XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

Subject: Re: XML access control by custom ID
From: Michael Ludwig <milu71@xxxxxx>
Date: Tue, 16 Mar 2010 00:23:44 +0100
Jacobus Reyneke schrieb am 10.03.2010 um 09:03:55 (+0200):

> My goal: Create a mechanism whereby visibility and user rights are
> implemented on an XML data source using an external XML user roles
> access control template. Output must filter out unauthorized content,
> while at the same time adding user rights as attributes to the XML
> source data. Other than this (removing secure and adding access
> attributes) the original input data must remain unchanged.
> 
> Note that the user role will be passed to accesscontrol.xsl as
> parameter.

It could be done like this:

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

<xsl:stylesheet version="2.0"
 xmlns:xs="http://www.w3.org/2001/XMLSchema"
 xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

 <xsl:param name="username" as="xs:string" select="'anybody'" />

 <xsl:variable name="acl-doc" as="document-node()"
  select="doc( 'jacobus-acl.xml' )"/>

 <xsl:variable name="accessible" as="xs:string*"
  select="$acl-doc/*/*[local-name() = $username]/*/my_id"/>

 <!-- LKP: make up key by concatenating username, separator, id -->
 <xsl:key name="right-for-id" match="my_id"
  use="concat( ../../local-name(), '--', . )"/>

 <xsl:template match="users/*"/><!-- ignore by default -->

 <!-- process accessible nodes: copy and add @access -->
 <xsl:template match="users/*[ @my_id = $accessible ]" priority="1">
  <xsl:copy>
   <xsl:copy-of select="@*"/>
   <!-- LKP: as above -->
   <xsl:variable name="lkp-key"
    select="concat( $username, '--', @my_id )"/>
   <xsl:attribute name="access"
    select="key( 'right-for-id', $lkp-key, $acl-doc )/../local-name()"/>
   <xsl:apply-templates/>
  </xsl:copy>
 </xsl:template>

 <xsl:template match="@*|node()">
  <xsl:copy>
   <xsl:apply-templates select="@*|node()"/>
  </xsl:copy>
 </xsl:template>

</xsl:stylesheet>

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

:: saxon jacobus-users.xml jacobus.xsl username=anybody
<?xml version="1.0" encoding="UTF-8"?><users>
<a some_attributes="xyz" my_id="1" access="read write">
  123
</a>

-- 
Michael Ludwig
Current Thread
<- PreviousIndexNext ->
Re: XML access control by cus, Jacobus Reyneke Thread Re: XML access control by cus, Jacobus Reyneke
Re: toknize() not working wit, a kusa Date Re: XML access control by cus, Jacobus Reyneke
Month

XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member