[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: XML access control by custom ID
Jacobus Reyneke schrieb am 10.03.2010 um 09:03:55 (+0200): > My goal: Create a mechanism whereby visibility and user rights are > implemented on an XML data source using an external XML user roles > access control template. Output must filter out unauthorized content, > while at the same time adding user rights as attributes to the XML > source data. Other than this (removing secure and adding access > attributes) the original input data must remain unchanged. > > Note that the user role will be passed to accesscontrol.xsl as > parameter. It could be done like this: ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- <xsl:stylesheet version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:param name="username" as="xs:string" select="'anybody'" /> <xsl:variable name="acl-doc" as="document-node()" select="doc( 'jacobus-acl.xml' )"/> <xsl:variable name="accessible" as="xs:string*" select="$acl-doc/*/*[local-name() = $username]/*/my_id"/> <!-- LKP: make up key by concatenating username, separator, id --> <xsl:key name="right-for-id" match="my_id" use="concat( ../../local-name(), '--', . )"/> <xsl:template match="users/*"/><!-- ignore by default --> <!-- process accessible nodes: copy and add @access --> <xsl:template match="users/*[ @my_id = $accessible ]" priority="1"> <xsl:copy> <xsl:copy-of select="@*"/> <!-- LKP: as above --> <xsl:variable name="lkp-key" select="concat( $username, '--', @my_id )"/> <xsl:attribute name="access" select="key( 'right-for-id', $lkp-key, $acl-doc )/../local-name()"/> <xsl:apply-templates/> </xsl:copy> </xsl:template> <xsl:template match="@*|node()"> <xsl:copy> <xsl:apply-templates select="@*|node()"/> </xsl:copy> </xsl:template> </xsl:stylesheet> ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- :: saxon jacobus-users.xml jacobus.xsl username=anybody <?xml version="1.0" encoding="UTF-8"?><users> <a some_attributes="xyz" my_id="1" access="read write"> 123 </a> -- Michael Ludwig
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|