...
- First look at the LDPCv for the LDPRm to see if it has an access control triple for memento items associated with it ('memento:accessControl'). If so, stop there and honor that ACL as it will apply to all mementos it contains.
- Otherwise follow the pattern specified by the SOLID WebAC specification for finding an ACL for a LDPRv:
- Use the document's (LDPR/LDPRv) own ACL resource if it exists (in which case, stop here).
- Otherwise, look for authorizations to inherit from the ACL of the (LDPRv) document's container. If those are found, stop here.
- Failing that, check the containerLDPRv container'ss parent container to see if that has its own ACL file, and see if there are any permissions to inherit.
- Failing that, move up the container hierarchy for the LDPRv until you find a container with an existing ACL file, which has some permissions to inherit.
- The root container of a user's account MUST have an ACL resource specified. (If all else fails, the search stops there.)
- For fedora, there is no root container for a user - but there is a default ACL applied to the server overall. Should this algorithm fail to find an ACL at the root of the LDPRv's tree, it shall default to this system wide default ACL.
Given this, the following is then true:
...