Hi Andy,
yes, of course it's okay!
Since yours is the "most official" current BaseX image, it's hard to get around it without building your own. Thank you for maintaining it. I am looking forward to update soon.
Kind regards
Jörn
Andy Bunce bunce.andy@gmail.com hat am 05.12.2024 11:46 CET geschrieben:
Hi Jörn,
Thanks for sharing this. I looked at the code and was surprised and delighted to see you are using my docker image[1]. I have updated it for BaseX 11.6 and added a reference to your docker-compose as an example [2]. Hope that is ok.
/Andy
[1] https://github.com/Quodatum/basex-docker [2] https://github.com/Quodatum/basex-docker?tab=readme-ov-file#docker-compose
On Tue, 26 Nov 2024 at 10:19, Jörn Willhöft <jwi@willhoeft-it.com mailto:jwi@willhoeft-it.com> wrote:
Hi Christian,
ah, thanks for the hint! I didn't think of the request-functions, but the request:query() does exactly what I need.
I am looking forward for the new release. Thank you and your team for your efforts and dedication!
Kind regards Jörn
Christian Grün <christian.gruen@gmail.com mailto:christian.gruen@gmail.com> hat am 26.11.2024 09:28 CET geschrieben:
Dear Jörn,
Thanks for sharing your OAuth2 implementation, very appreciated.
While working on this, I realized that BaseX' permission attributes unfortunately lack a small feature that would be quite useful: The "perm" parameter to the checking function provides the method and the path, but unfortunately not any URL parameters.
Indeed it has been suggested multiple times that $perm should be enhanced. In the latest snapshot, we have finally added the query parameters [1], and we may add some more properties. Your feedback is welcome; if it works as expected, we will revise the documentation. BaseX 11.6 will be released this week or in December. With older versions of BaseX, you can use the request:parameter function to access query parameters [2].
Best, Christian
[1] https://files.basex.org/releases/latest/ [2] https://docs.basex.org/12/Request_Functions#request:parameter
In my case, I would like to remember the URL (including parameters) the user called before I redirect him to the authorization server to login, so I can afterward redirect him to the page he actually wanted. But in a more general context, I can imagine it would also be useful to do permission checks on the parameters, too. Or maybe I missed something?
Kind regards Jörn Willhöft