Re: [xsl] XML access control by custom ID

[ac <ac@xxxxxxxxxxxxx>]

Hi Jacobus,

You have repeated your statement at least four times already, but there 
still seems to be nothing there that tells why <b> is not part of the 
output, if <b> has administrator rights.  If <b> is not affected by 
administrator rights, then where and how is this specified?

What defines the relationship between data.xml and access.xml (which you 
also seem to call accesscontrol.xml)?

Are access.xml and accesscontrol.xml the same file? if not, could you 
supply a related sample from accesscontrol.xml?

Do you have a sample "magic xslt that I'm looking for" that could show 
what you are trying to achieve and that we could try to help you with?

Cheers,
ac




> Hello there,
>
> Here is a quick summary again.
>
> My goal: Create a mechanism whereby visibility and user rights are
> implemented on an XML data source using an external XML user roles
> access control template. Output must filter out unauthorized content,
> while at the same time adding user rights as attributes to the XML
> source data. Other than this (removing secure and adding access
> attributes) the original input data must remain unchanged.
>
> Note that the user role will be passed to accesscontrol.xsl as parameter.
>
> Access controlled content (data.xml):
> <a some_attributes="xyz" my_id="1">
>    123
> </a>
> <b attribute="xxx" my_id="2">
>    ABC
> </b>
>
> User role access control settings (access.xml)
> <userroles>
>   <administrator>
>    <read>
>       <my_id>1</my_id>
>       <my_id>2</my_id>
>   </read>
>    <write>
>       <my_id>1</my_id>
>       <my_id>2</my_id>
>    </write>
>   </administrator>
>   <anybody>
>    <read>
>       <my_id>1</my_id>
>    </read>
>    <write>
>       <my_id>1</my_id>
>    </write>
>   </anybody>
> </useroles>
>
> Template to filter restricted content from data.xml and include user
> access rights as attributes (accesscontrol.xsl using "anybody" as
> example parameter)
> ??<the magic xslt that I'm looking for>??
>
> Expected output (result.xml)
> <a access="read; write" some_attributes="xyz my_id="1">
>    123
> </a>
>
> Best regards,
> Jacobus
>
> On Wed, Mar 10, 2010 at 8:36 AM, ac<ac@xxxxxxxxxxxxx>  wrote:
>    
> > Hi,
> >
> > I believe that we understand what you have stated, and as Michael already
> > asked you, "how do<administrator>  and<anybody>  come into play here?"
> >
> > When you wish for output:
> >
> > <a access="read; write" some_attributes="xyz" my_id="1">
> >   123
> > </a>
> >
> > How does the stylesheet know if<a>    is "administrator" or "anybody" ?
> > Your output seems to imply that it is "anybody" but why? how? what about<b>?
> > How is that figured out, without having the output already? Or, if it based
> > on the output being an input, what is the question?
> >
> > Cheers,
> > ac