Re: [xsl] XML access control by custom ID

Jacobus Reyneke schrieb am 10.03.2010 um 09:03:55 (+0200):

> My goal: Create a mechanism whereby visibility and user rights are
> implemented on an XML data source using an external XML user roles
> access control template. Output must filter out unauthorized content,
> while at the same time adding user rights as attributes to the XML
> source data. Other than this (removing secure and adding access
> attributes) the original input data must remain unchanged.
> 
> Note that the user role will be passed to accesscontrol.xsl as
> parameter.

It could be done like this:

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

<xsl:stylesheet version="2.0"
 xmlns:xs="http://www.w3.org/2001/XMLSchema";
 xmlns:xsl="http://www.w3.org/1999/XSL/Transform";>

 <xsl:param name="username" as="xs:string" select="'anybody'" />

 <xsl:variable name="acl-doc" as="document-node()"
  select="doc( 'jacobus-acl.xml' )"/>

 <xsl:variable name="accessible" as="xs:string*"
  select="$acl-doc/*/*[local-name() = $username]/*/my_id"/>

 <!-- LKP: make up key by concatenating username, separator, id -->
 <xsl:key name="right-for-id" match="my_id"
  use="concat( ../../local-name(), '--', . )"/>

 <xsl:template match="users/*"/><!-- ignore by default -->

 <!-- process accessible nodes: copy and add @access -->
 <xsl:template match="users/*[ @my_id = $accessible ]" priority="1">
  <xsl:copy>
   <xsl:copy-of select="@*"/>
   <!-- LKP: as above -->
   <xsl:variable name="lkp-key"
    select="concat( $username, '--', @my_id )"/>
   <xsl:attribute name="access"
    select="key( 'right-for-id', $lkp-key, $acl-doc )/../local-name()"/>
   <xsl:apply-templates/>
  </xsl:copy>
 </xsl:template>

 <xsl:template match="@*|node()">
  <xsl:copy>
   <xsl:apply-templates select="@*|node()"/>
  </xsl:copy>
 </xsl:template>

</xsl:stylesheet>

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

:: saxon jacobus-users.xml jacobus.xsl username=anybody
<?xml version="1.0" encoding="UTF-8"?><users>
<a some_attributes="xyz" my_id="1" access="read write">
  123
</a>

-- 
Michael Ludwig

Current Thread
Re: [xsl] XML access control by custom ID, (continued) ac - 10 Mar 2010 08:43:15 -0000 Jacobus Reyneke - 10 Mar 2010 09:53:23 -0000 ac - 11 Mar 2010 19:08:09 -0000 Jacobus Reyneke - 12 Mar 2010 09:13:57 -0000 Michael Ludwig - 15 Mar 2010 23:24:19 -0000 <= Jacobus Reyneke - 16 Mar 2010 08:10:17 -0000 Jacobus Reyneke - 16 Mar 2010 08:32:04 -0000 Imsieke, Gerrit, le-tex - 16 Mar 2010 08:44:34 -0000 Imsieke, Gerrit, le-tex - 16 Mar 2010 08:56:59 -0000

Current Thread

Re: [xsl] XML access control by custom ID, (continued)

<- Previous	Index	Next ->
Re: [xsl] XML access control by cus, Jacobus Reyneke	Thread	Re: [xsl] XML access control by cus, Jacobus Reyneke
Re: [xsl] toknize() not working wit, a kusa	Date	Re: [xsl] XML access control by cus, Jacobus Reyneke
	Month

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home