Re: [Exist-development] [Exist-open] Confused about permissions and defaults for XQuery files

[Palmer, E. <ep...@ri...>]

I've been reading this thread with great interest. We are not using 1.5 yet
and haven't even tested it yet.  We expect testing to commence this month.

Our eXist-db instances are isolated via a set of firewalls and we expect to
isolate them more using private IP space (in 6 months).  Oversimplifying
here but in essence we reverse proxy external access to eXist-db via apache
httpd.  So fine grain permissions are not yet needed at the University of
Richmond. At least for Web Services. The Digital Library work of Chris Kemp
may be different so I can't speak for him.

Our content creators can create sub-collections and content on the fly using
our content management system. When they do this they always create
collections underneath existing collections that we have access over.

For example a user might create this collection hierarchy

/db/articles/features/business/2011/oct

We control this collection /db/articles/features/business

It would be great if we have the ability to set default inheritable
permissions for /db/articles/features/business

Eric




On 10/18/11 8:27 AM, "Wolfgang Meier" <wol...@ex...> wrote:

> Chris,
> 
> a quick way of changing permissions on a collection tree would be to
> run a query like the following:
> 
> xquery version "1.0";
> 
> declare function local:fix-permissions($collection, $permissions,
> $xqpermissions) {
>     sm:chmod(xs:anyURI($collection), $permissions),
>     for $resource in xmldb:get-child-resources($collection)
>     return
>         if (xmldb:get-mime-type(xs:anyURI((concat($collection, "/",
> $resource)))) eq "application/xquery") then
>             sm:chmod(xs:anyURI(concat($collection, "/", $resource)),
> $xqpermissions)
>         else
>             sm:chmod(xs:anyURI(concat($collection, "/", $resource)),
> $permissions),
>     for $child in xmldb:get-child-collections($collection)
>     return
>         local:fix-permissions(xs:anyURI(concat($collection, "/",
> $child)), $permissions, $xqpermissions)
> };
> 
> local:fix-permissions("/db", "rw-r--r--")
> 
> But this doesn't solve the problem if you are constantly uploading new
> resources. I wonder how difficult it would be to re-enable the default
> collection permissions for now? I'll look at the corresponding
> revisions.
> 
> Wolfgang
> 
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> Exist-open mailing list
> Exi...@li...
> https://lists.sourceforge.net/lists/listinfo/exist-open