Database Reference
In-Depth Information
• Other users
Each class consists of three mode bits (or flags, if you like) that describe whether read
(
r
), write (
w
), and/or execute (
x
) access is permitted for that class.
In
Figure 8-1
, we can see that the owner user class of the
/db
collection has read,
write, and execute access; the owner group class has just read and execute access; and
the other users class also has just read and execute access.
Figure 8-1. Example permission classes on the /db collection
So what do these read, write, and execute bits mean? Well, they are interpreted differ‐
ently for resources and collections, as outlined in
Table 8-3
.
Table 8-3. Mode bits in eXist
Bit
Meaning
Resources
Read
The user class has
read access
to the content and metadata of the resource.
Write
The user class has
write access
to the content and metadata of the resource.
Execute
If the resource is an XQuery module, then it can be
executed
by the user class.
a
If it is not an XQuery module,
then this bit is ignored.
Collections
Read
The user class may
list
the contents of the collection.
Write
The user class may
write
to the collection; this includes adding and deleting resources or subcollections to and
from this collection.
Execute
The user class may
open
this collection.
a
Currently in eXist 2.0 and 2.1, both execute and read access are required (not just
execute access) in order for a user to execute a stored XQuery module. This limita‐
tion persists because the XQuery interpreter in eXist operates entirely within the per‐
missions of the user invoking the XQuery; in future versions of eXist it is likely that
this limitation will be lifted.
Search WWH ::
Custom Search