However, this leaves the case of POST, where you only need permissions on the container.
Solid Application Interoperability makes minimal use of LDN inbox, used as access inbox. It is only used before agents establish reciprocal Social Agent Registrations and create Solid Notifications subscriptions (switching to an 'outbox' approach).
I don't see how the access should be set on the Container used as the Access Inbox, we have the following expectations:
LDN Sender is any acl:AuthenticatedAgent
LDN Sender CAN only create a new resource in the container
LDN Sender CAN NOT modify description of the container, so no statements added by the LDN Sender
LDN Sender CAN NOT modify any of created resources, including those created by them
While statement with ldp:contains is added to the description of the container, they are not added by the client and the client is not the party modifying the container description.
In other words
an authenticated POST request from LDN Sender to https://alice.spamshield.example/accessInbox/ should be allowed
an authenticated PATCH request from LDN Sender to https://alice.spamshield.example/accessInbox/ should NOT be allowed, even if it only includes INSERT (DATA) (sparql-update) or ?patch solid:inserts ?insertions. (n3-patch)
Solid Application Interoperability makes minimal use of LDN inbox, used as access inbox. It is only used before agents establish reciprocal Social Agent Registrations and create Solid Notifications subscriptions (switching to an 'outbox' approach).
I don't see how the access should be set on the Container used as the Access Inbox, we have the following expectations:
LDN Sender is any
acl:AuthenticatedAgent
While statement with
ldp:contains
is added to the description of the container, they are not added by the client and the client is not the party modifying the container description.In other words
POST
request from LDN Sender tohttps://alice.spamshield.example/accessInbox/
should be allowedPATCH
request from LDN Sender tohttps://alice.spamshield.example/accessInbox/
should NOT be allowed, even if it only includesINSERT (DATA)
(sparql-update) or?patch solid:inserts ?insertions.
(n3-patch)