Could you share a bit more on what your current perspective is to make it easier for us to give alternatives?
As a general note, I think of pods as a web-based file system (very similar to UNIX) where the ACLs describe access modes that agents have to resources, be that files or containers (e.g. folders). That’s at least what the current spec (WAC) says.
- Agents can be people (via WebIDs), groups, applications, bots, or even the public - the latter means that everyone has certain access modes
- Access modes are Read, Append, Write, which corresponds mostly to HTTP verbs, and Control
- Read: GET
- Append: POST
- Write: POST, PUT, PATCH, DELETE
- Control: With this mode you can change the ACL resource itself, meaning you decide who gets to read, write, append, and control
- ACLs are hierarchical
- When you set access control for a container, you can also state default access to children of the container
- When the server checks whether or not you have access, it will check whether or not the resource has a ACL resource; if not, it will check the parenting container; and it will continue checking parents until it reaches the root of the pod
- (WAC states that roots must have a ACL resource)
There’s also the notion of trusted apps, where users can state in their (public) profile that they trust (web) apps from a given domain. That domain will have access to all of the Pod when a user has authenticated themselves through that domain. But this is an interim solution, and I would not implement support for it, especially not in an Android app.
Sadly, AFAIK, there are not much support for Android apps on Solid But I hope you’re able to figure stuff out, and report it back here when you do You might also want to check out solid/app-development on Gitter to chat with people about it. It is a bit more focused on web apps though, so you might also want to check solid/chat for broader audience.