- From: Weber, Heiko <Heiko.Weber@softwareag.com>
- Date: Wed, 9 Jun 2010 12:06:58 +0200
- To: "WebDAV" <w3c-dist-auth@w3.org>
At the end of this mail is the XML Schema which we have been using for
ACLs. I'm not claiming that it is complete, but this schema does limit
the number of elements below the DAV:privilege to one and allows any
element, but it does not restict the usage of attributes or sub
elements.
If we allow user defined elements, why do we then want to limit it to be
an element without attributes and sub elements though?
If all we are interested in is the QName of the element it would make
much more sense to simply put an attribute into the DAV:privilege
element containing the QName of the privilege. Ok, that was modeled
differently historically, so possibly we just have to live with that.
best regards,
Heiko Weber
----
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema targetNamespace="DAV:" attributeFormDefault="qualified"
elementFormDefault="qualified" xmlns:DAV="DAV:"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="acl">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="ace">
<xs:complexType>
<xs:sequence>
<xs:choice>
<xs:element ref="DAV:principal"></xs:element>
<xs:element name="invert">
<xs:complexType>
<xs:sequence>
<xs:element ref="DAV:principal"></xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:choice>
<xs:element name="grant">
<xs:complexType>
<xs:sequence>
<xs:element ref="DAV:privilege"
maxOccurs="unbounded"></xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="deny">
<xs:complexType>
<xs:sequence>
<xs:element ref="DAV:privilege"
maxOccurs="unbounded"></xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:element name="protected" minOccurs="0">
<xs:complexType></xs:complexType>
</xs:element>
<xs:element name="inherited" minOccurs="0">
<xs:complexType>
<xs:sequence>
<xs:element ref="DAV:href"></xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="href" type="xs:anyURI"></xs:element>
<xs:element name="principal">
<xs:complexType>
<xs:choice>
<xs:element ref="DAV:href"></xs:element>
<xs:element name="all">
<xs:complexType></xs:complexType>
</xs:element>
<xs:element name="authenticated">
<xs:complexType></xs:complexType>
</xs:element>
<xs:element name="unauthenticated">
<xs:complexType></xs:complexType>
</xs:element>
<xs:element name="property">
<xs:complexType>
<xs:sequence>
<xs:any processContents="skip"></xs:any>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="self">
<xs:complexType></xs:complexType>
</xs:element>
</xs:choice>
</xs:complexType>
</xs:element>
<xs:element name="privilege">
<xs:complexType>
<xs:sequence>
<xs:any processContents="skip"></xs:any>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>
Received on Wednesday, 9 June 2010 10:08:35 UTC