Log of the #fcrepo channel on chat.freenode.net

Using timezone: Eastern Standard Time
* awead leaves00:24
* dhlamb leaves00:29
* apb18 leaves00:49
* awoods leaves03:06
* awoods joins03:20
* lurch joins03:46
hi all
first time here
and starting with a problem :)
after I change server/config/fedora.fcfg and restart tomcat, chenges are not made. what am I missing? thx03:47
* lurch leaves05:30
* mohamedar joins06:31
* mohamedar leaves
* lurch joins06:33
* mohamedar joins06:44
* mohamedar leaves06:56
* ksclarke joins07:45
* dwilcox joins07:51
* mohamedar joins07:54
* ajs6f joins07:58
* acoburn joins08:39
* dhlamb joins
* github-ff joins08:44
[fcrepo-module-auth-webac] acoburn pushed 1 new commit to delegate_impl: http://git.io/vGFX6
fcrepo-module-auth-webac/delegate_impl b5de8b4 Aaron Coburn: added documentation; support for acl-bearing parent
* github-ff leaves
* mikeAtUVa joins08:58
<terrellt>Do you know when the next F4 release will be? Interested in getting https://github.com/fcrepo4/fcrepo4/commit/96140ed88d9732bebaa3004f840fe92b10aa0f01 into ActiveFedora.09:00
<awoods>terrellt: No date scheduled yet. Likely this month.09:01
<acoburn>awoods: will this be 4.4.0 or 4.3.1?09:02
<awoods>acoburn: We will have to see if there are changes that warrant a major increment.09:03
<acoburn>awoods: ok — we're definitely not ready with OSGi deployment (which we were hoping to have in the 4.4 release)
<awoods>acoburn: Agreed. That's ok.09:04
* dwilcox leaves09:06
<awoods>terrellt: Have you verified the commit you mention?
<terrellt>Nope. I assumed it was tested with the patch I posted - I've never built Fedora from source, and I'm sorta hesitant to try.09:07
<acoburn>terrellt: building fedora isn't so hard, and a lot of people on this channel can walk you through the steps if you'd like09:08
<terrellt>acoburn: I appreciate it. Maybe next week? I'm working on stuff and experience tells me that's the kind of thing you can get lost in for a while.09:10
* whikloj joins09:11
<awoods>terrellt: also, every build is published to a public maven repository09:12
terrellt: here is the latest: https://oss.sonatype.org/service/local/repositories/snapshots/content/org/fcrepo/fcrepo-webapp/4.3.1-SNAPSHOT/fcrepo-webapp-4.3.1-20150901.181645-75.war
<acoburn>terrellt: any time next week works. be sure to grab a cup of coffee before you start
awoods/terrelt: yes, that's the easier way to do it09:13
<terrellt>awoods++ That I might have time to verify today.
<awoods>terrellt: no... this is the latest: /org/fcrepo/fcrepo-webapp/4.3.1-SNAPSHOT/fcrepo-webapp-4.3.1-20150903.133437-77.war
* osmandin joins09:18
* github-ff joins09:22
[fcrepo-message-consumer] ksclarke closed pull request #41: Fixed references to futures org name (master...fix-refs-to-futures-org) http://git.io/vGFdN
* github-ff leaves
* github-ff joins09:28
[fcrepo-module-auth-webac] acoburn pushed 1 new commit to delegate_impl: http://git.io/vGFN9
fcrepo-module-auth-webac/delegate_impl 943d460 Aaron Coburn: added tests for locating ACLs on parent resources
* github-ff leaves
<awoods>acoburn: I am trying to get a sanity deployment of webac (webapp-plus) working in Tomcat... but hitting an issue.09:30
acoburn: The issue has to do with resolving dependencies...09:31
<acoburn>awoods: do you have an error log?
<awoods>acoburn: and I wonder if it may be linked to <osgi.import.packages>09:32
acoburn: sure... one moment
acoburn: https://gist.github.com/awoods/8c7e5fa4a8b052ab088b09:35
acoburn: the first one is successful09:36
acoburn: because the admin user kicks out very early
acoburn: the second one (testuser) is the issue
<acoburn>awoods: are you using the master branch from webac?09:37
<awoods>acoburn: I am using whikloj's branches... which are similar09:38
acoburn: plus some added logging statements
<whikloj>awoods: I had that same HK2 error yesterday...09:40
* dwilcox joins09:41
<awoods>whikloj/acoburn: What is not clear to me is whether it is an <osgi.import.packages> issue or a component scanning issue.
<acoburn>awoods: I don't think it's an OSGi issue09:42
* dwilcox leaves
<awoods>whikloj/acoburn: as a data point, webapp-plus (rbacl) and webapp-plus (xacml) work fine.
* peichman joins
<acoburn>awoods: the Import-Packages decl is *, which means "pull in everything"09:43
<awoods>whikloj/acoburn: my goal is to demonstrate the most basic logging "hello world" in tomcat with webapp-plus (webac). We have not seen that yet.
acoburn: Then why do you not just use "*"
<acoburn>awoods: we do09:44
awoods: the other imports are explicitly defined as a convenience for building a karaf feature file09:45
<terrellt>awoods: Confirmed. That build of Fedora fixes my spec in AF.
<acoburn>awoods: but functionally, they can be removed (as long as the "*" is at the end of the list)09:46
<awoods>acoburn: ok
acoburn/whikloj/mohamedar/peichman: We have four outstanding PRs: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pulls09:47
acoburn/whikloj/mohamedar/peichman: Can we get those cleaned up? meaning merged or closed?
acoburn/whikloj/mohamedar/peichman: I feel like there are too many balls in the air.09:48
<acoburn>this one is ready for review: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/8
<acoburn>the other urgent issue is the integration test bug that awoods outlined last night
that affects both the master branch and the PR above09:50
<awoods>acoburn: It seems that trying to reuse the RBACL tests is an exercise in wasted time.
<acoburn>awoods: and frustration
<awoods>acoburn: I would suggest getting integration tests working that use the test data created by whikloj and peichman09:51
<acoburn>awoods: I agree
<mohamedar>awoods: acoburn: I am trying to see if the spring exclude filter will work.09:52
<peichman>awoods/acoburn: I am working on that, but I am still getting the "java.lang.VerifyError: Bad type on operand stack" when I attempt to execute a any request with HttpClient
<awoods>mohamedar: I would not spend too much time on that... if it is just for the inheritance of a unit test.
peichman: I have not seen that issue.09:53
* github-ff joins
[fcrepo-module-auth-webac] acoburn closed pull request #7: Created AuthorizationHandler interface. (master...accessToClass) http://git.io/vGbf7
* github-ff leaves
<peichman>awoods: https://gist.github.com/peichman-umd/7f2eb8833ef8cd0cdfc1
<mohamedar>awoods: ok, I will copy that in then.
<awoods>acoburn/whikloj/mohamedar/peichman: Shall we have our call at 10 instead of 11?
<acoburn>awoods: that works for me
<whikloj>awoods: sure
<ruebot>pcdm question if anybody has a moment -- are we allowed to put a dc:title property on a NonRdfSource? i recall something about descriptive metadata being verboten on them.10:07
<awoods>on a call10:09
* apb18 joins10:16
* github-ff joins10:19
[fcrepo-module-auth-webac] mohideen opened pull request #20: Removed FedoraWebACSecurityContextTests to get to groundzero (master...groundzero) http://git.io/vGbmA
* github-ff leaves
* lurch leaves10:33
<whikloj>mohamedar: when acoburn said rebase, I think he meant https://wiki.duraspace.org/display/FF/Guide+for+New+Developers#GuideforNewDevelopers-Rebasing
<acoburn>whikloj/mohamedar: yes, that would work. basically, there are some merge conflicts, and I was referring to those10:35
<awoods>ruebot: from a pcdm perspective, I think that is right. The object would have a title, not any given representation of that object.10:36
<dhlamb>awoods: we're working through our pcdm implementation right now, and i've run face first into this10:38
<awoods>go dhlamb, go!
<ruebot>awoods: cool. thanks!
<dhlamb>awoods: so as it stands now, we have a direct container of files, and we have the hasFile relationship to work with10:39
* github-ff joins
[fcrepo-module-auth-webac] peichman-umd opened pull request #21: Created no-op integration test class. (master...it-skeleton) http://git.io/vGbnH
* github-ff leaves
<dhlamb>awoods: and i'm trying to figure out the best way to distinguish between different files. so maybe have seperate indirect containers to manage other relationships and then add proxies for the other files?
awoods: e.g. a /mods indrect-container with a proxy to the mods file contained in /files10:40
<awoods>dhlamb: does this ontology help? https://github.com/duraspace/pcdm/blob/master/pcdm-ext/use.rdf
dhlamb: escowles, thoughts?10:41
<peichman>whikloj: do you have the instructions on squashing PR commits handy?
<ruebot>dhlamb: or the fancy html version :-) http://pcdm.org/2015/05/12/use
<dhlamb>awoods: i see. we can use this ontology to point to the files.10:43
<awoods>ruebot: very fancy
<escowles>dhlamb: i think you can use the use vocab to differentiate different kinds of files, and i'd like to hear about any use cases that don't fit in those categories
<dhlamb>awoods: but no auto-managment using LDP? or i guess i can do that if i want (not even sure if i need it)
escowles: ^^10:44
<awoods>escowles ^^
<escowles>dhlamb: i'd say it's a tradeoff: if you use LDP to auto-manage the relationships, then you might need more containers
but if everything is using hasFile, then that can be managed by the container, and you'd need to set rdf:type = use:whatever explicitly10:45
<dhlamb>escowles: so using indirect containers and proxies to manage those use# relationships is essentially an implementation detail10:47
<whikloj>peichman: yeah, I'll email them instead of flooding here10:48
<escowles>dhlamb: maybe, but i'd still be interested in what approach you take
<dhlamb>escowles: since this is my first time really working with LDP, should i be afraid to add a handful of indirect containers per object? is there a significant performance cost to that?
escowles: i'm sure there's SOME overhead, but it'd have to be significant to be a deterrent10:49
<escowles>dhlamb: i'm not sure -- if you add more containers, then you might avoid extra PATCH operations, so it might balance out
dhlamb: so i can see adding a different container for each kind of file, with each one managing the use property
<awoods>mohamedar: can you merge this into your branch: https://github.com/mohideen/fcrepo-module-auth-webac/pull/110:50
<dhlamb>escowles: i might walk down that path for a while and see how it plays out. there's probably some extra proxy management that's going to incur as well.
<awoods>mohamedar: ...if you agree and it builds for you.
whikloj: can you cc the rest of use... those sound like good resources.10:51
<escowles>dhlamb: i think it's worth trying out -- hydra is mostly going the other way and having a single container for all files
<mohamedar>awoods: will check
<dhlamb>escowles: so may be more trouble than its worth. e.g. i have to now manage proxies instead of just manipulating the relationships directly in the rdf
escowles: oh, i'd still have the main container
<whikloj>awoods: sure, you can make sure I'm not leading anyone astray either.
<dhlamb>escowles: i defintely forsee needing to know a list of all the files10:52
<escowles>dhlamb: oh, one direct container for the files, and then an indirect container with proxies to each kind of file, so you could just get a list of all thumbnails or whatever?
<dhlamb>escowles: pretty much10:53
<f4jenkins>Project fcrepo4-T2 build #345: UNSTABLE in 5 min 40 sec: http://jenkins.fcrepo.org/job/fcrepo4-T2/345/
<escowles>dhlamb: the sufia approach has basically one content file and derivatives in a single pcdm:Object, so you wouldn't typically have more than one of each use type
* jgpawletko joins10:54
<escowles>so the approach is basically to have a single bucket of files and filter it by use property to get the thumbnail or whatever you're looking for
<dhlamb>escowles: yeah, that's something i was thinking about. i don't ever imagine having more that one mods file per object10:55
escowles: and there's no real way to say, "this can only have a single value" in RDF, right?
<escowles>dhlamb: you can create a constraint like that in owl, but there's no real way to enforce that
<dhlamb>escowles: hrm.. ok, lots to think about10:57
<acoburn>awoods/mohamedar: by removing the getFedoraUserSecurityContext @Override, I can build and deploy webac in tomcat
<mohamedar>awoods: tested and merged your changes. PR#20 should be ready to merge now
<dhlamb>thx guys. i'll keep you posted.
<acoburn>awoods/mohamedar: should I issue a PR with that change?
<awoods>mohamedar: let me squash and merge PR-20.
<acoburn>awoods: and if so, should I just comment out the use of FedoraUserSecurityContext? or should I remove it?
<awoods>acoburn: that would be great... and we can get it pushed in immediately.
acoburn: maybe comment... if we plan on bringing it back in 10min10:59
<acoburn>awoods: will do. stay tuned for a PR
<awoods>this is exciting11:00
* github-ff joins11:01
[fcrepo-module-auth-webac] awoods pushed 1 new commit to master: http://git.io/vGb0X
fcrepo-module-auth-webac/master 8f24158 Mohamed Mohideen Abdul Rasheed: Update FedoraWebACSecurityContextTests to get to ground zero
* github-ff leaves
* github-ff joins11:02
[fcrepo-module-auth-webac] awoods closed pull request #20: Updated FedoraWebACSecurityContextTest to get to groundzero (master...groundzero) http://git.io/vGbmA
* github-ff leaves
<awoods>acoburn/whikloj/mohamedar/peichman: unit tests pr pushed (pr-20)
<awoods>mohamedar: are you working on a PR that rolls back the changes to fcrepo4/fcrepo-auth-common ?11:06
* github-ff joins
[fcrepo-module-auth-webac] peichman-umd pushed 1 new commit to master: http://git.io/vGbuz
fcrepo-module-auth-webac/master 12096f1 Mohamed Mohideen Abdul Rasheed: Updated README.
* github-ff leaves
<awoods>peichman: PR-21 does not build for me
* github-ff joins11:07
[fcrepo-module-auth-webac] peichman-umd closed pull request #15: Updated README. (master...documentation) http://git.io/vG928
* github-ff leaves
<peichman>PR-15 squashed and merged
<awoods>peichman++ you are a squashing natural
peichman: PR-21 checkstyle error
<peichman>awoods: looking at it now11:09
<awoods>peichman: also, PR-21 creates a new 'integration' directory in the test tree11:10
<mohamedar>awoods: currently working on PR-19, will do that next
<awoods>peichman: you should pull WebACRecipesIT into org.fcrepo.integration.auth.webac
<peichman>awoods: you mean the org.fcrepo.auth.webac.integration package?11:11
<awoods>peichman: yes, that is what I mean
<peichman>awoods: so are integration tests grouped differently from the unit tests?
<awoods>peichman: the integration tests hang off of a package structure rooted at: org.fcrepo.integration.auth.webac11:12
<peichman>awoods: roger that11:13
<awoods>acoburn/whikloj: should we keep or remove: WebACRolesReaderIT.java ?
<acoburn>awoods: I have no attachment to it, it is there just as a starting point
<whikloj>awoods: dump it
<peichman>awwods/whikloj: I can add that to my PR11:14
<whikloj>peichman: this is pulling in the RbAcl tests which are problematic.
<peichman>I am getting a successful build now on my local it-skeleton branch, after removing WebACRolesReaderIT.java11:16
<whikloj>peichman: sorry you probably meant adding removing this to your PR.
<peichman>will update PR momentarily
<awoods>whikloj/acoburn: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/22
* github-ff joins
[fcrepo-module-auth-webac] awoods opened pull request #22: Remove: WebACRolesReaderIT (master...remove-old-it) http://git.io/vGbaB
* github-ff leaves
<awoods>whikloj/acoburn: feel free to merge, if you like PR-2211:17
* github-ff joins
[fcrepo-module-auth-webac] whikloj pushed 2 new commits to master: http://git.io/vGba5
fcrepo-module-auth-webac/master 1d702f0 Andrew Woods: Remove: WebACRolesReaderIT
fcrepo-module-auth-webac/master 36d12af Jared Whiklo: Merge pull request #22 from awoods/remove-old-it...
* github-ff leaves
<awoods>acoburn: I am excited to see your "get tomcat working" PR11:18
<peichman>PR-21 updated
<acoburn>awoods: I'm just doing a sanity check before submitting it
awoods: I merged in pr-20 which make the changes minimal11:19
<whikloj>peichman: building now...
<awoods>peichman: building now...11:20
* github-ff joins
[fcrepo-module-auth-webac] acoburn created more_ground_zero (+1 new commit): http://git.io/vGbwf
fcrepo-module-auth-webac/more_ground_zero d4bb43b Aaron Coburn: remove use of FedoraWebACUserSecurityContext
* github-ff leaves
<awoods>whikloj: did PR-21 build for you?11:21
* github-ff joins
[fcrepo-module-auth-webac] acoburn opened pull request #23: remove use of FedoraWebACUserSecurityContext (master...more_ground_zero) http://git.io/vGbws
* github-ff leaves
<acoburn>awoods: there you go ^^^
<whikloj>awoods: restarting had some residue from previous branches
<awoods>whikloj: if it does, could you squash/push it?
<whikloj>awoods: will do11:22
<awoods>acoburn: PR-23 built... now building webapp-plus11:23
acoburn/whikloj/mohamedar/peichman: pr-23 achieves ground zero!11:25
<awoods>acoburn/whikloj/mohamedar/peichman: any objections to my committing PR-23?
<acoburn>none from me (though I submitted it)11:27
<awoods>two thumbs up: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/23
* github-ff joins
[fcrepo-module-auth-webac] awoods pushed 1 new commit to master: http://git.io/vGbKJ
fcrepo-module-auth-webac/master 79ac5ce Andrew Woods: Merge pull request #23 from fcrepo4-labs/more_ground_zero...
* github-ff leaves
<acoburn>awoods/mohamedar/whikloj/peichman: are we going to reconvene soon?11:29
<ruebot>awoods++ escowles++ dhlamb++11:30
<awoods>acoburn/whikloj/mohamedar/peichman: Sounds good. Just waiting on PR-21 to get squashed/committed
* github-ff joins11:31
[fcrepo-module-auth-webac] whikloj pushed 1 new commit to master: http://git.io/vGb63
fcrepo-module-auth-webac/master ac1bc9c Peter Eichman: Created no-op integration test class....
* github-ff leaves
<whikloj>awoods/acoburn/peichman/mohamedar: ^^
* github-ff joins
[fcrepo-module-auth-webac] whikloj closed pull request #21: Created no-op integration test class. (master...it-skeleton) http://git.io/vGbnH
* github-ff leaves
* github-ff joins11:33
[fcrepo-module-auth-webac] mohideen closed pull request #19: Updated the Map with ModeshapePermissions to WebAC access modes. (delegate_impl...delegate_impl) http://git.io/vG7rU
* github-ff leaves
<awoods>acoburn/whikloj/mohamedar/peichman: reconvene?
<whikloj>awoods: ok
<acoburn>awoods: ok by me
<awoods>mohamedar? peichman?
<mohamedar>awoods: peichman AFK11:35
<awoods>acoburn/whikloj/mohamedar/peichman: shall we say 11:45?11:36
<peichman>back now
<awoods>or now
<peichman>works for me
<acoburn>now is fine
<awoods>acoburn/whikloj/mohamedar/peichman: going in
* github-ff joins11:41
[fcrepo-module-auth-webac] awoods reopened pull request #19: Updated the Map with ModeshapePermissions to WebAC access modes. (delegate_impl...delegate_impl) http://git.io/vG7rU
* github-ff leaves
* github-ff joins11:47
[fcrepo-module-auth-webac] acoburn pushed 9 new commits to delegate_impl: http://git.io/vGbym
fcrepo-module-auth-webac/delegate_impl cee057f Aaron Coburn: strawman delegate implementation
fcrepo-module-auth-webac/delegate_impl be5f909 Aaron Coburn: added accessToClass stubs and use of acl:accessControl property
fcrepo-module-auth-webac/delegate_impl f5e9e67 Peter Eichman: Get the agent string from the Fedora user principal attribute in the JCR session.
* github-ff leaves
* github-ff joins11:52
[fcrepo4] mohideen opened pull request #903: Removed fcrepo-auth-common test-jar introduced by FCREPO-1714 (master...master) http://git.io/vGbSF
* github-ff leaves
<mohamedar>awoods: ^^ created the PR to remove fcrepo-auth-commons tests jar11:53
<awoods>mohamedar: thanks... looking at it now11:54
* github-ff joins12:07
[fcrepo-module-auth-webac] acoburn pushed 10 new commits to delegate_impl: http://git.io/vGbdS
fcrepo-module-auth-webac/delegate_impl 084c792 Jared Whiklo: Adding new Fedora WebAC namespace and resource
fcrepo-module-auth-webac/delegate_impl 59aa4b4 Mohamed Mohideen Abdul Rasheed: Update FedoraWebACSecurityContextTests to get to ground zero
fcrepo-module-auth-webac/delegate_impl 9610ce1 Mohamed Mohideen Abdul Rasheed: Updated README.
* github-ff leaves
* tolloid joins12:09
* github-ff joins12:10
[fcrepo4] awoods closed pull request #903: Removed fcrepo-auth-common test-jar introduced by FCREPO-1714 (master...master) http://git.io/vGbSF
* github-ff leaves
<awoods>mohamedar: PR-903 verified and merged
whikloj: no I'm ready for your PR... when it comes.
whikloj: now I'm ready for your PR... when it comes.
<whikloj>awoods: I made a simple test to PUT an Acl resource, it seems to have worked12:13
<awoods>whikloj: that is even better
whikloj: it seems like the setUp() method needs some cleanup12:14
whikloj: would you like to share your branch as a PR?
* ajs6f leaves
<whikloj>awoods: sure, I'll make a PR now
* github-ff joins12:17
[fcrepo-module-auth-webac] whikloj opened pull request #24: Add a simple resource via a PUT (master...MakeITs) http://git.io/vGbAx
* github-ff leaves
<whikloj>awoods/peichman: ^^
<awoods>whikloj/peichman: it would be helpful if WebACRecipesIT extended org.fcrepo.integration.http.api.AbstractResourceIT12:19
<whikloj>awoods/peichman: actually I just noticed, why didn't peichman's code in setUp() fail for me?12:20
<mohamedar>awoods++ for PR-903
<awoods>whikloj: it does not fail for me either
<whikloj>awoods/peichman: is this due to the change to fcrepo4 mohamedar did last night which resolved my grizzly problem?
maybe peichman just needs to refresh/rebuild fcrepo412:21
* tolloid leaves
<whikloj>awoods: yes I agree that extending AbstractResourceIT would be helpful as I was reusing their code anyways
<awoods>whikloj: in any case... we may be in business
<awoods>whikloj: if you can add the AbstractResourceIT extension, and gut the setUp() method, then we can start bringing in functional tests.
whikloj: can you add a commit for the extension of AbstractResourceIT and setUp gutting?12:23
...to PR-24
<whikloj>awoods: yes, but why the http.api one and not the auth version of AbstractResourceIT
<awoods>whikloj: which class are you talking about?12:24
whikloj: do you have a link?
<whikloj>awoods: https://github.com/fcrepo4/fcrepo4/blob/master/fcrepo-auth-common/src/test/java/org/fcrepo/auth/integration/AbstractResourceIT.java
<awoods>whikloj: this one seems to have a lot more goodies: https://github.com/fcrepo4/fcrepo4/blob/master/fcrepo-http-api/src/test/java/org/fcrepo/integration/http/api/AbstractResourceIT.java12:26
<whikloj>awoods: its fine, looks like the one in http.api has more useful methods.
<awoods>whikloj: you're on it?
<whikloj>awoods: I'm on it12:27
* awoods happy that whikloj is on it
acoburn: any leads on the SecurityContext front?12:28
<acoburn>awoods: making progress….
<awoods>acoburn: awesome12:29
<acoburn>awoods: seems that if I remove the hasRole override, things work. (not sure why)
* travis-ci joins
fcrepo4/fcrepo4#4029 (master - 5dc2db8 : Andrew Woods): The build passed.
Change view : https://github.com/fcrepo4/fcrepo4/compare/4d8af02881f9...5dc2db8015a1
Build details : https://travis-ci.org/fcrepo4/fcrepo4/builds/78783656
* travis-ci leaves
<awoods>acoburn: why is this "final"? public final boolean hasRole(final String roleName) {}12:30
acoburn: in FedoraWebACUserSecurityContext
<acoburn>awoods: hmmm12:31
<dhlamb>escowles: d'oh... i see now. so that ontology gives me what i need to make sparql queries to identify things like thumbnail and ocr, etc...12:33
<awoods>dhlamb: hence the name "use"
<dhlamb>escowles: so is there anything similar i can do for non-rdf descriptive metadata?
<escowles>dhlamb: i don't think there's anything there yet -- but we could add something12:34
<dhlamb>escowles: awoods: i've seen things like iana:describes, and i'm sure i could get mimetype, but is there a way to know what standard it may be conforming to?
<escowles>dhlamb: you could use premis:hasFormatName/premis:hasFormatVersion12:35
<dhlamb>escowles: and putting premis predicates on pcdm:Files is acceptable?12:38
escowles: reading through the descriptions of those now12:39
<escowles>dhlamb: well, it almost certainly violates the PREMIS ontology domain restrictions
dhlamb: imho, the PREMIS ontology is a mess of over-nested XML-mapped-to-RDF-badly
dhlamb: but it does handle a lot of preservation/library stuff pretty well, so...
<dhlamb>escowles: hee hee hee... that's what i'm trying to avoid doing to our objects in islandora12:40
<escowles>dhlamb++ good -- there's still hope!
<dhlamb>escowles: we're saddled with lots of xml that may or may not translate over to rdf well
<escowles>dhlamb: i'm sure that's going to be true for lots of people migrating to f4, regardless of what frontend they're using12:41
* tolloid joins12:43
<dhlamb>escowles: i'll dig a bit more and bug ruebot a lot over it to see what we can do with existing ontologies12:44
escowles: but it would be nice if we could share a way to locate descriptive metadata between projects12:45
<escowles>dhlamb: i definitely agree -- seems like a good thing to handle consistently
dhlamb: and mods xml, in particular, seems like a very common use case12:46
<dhlamb>escowles: yep, that's the elephant in the room
<awoods>dhlamb++ escowles++ handling descriptive metadata consistently
* mikeAtUVa leaves12:47
<acoburn>dhlamb/escowles: here here!
awoods: back to the securityContext piece12:48
awoods: seems that the roleName values are from MODE, correct?
<awoods>acoburn: not sure... mohamedar knows
<acoburn>awoods: e.g. "readonly", "readwrite"
awoods/mohamedar: in any case they don't seem to have any relationship to webac12:49
mohamedar: I'm wondering about the code here: http://git.io/vGNLc12:50
<mohamedar>acoburn: not sure if they are ModeshapeModes12:52
<acoburn>mohamedar: in the log output I'm seeing "readonly" and "readwrite"12:53
mohamedar: and curiously, if I simply remove the bit if { } else if { } else { } block, things work12:54
<mohamedar>acoburn: Probably I'm wrong then. I was basing that from RBACL (in tests) used values that were not in ModeshapeRoles
<awoods>acoburn: It sounds like we don't know if or why #hasRoles() is even needed.
<acoburn>mohamedar: yeah, I saw that
<awoods>acoburn: that might mean dropping the FedoraWebACUserSecurityContext class12:56
<acoburn>awoods: I guess I'm not entirely clear what that class does12:57
<awoods>acoburn: in which case, the rest of the following ticket would be rolled back: https://jira.duraspace.org/browse/FCREPO-171412:58
acoburn: Let's keep the logging for the moment (to understand what it is being used for), but otherwise delegate calls to super.hasRole()12:59
acoburn: then we can decide to roll back FCREPO-1714 if appropriate
<acoburn>awoods: ok, I'll give that a spin13:00
<awoods>whikloj: how are things?13:03
<whikloj>awoods: funny you should ask, just writing: once I added AbstractResourceIT, I am now getting https://gist.github.com/whikloj/db53a7ff79d99e277562
<awoods>whikloj: yes, you need to add the http-api-test dependency to your pom.xml13:04
<whikloj>awoods: gracias
<whikloj>awoods: already in there13:06
awoods: does order matter in a pom?
<acoburn>whikloj: no13:07
whikloj: you need both the http-api that is already in the pom, and this one as well.13:09
<whikloj>awoods: that was it
<awoods>whikloj: since you are getting it from AbstractResourceIT, you can remove:13:10
* github-ff joins13:12
[fcrepo-module-auth-webac] acoburn created security_context (+1 new commit): http://git.io/vGNci
fcrepo-module-auth-webac/security_context bb95cfe Aaron Coburn: fixed SecurityContext
* github-ff leaves
<acoburn>awoods: got it ^^^13:13
* github-ff joins
[fcrepo-module-auth-webac] acoburn opened pull request #25: fixed SecurityContext (master...security_context) http://git.io/vGNcF
* github-ff leaves
<awoods>acoburn: nice. It would be nice to determine if we need FedoraWebACUserSecurityContext at all.13:14
acoburn: what was the issue? "final"?
<acoburn>awoods: no, it was the return false13:15
<awoods>acoburn: interesting
<acoburn>awoods: now that I think I understand the role of this class, I think it's not implemented correctly
awoods: because it is accepting "roleNames", but then checking those to acl:mode values13:16
<awoods>acoburn: you mean the super? FedoraUserSecurityContext?
<acoburn>awoods: I mean the webac implementation
awoods: as I was saying, the acl:mode values are not "roles"13:17
<awoods>acoburn: do you have a commit for the correct impl?
<acoburn>awoods: not yet
<awoods>acoburn: should we push PR-25, as is?
<acoburn>awoods: what you've got above is simply a "it works" PR
awoods: you can, but I think we can rip it all out
<awoods>acoburn: you mean roll back FCREPO-1714 ?13:18
<acoburn>awoods: that is, if the hasRole value should correspond to a "group", then the acl:mode is irrelevant
awoods: I'd need to look at fcrepo-1714
* looking at fcrepo-1714 *
<awoods>acoburn: three commits: https://jira.duraspace.org/browse/FCREPO-1714?focusedCommentId=44623&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-4462313:19
* tolloid leaves13:22
<whikloj>awoods/peichman: update PR, still builds for me.13:25
<awoods>whikloj: do you have a PR?13:26
<whikloj>awoods: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/24/files
<acoburn>awoods: I don't see why we couldn't roll back fcrepo-171413:28
awoods: in the meantime, I have a question about rbacl13:29
<awoods>acoburn: ok13:30
<acoburn>awoods: see this line: http://git.io/vGNRR
awoods: in the writer mode, will the actions array have a size=1?13:31
awoods: and should it be checking for something other than "read" action?
awoods: nevermind, it looks like I wasn't understanding that code13:32
<awoods>someone is at the door...13:33
* github-ff joins13:38
[fcrepo-module-auth-webac] peichman-umd opened pull request #26: Added helper methods to set up the ACLs and Authorizations for testing. (master...it-setup) http://git.io/vGNuS
* github-ff leaves
<peichman>created PR-26 to share my approach to setting up the ACLs and Authorizations for integration testing13:39
note that it does not build due to the continuing "java.lang.VerifyError: Bad type on operand stack" error
<awoods>acoburn: sorry, back.14:00
<acoburn>awoods: I'm trying to figure out whether the SecurityContext class is necessary14:01
awoods: it doesn't seem like it, unless you see otherwise?
<awoods>acoburn: Let's no use it, then we can roll back 1714 later if indeed it is not necessary.14:02
whikloj: PR-24 looks good, pending response to code review.14:03
<acoburn>awoods: that seems like a good approach, I'll issue a PR
<awoods>acoburn: are you going just add a commit to PR-25?
<acoburn>awoods: yes14:04
whikloj: I would like to get PR-24 in so that peichman can use the AbstractResourceIT goodies.14:05
<acoburn>awoods: do you know how the roles array is populated in the FAD?14:12
<awoods>peichman: here is a PR against your PR-26: https://github.com/peichman-umd/fcrepo-module-auth-webac/pull/114:14
acoburn: where, exactly?
<acoburn>awoods: here: http://git.io/vGNMl14:15
* github-ff joins14:16
[fcrepo-module-auth-webac] acoburn pushed 1 new commit to security_context: http://git.io/vGNMd
fcrepo-module-auth-webac/security_context 8ceb3e3 Aaron Coburn: remove FedoraWebACUserSecurityContext class
* github-ff leaves
<peichman>awoods: given that your PR adds assertions, should the calls to ingestAcl go into a test method rather than the setUp?
<awoods>peichman: The setUp method is run before each @Test method. Is that what you want? or do you want this to run once before all of the @Test methods?14:18
<peichman>awoods: I thought a @Before method ran once, before all the test methods14:19
awoods: I was intending the ingestAcl to set up the repository at the beginning, but I could move them into their own @Test methods too
awoods: I guess I was unsure whether creating the ACLs as in the scope of the testing14:20
<acoburn>awoods: looks like the roles come from an attribute on the Session14:21
awoods: session.getAttribute(FEDORA_ALL_PRINCIPALS)
<awoods>acoburn: see: https://github.com/fcrepo4/fcrepo-module-auth-rbacl/blob/master/fcrepo-auth-roles-common/src/main/java/org/fcrepo/auth/roles/common/AbstractRolesAuthorizationDelegate.java#L10814:22
<acoburn>awoods: yes, looking at that now
<awoods>peichman: @Before is before each test, @BeforeClass is before all tests14:23
peichman: if you want ingestAcl to be a one-time setup, it should be in a @BeforeClass method regardless of assertions.14:25
<peichman>awoods: yes, that is what I was looking for
<awoods>peichman: I have a few code review comments... but that require whikloj's PR to have already been merged.14:26
<whikloj>awoods: peichman: sorry, I'll get that updated now
<acoburn>awoods: the question is how does the FEDORA_ALL_PRINCIPALS session attribute get set? I seem only to get an empty set of roles
<awoods>acoburn: see: https://github.com/fcrepo4/fcrepo4/blob/master/fcrepo-auth-common/src/main/java/org/fcrepo/auth/common/ServletContainerAuthenticationProvider.java#L15014:27
<peichman>bbiab, meeting
<awoods>whikloj: great. I am ready to review and push.14:28
mohamedar: how are the unit tests coming?14:29
<whikloj>awoods/peichman: updated -> https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/24/files14:30
<awoods>escowles: any update from hydra-land regarding WebAC?14:31
<escowles>awoods: people were glad there was progress -- and mjgiarlo said he'd take a look, but i think they'll want a war file built (after the sprint wraps up, right?) to test with14:32
awoods: but mjgiarlo is taking the day off, so i wouldn't expect to hear from him till tuesday14:33
* peichman leaves14:34
* peichman joins14:36
<awoods>escowles: perfect. thanks.14:37
whikloj: are you expecting your test to fail?
whikloj: it fails for me
<whikloj>awoods: That isn't even a test really, but no. It shouldn't fail.
<awoods>whikloj: I get: expected:<201> but was:<400>14:39
whikloj: how is it that it passes for you?
<whikloj>awoods: it doesn't14:40
awoods: I don't like AbstractResourceIT, as soon as I extended it I seem to have problems. Perhaps I am formatting requests incorrectly?
<mohamedar>awoods: it's coming along
<awoods>mohamedar: do you expect to have them ready for iteration today... meaning before 3:30 or so?14:41
<mohamedar>awoods: should be14:43
<whikloj>awoods: some thing in this last commit is causing the failure14:44
awoods: https://github.com/whikloj/fcrepo-module-auth-webac/commit/8b77af6c9803a748a1c320424817de40047b94b0
awoods: I think I got it14:45
<awoods>whikloj: I have a PR coming against your PR14:46
<whikloj>awoods: I got it, my use of putObjMethod14:47
<awoods>whikloj: ok, send an update.14:48
<whikloj>awoods: pushed14:49
awoods: I missed all the others now, will fix the code review stuff again14:50
<awoods>whikloj: I think you can gut lines 52 through 58.
whikloj: ...or, as you suggest, through line 6014:51
<whikloj>awoods: and the constructor too
<awoods>all of it
<whikloj>awoods: ok, pushed14:53
awoods: but it is still not a test, just a PUT statement.
awoods: Because we need to setup the objects before we can test on them14:54
<awoods>whikloj: here is a minor PR against pr/24: https://github.com/whikloj/fcrepo-module-auth-webac/pull/214:58
whikloj: then I will squash/commit.
<whikloj>awoods: merged
* github-ff joins15:00
[fcrepo-module-auth-webac] awoods pushed 1 new commit to master: http://git.io/vGAe2
fcrepo-module-auth-webac/master 47528ac Jared Whiklo: Get WebACRecipesIT into initial shape
* github-ff leaves
* github-ff joins
[fcrepo-module-auth-webac] awoods closed pull request #24: Add a simple resource via a PUT (master...MakeITs) http://git.io/vGbAx
* github-ff leaves
* awead joins15:02
<awoods>acoburn: is PR-25 ready for review? https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/25
<acoburn>awoods: yes
* awoods review pr-25...15:03
acoburn: looks good... and it even works in tomcat.15:06
<acoburn>awoods: that's the hope
<awoods>acoburn: I will squash and commit
* github-ff joins15:07
[fcrepo-module-auth-webac] awoods pushed 1 new commit to master: http://git.io/vGAJC
fcrepo-module-auth-webac/master e4159bb Aaron Coburn: Remove FedoraWebACUserSecurityContext class
* github-ff leaves
* github-ff joins
[fcrepo-module-auth-webac] awoods closed pull request #25: fixed SecurityContext (master...security_context) http://git.io/vGNcF
* github-ff leaves
<awoods>whikloj: what are you on?15:08
<whikloj>awoods: I was trying to finish putting the Acl and Authz resource under a FedoraResource, do you need something?15:09
<awoods>whikloj: in the integration test?
<whikloj>awoods: yes
<awoods>whikloj: ok. Does it make sense to do that in the context of peichman's PR-26? https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/pull/2615:10
<whikloj>awoods: looks like it yes.
<awoods>whikloj: peichman is gone for the moment. If you could get that PR in shape... that would be a treat.15:11
<whikloj>awoods: is it clean up or make sure it runs?15:12
<awoods>whikloj: It means, make it your own.
<whikloj>awoods: haha, okay I'll pull it down and start adding on the objects, linking them and start checking people.15:13
<awoods>whikloj: setAuth() and getRandomPid() should probably be `private`
<whikloj>awoods: ok15:14
<awoods>whikloj: if you could address the comments in PR-26, that would also be nice.15:15
* awoods stepping away for a quick sandwich.15:16
<whikloj>peichman: question, in ingestTurtleResource you say your are POSTing but you are PUTing??15:26
<peichman>whikloj: my original was a POST, changed to a PUT via code review by awoods15:27
<whikloj>peichman: cool just wanted to confirm15:28
<peichman>whikloj: not sure it matters either way, just with a PUT you gotta know the URis before hand, with a POST I could just le the server figure them out
<whikloj>peichman: otherwise you'll need two methods so PUT is probably best15:29
<peichman>whikloj: two methods?
<whikloj>peichman: you use ingestTurtle.. to make the ACL and the Authz, you could POST the ACL but you need to PUT the authz to get them inside the ACL.15:30
peichman: or check for a stub and decide to PUT/POST based on that. I guess
<peichman>whikloj: does a POST to a resource not create the posted resource as a child of the requestURI?15:31
<whikloj>peichman: maybe, then you could use POST instead of PUT.
<mohamedar>awoods: unit test not ready yet. I will try to get the PR by today.15:36
* mohamedar leaves
peichman: POST does indeed create a resource as a child of the container... but the container has to first exist, whereas PUT will create all containers on the path.15:42
peichman/whikloj/acoburn: it is 3:45, should we circle up soon to discuss how this is going to land?15:43
<acoburn>awoods: yes
* mohamedar joins
<whikloj>awoods: ok
<peichman>works for me
<awoods>I see mohamedar is back
peichman/whikloj/acoburn/mohamedar: google-hangout now?15:44
<awoods>peichman/whikloj/acoburn/mohamedar: I'm in
* dhlamb leaves16:02
* whikloj_ joins16:12
* mohamedar1 joins
* escowles_ joins
<whikloj_>awoods/acoburn: quick maven question if I do MAVEN_OPTS="-Dfcrepo.log.auth=DEBUG" mvn clean install, should I not see DEBUG message for the auth classes?16:13
* escowles_ leaves
<acoburn>whikloj_ you mean in the integration tests?
<whikloj_>acoburn: yes the logger.debug statements
<acoburn>whikloj_: look in src/test/resource/logback-test.xml16:14
<whikloj_>acoburn: or do I need to update the logback.xml
<awoods>whikloj_: That should work
<acoburn>whikloj_: it's already set at DEBUG
whikloj_ so if you're *not* seeing DEBUG output, something is wrong
<whikloj_>acoburn: I see DEBUG output for other classes but not from the ITs16:15
<peichman>acoburn/awoods/whikloj_: I will need to head out a tad early today (4:45ish); looking for something to complete in the next half hour
* mohamedar leaves16:16
* whikloj leaves
* escowles leaves
* osmandin leaves
<whikloj_>awoods/acoburn: The ITs must use a different setting then fcrepo.log.auth
* osmandin joins
<awoods>peichman: This is all of the user documentation that we have:
* osmandin leaves
<awoods>peichman: It seems like there will not be time for you to take what whikloj pushes...
<peichman>awoods: unlikely :-/
<awoods>peichman: Would you be able to review that wiki page and make updates/additions that will be helpful for someone in the community to use when they pick up fcrepo-webapp-plus next week?16:18
<peichman>awoods: sure
awoods: focussing more on WebAC ideas in general, or our implementation in particular?16:19
awoods: (I would lean toward the former, given that our implementation is still in process)
<awoods>peichman: I am thinking of someone from Hydra, for example, that wants to kick the tires.16:20
<peichman>awoods: okay, so going over things like how we chose to do Authorizations a child resources of ACLs
and the like
<awoods>peichman: that sounds right
<peichman>awoods: on it16:21
<awoods>peichman: Then you will be free of webac for a few weeks. Thanks for your help on the team.
<peichman>awoods: thank you all for your help and guidance to the newbie :-)16:22
<awoods>peichman: you are initiated.
<whikloj_>awoods: peichman was doing a POST to a resource to generate child resources, should that not work. Seems like it, but is failing.16:25
<awoods>whikloj_: if the container to which the POST is being executed already exists, the request should work.16:26
<whikloj_>awoods: ok, I think I see it.16:29
<awoods>whikloj_: good
<mohamedar1>awoods/acoburn: any suggestions on how to mock/inject WebACAccessRolesProvider protected class into WebACAuthorizationDelegate. Being protected prevents me from being able to mock it from outside its package and mockito doesn't let inject a interface either.16:31
<awoods>mohamedar1: how about: org.fcrepo.http.commons.test.util.TestHelpers.setField() ?16:32
<acoburn>mohamedar1: something like this: https://github.com/fcrepo4-labs/fcrepo-module-auth-webac/blob/delegate_impl/src/test/java/org/fcrepo/auth/webac/impl/WebACAccessRolesProviderTest.java#L10216:33
<mohamedar1>awoods++ will try that16:36
<whikloj_>awoods: peichman: for whatever reason my branch to the it-setup branch is a mess. I can try again, or would one of you try and clean up the merge?16:37
<awoods>whikloj_: are you just asking for a rebase of PR-26 on master?16:38
<mohamedar1>awoods/acoburn/whikloj/peichman: BBL
<whikloj_>awoods: I don't even know. https://github.com/peichman-umd/fcrepo-module-auth-webac/compare/it-setup...whikloj:peichman-patch?expand=1
<awoods>cheers, mohamedar1!
* mohamedar1 leaves16:39
<whikloj_>awoods: I'l try again
<awoods>whikloj_: do you just have one commit from your work over peichman's PR?
<whikloj_>awoods: I do, but I think I messed the rebase because I have re-added a bunch of his work.16:40
awoods: I'll fix this.16:41
<awoods>whikloj_: ok, I can also help, if needed.
<acoburn>awoods: progress
<awoods>acoburn: progress makes perfect
<acoburn>awoods: one step at a time
<awoods>acoburn: did you figure out the roles?16:42
<acoburn>awoods: not yet, but getting closer
<awoods>roles: watch out, acoburn is on your tail.
<acoburn>awoods: say I have a FedoraResouce, can I extract a specific property?16:43
<awoods>acoburn: I assume FedoraResource.getProperty() does not meet the need, for some reason?16:44
<acoburn>awoods: not if you don't want a great big stack trace
awoods: I can use the getTriples(Translator, Class) approach16:45
<awoods>acoburn: are you saying getProperties() blows up?
acoburn: because of ModeShape dependencies?
<acoburn>awoods: I'm saying resource.hasProperty() blows up
awoods: I'm passing in the acl:accessControl value as a String16:46
awoods: which modeshape clearly doesn't like
<awoods>acoburn: has the namespace "acl" been registered?
<acoburn>awoods: I'm actually using the full URL16:47
<awoods>acoburn: we may need to create a webac CND file that gets loaded if the webac module is in use.
acoburn: nevermind, then
acoburn: I am not sure what to say. Sounds odd.16:48
<whikloj_>awoods: I can't rebase the PR on master I get into a loop apply the same fixes and git rebase --continue
<acoburn>awoods: I'll figure it out, but it will probably take longer than 12 minutes
<awoods>acoburn: you might surprise yourself16:49
<whikloj_>awoods: If you can pull his changes into master I'll stick mine on top. https://github.com/whikloj/fcrepo-module-auth-webac/blob/peichman-patch/src/test/java/org/fcrepo/integration/auth/webac/WebACRecipesIT.java
<awoods>whikloj_: on it now...
<peichman>updated docs https://wiki.duraspace.org/display/FEDORA4x/WebAC+Authorization+Delegate
on my way out, have a great weekend everyone
<acoburn>peichman: enjoy!16:50
<whikloj_>peichman: bye
<awoods>cheers, peichman!
<whikloj_>acoburn/awoods/mohamedar: I'm leaving too, I'll be back on in an hour or so.16:51
* peichman leaves
<awoods>cheers, whikloj_!
<whikloj_>awoods/acoburn: cheers to you guys. Great job today16:52
* whikloj_ leaves16:55
* github-ff joins16:59
[fcrepo-module-auth-webac] awoods created fleshing-out-its (+2 new commits): http://git.io/vGAX6
fcrepo-module-auth-webac/fleshing-out-its e2781e1 Peter Eichman: Added helper methods to set up the ACLs and Authorizations for testing.
fcrepo-module-auth-webac/fleshing-out-its 6bafd42 Andrew Woods: Code review updates
* github-ff leaves
* github-ff joins17:00
[fcrepo-module-auth-webac] awoods opened pull request #27: Fleshing out integration tests (master...fleshing-out-its) http://git.io/vGAXh
* github-ff leaves
* github-ff joins
[fcrepo-module-auth-webac] awoods closed pull request #26: Added helper methods to set up the ACLs and Authorizations for testing. (master...it-setup) http://git.io/vGNuS
* github-ff leaves
<acoburn>awoods: I'm heading out, but I've got it so fedora no longer explodes17:06
<awoods>acoburn; that is great. thank you... and see you on the flipside.
* acoburn leaves
* ksclarke leaves17:15
* mohamedar joins17:28
* ksclarke joins17:32
<mohamedar>awoods: still couldn't get the test to succeed. I am leaving for the day now. I will try get this working this weekend, if not I will push whatever progress I make.18:02
* ksclarke leaves18:03
* mohamedar leaves18:08
* apb18 leaves18:25
* the_mgt_ joins19:15
* the_mgt leaves19:18
* awead leaves19:23
* ksclarke joins20:21
* dhlamb joins21:22
* github-ff joins21:35
[fcrepo-module-auth-webac] whikloj pushed 1 new commit to fleshing-out-its: http://git.io/vGx25
fcrepo-module-auth-webac/fleshing-out-its dc10334 Jared Whiklo: Adding Integration Tests...
* github-ff leaves
* jgpawletko leaves22:22