xsl-list
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [xsl] XML access control by custom ID

2010-03-15 18:24:18
from [Michael Ludwig] [Permanent Link] 
Jacobus Reyneke schrieb am 10.03.2010 um 09:03:55 (+0200):


My goal: Create a mechanism whereby visibility and user rights are
implemented on an XML data source using an external XML user roles
access control template. Output must filter out unauthorized content,
while at the same time adding user rights as attributes to the XML
source data. Other than this (removing secure and adding access
attributes) the original input data must remain unchanged.

Note that the user role will be passed to accesscontrol.xsl as
parameter.


It could be done like this:

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

<xsl:stylesheet version="2.0"
 xmlns:xs="http://www.w3.org/2001/XMLSchema";
 xmlns:xsl="http://www.w3.org/1999/XSL/Transform";>

 <xsl:param name="username" as="xs:string" select="'anybody'" />

 <xsl:variable name="acl-doc" as="document-node()"
  select="doc( 'jacobus-acl.xml' )"/>

 <xsl:variable name="accessible" as="xs:string*"
  select="$acl-doc/*/*[local-name() = $username]/*/my_id"/>

 <!-- LKP: make up key by concatenating username, separator, id -->
 <xsl:key name="right-for-id" match="my_id"
  use="concat( ../../local-name(), '--', . )"/>

 <xsl:template match="users/*"/><!-- ignore by default -->

 <!-- process accessible nodes: copy and add @access -->
 <xsl:template match="users/*[ @my_id = $accessible ]" priority="1">
  <xsl:copy>
   <xsl:copy-of select="@*"/>
   <!-- LKP: as above -->
   <xsl:variable name="lkp-key"
    select="concat( $username, '--', @my_id )"/>
   <xsl:attribute name="access"
    select="key( 'right-for-id', $lkp-key, $acl-doc )/../local-name()"/>
   <xsl:apply-templates/>
  </xsl:copy>
 </xsl:template>

 <xsl:template match="@*|node()">
  <xsl:copy>
   <xsl:apply-templates select="@*|node()"/>
  </xsl:copy>
 </xsl:template>

</xsl:stylesheet>

---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----

:: saxon jacobus-users.xml jacobus.xsl username=anybody
<?xml version="1.0" encoding="UTF-8"?><users>
<a some_attributes="xyz" my_id="1" access="read write">
  123
</a>

-- 
Michael Ludwig

--~------------------------------------------------------------------
XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list
To unsubscribe, go to: http://lists.mulberrytech.com/xsl-list/
or e-mail: <mailto:xsl-list-unsubscribe(_at_)lists(_dot_)mulberrytech(_dot_)com>
--~--
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [xsl] toknize() not working with saxon9, a kusa
Next by Date:  Re: [xsl] XML access control by custom ID, Jacobus Reyneke
Previous by Thread:  Re: [xsl] XML access control by custom ID, Jacobus Reyneke
Next by Thread:  Re: [xsl] XML access control by custom ID, Jacobus Reyneke
Indexes:  [Date] [Thread] [Top] [All Lists]