Subject: Re: [xsl] XML access control by custom ID From: Jacobus Reyneke <jacobusreyneke@xxxxxxxxx> Date: Wed, 10 Mar 2010 11:52:58 +0200 |
Hi again, Thanks for coming back. My previous description of the problem is complete. You are just confusing access.xml with accesscontrol.XSL. The first being user role access settings and the latter being the place where the logic lies. If you look closely, you will notice that "anybody" is given as parameter to accesscontrol.xsl, which uses this to filter only the subtree of "anybody" in access.xml. This results is only elements of type my_id with value of ''1". The value of "1" matches the my_id attribute of 'a' in data.xml. This explains why 'b' is dropped. This may seem even more cryptic, but here is an explanation from a different angle: File inputs: A = data.xml B = access.xml Parameter: C = user_role(s) Functional logic in accesscontrol.xsl (uses A, B, and C as input) Pseudo code: D = list of my_id where my_id is a child of elements matching C in B result.xml = Logic AND data from A and D where elements in A with attribute my_id exists in my_id elements of D. Constrains: result.xml is a subset of data.xml plus access attributes as indicated in user_role Gents, I'm sure I can write a hacked together solution to this, but I was hoping for an elegant solution as this is a pattern I will use repeatedly throughout my projects. I cannot think that I am the first person to work with 2 input XML files, where the first is the data and the second primarily a filter. The one thing that does make this interesting, is the fact that I'm also trying to convert node contents from the filter (access.xml) into additional attributes to the data (data.xml -> result.xml). Cheers, Jacobus >> My goal: Create a mechanism whereby visibility and user rights are >> implemented on an XML data source using an external XML user roles >> access control template. Output must filter out unauthorized content, >> while at the same time adding user rights as attributes to the XML >> source data. Other than this (removing secure and adding access >> attributes) the original input data must remain unchanged. >> >> Note that the user role will be passed to accesscontrol.xsl as parameter. >> >> Access controlled content (data.xml): >> <a some_attributes="xyz" my_id="1"> >> 123 >> </a> >> <b attribute="xxx" my_id="2"> >> ABC >> </b> >> >> User role access control settings (access.xml) >> <userroles> >> <administrator> >> <read> >> <my_id>1</my_id> >> <my_id>2</my_id> >> </read> >> <write> >> <my_id>1</my_id> >> <my_id>2</my_id> >> </write> >> </administrator> >> <anybody> >> <read> >> <my_id>1</my_id> >> </read> >> <write> >> <my_id>1</my_id> >> </write> >> </anybody> >> </useroles> >> >> Template to filter restricted content from data.xml and include user >> access rights as attributes (accesscontrol.xsl using "anybody" as >> example parameter) >> ??<the magic xslt that I'm looking for>?? >> >> Expected output (result.xml) >> <a access="read; write" some_attributes="xyz my_id="1"> >> 123 >> </a>
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
Re: [xsl] XML access control by cus, ac | Thread | Re: [xsl] XML access control by cus, ac |
Re: [xsl] XML access control by cus, ac | Date | [xsl] xslt extensions accessing spr, Robby Pelssers |
Month |