acl, LinkParams.rel(BasicContainer.effectiveACLink)) :: Nil
      }
 
    /** A collection of "unwise" characters according to
@@ -436,7 +436,7 @@ class BasicContainer private (
         then None
         else
            Some(RawHeader("Link",
-             s"""<${effectiveAcl.acl}>; rel="${BasicContainer.effectiveAclUrl}""""))
+             s"""<${effectiveAcl.acl}>; rel="${BasicContainer.effectiveACLink}""""))
 
       lazy val start: Behavior[AcceptMsg] =
         Behaviors.receiveMessage[AcceptMsg] { (msg: AcceptMsg) =>

diff --git a/test/ldes/closedCF/.acl.1.ttl b/test/ldes/closedCF/.acl.1.ttl
@@ -1,6 +1,6 @@
 @prefix wac: <http://www.w3.org/ns/auth/acl#> .
 @prefix foaf: <http://xmlns.com/foaf/0.1/> .
-@prefix security: <https://w3id.org/security/v1#> .
+@prefix security: <https://w3id.org/security#> .
 
 <#R0> a wac:Authorization; 
    wac:mode wac:Control;