Subject: Re: [xsl] XML access control by custom ID From: ac <ac@xxxxxxxxxxxxx> Date: Thu, 11 Mar 2010 14:07:41 -0500 |
<xsl:template match="/"> <xsl:message> <xsl:apply-templates select="doc('testdata.xml')/*/*"> <xsl:with-param name="access" select="doc('testaccess.xml')/userroles/*"/> <xsl:with-param name="role" select="'anybody'"/> </xsl:apply-templates> </xsl:message> </xsl:template>
Cheers, ac
Hi again,
Thanks for coming back.
My previous description of the problem is complete. You are just confusing access.xml with accesscontrol.XSL. The first being user role access settings and the latter being the place where the logic lies.
If you look closely, you will notice that "anybody" is given as parameter to accesscontrol.xsl, which uses this to filter only the subtree of "anybody" in access.xml. This results is only elements of type my_id with value of ''1". The value of "1" matches the my_id attribute of 'a' in data.xml. This explains why 'b' is dropped.
This may seem even more cryptic, but here is an explanation from a different angle:
File inputs: A = data.xml B = access.xml
Parameter: C = user_role(s)
Functional logic in accesscontrol.xsl (uses A, B, and C as input) Pseudo code: D = list of my_id where my_id is a child of elements matching C in B result.xml = Logic AND data from A and D where elements in A with attribute my_id exists in my_id elements of D.
Constrains: result.xml is a subset of data.xml plus access attributes as indicated in user_role
Gents, I'm sure I can write a hacked together solution to this, but I was hoping for an elegant solution as this is a pattern I will use repeatedly throughout my projects. I cannot think that I am the first person to work with 2 input XML files, where the first is the data and the second primarily a filter. The one thing that does make this interesting, is the fact that I'm also trying to convert node contents from the filter (access.xml) into additional attributes to the data (data.xml -> result.xml).
Cheers, Jacobus
My goal: Create a mechanism whereby visibility and user rights are implemented on an XML data source using an external XML user roles access control template. Output must filter out unauthorized content, while at the same time adding user rights as attributes to the XML source data. Other than this (removing secure and adding access attributes) the original input data must remain unchanged.
Note that the user role will be passed to accesscontrol.xsl as parameter.
Access controlled content (data.xml): <a some_attributes="xyz" my_id="1"> 123 </a> <b attribute="xxx" my_id="2"> ABC </b>
User role access control settings (access.xml) <userroles> <administrator> <read> <my_id>1</my_id> <my_id>2</my_id> </read> <write> <my_id>1</my_id> <my_id>2</my_id> </write> </administrator> <anybody> <read> <my_id>1</my_id> </read> <write> <my_id>1</my_id> </write> </anybody> </useroles>
Template to filter restricted content from data.xml and include user access rights as attributes (accesscontrol.xsl using "anybody" as example parameter) ??<the magic xslt that I'm looking for>??
Expected output (result.xml) <a access="read; write" some_attributes="xyz my_id="1"> 123 </a>
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
Re: [xsl] XML access control by cus, Jacobus Reyneke | Thread | Re: [xsl] XML access control by cus, Jacobus Reyneke |
Re: [xsl] xsl:include statement is , Martin Honnen | Date | Re: [xsl] xsl:include statement is , Lionel Villard |
Month |