SOLID Data Schema
- How Access Control Lists (ACL) work for Solid Pods
Access control is used to allow users to control who can access and modify their data. Solid Pods use ACLs to manage access at the resource level within them.
ACLs are a way of specifying who can access a resource and what actions they can perform on that resource. In Solid Pods, ACLs are represented as files that contain a list of agents and their corresponding permissions for a specific resource. They can be located at https://ACCOUNTNAME.PROVIDERURL/DIRECTORY/.acl -- replacing ACCOUNTNAME with your account name, PROVIDERURL with the host url and DIRECTORY with the directory the ACL is responsible for.
Example: https://testorg.solidcommunity.net/inbox/.acl
Solid Pods support three different ACL modes that allow users to control the level of access granted to different agents. These modes include:
-
Read: Allows agents to read the contents of a resource. -
Write: Allows agents to modify the contents of a resource. -
Append: Allows agents to add new data to a resource without modifying existing data. -
Control: Allows full control over the data and acl file.
Access control for a resource in a Solid Pod is specified using an .acl file that is located in the same folder as the resource. The .acl file contains a list of agents and their corresponding permissions for the resource. The following is an example of an .acl file: