Non-user data
kjetilk opened this issue · 2 comments
It seems like the current architecture deals with the user's data only, but there is also non-user-data, that is, data that needs to be available to the server that the user should not control, like the quota and the currently used disk space.
We could add this to the ResourceStore too, and use the ACL system to ensure that the user can't control it, but that would in principle be a back door.
I think we need a component for that kind of data.
The current diagram provides an overview of "Overview of LDP and Access Control". It indeed does not yet detail non-LDP resources.
These would likely just be a different HttpHandler.
Or they might indeed be a kind of (read-only) ResourceStore as well.
Resolving this for now as the scope is LDP+ACL.