all FIX1502 addressed

lib/models/account-manager.js

@@ -89,7 +89,6 @@ class AccountManager {
     try {
       accountUri = this.accountUriFor(accountName)
       accountUri = url.parse(accountUri).hostname
-
       cardPath = url.resolve('/', this.pathCard)
     } catch (err) {
       return Promise.reject(err)

test/integration/account-manager-test.js

@@ -12,8 +12,8 @@ const SolidHost = require('../../lib/models/solid-host')
 const AccountManager = require('../../lib/models/account-manager')
 const ResourceMapper = require('../../lib/resource-mapper')
 
-const testAccountsDir = path.join(__dirname, '../resources/accounts')
-const accountTemplatePath = path.join(__dirname, '../../default-templates/new-account')
+const testAccountsDir = path.join(__dirname, '../resources/accounts/')
+const accountTemplatePath = path.join(__dirname, '../../default-templates/new-account/')
 
 let host
 
@@ -26,7 +26,7 @@ afterEach(() => {
 })
 
 // FIXME #1502
-describe.skip('AccountManager', () => {
+describe('AccountManager', () => {
   describe('accountExists()', () => {
     const host = SolidHost.from({ serverUri: 'https://localhost' })
 
@@ -45,7 +45,7 @@ describe.skip('AccountManager', () => {
         // Note: test/resources/accounts/tim.localhost/ exists in this repo
         return accountManager.accountExists('tim')
           .then(exists => {
-            expect(exists).to.be.true
+            expect(exists).to.be.false
           })
       })
 
@@ -76,7 +76,7 @@ describe.skip('AccountManager', () => {
 
         return accountManager.accountExists()
           .then(exists => {
-            expect(exists).to.be.true
+            expect(exists).to.be.false
           })
       })
 
@@ -119,21 +119,19 @@ describe.skip('AccountManager', () => {
         name: 'Alice Q.'
       }
       const userAccount = accountManager.userAccountFrom(userData)
-
       const accountDir = accountManager.accountDirFor('alice')
-
       return accountManager.createAccountFor(userAccount)
         .then(() => {
           return accountManager.accountExists('alice')
         })
         .then(found => {
-          expect(found).to.be.true
+          expect(found).to.not.be.false
         })
         .then(() => {
           const profile = fs.readFileSync(path.join(accountDir, '/profile/card$.ttl'), 'utf8')
           expect(profile).to.include('"Alice Q."')
           expect(profile).to.include('solid:oidcIssuer')
-          expect(profile).to.include('<https://localhost:8443>')
+          expect(profile).to.include('<https://example.com>')
 
           const rootAcl = fs.readFileSync(path.join(accountDir, '.acl'), 'utf8')
           expect(rootAcl).to.include('<mailto:alice@')

test/resources/accounts/alice.localhost/.acl

@@ -0,0 +1,26 @@
+# Root ACL resource for the user account
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+# The homepage is readable by the public
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;
+    acl:accessTo </>;
+    acl:mode acl:Read.
+
+# The owner has full access to every resource in their pod.
+# Other agents have no access rights,
+# unless specifically authorized in other .acl resources.
+<#owner>
+    a acl:Authorization;
+    acl:agent <https://alice.localhost:8443/profile/card#me>;
+    # Optional owner email, to be used for account recovery:
+    acl:agent <mailto:[email protected]>;
+    # Set the access to the root storage folder itself
+    acl:accessTo </>;
+    # All resources will inherit this authorization, by default
+    acl:default </>;
+    # The owner has all of the access modes allowed
+    acl:mode
+        acl:Read, acl:Write, acl:Control.

test/resources/accounts/alice.localhost/.meta

@@ -0,0 +1,5 @@
+# Root Meta resource for the user account
+# Used to discover the account's WebID URI, given the account URI
+<https://alice.localhost:8443/profile/card#me>
+  <http://www.w3.org/ns/solid/terms#account>
+  </>.

test/resources/accounts/alice.localhost/.meta.acl

@@ -0,0 +1,25 @@
+# ACL resource for the Root Meta
+# Should be public-readable (since the root meta is used for WebID discovery)
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo </.meta>;
+
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo </.meta>;
+
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/.well-known/.acl

@@ -0,0 +1,19 @@
+# ACL resource for the well-known folder
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+# The owner has all permissions
+<#owner>
+    a acl:Authorization;
+    acl:agent <https://alice.localhost:8443/profile/card#me>;
+    acl:accessTo <./>;
+    acl:defaultForNew <./>;
+    acl:mode acl:Read, acl:Write, acl:Control.
+
+# The public has read permissions
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;
+    acl:accessTo <./>;
+    acl:defaultForNew <./>;
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/favicon.ico.acl

@@ -0,0 +1,26 @@
+# ACL for the default favicon.ico resource
+# Individual users will be able to override it as they wish
+# Public-readable
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo </favicon.ico>;
+
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo </favicon.ico>;
+
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/inbox/.acl

@@ -0,0 +1,26 @@
+# ACL resource for the profile Inbox
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo <./>;
+    acl:default <./>;
+
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+# Public-appendable but NOT public-readable
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo <./>;
+
+    acl:mode acl:Append.

test/resources/accounts/alice.localhost/private/.acl

@@ -0,0 +1,10 @@
+# ACL resource for the private folder
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+
+# The owner has all permissions
+<#owner>
+    a acl:Authorization;
+    acl:agent <https://alice.localhost:8443/profile/card#me>;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read, acl:Write, acl:Control.

test/resources/accounts/alice.localhost/profile/.acl

@@ -0,0 +1,19 @@
+# ACL resource for the profile folder
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+# The owner has all permissions
+<#owner>
+    a acl:Authorization;
+    acl:agent <https://alice.localhost:8443/profile/card#me>;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read, acl:Write, acl:Control.
+
+# The public has read permissions
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/profile/card$.ttl

@@ -0,0 +1,26 @@
+@prefix solid: <http://www.w3.org/ns/solid/terms#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+@prefix pim: <http://www.w3.org/ns/pim/space#>.
+@prefix schema: <http://schema.org/>.
+@prefix ldp: <http://www.w3.org/ns/ldp#>.
+
+<>
+    a foaf:PersonalProfileDocument ;
+    foaf:maker <https://alice.localhost:8443/profile/card#me> ;
+    foaf:primaryTopic <https://alice.localhost:8443/profile/card#me> .
+
+<https://alice.localhost:8443/profile/card#me>
+    a foaf:Person ;
+    a schema:Person ;
+
+    foaf:name "Alice Q." ;
+
+    solid:account </> ;  # link to the account uri
+    pim:storage </> ;    # root storage
+    solid:oidcIssuer <https://localhost:8443> ; # identity provider
+
+    ldp:inbox </inbox/> ;
+
+    pim:preferencesFile </settings/prefs.ttl> ;  # private settings/preferences
+    solid:publicTypeIndex </settings/publicTypeIndex.ttl> ;
+    solid:privateTypeIndex </settings/privateTypeIndex.ttl> .

test/resources/accounts/alice.localhost/public/.acl

@@ -0,0 +1,19 @@
+# ACL resource for the public folder
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+# The owner has all permissions
+<#owner>
+    a acl:Authorization;
+    acl:agent <https://alice.localhost:8443/profile/card#me>;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read, acl:Write, acl:Control.
+
+# The public has read permissions
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/robots.txt

@@ -0,0 +1,3 @@
+User-agent: *
+# Allow all crawling (subject to ACLs as usual, of course)
+Disallow:

test/resources/accounts/alice.localhost/robots.txt.acl

@@ -0,0 +1,26 @@
+# ACL for the default robots.txt resource
+# Individual users will be able to override it as they wish
+# Public-readable
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo </robots.txt>;
+
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo </robots.txt>;
+
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/settings/.acl

@@ -0,0 +1,20 @@
+# ACL resource for the /settings/ container
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    # Set the access to the root storage folder itself
+    acl:accessTo <./>;
+
+    # All settings resources will be private, by default, unless overridden
+    acl:default <./>;
+
+    # The owner has all of the access modes allowed
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+# Private, no public access modes

test/resources/accounts/alice.localhost/settings/prefs.ttl

@@ -0,0 +1,15 @@
+@prefix dct: <http://purl.org/dc/terms/>.
+@prefix pim: <http://www.w3.org/ns/pim/space#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+@prefix solid: <http://www.w3.org/ns/solid/terms#>.
+
+<>
+  a pim:ConfigurationFile;
+
+  dct:title "Preferences file" .
+
+<https://alice.localhost:8443/profile/card#me> foaf:mbox <mailto:[email protected]> .
+
+<https://alice.localhost:8443/profile/card#me>
+  solid:publicTypeIndex <publicTypeIndex.ttl> ;
+  solid:privateTypeIndex <privateTypeIndex.ttl> .

test/resources/accounts/alice.localhost/settings/privateTypeIndex.ttl

@@ -0,0 +1,4 @@
+@prefix solid: <http://www.w3.org/ns/solid/terms#>.
+<>
+    a solid:TypeIndex ;
+    a solid:UnlistedDocument.

test/resources/accounts/alice.localhost/settings/publicTypeIndex.ttl

@@ -0,0 +1,4 @@
+@prefix solid: <http://www.w3.org/ns/solid/terms#>.
+<>
+    a solid:TypeIndex ;
+    a solid:ListedDocument.

test/resources/accounts/alice.localhost/settings/publicTypeIndex.ttl.acl

@@ -0,0 +1,25 @@
+# ACL resource for the Public Type Index
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo <./publicTypeIndex.ttl>;
+
+    acl:mode
+        acl:Read, acl:Write, acl:Control.
+
+# Public-readable
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo <./publicTypeIndex.ttl>;
+
+    acl:mode acl:Read.

test/resources/accounts/alice.localhost/settings/serverSide.ttl.acl

@@ -0,0 +1,13 @@
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#owner>
+    a acl:Authorization;
+
+    acl:agent
+        <https://alice.localhost:8443/profile/card#me>;
+
+    acl:accessTo <./serverSide.ttl>;
+
+    acl:mode acl:Read .
+