[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: XML access control by custom ID

Subject: Re: XML access control by custom ID
From: ac <ac@xxxxxxxxxxxxx>
Date: Wed, 10 Mar 2010 03:42:53 -0500
Re:  XML access control by custom ID
Hi Jacobus,

You have repeated your statement at least four times already, but there still seems to be nothing there that tells why <b> is not part of the output, if <b> has administrator rights. If <b> is not affected by administrator rights, then where and how is this specified?

What defines the relationship between data.xml and access.xml (which you also seem to call accesscontrol.xml)?

Are access.xml and accesscontrol.xml the same file? if not, could you supply a related sample from accesscontrol.xml?

Do you have a sample "magic xslt that I'm looking for" that could show what you are trying to achieve and that we could try to help you with?


Hello there,

Here is a quick summary again.

My goal: Create a mechanism whereby visibility and user rights are
implemented on an XML data source using an external XML user roles
access control template. Output must filter out unauthorized content,
while at the same time adding user rights as attributes to the XML
source data. Other than this (removing secure and adding access
attributes) the original input data must remain unchanged.

Note that the user role will be passed to accesscontrol.xsl as parameter.

Access controlled content (data.xml):
<a some_attributes="xyz" my_id="1">
<b attribute="xxx" my_id="2">

User role access control settings (access.xml)

Template to filter restricted content from data.xml and include user
access rights as attributes (accesscontrol.xsl using "anybody" as
example parameter)
??<the magic xslt that I'm looking for>??

Expected output (result.xml)
<a access="read; write" some_attributes="xyz my_id="1">

Best regards,

On Wed, Mar 10, 2010 at 8:36 AM, ac<ac@xxxxxxxxxxxxx> wrote:

I believe that we understand what you have stated, and as Michael already
asked you, "how do<administrator>  and<anybody>  come into play here?"

When you wish for output:

<a access="read; write" some_attributes="xyz" my_id="1">

How does the stylesheet know if<a>    is "administrator" or "anybody" ?
Your output seems to imply that it is "anybody" but why? how? what about<b>?
How is that figured out, without having the output already? Or, if it based
on the output being an input, what is the question?


Current Thread


Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
First Name
Last Name
Subscribe in XML format
RSS 2.0
Atom 0.3
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.