Bug Description:
If you revoke someone's permission to read a document in your pod, the entry for the document will still appear in the documents table when they view your pod.
This is because we store information on the document in 2 places: the document file itself, and in the documentsList.ttl, which acts as an index of all the documents in your pod and a source of metadata. When a user revokes permission to view the document, it does not revoke permission to view the entry in documentsList.ttl.
Additional Context:
We use documentsList.ttl in order to fetch all information necessary to display documents in one request. The documents container maintains an index of all its children, but we can't get document description or expiry date from that. Having separate metadata files for each document will increase load time of the documents table significantly, as we will need to perform a separate network fetch for each row in the table.
Possible Solution (optional):
I can think of a few possible approaches:
Set ACL permissions to individual things in .ttl documents. I don't know if this is possible to do in solid. My current impression is that permissions can only be applied on the document level, not the line level.
Break up documentsList.ttl into several separate documents, then find a way to get back several documents in a single request, or bite the bullet on the performance loss of the multiple fetches. Many APIs allow you to retrieve multiple separate resources in a single response for performance reasons. This could be possible using SPARQL, but SPARQL is not available by default from solid servers. By default only LDP is available. I don't believe it's possible to get multiple documents back in a single request using LDP, but I could be wrong.
Bug Description: If you revoke someone's permission to read a document in your pod, the entry for the document will still appear in the documents table when they view your pod.
This is because we store information on the document in 2 places: the document file itself, and in the
documentsList.ttl, which acts as an index of all the documents in your pod and a source of metadata. When a user revokes permission to view the document, it does not revoke permission to view the entry indocumentsList.ttl.Additional Context: We use
documentsList.ttlin order to fetch all information necessary to display documents in one request. The documents container maintains an index of all its children, but we can't get document description or expiry date from that. Having separate metadata files for each document will increase load time of the documents table significantly, as we will need to perform a separate network fetch for each row in the table.Possible Solution (optional): I can think of a few possible approaches:
.ttldocuments. I don't know if this is possible to do in solid. My current impression is that permissions can only be applied on the document level, not the line level.documentsList.ttlinto several separate documents, then find a way to get back several documents in a single request, or bite the bullet on the performance loss of the multiple fetches. Many APIs allow you to retrieve multiple separate resources in a single response for performance reasons. This could be possible using SPARQL, but SPARQL is not available by default from solid servers. By default only LDP is available. I don't believe it's possible to get multiple documents back in a single request using LDP, but I could be wrong.