3.1.1.1 Source Control

Servers MUST support short-term checkout and can implement a source control sandbox. The server MAY offer users the option to turn the source control sandbox off.<24>

For a server that has the source control sandbox turned off: When a document is checked out, the server MUST refuse to perform any operations on the document that are not sent by the user who has the document checked out, including another user requesting to read the document.

For a server that has the source control sandbox turned on: When a document is checked out, the server MUST deny any requests to modify the document that are not sent by the user who has the document checked out. However, if another user merely requests the contents of the document, the server can respond with the document stream as it appeared when the document was checked out.

A document that is checked out short-term can have the checkout released in either of two ways: the client can send an uncheckout document (section 3.1.5.3.15) request to the server or the short-term checkout expires.