[XSL-LIST Mailing List Archive Home]
[Reply To This Message]
Re: XML access control by custom ID
Subject: Re: XML access control by custom ID|
From: ac <ac@xxxxxxxxxxxxx>
Date: Thu, 11 Mar 2010 14:07:41 -0500
Could you be looking for something somewhat like this:
<xsl:param name="role" as="xs:string"/>
<xsl:variable name="my_id" select="@my_id"/>
<xsl:variable name="rights" select="$access[local-name(.) eq
$role]/*[my_id eq $my_id]"/>
select="string-join(($rights/local-name(.)), '; ')"/>
<xsl:with-param name="access" select="doc('testaccess.xml')/userroles/*"/>
<xsl:with-param name="role" select="'anybody'"/>
Thanks for coming back.
My previous description of the problem is complete. You are just
confusing access.xml with accesscontrol.XSL. The first being user role
access settings and the latter being the place where the logic lies.
If you look closely, you will notice that "anybody" is given as
parameter to accesscontrol.xsl, which uses this to filter only the
subtree of "anybody" in access.xml. This results is only elements of
type my_id with value of ''1". The value of "1" matches the my_id
attribute of 'a' in data.xml. This explains why 'b' is dropped.
This may seem even more cryptic, but here is an explanation from a
A = data.xml
B = access.xml
C = user_role(s)
Functional logic in accesscontrol.xsl (uses A, B, and C as input)
D = list of my_id where my_id is a child of elements matching C in B
result.xml = Logic AND data from A and D where elements in A with
attribute my_id exists in my_id elements of D.
result.xml is a subset of data.xml plus access attributes as indicated
Gents, I'm sure I can write a hacked together solution to this, but I
was hoping for an elegant solution as this is a pattern I will use
repeatedly throughout my projects. I cannot think that I am the first
person to work with 2 input XML files, where the first is the data and
the second primarily a filter. The one thing that does make this
interesting, is the fact that I'm also trying to convert node contents
from the filter (access.xml) into additional attributes to the data
(data.xml -> result.xml).
My goal: Create a mechanism whereby visibility and user rights are
implemented on an XML data source using an external XML user roles
access control template. Output must filter out unauthorized content,
while at the same time adding user rights as attributes to the XML
source data. Other than this (removing secure and adding access
attributes) the original input data must remain unchanged.
Note that the user role will be passed to accesscontrol.xsl as parameter.
Access controlled content (data.xml):
<a some_attributes="xyz" my_id="1">
<b attribute="xxx" my_id="2">
User role access control settings (access.xml)
Template to filter restricted content from data.xml and include user
access rights as attributes (accesscontrol.xsl using "anybody" as
??<the magic xslt that I'm looking for>??
Expected output (result.xml)
<a access="read; write" some_attributes="xyz my_id="1">
PURCHASE STYLUS STUDIO ONLINE TODAY!
Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!
Download The World's Best XML IDE!
Accelerate XML development with our award-winning XML IDE - Download a free trial today!
Subscribe in XML format