From 613dd5698a530bf4bd718850d8945f7300f19e58 Mon Sep 17 00:00:00 2001
From: Wouter Termont <woutermont@gmail.com>
Date: Mon, 15 Mar 2021 14:10:59 +0100
Subject: [PATCH] fix: Make new pod profile card public

* fix: make new pod profile card public

Signed-off-by: Wouter Termont <woutermont@gmail.com>

* WebID capitalization

Co-authored-by: Ruben Verborgh <ruben@verborgh.org>

* chore: more elaborate comments

* Added default inferitance for profile owner

* Update card.acl

Co-authored-by: Ruben Verborgh <ruben@verborgh.org>
---
 templates/pod/profile/card.acl | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 templates/pod/profile/card.acl

diff --git a/templates/pod/profile/card.acl b/templates/pod/profile/card.acl
new file mode 100644
index 000000000..fa2c94ef9
--- /dev/null
+++ b/templates/pod/profile/card.acl
@@ -0,0 +1,21 @@
+# ACL resource for the WebID profile document
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+# The WebID profile is readable by the public.
+# This is required for discovery and verification,
+# e.g. when checking identity providers.
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;
+    acl:accessTo <./card>;
+    acl:mode acl:Read.
+
+# The owner has full access to the entire
+# profile directory.
+<#owner>
+    a acl:Authorization;
+    acl:agent <{{webId}}>;
+    acl:accessTo <./>;
+    acl:default <./>;
+    acl:mode acl:Read, acl:Write, acl:Control.