edit button determined by WAC

[bblfish]

The edit button should only be enabled on resources that have write access.
IE. each page should know its access mode.

[bblfish]

But one should have a way to edit resources and save edits somewhere else. Find out how SoLiD does that. ( for later )

[bblfish]

• may requires authenticate with WebID #5 "Authenticate with WebID", as otherwise the client cannot determine if the user has access rights or not. Ie. The client first has to know who the user is. ( or it would need to display who can have access - but that may be quite a lot more complex to build )
• may require WebAgent should not use proxy for server on its origin #7 "Web Agent should not use proxy on origin" unless the proxy can authenticate to the remote server for the user. But then the server needs to have CORS setup correctly.

[bblfish]

Question: are the HTTP headers not enough? LDP requires a server to specify what Methods (GET, PUT, PATCH, DELETE, etc ) the resource supports.
But:

• If the server only specifies the methods allowed for the particular user, then if the user is not authenticated, the server won't know what rights to give her, and should therefore only give the methods that are publicly enabled. The client will then still have to read the WAC resource to determine if potentially more methods are available.
• It is not clear that there is consensus for the server to specify only the methods allowed by that particular user. So if servers publish that PUT or PATCH is allowed it may not be enough for a client to rely on it. ( this needs to be followed up on ). So again the client should determine what the WACL is.
• It may be interesting for the UI to show which users have access so the user can determine how he needs to authenticate. This is more likely to work only with WebID-RSA, as WebID-TLS does not allow the user to switch. But WebID-RSA does not work well in browsers.