René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Return 'wac-allowed' HTTP header with GET \u0026 HEAD responses","articleBody":"**Problem/Motivation**\r\n\r\nThere is currently no easy way for solid client code to determine if the current user has read/write/delete etc access to a given resource (short of reading and parsing the ACL chain, which is both discouraged, and not always possible due to ACL limitations on the `.acl` files themselves). (See [solid/#45 - No way to find out if user is authorized to write to a container](https://github.com/solid/solid/issues/45) for context.)\r\n\r\n**Proposed Solution**\r\n\r\nAn easy solution to this would be to add support to LDNode for the following:\r\n\r\nWith every response, the server should include an additional `WAC-Allowe:` header in the HTTP response.\r\n\r\nFor example, doing an unauthenticated HEAD request on a public read-only resource, would yield:\r\n\r\n```\r\nWAC-Allow: user=\"read\", public=\"read\"\r\n```\r\n\r\nDoing an HEAD request (while authenticated) to a resource you have full read/write/control access to:\r\n\r\n```\r\nWAC-Allow: user=\"read;write;control\", public=\"\"\r\n```\r\n\r\n(Note the `public=\"\"` part -- the empty string denotes no access.)","author":{"url":"https://github.com/dmitrizagidulin","@type":"Person","name":"dmitrizagidulin"},"datePublished":"2016-02-12T16:35:39.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":5},"url":"https://github.com/246/node-solid-server/issues/246"}