Hi Jörn,

Thanks for sharing this.
I looked at the code and was surprised and delighted to see you are using
my docker image[1]. I have updated it for BaseX 11.6 and added a reference
to your docker-compose as an example [2]. Hope that is ok.

/Andy

[1] https://github.com/Quodatum/basex-docker
[2]
https://github.com/Quodatum/basex-docker?tab=readme-ov-file#docker-compose

On Tue, 26 Nov 2024 at 10:19, Jörn Willhöft <j...@willhoeft-it.com> wrote:

> Hi Christian,
>
> ah, thanks for the hint! I didn't think of the request-functions, but the
> request:query() does exactly what I need.
>
> I am looking forward for the new release. Thank you and your team for your
> efforts and dedication!
>
> Kind regards
>     Jörn
>
> Christian Grün <christian.gr...@gmail.com> hat am 26.11.2024 09:28 CET
> geschrieben:
>
>
> Dear Jörn,
>
> Thanks for sharing your OAuth2 implementation, very appreciated.
>
>
> While working on this, I realized that BaseX' permission attributes
> unfortunately lack a small feature that would be quite useful: The "perm"
> parameter to the checking function provides the method and the path, but
> unfortunately not any URL parameters.
>
>
> Indeed it has been suggested multiple times that $perm should be enhanced.
> In the latest snapshot, we have finally added the query parameters [1], and
> we may add some more properties. Your feedback is welcome; if it works as
> expected, we will revise the documentation. BaseX 11.6 will be released
> this week or in December.
> With older versions of BaseX, you can use the request:parameter function
> to access query parameters [2].
>
> Best,
> Christian
>
> [1] https://files.basex.org/releases/latest/
> [2] https://docs.basex.org/12/Request_Functions#request:parameter
>
>
>
>
> In my case, I would like to remember the URL (including parameters) the
> user called before I redirect him to the authorization server to login, so
> I can afterward redirect him to the page he actually wanted.
> But in a more general context, I can imagine it would also be useful to do
> permission checks on the parameters, too. Or maybe I missed something?
>
> Kind regards
>   Jörn Willhöft
>
>

Reply via email to