Database Reference
In-Depth Information
• A handy function for checking the access rights of the current user for a certain
resource or collection is
sm:has-access
. You can check against a partial mode
string like
r-x
or
x
. For instance:
if
(
sm:has-access
(
'/db/myapp/securepage.xq'
,
'r-x'
))
then
(: forward to this page :)
else
(: redirect to error page :)
• There is no explicit logout function. The safest way to log out is to return the cur‐
rent user's identity back to
guest
and to invalidate the session:
xmldb:login
(
'/db'
,
'guest'
,
'guest'
),
session:invalidate
()
Running with Extra Permissions
You've set up an application and paid special attention to security, so when a user
runs an XQuery, it runs with minimum permissions and is not allowed to access
those parts of the database that it doesn't need to. However, suddenly you realize this
user has to create/update the user base, a global logfile, or some other part of the
database you don't want to make accessible in normal circumstances. What to do?
This is a frequently occurring problem. Luckily, eXist allows you to switch to another
user for a single XQuery statement (which can, of course, also be a function call, so
you can do whatever complicated stuff you like).
The function call for this is in eXist's
system
extension module:
system:as-user
(
$
username
as
xs:string
,
$
password
as
xs:string
?
,
$
code-block
as
item
()
*
)
as
item
()
*
system:as-user
runs
$code-block
with the credentials of the given user. It returns
whatever
$code-block
returns.
So, you set up a user with enough privileges and run the offending command with
system:as-user
. For example, the following creates a new user group called
appusers
with a member
erik
:
let
$
create-group-result
:=
system:as-user
(
'privuser'
,
'verysecret'
,
xmldb:create-group
(
'appusers'
,
'erik'
)
)
As you probably have noticed, this creates a new security problem: you'll have to pro‐
vide the
system:as-user
function with the username and password of a privileged
user, so this data must be defined somewhere in your XQuery code or read from a
data file. Unfortunately, there is not (yet) a watertight solution for this. The best you
can do now is store this information somewhere in the database and set the security
measures for the resource as tight as possible.
Search WWH ::
Custom Search