From 05c93dc8f09558af503922d6da7e14d889bed663 Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Tue, 15 Jun 2021 19:02:39 +0200 Subject: Implement WAC --- doc/webid-oidc.texi | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'doc') diff --git a/doc/webid-oidc.texi b/doc/webid-oidc.texi index b2cc3d7..7d88aa7 100644 --- a/doc/webid-oidc.texi +++ b/doc/webid-oidc.texi @@ -629,6 +629,20 @@ then update the parent, then unlock the parent, and finally unlock the child path. @end deffn +The Web Access Control specification defines an RDF vocabulary to +check whether a given user is allowed to perform some operations. The +@code{(webid-oidc server resource wac)} helps you do that. + +@deffn function wac-get-modes @var{server-name} @var{path} @var{user} @var{[#:http-get]} +Return the list of modes that are allowed for @var{user} accessing +@var{path}. The @var{server-name} URI is required to find the relevant +triples in the ACL. If @var{user} is unauthenticated, pass @code{#f}. + +Please note that in any case, the data owner should have all rights +whatsoever, bypassing WAC. Otherwise, it is possible to steal control +away from the data owner. +@end deffn + @node Running a client @chapter Running a client @@ -1227,6 +1241,13 @@ There was a request to delete a non-empty container. There was a request to create a resource in something that is not a container. @end deftp + +@deftp {exception type} &cannot-fetch-group @var{group-uri} @var{cause} +The access control could not fetch the group @var{group-uri} (with a +known @var{cause}). This warning is continuable every time it is +raised. If the handler returns, then the group will be considered +empty. +@end deftp @node GNU Free Documentation License @appendix GNU Free Documentation License -- cgit v1.2.3