Context Navigation

isAuthorized.dpml @ 3485

Last change on this file since 3485 was 3485, checked in by andmor, 11 years ago
Added enpoints to get the schemas (in XML and JSON). Added endpoint to check authorization.
File size: 2.2 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<sequence debug="true">
3	<!-- TODO: check if enclosing request to sloot.xpath can be removed -->
4	<request assignment="response">
5	<identifier>active:sloot.xpath2</identifier>
6	<argument name="operand">
7	<request>
8	<identifier>active:xslt2</identifier>
9	<argument name="operand">scratch:user</argument>
10	<argument name="operator">
11	<literal type="xml">
12	<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:sc="http://www.isocat.org/ns/schemacat" version="2.0">
13	<xsl:param name="authorizedIDs"/>
14	<xsl:param name="debug"/>
15	<xsl:template match="/">
16	<b><xsl:value-of select="string(/sc:user/sc:role = 'admin' or /sc:user/@xml:id = $authorizedIDs/id)"/></b>
17	</xsl:template>
18	</xsl:stylesheet>
19	</literal>
20	</argument>
21	<argument name="authorizedIDs">arg:authorizedIDs</argument>
22	<argument name="debug">this:sloot-debug</argument>
23	</request>
24	</argument>
25	<argument name="operator">
26	<literal type="string">boolean(normalize-space(.)=('t','true'))</literal>
27	</argument>
28	</request>
29	<sloot-debug>
30	<log>
31	<level>INFO</level>
32	<message>
33	<literal type="string">[interface.REST] User id [%1] authorized to access resource from id [%2]: [%3]</literal>
34	</message>
35	<param>
36	<request>
37	<identifier>active:sloot.xpath2</identifier>
38	<argument name="operand">scratch:user</argument>
39	<!-- get the user id -->
40	<argument name="operator">
41	<literal type="string">string(/sc:user/@xml:id)</literal>
42	</argument>
43	</request>
44	</param>
45	<param>arg:authorizedIDs</param>
46	<param>this:response</param>
47	</log>
48	</sloot-debug>
49	</sequence>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format