Authorize user access to specific nodes within documents.
IBM® XDMSusers can specify permissions at the node level within a XML document, using the rule ids: read, write, delete and admin. In order to specify one of those rules for a single node, the XPATH to that URI can be appended to the end of the rule id. This will ensure that the permission in the rule id, and its conditions, are only applied to the node of the document specified, and not to the entire document.
The following document would give user sip:xdms2@us.acme.com read access to the list coworkers and write access to the list friends in any document this ACL document authorizes.
<?xml version="1.0" encoding="UTF-8"?> <ruleset xmlns="urn:ietf:params:xml:ns:common-policy"> <rule id="read/resource-lists/list[@name=%22coworkers%22]"> <conditions> <identity> <one id="sip:xdms2@us.acme.com" /> </identity> </conditions> <actions /> <transformations /> </rule> <rule id="write/resource-lists/list[@name=%22friends%22]"> <conditions> <identity> <one id="sip:xdms2@us.acme.com" /> </identity> </conditions> <actions /> <transformations /> </rule> </ruleset>