Automatically grant permissions to the creator of a file?


#1

Does the creator of a file have no permissions until the pod owner takes action to grant them?

Some posts relating to this topic


#2

The created file does not have an own acl file, so the container acl is the relevant one and it depends on what the container acl defines. So e.g. if you create a file in my inbox, only I have read permission (default of the container), and you cannot do anything about it (and that’s good in that case).


#3

So in https://angelo.veltens.org/articles/2020/solid-groups#the-members-container-approach, you say “Unfortunately Solid does not have a way to automatically give write access to the creator of a file. When someone joins the group, the group owner has to actively assign write access to the respective membership document.”.

How should the spec (or some future version of it) be changed (or should it be changed) to allow giving write access to the creator of a file? Would a new .acl resource be created along with the new resource, so the container default acl would be overridden for the new file? Would that have some side effects or unintended consequences?


#4

I did not think this approach through yet and focused on what is actually possible right now.

A quick thought on that anyways: Perhaps we need a dedicated permission, let’s say AclAppend so that the pod owner can say: “In this container it is ok for others to append a file including an associated ACL for that file”. But in other containers like inbox I would not give this permission.


#5

I forsee problems if we base an open forum on creating a container in which anyone can create resources totally under their own control. Who will get rid of those resources when the person leaves the group or decides to DDOS the group with cascading sub containers? I wonder if what we need is a permission somewhere between Write and Control that gives the creator of a resource ability to control the resource but does not remove that ability from whoever has Control rights to the container.


#6

Maybe some kind of ‘write with limit’ or ‘write subject to a shape’ is needed. This is similar to

Then for removing maybe something is needed like a notification and if no response then removal is allowed, but I wonder how to notify and when would it be checked since the server doesn’t initiate any processes.

-edit(1)-
I think more generally when a member joins some negotiating about notifications should take place.

-edit(2)-
I guess this raises the question of what a group really is. Is it just a list somewhere, or is it an active entity, and if so, where is that processing done?

-edit(3)-
vcard doesn’t distinguish between a social group and a social aggregate or social category

-edit(4)-
“I wandered lonely as a cloud
That floats on high o’er vales and hills,
When all at once I saw a crowd,
…”