data-interoperability-panel icon indicating copy to clipboard operation
data-interoperability-panel copied to clipboard

Published 20 hours ago verified publisher icon solid

Determine how to dynamically authorize access to reference lists on inherited instances

Open justinwb opened this issue 3 years ago • 2 comments

From https://gitter.im/solid/data-interoperability-panel?at=6138b630f3449e13a4608150:

I believe that was related to cases where (for example) I grant you access to project 5, with inherited access to project 5’s tasks, and then i add a new task to project 5. you should automatically have access to that new task so i think this was meant to capture the need for the authz system to authorize by relationship

justinwb avatar Sep 08 '21 17:09 justinwb

I think we would need to specify Reference List that externalizes relations first, including it's life cycle. Next step would be how authorization handles it in a way that doesn't surface usage of that externalized bridge resource to the user.

Possibly Shape Trees spec would need to extend definition of referenced shape tree to define that Reference List is being used. IMO that decision should be made at level of defining shape tree.

elf-pavlik avatar Sep 08 '21 19:09 elf-pavlik

Per session on 10/26 - @justinwb will take up an action item to detail this scenario in full, including the resource hierarchy, shape trees, and shape tree references.

justinwb avatar Oct 26 '21 14:10 justinwb