Skip to content
This repository has been archived by the owner on Jul 6, 2020. It is now read-only.

How does WAC apply to SPARQL Update #5

Open
kjetilk opened this issue Jan 17, 2020 · 1 comment
Open

How does WAC apply to SPARQL Update #5

kjetilk opened this issue Jan 17, 2020 · 1 comment
Labels
HTTP PATCH body SPARQL UPDATE query used as body of HTTP PATCH request

Comments

@kjetilk
Copy link

kjetilk commented Jan 17, 2020

Also begun in solid/specification#125 , we need to decide how the Web Access Control access modes affect SPARQL Update queries.
@kjetilk
Copy link
Author

kjetilk commented Jan 17, 2020

For most queries, it is fairly straigtforward:

  • Anything with a WHERE clause needs acl:Read
  • Anything that has projected variable bindings needs acl:Read (which might be more queries in the future)
  • Anything that INSERTs need acl:Append (or acl:Write)
  • DELETE is currently somewhat problematic, see Potential confidentiality breach with DELETE queries.  #2 . Ideally, it should require only acl:Write.

We can return to DESCRIBE, LOAD, CLEAR, CREATE, DROP, COPY, MOVE and ADD as appropriate.

@RubenVerborgh RubenVerborgh added the HTTP PATCH body SPARQL UPDATE query used as body of HTTP PATCH request label Jan 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
HTTP PATCH body SPARQL UPDATE query used as body of HTTP PATCH request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kjetilk @RubenVerborgh