Unable to update user access using 'setAgentResourceAccess'

Hi all,

I’m trying to allow users to modify the access that other users have to a particular dataset in their pod, using the ‘setAgentResourceAccess’ function in the solid-client Javascript library.

I’ve used the same function for granting users access in the first place and it worked fine, but when trying to update their access isn’t working.
The function API reference says “If rules already exist for the Agent in the given ACL, in the returned ACL, they are replaced by the new rules”, but looking at the screenshot of the dataset’s ACL file below, you can see that the same user is entered as a new entry for each change that is made

Then when I go back to the app and check if the user’s access was updated it always just shows me what it was initially set as

Here is the code that I use to grant/update access:

Is it something to do with how the Agent WebID is being passed to the function, as a string and not a UrlString? That’s the only thing I can think of since the same user is appearing multiple times under a different URI for each time a change is made (can see in the first screenshot)

If anyone has an idea on what’s going on here it’d be greatly appreciated, the application repo is at Dylan Storey / Solid Health App · GitLab

Thanks,
Dylan

I think the problem here is that you’re creating a new ACL file every time (createAcl), but since one already exists, the new one just gets appended to it. Take a look at the docs on changing access, and specifically how it obtains the ACL:

// Obtain the SolidDataset's own ACL, if available,
// or initialise a new one, if possible:
let myDatasetsAcl;
if (!hasResourceAcl(myDatasetWithAcl)) {
  if (!hasAccessibleAcl(myDatasetWithAcl)) {
    throw new Error(
      "The current user does not have permission to change access rights to this Resource."
    );
  }
  if (!hasFallbackAcl(myDatasetWithAcl)) {
    throw new Error(
      "The current user does not have permission to see who currently has access to this Resource."
    );
    // Alternatively, initialise a new empty ACL as follows,
    // but be aware that if you do not give someone Control access,
    // **nobody will ever be able to change Access permissions in the future**:
    // resourceAcl = createAcl(myDatasetWithAcl);
  }
  myDatasetsAcl = createAclFromFallbackAcl(myDatasetWithAcl);
} else {
  myDatasetsAcl = getResourceAcl(myDatasetWithAcl);
}

If you replace your line starting with const myDatasetsAcl... with that, I expect it will work better.

2 Likes

Thanks so much Vincent, I’ll try that now