Changeset 3502

Timestamp:

09/03/13 08:41:21 (11 years ago)

Author:

andmor

Message:

Decoupled 'authorized roles' from code.
Some more compreensive debug info.

File:

• cats/SCHEMAcat/trunk/urn.org.isocat.schemacat.interface.rest/interface/isAuthorized.dpml (modified) (5 diffs)

cats/SCHEMAcat/trunk/urn.org.isocat.schemacat.interface.rest/interface/isAuthorized.dpml

@@ -1 +1 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <sequence debug="true">
+    <sloot-debug>
+        <request>
+            <verb>SINK</verb>
+            <identifier>res:/debug/org.isocat.schemacat.interface.isAuthorized.authorizedIDs.xml</identifier>
+            <argument name="primary">arg:authorizedIDs</argument>
+        </request>
+        <request>
+            <verb>SINK</verb>
+            <identifier>res:/debug/org.isocat.schemacat.interface.isAuthorized.authorizedRoles.xml</identifier>
+            <argument name="primary">arg:authorizedRoles</argument>
+        </request>
+    </sloot-debug>
     <!-- TODO: check if enclosing request to sloot.xpath can be removed -->
     <request assignment="response">
@@ -12 +24 @@
                         <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:sc="http://www.isocat.org/ns/schemacat" version="2.0">
                             <xsl:param name="authorizedIDs"/>
+                            <xsl:param name="authorizedRoles"/>
                             <xsl:param name="debug"/>
                             <xsl:template match="/">
-                                <b><xsl:value-of select="string(/sc:user/sc:role = 'admin' or /sc:user/@xml:id = $authorizedIDs/id)"/></b>
+                                <b><xsl:value-of select="string(/sc:user/sc:role = $authorizedRoles/roles/role or /sc:user/@xml:id = $authorizedIDs/ids/id)"/></b>
                             </xsl:template>
                         </xsl:stylesheet>
@@ -20 +33 @@
                 </argument>
                 <argument name="authorizedIDs">arg:authorizedIDs</argument>
+                <argument name="authorizedRoles">arg:authorizedRoles</argument>
                 <argument name="debug">this:sloot-debug</argument>
             </request>
@@ -31 +45 @@
             <level>INFO</level>
             <message>
-                <literal type="string">[interface.REST] User id [%1] authorized to access resource from id [%2]: [%3]</literal>
+                <literal type="string">[interface.REST] [%1] authorized to access resource.&#xA;Authorized IDs:&#xA;[&#xA;%2]&#xA;Authorized roles:&#xA;[&#xA;%3]&#xA;=> [%4]</literal>
             </message>
             <param>
@@ -44 +58 @@
             </param>
             <param>arg:authorizedIDs</param>
+            <param>
+                <!-- pass the response trough sloot.xpath2 so the actual
+                                user document is logged instead of the value of its pointer!-->
+                <request>
+                    <identifier>active:sloot.xpath2</identifier>
+                    <argument name="operand">arg:authorizedRoles</argument>
+                    <argument name="operator">
+                        <literal type="xml">
+                            <dummy>.</dummy>
+                        </literal>
+                    </argument>
+                </request>
+            </param>
             <param>this:response</param>
         </log>