-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alternative solutions to container HATEOAS #525
Comments
We discussed it shortly during the interop panel meeting today. I would also like to propose following it up during CG call on Wednesday. I would prefer if we focus on the description of the container with emphasis on client-managed and server-managed descriptions. Repeating one prior issue and adding another references:
Once we arrive at a rough consensus, if it goes in the direction of having distinct resources which need to be discoverable, we can dive into the details of using link relations or some URI templates/conventions. When it comes to auxiliary resources, I think we also can handle the separate topic of servers using IRIs for them which based on current Keeping all above in mind, I assume that there is a rough consensus on two requirements:
I think there are a couple of possible approaches, they mainly differ in combining vs separating client-asserted and server-asserted statements. The main difference seems to be how it impacts the read vs. write complexity. Combining seems to simplify reading but adds a lot of complexity to writing. Separating seems to slightly add complexity to reading while allowing much simpler writing. I just wanted to add that there are some in-between approaches, for example starting with separated client-asserted and server-asserted statements, while providing a quad-based representation (GET only) that provides both in separate graphs in a single response. @CxRes do you think that the direction I propose above could be a constructive way to approach the problem in a way that allows us to break it up into a set of smaller problems? |
Having mulled over our chat even more, let me try and step back even more to sharpen my thoughts: The following URIs according to the web standards are independent and unrelated resources:
It is the Solid specification that maps a hierarchical relationship (or at least a notion of container) on them (I acknowledge that similar and related conventions exist in the wild before Solid). The complexity of state management for any resource that is also While I would generally favour focusing on the smallest possible issue that can resolve an issue, I fear (as I expressed in the meeting) that focusing on just server/client managed representations may lead us to ignore the bigger picture and/or create sub-optimal solutions. We need to take all the consequences of hierarchical relations and all the mechanisms needed to deal with that into account. So to your question @elf-pavlik, to my mind the question would be, how would you even implement containers within the bounds of REST and RDF down to every last detail. IMHO Solid spec does not do that yet, I know that is a can of worms, but if I am to take a 20-30 year view, that is the question to address. (@elf-pavlik I know I am being vague with a Yes/No question; I feel that taking a "systems" view is a better answer. To the extent that your proposal helps fill in the details of the working of containers on the pod storage system, it is a yes and to the extent it does not, it is a no). |
Linked Data Platform Containers specify that server is responsible for managing
If at some point Solid supports other storage types #377 which don't impose
I understand that this is the main problem that you want to address, for me it sounds like client-asserted statements describing the container. Issue #96 by itself has 94 comments, #198 has 45 and #227 has 134. I'm honestly worried that if we don't narrow down the problem which we want to address in this issue we may just add another perma-thread issue to the collection. I could try to write down issues I see with how currently CSS implements it, based on my experience of implementing a client which manages client-asserted statement describing container and works with CSS. This would give us a clear starting point grounded in an existing implementation. From there we could dive into which parts are based on requirements from the spec and which are an implementation choice. From there possible improvements to the specification could be evaluated with consideration of the impact on CSS and other existing implementations. |
(@elf-pavlik You can minimize this if you like as this is not central to the issue but about process)
|
I had read the LDP spec many months ago, and I re-read it today. While container triples are server managed, it puts no restriction on client creating resources including containers with custom RDF See 5.3.3.4 Bullet 2 and 6.3.2. Similarly, no restrictions on writing triples to existing containers afaict (other than overwriting container triples). |
@CxRes wrote:
All the containers in Reactive-Solid can accept any mime-type |
@bblfish Exactly! And that has to be well-defined in Solid to the quality expected of a specification document. I was not aware of your implementation. The issue at hand is not the ability for the server to accept a resource, but what should be sent back to the client when it requests the container. What, for example, is the response to a Also, say, can you These cases are not precisely dealt with in the Solid specification, as evidenced by all the above-mentioned open issues and endless stream of comments. As I have been saying and you also rightly observe, this is a fundamental web-architecture issue (one that should have been addressed when Solid decided to use LDPC). In your capacity as an implementer @bblfish we could really use your help in resolving this! |
@CxRes — I believe Solid (not LDP, and certainly not HTTP) specifies that if there exists a container The above restrictions also do not have anything to do with the content of documents stored on a Solid server, which should accept resources of any media type for storage, whether those resources contain pure RDF data, RDF with other data, or entirely non-RDF data. |
@TallTed I am aware of the slash semantics adopted by Solid and have been speaking about it with every stakeholder when I get a chance. I can safely say that pretty much everyone I have spoken to in private dislikes it (Please share your opinion with me, especially if you think otherwise). Why the eventual choice was made is also not clearly documented afaik. That some of my proposed solutions here choose to violate it, is just a design choice on my part, in search of the best possible solution without prejudice to the existing spec (since the spec is not 1.0 yet). Solid however does (effectively, not explicitly) restrict what one might PUT in the container by not clearly specifying what should be returned in a GET thereafter. To the extant it does specify or is implemented by various parties, the handling is convoluted and unintuitive. All of this is well documented in the cited issues. |
I think we should take @CxRes suggestion, which he made a couple of times during Solid Notifications Panel meetings, and have a working meeting fully dedicated to this issue. IMO we should find and reserve a 2-hour timeslot for the first meeting and see how much progress we will be able to make this way. During one of the recent calls with low participation @CxRes and I took the opportunity to have an initial discussion this is my understanding of the approach which we find preferable:
I think one of the use cases we will need to discuss is the intended use of HTML, which seems to be a special case. I believe that supporting Non-RDFSources as a container can help with that. By HTML I mean any of below:
Hopefully, with a dedicated meeting, we can efficiently start triaging any previously discussed concerns and move forward without creating another perma-thread, which honestly is my biggest concern here. |
@CxRes I have not been following closely the discusssions on gitter or on the other issues you link to. For the sake of making this discussion a little more self-sufficient, could you explain your problem through one (or a few) step-by-step description of what you would like to do, and where the Solid spec (or current implementations) fail to deliver? This would be really helpful. Also, you mention here Section 5.3.3.4 of LDP, I assume you mean 5.2.3.4. |
I recall Linked Data Platform 1.0 - 5. Linked Data Platform Paging Clients mentioned during today's call. It could be possibly adopted as is or at least serve as stable reference to compare other possible approaches with.
https://www.w3.org/TR/ldp/#dfn-minimal-container-triples
This seems pretty close to the client-managed statements, currently everything except It gets a little more complicated when we get to Linked Data Platform Paging 1.0 (only a WG NOTE). Linked Data Platform Paging 1.0 - 5.2 Client preferences defines:
If someone only wants to page the
While the above seems to be available approaches for requesting specific parts of the container description. I think there are a few other aspects that we should take into account, especially authorization. For example, we have discussed the requirement of Separating client and server-managed statements into distinct resources would allow for preserving resource-level access control. Clients never can change server-managed resources and clients can fully change client-managed resources (given it passes constraints like shape validation). It also allows simply allowing creation and deletion of contained resources without allowing updates to the client-managed description itself. |
Capturing feedback from CSS team shared on: https://app.gitter.im/#/room/#CommunitySolidServer_community:gitter.im
For the record, there has been some prior conversation in: |
Another issue that can surface in certain scenarios, with the current approach of mixed client & server statements.
Having client-managed statements separate eliminates issues caused by changing ETag with frequent updates to the server-managed statements (especially containment triples). EDIT: ETag will be also changing if any contained resource changes since the container description includes server-managed |
We had a good conversation during today's call. Next week I would like to discuss the access control aspects for both keeping the server and client managed together or separately. I'm going to post some notes here beforehand to serve as a reference. We also discussed the |
As agreed on in this week's CG meeting, we should have a dedicated call to discuss this. Until then, I'll just add my thoughts here for reference. Reading the related discussions, I believe the problem with containers follows from a number of strong intuitions. I suggest that shifting (at least) one of those intuitions makes the problem go away.
As an aside: in all cases, a PUT request with an empty body could be interpreted as deleting the client-managed part, and reinstating default serving of server-managed triples. Re ETags, I don't see much of a problem. They are representation-bound, and so should be generated separately for the client-managed representation(s) and the server-managed ones. Frequent updates to the server-managed part of the compoung state thus have no impact on the Etag of the client-managed representation. Re the mutual exclusion of |
I see @csarven proposed Aug 8th. To maximize participation I created a date&time selection pool for the 2nd week of August: https://doodle.com/meeting/participate/id/dyX50YVb |
There seem to be very few participants in the doodle. If we want to have a 2h slot this week, tomorrow Tue 8th 1pm-3pm UTC seems to work best. @CxRes, can you make it? @bblfish @pchampin @csarven If not, please fill in the doodle to have a better view on meeting slots for Thu/Fri, or whether we should postpone. |
I'll be there (baring any emergency)! |
@woutermont -- The doodle shows "meeting time has been chosen", so neither new responses nor adjustments of previous responses are possible. All -- Here's a link to the World Clock for the chosen time. (Maybe this could be added to the CG calendar?) |
We can scribble various details on https://hackmd.io/@solid/rkhahTWd3 |
Manas currently does the following:
This allows container HATEOS, and single obvious resource as target. I my self prefer having container-index as an auxiliary resource of container, and container being any rdf-source/non-rdf-source resource fully controllable by user. |
I was recently trying to figure out how to store arbitrary data in a Solid-Pod (see my comments on Gitter over the past month on the specification channel) such that my app can follow its way around looking at the data starting from some root container (i.e. preserve HATEOAS). I was shocked and concerned to see that with the Solid specification, as it is defined currently, this is not possible. See #69 #134.
PUT
's on the server, but in some compound state that is a combines the result ofPUT
andPOST
(slug) on the resource. I am forced to completely rely on the server to ensure that I have full knowledge of the resource state. This is just unnecessary complexity both for the server and the client.EDIT (22-05-23): It has come to my attention that this problem has been discussed in other places as well, e.g. #Data registration vs. container data-interoperability-panel#225
However, I want to see this issue resolved and off the top of my head I can come up with 6 different solutions (presented in the descending order of controversy it might likely evoke):
Solution 1
Automatically also create and destroy a resource with the URI sans the trailing slash, when a container is created and destroyed, respectively.
/parent/child
and/parent/child/
. Similarly, forDELETE
./parent/child
will automatically contain a link relation pointing toparent/child/
.PUT
whatever RDF they want to/parent/child
.PUT
andPATCH
is expressly prohibited on the child container (URI with trailing slash) or redirects to URI sans trailing slash./parent/child/
usingPOST
with slug in the same way we do now.Pros:
/parent/child
.Cons:
www.example.com == www.example.com/
(RFC9110 Section 4.2.3)Passive Solution 1
Allow clients to manually create a resource with a URI sans the trailing slash alongside a container. The server will add a link relation to the container (even if the container is created later).
/parent/child/
and/parent/child
/parent/child
will also contain a link relation pointing toparent/child/
to ensure coordination.Pros:
/parent/child
.Cons:
www.example.com == www.example.com/
(RFC9110 Section 4.2.3)Solution 2
Reserve routes ending with keywords like
index.?*
to be interpreted specially.index.?*
can be used to store state and if one exists, link relations for the container can point to it.Pros:
/parent/child
.Cons:
Aggressive Solution 2
Depending on the type of resource at
index.?*
automatically redirect to it. Link relations point to where you can get container's children sent with index.?*Pros:
Cons:
Solution 3
Allow any arbitrary resource to be
PUT
on the container itself. Add a link relation (or another mechanism) to point a route, say,example.org/parent/$
orexample.org/parent/.container
, that serves container's children.Pros:
/parent/
.Cons:
Solution 4
Define with
Prefer
header [RFC7230] a new parameter, say,container-content
which has the following values:children
: returns the containers childrencontent
: returns the containers contentredirect
: redirect, if availableq
values can be used to indicate preference, likeAccept
header.When no
container-content
onPrefer
header is specified, the resource can revert to default behaviour. The description resource can advertise thecontainer-content
Prefer
header, with default and possible values on the resource. This default behaviour can be set by, say, writing to the description resource.Pros:
/parent/
.Cons:
Solution 5
Return a multipart response. Send a response with the header
Content-type=multipart/related
[RFC2387], [RFC1341], to send container and child states in two parts. Use thetype
sub-parameter to define the content type for children RDF. Preserve existing ways to write data.Pros:
/parent/
.Cons:
index.?*
convention.Solution 6
Replace creation using
POST
slug withPATCH
RDF. If the RDF sent to a resource (PUT
orPATCH
) contains an appropriate triple, the server also creates a container.EDIT (22-05-23): This solution is cleanest from an architectural perspective, because there is one container representation, which is what the client acts on to manage everything (writing arbitrary RDF and managing containers).
Pros:
Cons:
Passive Solution 6
Segregated container and resource but using RDF rather than slug to create containers (this is generally more consistent anyway, since children URI are not related to adults URI in HTTP conventions, it is a rule Solid adds. It gives us the possibility of adding RDF related to the container alongside and not outside it in the resource state).
Pros:
Cons:
These suggestions are meant to restart the discussions which has hit an impasse. I hope people use it as inspiration for ideation and not just pick a side to fight over it till exhaustion. Or try to explain to me why I am being stupid!
With folded hands, I beg the Solid community to please deliberate on this with urgency. A platform that aims to build a better web cannot afford to be missing one of its core features. 4 years is just way too long for something as basic as this to remain unresolved.
PS: If you point modifications out, I will edit this post so that everyone can see all the options upfront, rather than having to scroll through an endless stream of discussions.
The text was updated successfully, but these errors were encountered: