1 | <?xml version="1.0" encoding="UTF-8"?> |
---|
2 | <sequence debug="false"> |
---|
3 | <sloot-debug> |
---|
4 | <request> |
---|
5 | <verb>SINK</verb> |
---|
6 | <identifier>res:/debug/org.isocat.schemacat.interface.isAuthorized.authorizedIDs.xml</identifier> |
---|
7 | <argument name="primary">arg:authorizedIDs</argument> |
---|
8 | </request> |
---|
9 | <request> |
---|
10 | <verb>SINK</verb> |
---|
11 | <identifier>res:/debug/org.isocat.schemacat.interface.isAuthorized.authorizedRoles.xml</identifier> |
---|
12 | <argument name="primary">arg:authorizedRoles</argument> |
---|
13 | </request> |
---|
14 | </sloot-debug> |
---|
15 | <!-- TODO: check if enclosing request to sloot.xpath can be removed --> |
---|
16 | <request assignment="response"> |
---|
17 | <identifier>active:sloot.xpath2</identifier> |
---|
18 | <argument name="operand"> |
---|
19 | <request> |
---|
20 | <identifier>active:xslt2</identifier> |
---|
21 | <argument name="operand">scratch:user</argument> |
---|
22 | <argument name="operator"> |
---|
23 | <literal type="xml"> |
---|
24 | <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:sc="http://www.isocat.org/ns/schemacat" version="2.0"> |
---|
25 | <xsl:param name="authorizedIDs"/> |
---|
26 | <xsl:param name="authorizedRoles"/> |
---|
27 | <xsl:param name="debug"/> |
---|
28 | <xsl:template match="/"> |
---|
29 | <b><xsl:value-of select="string(/sc:user/sc:role = $authorizedRoles/roles/role or $authorizedIDs/ids/id = 'ALL' or /sc:user/@xml:id = $authorizedIDs/ids/id)"/></b> |
---|
30 | </xsl:template> |
---|
31 | </xsl:stylesheet> |
---|
32 | </literal> |
---|
33 | </argument> |
---|
34 | <argument name="authorizedIDs">arg:authorizedIDs</argument> |
---|
35 | <argument name="authorizedRoles">arg:authorizedRoles</argument> |
---|
36 | <argument name="debug">this:sloot-debug</argument> |
---|
37 | </request> |
---|
38 | </argument> |
---|
39 | <argument name="operator"> |
---|
40 | <literal type="string">boolean(normalize-space(.)=('t','true'))</literal> |
---|
41 | </argument> |
---|
42 | </request> |
---|
43 | <log> |
---|
44 | <level>INFO</level> |
---|
45 | <message> |
---|
46 | <literal type="string">[interface.REST] [%1] authorized to access resource: [%2]</literal> |
---|
47 | </message> |
---|
48 | <param> |
---|
49 | <request> |
---|
50 | <identifier>active:sloot.xpath2</identifier> |
---|
51 | <argument name="operand">scratch:user</argument> |
---|
52 | <!-- get the user id --> |
---|
53 | <argument name="operator"> |
---|
54 | <literal type="string">string(/sc:user/@xml:id)</literal> |
---|
55 | </argument> |
---|
56 | </request> |
---|
57 | </param> |
---|
58 | <param>this:response</param> |
---|
59 | </log> |
---|
60 | <sloot-debug> |
---|
61 | <log> |
---|
62 | <level>INFO</level> |
---|
63 | <message> |
---|
64 | <literal type="string">[interface.REST]
Authorized IDs:
[
%1]
Authorized roles:
[
%2]</literal> |
---|
65 | </message> |
---|
66 | <param>arg:authorizedIDs</param> |
---|
67 | <param> |
---|
68 | <!-- pass the response trough sloot.toString so the actual |
---|
69 | user document is logged instead of the value of its pointer!--> |
---|
70 | <request> |
---|
71 | <identifier>active:sloot.toString</identifier> |
---|
72 | <argument name="operand">arg:authorizedRoles</argument> |
---|
73 | </request> |
---|
74 | </param> |
---|
75 | </log> |
---|
76 | </sloot-debug> |
---|
77 | </sequence> |
---|