Further clarify requirements for PUT-to-create and PATCH-to-create

This updates the text to match what we decided in solid#105 (comment). At the time we decided not to update the spec text, but now that the spec text is more detailed, the current statement is not correctly conveying that access to both the containing folder and the non-existing resource URL is required. See the confusion that was created by this in solid-contrib/web-access-control-tests#56 which was an (I think incorrect) reaction to solid#122.
michielbdejong · Dec 6, 2023 · e5a603b · e5a603b
1 parent 686b8b0
commit e5a603b
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/index.html b/index.html
@@ -805,10 +805,10 @@ <h5 property="schema:name"><span>Note</span>: HTTP Method and Access Mode Mappin
                             <dd>The HTTP <code>POST</code> can be used to create a new resource in a container or add information to existing resources (but not remove resources or its contents) with either <code>acl:Append</code> or <code>acl:Write</code>.</dd>
 
                             <dt id="http-put"><code>PUT</code></dt>
-                            <dd>As the HTTP <code>PUT</code> method requests to create or replace the resource state, the <code>acl:Write</code> access mode is required to replace an existing resource, but to create a new resource, access to the container can be either <code>acl:Append</code> or <code>acl:Write</code>.</dd>
+                            <dd>As the HTTP <code>PUT</code> method requests to create or replace the resource state, the <code>acl:Write</code> access mode is required to replace an existing resource, but to create a new resource, access to the container additionally needs to be either <code>acl:Append</code> or <code>acl:Write</code>.</dd>
 
                             <dt id="http-patch"><code>PATCH</code></dt>
-                            <dd>As the processing of HTTP <code>PATCH</code> method requests depends on the request semantics and content, <code>acl:Append</code> can allow requests using SPARQL 1.1 Update’s [<cite><a class="bibref" href="#bib-sparql11-update">SPARQL11-UPDATE</a></cite>] <code>INSERT DATA</code> operation but not <code>DELETE DATA</code>, whereas <code>acl:Write</code> would allow both operations.</dd>
+                            <dd>As the processing of HTTP <code>PATCH</code> method requests depends on the request semantics and content, <code>acl:Append</code> can allow requests using SPARQL 1.1 Update’s [<cite><a class="bibref" href="#bib-sparql11-update">SPARQL11-UPDATE</a></cite>] <code>INSERT DATA</code> operation but not <code>DELETE DATA</code>, whereas <code>acl:Write</code> would allow both operations. And again, to create a new resource, access to the container additionally needs to be either <code>acl:Append</code> or <code>acl:Write</code>.</dd>
 
                             <dt id="http-delete"><code>DELETE</code></dt>
                             <dd>As the HTTP <code>DELETE</code> method requests to remove a resource, the <code>acl:Write</code> access mode would be required.</dd>