Currently, Fedora requires ACLs to be structured as:
a) an ACL container, with
b) N LDP children, one for each authorization in the ACL
This structure is not part of the SOLID spec, and may even be contrary to it. It needs to be possible to express an entire ACL as a document, rather than a multi-resource graph. This means supporting hash URIs for authorizations. ACLs that resemble the examples in the SOLID spec should be supported:
@prefix acl: <http://www.w3.org/ns/auth/acl#>.
acl:agent <https://alice.databox.me/profile/card#me>; # Alice's WebID
acl:Read, acl:Write, acl:Control.
The task here is as follows:
- Ignore http://fedora.info/definitions/v4/webac#Acl type in the code.
- Modify the algorithm for collecting authorizations so that all authorizations are read from the file pointed to by the rel=acl link associated with a resource.
- The task is to check at https://github.com/fcrepo4/fcrepo4/blob/master/fcrepo-auth-webac/src/main/java/org/fcrepo/auth/webac/WebACRolesProvider.java#L368 and modify the algorithm to get hash resources unless `FedoraResource.getChildren()` also gets hash URI children, in which case nevermind.